# download: https://www.emqx.io/downloads/broker?osType=Linux
# unzip emqx-ubuntu18.04-v3.2.2.zip && cd emqx
# start emqx
./bin/emqx start
# Check the running status
./bin/emqx_ctl status
# stop emqx
./bin/emqx stop
MQTT client can connect it though port 1883
web console: http://127.0.0.1:18083 . Default username: admin,password:public
# install Erlang. Note: emqx is built on Erlang programming language.
# install rebar3: A sophisticated build-tool for Erlang projects that follows OTP principles
#Get the source code
git clone -b v3.2.0 https://github.com/emqx/emqx-rel.git
#Set environment variables
$ export EMQX_DEPS_DEFAULT_VSN=v3.2.0
#Compile
$ cd emqx-rel && make
#Start EMQ X
cd _build/emqx/rel/emqx
./bin/emqx start
# emqx v3.2.0 is started successfully!
./bin/emqx_ctl status
# Node 'emqx@127.0.0.1' is started
# emqx 3.2.0 is running
The default TCP ports used by the EMQ X message server include:
Port | Protocol |
---|---|
1883 | MQTT protocol port |
8883 | MQTT/SSL port |
8083 | MQTT/WebSocket port |
8080 | HTTP API port |
18083 | Dashboard Management Console Port |
Using the mosquitto_sub/pub client on command line to publish and to subscribe to messages:
mosquitto_sub -h 127.0.0.1 -p 1883 -t topic -q 2
mosquitto_pub -h 127.0.0.1 -p 1883 -t topic -q 1 -m "Hello, MQTT!"
cd /home/x/work/emqx-rel/_build/emqx/rel/emqx
# add a user
./bin/emqx_ctl users add ElonMusk password
# config emqx
vim ./etc/emqx.conf
# allow_anonymous = false
# enable plugins
./bin/emqx_ctl plugins list
./bin/emqx_ctl plugins load emqx_auth_username
# restart emqx
./bin/emqx restart
./bin/emqx --help
# Usage: emqx {start|start_boot
# <file>|ertspath|foreground|stop|restart|reboot|pid|ping|console|console_clean|console_boot
# <file>|attach|remote_console|upgrade|escript|rpc|rpcterms|eval}
# connect
mosquitto_sub -h 127.0.0.1 -p 1883 -d -t topic -q 2 -u ElonMusk -P password
mosquitto_pub -h 127.0.0.1 -p 1883 -d -t topic -q 2 -m "Hello, Username!" -u ElonMusk -P password
mosquitto_sub -h 127.0.0.1 -p 8883 -d -t topic -q 2 -u ElonMusk -P password --psk 1234 --psk-identity client1
mosquitto_pub -h 127.0.0.1 -p 8883 -d -t topic -q 2 -m "Hello TLS" -u Sender -P password --psk 1234 --psk-identity client1
File | Description |
---|---|
etc/emqx.conf | EMQ X 3.0 Configuration File |
etc/acl.conf | The default ACL File |
etc/plugins/*.conf | Config Files of Plugins |
Configuration file processing flow during EMQ X start-up::
---------------------- 3.0/schema/*.schema -------------------
| etc/emqx.conf | ----------------- \|/ | data/app.config |
| + | --> mergeconf --> | data/app.conf | --> cuttlefish generate --> | |
| etc/plugins/*.conf | ----------------- | data/vm.args |
---------------------- -------------------
authetication is provided by a seriers of authentication plugins
supports authentication by username, password, ClientID or anonymous
anonymous is default
Multiple auth plug-ins can be started at the same time. The plug-in that starts first checks first.
Username Auth -> ClientID Auth -> Anonymous Auth
Modify etc/emqx.conf
enable anonymous authentication: allow_anonymous = true
Access Control List:
acl_nomatch = allow
acl_file = etc/acl.conf
etc/acl.conf
%% Allows 'dashboard' users to subscribe to '$SYS/#'
{allow, {user, "dashboard"}, subscribe, ["$SYS/#"]}.
%% Allows local user to publish and subscribe to all topics
{allow, {ipaddr, "127.0.0.1"}, pubsub, ["$SYS/#", "#"]}.
%% Deny all the users to subscribe to '$SYS/#' and '#' topics except local users
{deny, all, subscribe, ["$SYS/#", {eq, "#"}]}.
%% Allows any situation other than the above rules
{allow, all}.
The authentication plugins provided by EMQ X include:
plugins | description |
---|---|
emqx_auth_clientid | ClientId authentication plugin |
emqx_auth_username | username and password authentication plugin |
emqx_auth_jwt | JWT authentication plugin |
emqx_auth_ldap | LDAP authentication plugin |
emqx_auth_http | HTTP authentication plugin |
emqx_auth_mysql | MySQ Lauthentication plugin |
emqx_auth_pgsql | Postgre authentication plugin |
emqx_auth_redis | Redis authentication plugin |
emqx_auth_mongo | MongoDB authentication plugin |
RPC bridge
MQTT bridge
configure:
etc/plugins/emqx_bridge_mqtt.conf
through which an application server or web server can publish MQTT messages
web browsers or applications can connect directly to the broker via WebSocket
## Specify the Erlang Distributed Communication Protocol: inet_tcp | inet6_tcp | inet_tls
node.proto_dist = inet_tcp
Files for storing SSL/TLS options when Erlang distributed using TLS:
node.ssl_dist_optfile = etc/ssl_dist.conf
SSL listening port:
listener.ssl.external = 8883
Path of the file containing the user’s private key:
listener.ssl.external.keyfile = etc/certs/key.pem
Path of the file containing the user certificate:
listener.ssl.external.certfile = etc/certs/cert.pem
Path of the file containing the CA certificate:
## listener.ssl.external.cacertfile = etc/certs/cacert.pem