Mosquitto is an MQTT broker that is incredibly user-friendly and easy to use. I recently encountered a use case where I needed to deploy Mosquitto to an EKS cluster and make it accessible beyond the cluster’s network.
Before diving into the deployment of the Mosquitto Broker, it is crucial to ensure that all the necessary prerequisites are met. In this article, I will provide a brief overview of these prerequisites, along with appropriate links to relevant documentation for more detailed information.
The first is that the Mosquitto Broker will be needing a Persistent Volume Claim. To achieve this, it is necessary to have the Amazon EBS CSI Driver add-on installed in your cluster. Luckily, Amazon has a very helpful guide written down which can be found here.
The installation process for the Amazon EBS CSI Driver add-on is relatively straightforward. It involves creating the necessary IAM role for the Amazon EBS CSI Driver and adding the add-on through the AWS console.
The second prerequisite is having the AWS Load Balancer Controller add-on installed on the cluster. This add-on is essential for creating a load balancer that enables external access to the MQTT Broker from outside the cluster. Fortunately, there again is a non-trivial documentation on how to do that here.
We will now proceed to create a simple YAML file that encompasses the deployment, service, persistent volume claim, and config map.
Service manifest to connect to Mosquitto
To enable access to the Mosquitto Broker outside of the EKS cluster, we annotate the load balancer.
apiVersion: v1 kind: Service metadata: name: mosquitto labels: app: mosquitto annotations: service.beta.kubernetes.io/aws-load-balancer-internal: "false" spec: ports: - port: 1883 targetPort: 1883 name: mqtt - port: 9001 targetPort: 9001 name: wss selector: app: mosquitto type: LoadBalancer
Persistent volume claim manifest
apiVersion: v1 kind: PersistentVolumeClaim metadata: name: mq-pv-claim labels: app: mosquitto spec: accessModes: - ReadWriteOnce resources: requests: storage: 2Gi
Config map manifest
We can also create a similar config map for passwords as below if we need it.
apiVersion: v1 kind: ConfigMap metadata: name: mosquitto-config data: mosquitto.conf : | listener 1883 persistence true persistence_location /mosquitto/data/ log_dest file /mosquitto/log/mosquitto.log allow_anonymous true
Finally, we will create the deployment manifest for the Mosquitto Broker, where we will configure the volume and mount the necessary Persistent Volume Claim (PVC) and ConfigMap.
apiVersion: apps/v1 kind: Deployment metadata: name: mosquitto labels: app: mosquitto spec: selector: matchLabels: app: mosquitto strategy: type: Recreate template: metadata: labels: app: mosquitto spec: containers: - image: eclipse-mosquitto:latest name: mosquitto ports: - containerPort: 1883 - containerPort: 9001 volumeMounts: - name: mosquitto-persistent-storage mountPath: /mosquitto/data - name: mosquitto-config mountPath: /mosquitto/config/mosquitto.conf subPath: mosquitto.conf volumes: - name: mosquitto-persistent-storage persistentVolumeClaim: claimName: mq-pv-claim - name: mosquitto-config configMap: name: mosquitto-config
By applying these manifests, we will have a Mosquitto Broker successfully running on your EKS cluster.