mqtt部署
一 下载mosquitto镜像
docker pull eclipse-mosquitto:latest二 创建数据目录
mkdir -pv /data/mosquitto/{config,data,logs}三 修改mosquitto.conf
listener 1883 0.0.0.0消息持久存储
persistence true
persistence_location /var/lib/mosquitto/日志文件
log_dest file /mosquitto/log/mosquitto.log
其他配置
include_dir /etc/mosquitto/conf.d
禁止匿名访问
allow_anonymous false
认证配置
password_file /mosquitto/auth/pwfile
权限配置
acl_file /mosquitto/auth/aclfile
四 创建启动脚本
cat start_mqtt.sh #!/bin/bashdocker rm -f mosquitto
docker run -d --name=mosquitto --privileged -p 1883:1883 -p 9001:9001 -v /data/mosquitto/:/mosquitto eclipse-mosquitto
五 设置认证
5.1 启动mosquitto
docker run --rm -it --name=mosquitto --privileged -p 1883:1883 -p 9001:9001 -v /data/mosquitto/:/mosquitto eclipse-mosquitto sh5.2 创建pwfile
touch /mosquitto/auth/pwfile5.3 创建用户
mosquitto_passwd /mosquitto/auth/pwfile test01
Password:
Reenter password: 5.4 创建权限
cat /mosquitto/auth/aclfile
user test01
topic write #
topic read #5.5 重启mosquitto
./start_mqtt.sh 六 mosquitto_pub 命令参数说明
# mosquitto_pub --help mosquitto_pub is a simple mqtt client that will publish a message on a single topic and exit. mosquitto_pub version 2.0.14 running on libmosquitto 2.0.14.Usage: mosquitto_pub {[-h host] [--unix path] [-p port] [-u username] [-P password] -t topic | -L URL}
{-f file | -l | -n | -m message}
[-c] [-k keepalive] [-q qos] [-r] [--repeat N] [--repeat-delay time] [-x session-expiry]
[-A bind_address] [--nodelay]
[-i id] [-I id_prefix]
[-d] [--quiet]
[-M max_inflight]
[-u username [-P password]]
[--will-topic [--will-payload payload] [--will-qos qos] [--will-retain]]
[{--cafile file | --capath dir} [--cert file] [--key file]
[--ciphers ciphers] [--insecure]
[--tls-alpn protocol]
[--tls-engine engine] [--keyform keyform] [--tls-engine-kpass-sha1]]
[--tls-use-os-certs]
[--proxy socks-url]
[--property command identifier value]
[-D command identifier value]
mosquitto_pub --help-A : bind the outgoing socket to this host/ip address. Use to control which interface
the client communicates over.
-d : enable debug messages.
-c : disable clean session/enable persistent client mode
When this argument is used, the broker will be instructed not to clean existing sessions
for the same client id when the client connects, and sessions will never expire when the
client disconnects. MQTT v5 clients can change their session expiry interval with the -x
argument.
-D : Define MQTT v5 properties. See the documentation for more details.
-f : send the contents of a file as the message.
-h : mqtt host to connect to. Defaults to localhost.
-i : id to use for this client. Defaults to mosquitto_pub_ appended with the process id.
-I : define the client id as id_prefix appended with the process id. Useful for when the
broker is using the clientid_prefixes option.
-k : keep alive in seconds for this client. Defaults to 60.
-L : specify user, password, hostname, port and topic as a URL in the form:
mqtt(s)😕/[username[:password]@]host[:port]/topic
-l : read messages from stdin, sending a separate message for each line.
-m : message payload to send.
-M : the maximum inflight messages for QoS 1/2..
-n : send a null (zero length) message.
-p : network port to connect to. Defaults to 1883 for plain MQTT and 8883 for MQTT over TLS.
-P : provide a password
-q : quality of service level to use for all messages. Defaults to 0.
-r : message should be retained.
-s : read message from stdin, sending the entire input as a message.
-t : mqtt topic to publish to.
-u : provide a username
-V : specify the version of the MQTT protocol to use when connecting.
Can be mqttv5, mqttv311 or mqttv31. Defaults to mqttv311.
-x : Set the session-expiry-interval property on the CONNECT packet. Applies to MQTT v5
clients only. Set to 0-4294967294 to specify the session will expire in that many
seconds after the client disconnects, or use -1, 4294967295, or ∞ for a session
that does not expire. Defaults to -1 if -c is also given, or 0 if -c not given.
--help : display this message.
--nodelay : disable Nagle's algorithm, to reduce socket sending latency at the possible
expense of more packets being sent.
--quiet : don't print error messages.
--repeat : if publish mode is -f, -m, or -s, then repeat the publish N times.
--repeat-delay : if using --repeat, wait time seconds between publishes. Defaults to 0.
--unix : connect to a broker through a unix domain socket instead of a TCP socket,
e.g. /tmp/mosquitto.sock
--will-payload : payload for the client Will, which is sent by the broker in case of
unexpected disconnection. If not given and will-topic is set, a zero
length message will be sent.
--will-qos : QoS level for the client Will.
--will-retain : if given, make the client Will retained.
--will-topic : the topic on which to publish the client Will.
--cafile : path to a file containing trusted CA certificates to enable encrypted
communication.
--capath : path to a directory containing trusted CA certificates to enable encrypted
communication.
--cert : client certificate for authentication, if required by server.
--key : client private key for authentication, if required by server.
--keyform : keyfile type, can be either "pem" or "engine".
--ciphers : openssl compatible list of TLS ciphers to support.
--tls-version : TLS protocol version, can be one of tlsv1.3 tlsv1.2 or tlsv1.1.
Defaults to tlsv1.2 if available.
--insecure : do not check that the server certificate hostname matches the remote
hostname. Using this option means that you cannot be sure that the
remote host is the server you wish to connect to and so is insecure.
Do not use this option in a production environment.
--tls-engine : If set, enables the use of a TLS engine device.
--tls-engine-kpass-sha1 : SHA1 of the key password to be used with the selected SSL engine.
--tls-use-os-certs : Load and trust OS provided CA certificates.
--proxy : SOCKS5 proxy URL of the form:
socks5h://[username[:password]@]hostname[:port]
Only "none" and "username" authentication is supported.See https://mosquitto.org/ for more information.
七 测试
7.1 接收消息
mosquitto_sub -u test -P test -t wgs027.2 发消息
mosquitto_pub -u test -P test -t wgs02 -m "wgs=test"
