MQTT服务(EMQX)安装

安装及测试EMQ X

  EMQ X R3.0 (Erlang/Enterprise/Elastic MQTT Broker) 是基于 Erlang/OTP 语言平台开发,支持大规模连接和分布式集群,发布订阅模式的开源 MQTT 消息服务器。

  MQTT是一个由IBM主导开发的物联网传输协议,它被设计用于轻量级的发布/订阅式消息传输,旨在为低带宽和不稳定的网络环境中的物联网设备提供可靠的网络服务。它的核心设计思想是开源、可靠、轻巧、简单,具有以下主要的几项特性:
1.非常小的通信开销(最小的消息大小为 2 字节);
2.支持各种流行编程语言(包括C,Java,Ruby,Python 等等)且易于使用的客户端;
3.支持发布 / 预定模型,简化应用程序的开发;
4.提供三种不同消息传递等级,让消息能按需到达目的地,适应在不稳定工作的网络传输需求。

官方网址:https://www.emqx.io/

1. 二进制包安装

1.1. Ubuntu

    download: https://www.emqx.io/downloads/broker?osType=Linux
    #example bin url: https://www.emqx.io/downloads/broker/v4.0.5/emqx-ubuntu16.04-v4.0.5.zip
    unzip emqx-ubuntu16.04-v4.0.5.zip && cd emqx

    # start emqx
    ./bin/emqx start

    # Check the running status
    ./bin/emqx_ctl status

    # stop emqx
    ./bin/emqx stop

    MQTT can connect it though port 1883
    web console: http://127.0.0.1:18083,default username: admin,password:public

1.2. CentOS

yum install https://www.emqx.io/downloads/broker/v4.0.5/emqx-centos7-v4.0.5.x86_64.rpm
# start emqx
systemctl start emqx
# start emqx when reboot/power-on
systemctl enable emqx

2.源码编译安装

install Erlang
install rebar3: A sophisticated build-tool for Erlang projects that follows OTP principles

#Get the source code

$ git clone -b v3.2.0 https://github.com/emqx/emqx-rel.git
#Set environment variables

$ export EMQX_DEPS_DEFAULT_VSN=v3.2.0
#Compile

$ cd emqx-rel && make
#Start EMQ X

$ cd _build/emqx/rel/emqx
$ ./bin/emqx start
emqx v3.2.0 is started successfully!

$ ./bin/emqx_ctl status
Node 'emqx@127.0.0.1' is started
emqx 3.2.0 is running

3.EMQX消息服务器默认配置

  • TCP端口包括:

    1883    MQTT protocol port
8883    MQTT/SSL port
8083    MQTT/WebSocket port
8080    HTTP API port
18083   Dashboard Management Console Port

  • 使用 mosquitto_sub/pub客户端命令行来订阅和发布消息:

    //订阅消息并在后台监听
mosquitto_sub -h 127.0.0.1 -p 1883 -t topic1 -q 2 &
//发布消息
mosquitto_pub -h 127.0.0.1 -p 1883 -t topic1 -q 1 -m ‘Hello, MQTT!’

  • 后台管理web端口

  端口18083登录web进入管理端入口,默认用户: admin,密码:public。左侧管理边栏可以对EMQX设置,其中plugins可以管理插件,具体内容自行查看https://developer.emqx.io/docs/emq/v3/cn/plugins.html;可以用./bin/emqx_ctl plugins load 插件名字安装插件。

4.emqx提供了三种消息发布服务质量

  Quality of Service等级是发送与接收端的一种关于保证交付信息的协议。一共有3 个QoS 等级:

  • "至多一次0",消息发布完全依赖底层TCP/IP 网络,会发生消息丢失或者重复,这一级别可用于如下情况,环境,传感器数据,丢失一次度记录无所谓,因为不久之后会有第二次发送;

  • "至少一次1",确保消息到达,但消息重复可能发生;

  • “只有一次2",确保消息到达一次,这一级别可用于如下情况,在计费系统中,消息重复或者丢失导致不正确的结果。

5.EMQ离线消息

  1. 保留消息 MQTT客户端向服务器发布(PUBLISH)消息时,可以设置保留消息(Retained Message)标志。保留消息(Retained Message)会驻留在消息服务器,后来的订阅者订阅主题时仍可以接收该消息。 例如mosquitto命令行发布一条保留消息到主题’a/b/c’: mosquitto_pub -r -q 1 -t a/b/c -m 'hello' 之后连接上来的MQTT客户端订阅主题’a/b/c’时候,仍可收到该消息: $ mosquitto_sub -t a/b/c -q 1 hello 保留消息(Retained Message)有两种清除方式: 客户端向有保留消息的主题发布一个空消息: mosquitto_pub -r -q 1 -t a/b/c -m '' 消息服务器设置保留消息的超期时间。

