Mosquitto is an MQTT broker that is incredibly user-friendly and easy to use. I recently encountered a use case where I needed to deploy Mosquitto to an EKS cluster and make it accessible beyond the cluster’s network.
Before diving into the deployment of the Mosquitto Broker, it is crucial to ensure that all the necessary prerequisites are met. In this article, I will provide a brief overview of these prerequisites, along with appropriate links to relevant documentation for more detailed information.
Prerequisites
The first is that the Mosquitto Broker will be needing a Persistent Volume Claim. To achieve this, it is necessary to have the Amazon EBS CSI Driver add-on installed in your cluster. Luckily, Amazon has a very helpful guide written down which can be found here.
The installation process for the Amazon EBS CSI Driver add-on is relatively straightforward. It involves creating the necessary IAM role for the Amazon EBS CSI Driver and adding the add-on through the AWS console.
The second prerequisite is having the AWS Load Balancer Controller add-on installed on the cluster. This add-on is essential for creating a load balancer that enables external access to the MQTT Broker from outside the cluster. Fortunately, there again is a non-trivial documentation on how to do that here.
Kubernetes Manifests
We will now proceed to create a simple YAML file that encompasses the deployment, service, persistent volume claim, and config map.
Service manifest to connect to Mosquitto
To enable access to the Mosquitto Broker outside of the EKS cluster, we annotate the load balancer.
apiVersion: v1
kind: Service
metadata:
name: mosquitto
labels:
app: mosquitto
annotations:
service.beta.kubernetes.io/aws-load-balancer-internal: "false"
spec:
ports:
- port: 1883
targetPort: 1883
name: mqtt
- port: 9001
targetPort: 9001
name: wss
selector:
app: mosquitto
type: LoadBalancer
Persistent volume claim manifest
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: mq-pv-claim
labels:
app: mosquitto
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 2Gi
Config map manifest
We can also create a similar config map for passwords as below if we need it.
apiVersion: v1
kind: ConfigMap
metadata:
name: mosquitto-config
data:
mosquitto.conf : |
listener 1883
persistence true
persistence_location /mosquitto/data/
log_dest file /mosquitto/log/mosquitto.log
allow_anonymous true
Deployment manifest
Finally, we will create the deployment manifest for the Mosquitto Broker, where we will configure the volume and mount the necessary Persistent Volume Claim (PVC) and ConfigMap.
apiVersion: apps/v1
kind: Deployment
metadata:
name: mosquitto
labels:
app: mosquitto
spec:
selector:
matchLabels:
app: mosquitto
strategy:
type: Recreate
template:
metadata:
labels:
app: mosquitto
spec:
containers:
- image: eclipse-mosquitto:latest
name: mosquitto
ports:
- containerPort: 1883
- containerPort: 9001
volumeMounts:
- name: mosquitto-persistent-storage
mountPath: /mosquitto/data
- name: mosquitto-config
mountPath: /mosquitto/config/mosquitto.conf
subPath: mosquitto.conf
volumes:
- name: mosquitto-persistent-storage
persistentVolumeClaim:
claimName: mq-pv-claim
- name: mosquitto-config
configMap:
name: mosquitto-config
By applying these manifests, we will have a Mosquitto Broker successfully running on your EKS cluster.