Deploying the Mosquitto MQTT Broker in an EKS Cluster

Mosquitto is an MQTT broker that is incredibly user-friendly and easy to use. I recently encountered a use case where I needed to deploy Mosquitto to an EKS cluster and make it accessible beyond the cluster’s network.

Before diving into the deployment of the Mosquitto Broker, it is crucial to ensure that all the necessary prerequisites are met. In this article, I will provide a brief overview of these prerequisites, along with appropriate links to relevant documentation for more detailed information.


Prerequisites

The first is that the Mosquitto Broker will be needing a Persistent Volume Claim. To achieve this, it is necessary to have the Amazon EBS CSI Driver add-on installed in your cluster. Luckily, Amazon has a very helpful guide written down which can be found here.

The installation process for the Amazon EBS CSI Driver add-on is relatively straightforward. It involves creating the necessary IAM role for the Amazon EBS CSI Driver and adding the add-on through the AWS console.

The second prerequisite is having the AWS Load Balancer Controller add-on installed on the cluster. This add-on is essential for creating a load balancer that enables external access to the MQTT Broker from outside the cluster. Fortunately, there again is a non-trivial documentation on how to do that here.


Kubernetes Manifests

We will now proceed to create a simple YAML file that encompasses the deployment, service, persistent volume claim, and config map.

Service manifest to connect to Mosquitto

To enable access to the Mosquitto Broker outside of the EKS cluster, we annotate the load balancer.

apiVersion: v1
kind: Service
metadata:
  name: mosquitto
  labels:
    app: mosquitto
  annotations:
    service.beta.kubernetes.io/aws-load-balancer-internal: "false"
spec:
  ports:
    - port: 1883
      targetPort: 1883
      name: mqtt
    - port: 9001
      targetPort: 9001
      name: wss
  selector:
    app: mosquitto
  type: LoadBalancer

Persistent volume claim manifest


apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: mq-pv-claim
  labels:
    app: mosquitto
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 2Gi

Config map manifest

We can also create a similar config map for passwords as below if we need it.

apiVersion: v1
kind: ConfigMap
metadata:
  name: mosquitto-config
data:
  mosquitto.conf : |
    listener 1883
    persistence true
    persistence_location /mosquitto/data/
    log_dest file /mosquitto/log/mosquitto.log
    allow_anonymous true

Deployment manifest

Finally, we will create the deployment manifest for the Mosquitto Broker, where we will configure the volume and mount the necessary Persistent Volume Claim (PVC) and ConfigMap.

apiVersion: apps/v1
kind: Deployment
metadata:
  name: mosquitto
  labels:
    app: mosquitto
spec:
  selector:
    matchLabels:
      app: mosquitto
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: mosquitto
    spec:
      containers:
        - image: eclipse-mosquitto:latest
          name: mosquitto
          ports:
            - containerPort: 1883
            - containerPort: 9001
          volumeMounts:
            - name: mosquitto-persistent-storage
              mountPath: /mosquitto/data
            - name: mosquitto-config
              mountPath: /mosquitto/config/mosquitto.conf
              subPath: mosquitto.conf
      volumes:
        - name: mosquitto-persistent-storage
          persistentVolumeClaim:
            claimName: mq-pv-claim
        - name: mosquitto-config
          configMap:
            name: mosquitto-config

By applying these manifests, we will have a Mosquitto Broker successfully running on your EKS cluster.