如何在 Kubernetes 中设置 Mosquitto MQTT Broker

tag-icon tag-icon kubernetes mqtt
如何在 Kubernetes 中设置 Mosquitto MQTT Broker

我一直在尝试在 Kubernetes 空间中设置 ChirpStack,但它似乎对我来说不起作用,而且我在网上找不到任何可以解决问题的资源。

**chirpstack-application-server-6d6f8d699c-nlrmx   1/1     Running            0          44s\
chirpstack-gateway-bridge-5454b7f9f-fm5wl          1/1     Running            0          73s\
chirpstack-mosquitto-646899d74d-d7bhl              0/1     CrashLoopBackOff   3          85s\
chirpstack-network-server-66cdf9bdf7-rhzg5         1/1     Running            0          55s**

以上是我现在拥有的每个 pod。应用服务器、网络服务器、网关桥接器都启动并运行,但是 Mosquitto 代理移动到“完成”并直接进入 CrashLoopBackOff。

我认为这可能与缺少配置有关,因此我花了几天时间将 mosquitto.conf 文件与“allow_anonymous true”放在一起,希望从我的任何 ChirpStack 组件获取连接,但日志仅指示 mqtt 连接被拒绝错误。

kubectl 日志 chirpstack-application-server 的输出

time="2020-12-10T15:01:41Z" level=error msg="integration/mqtt: connecting to broker error, will retry in 2s: Network Error : dial tcp 10.244.146.236:1883: i/o timeout"

因为无法建立连接,所以我假设情况正好相反,我需要添加 password_file 并将 allow_anonymous 设置为 false。下面是我当前的配置,如果有人知道哪里出了问题的话。

configMap-1.yml

kind: ConfigMap
metadata:
  name: mosquitto-password
  namespace: ****
  labels:
    app: chirpstack-mosquitto  
data:
  password_file.txt: |
    admin:admin
    user:user
    app-server:app-server
    net-server:net-server
    gateway-bridge:gateway-bridge

配置地图.yml

kind: ConfigMap
metadata:
  name: mosquitto-config
  namespace: ****
  labels:
    app: chirpstack-mosquitto  
data:
  mosquitto.conf: |    
    persistence true
    persistence_location /mosquitto/data/
    # per_listener_settings false
    log_dest stdout
    # listener 1886
    listener 1883
    protocol mqtt
    # Defaults to false, unless there are no listeners defined in the configuration
    # file, in which case it is set to true, but connections are only allowed from
    # the local machine.
    allow_anonymous false
    password_file /.config/mosquitto/auth/password_file.txt
    #    cafile: /mosquitto/config/certs/ca.crt
    #    certfile: /mosquitto/config/certs/server.crt
    #    keyfile: /mosquitto/config/certs/server.key
    require_certificate false
    use_identity_as_username false

部署.yml

kind: Deployment
metadata:
  name: chirpstack-mosquitto
  namespace: ****  
spec:
  replicas: 1
  selector:
    matchLabels:
      app: chirpstack-mosquitto
  template:
    metadata:
      labels:
        app: chirpstack-mosquitto
    spec:
      containers:
      - name: chirpstack-mosquitto
        image: ****/chirpstack/eclipse-mosquitto:1.6.12
        ports:
        - containerPort: 1883
        volumeMounts:
        - name: password-file
          mountPath: /.config/mosquitto/auth/password_file.txt
          subPath: password_file.txt
        - name: mosquitto-data
          mountPath: /mosquitto/data
        - name: mosquitto-log
          mountPath: /mosquitto/log
        - name: config-file
          mountPath: /.config/mosquitto/mosquitto.conf
          subPath: mosquitto.conf         
      securityContext:
        runAsNonRoot: true
        fsGroup: 1
        runAsGroup: 1000
        runAsUser: 1000
        supplementalGroups:
        - 1    
      volumes:
      - name: config-file
        configMap:
          name: mosquitto-config
      - name: password-file
        configMap:
          name: mosquitto-password        
      - name: mosquitto-data
        emptyDir: {}
      - name: mosquitto-log
        emptyDir: {}

服务.yml

kind: Service
metadata:
  name: chirpstack-mosquitto
  namespace: 186215-poc  
spec:
  type: ClusterIP
  ports:
    - name: mqtt 
      port: 1883
      targetPort: 1883
      protocol: TCP  
  selector:
    app: chirpstack-mosquitto

答案1

mosquitto/configmap.yaml:

apiVersion: v1
kind: ConfigMap
metadata:
  name: mosquitto-config
data:
  mosquitto.conf: |-
    # Ip/hostname to listen to.
    # If not given, will listen on all interfaces
    #bind_address

    # Port to use for the default listener.
    port 1883

    # Allow anonymous users to connect?
    # If not, the password file should be created
    allow_anonymous true

    # The password file.
    # Use the `mosquitto_passwd` utility.
    # If TLS is not compiled, plaintext "username:password" lines bay be used
    # password_file /mosquitto/config/passwd

mosquitto/deployment.yaml:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: mosquitto
spec:
  selector:
    matchLabels:
      app: mosquitto
  template:
    metadata:
      labels:
        app: mosquitto
    spec:
      containers:
      - name: mosquitto
        image: eclipse-mosquitto:2.0
        resources:
          requests:
            cpu: "50m"
          limits:
            memory: "128Mi"
            cpu: "500m"
        ports:
        - containerPort: 1883
        volumeMounts:
            - name: mosquitto-config
              mountPath: /mosquitto/config/mosquitto.conf
              subPath: mosquitto.conf
      volumes:
        - name: mosquitto-config
          configMap:
            name: mosquitto-config

mosquitto/service.yaml:

apiVersion: v1
kind: Service
metadata:
  name: mosquitto
spec:
  selector:
    app: mosquitto
  ports:
  - port: 1883
    targetPort: 1883

现在:

$ kubectl apply -f mosquitto/
$ kubectl get pods,deployments,services -o wide
$ kubectl logs -l app=gateway-bridge -f --all-containers

答案2

按着这些次序:

  1. git 克隆https://github.com/halkeye-helm-charts/mosquitto.git

  2. 调整值.yaml文件,添加节点端口或者负载均衡器并启用存储类

    service:
   type: NodePort

persistence:
   storageClass: "oci-bv"

  3. 通过部署掌舵图helm install mosquitto --generate-name

  4. 查看蚊子pod 日志:kubectl logs pod/mosquitto-service-name。例如:

    在此处输入图片描述

  5. 测试服务:

    订户:

    docker run -it --rm --name mqtt-subscriber efrecon/mqtt-client sub -h ip_address -p port -t "/#"

    发行商:

    docker run -it --rm --name mqtt-publisher efrecon/mqtt-client pub -h ip- address -m "SOOntestMessage" -p port -t "/test"

  6. 您应该在订阅者上收到消息:

    在此处输入图片描述

相关内容