  2. cleanSession 清理回话 MQTT客户端向服务器发起CONNECT请求时,可以通过’Clean Session’标志设置会话。 ‘Clean Session’设置为0,表示创建一个持久会话,在客户端断开连接时,会话仍然保持并保存离线消息,直到会话超时注销。 ‘Clean Session’设置为1,表示创建一个新的临时会话,在客户端断开时,会话自动销毁。

6.测试Username

cd /home/x/work/emqx-rel/_build/emqx/rel/emqx

add a user
    ./bin/emqx_ctl users add ElonMusk password

vim ./etc/emqx.conf
    allow_anonymous = false
enable plugins
    ./bin/emqx_ctl plugins list
    ./bin/emqx_ctl plugins load emqx_auth_username
restart emqx
    ./bin/emqx restart
    ./bin/emqx --help
    Usage: emqx {start|start_boot |ertspath|foreground|stop|restart|reboot|pid|ping|console|console_clean|console_boot |attach|remote_console|upgrade|escript|rpc|rpcterms|eval}

mosquitto_sub -h 127.0.0.1 -p 1883 -d -t topic -q 2 -u ElonMusk -P password
mosquitto_pub -h 127.0.0.1 -p 1883 -d -t topic -q 2 -m "Hello, Username!" -u ElonMusk -P password

7.测试TLS

mosquitto_sub -h 127.0.0.1 -p 8883 -d -t topic -q 2 -u ElonMusk -P password --psk 1234 --psk-identity client1
mosquitto_pub -h 127.0.0.1 -p 8883 -d -t topic -q 2 -m "Hello TLS" -u Sender -P password --psk 1234 --psk-identity client1

8.认证

authetication is provided by a seriers of authentication plugins
supports authentication by username, password, ClientID or anonymous
anonymous is default
Multiple auth plug-ins can be started at the same time. The plug-in that starts first checks first.

Username Auth -> ClientID Auth -> Anonymous Auth

Modify etc/emqx.conf 

enable anonymous authentication:
    allow_anonymous = true

Access Control List:
    acl_nomatch = allow
    acl_file = etc/acl.conf

    etc/acl.conf
        %% Aallows 'dashboard' users to subscribe to '$SYS/#'
        {allow, {user, "dashboard"}, subscribe, ["$SYS/#"]}.

        %% Allows local user to publish and subscribe to all topics
        {allow, {ipaddr, "127.0.0.1"}, pubsub, ["$SYS/#", "#"]}.

        %% Deny all the users to subscribe to '$SYS/#' and '#' topics except local users
        {deny, all, subscribe, ["$SYS/#", {eq, "#"}]}.

        %% Allows any situation other than the above rules
        {allow, all}.

The authentication plugins provided by EMQ X include:

plugins             description
emqx_auth_clientid  ClientId authentication plugin
emqx_auth_username  username and password authentication plugin
emqx_auth_jwt   JWT authentication plugin
emqx_auth_ldap  LDAP authentication plugin
emqx_auth_http  HTTP authentication plugin
emqx_auth_mysql MySQ Lauthentication plugin
emqx_auth_pgsql Postgre authentication plugin
emqx_auth_redis Redis authentication plugin
emqx_auth_mongo MongoDB authentication plugin

9. 网桥

RPC bridge
MQTT bridge

configure:
    etc/plugins/emqx_bridge_mqtt.conf

10. HTTP发布API接口

through which an application server or web server can publish MQTT messages

11. MQTT网络socket链接

web browsers or applications can connect directly to the broker via WebSocket

12. 配置

File    Description
etc/emqx.conf   EMQ X 3.0 Configuration File
etc/acl.conf    The default ACL File
etc/plugins/*.conf  Config Files of Plugins

Configuration file processing flow during EMQ X start-up::
---------------------- 3.0/schema/*.schema ------------------- etc/emqx.conf ----------------- \ / data/app.config + --> mergeconf --> data/app.conf --> cuttlefish generate --> etc/plugins/*.conf ----------------- data/vm.args 
EMQ X Node Connection Method:
    ##  Specify the Erlang Distributed Communication Protocol: inet_tcp | inet6_tcp | inet_tls
    node.proto_dist = inet_tcp

    Files for storing SSL/TLS options when Erlang distributed using TLS:
    node.ssl_dist_optfile = etc/ssl_dist.conf

MQTT/SSL Listener - 8883
    SSL listening port:
    listener.ssl.external = 8883
    Path of the file containing the user’s private key:
    listener.ssl.external.keyfile = etc/certs/key.pem

    Path of the file containing the user certificate:
    listener.ssl.external.certfile = etc/certs/cert.pem

    Path of the file containing the CA certificate:
    ## listener.ssl.external.cacertfile = etc/certs/cacert.pem

发表评论

邮箱地址不会被公开。 必填项已用*标注