docker 搭建 RocketMQ docker搭建RocketMQ 可视化界面 ,开启控制台密码和acl密码

1、拉取镜像

docker pull foxiswho/rocketmq:4.8.0

 

2、创建数据目录

mkdir -p /home/dockerdata/rocketmq/namesrv/logs

mkdir -p /home/dockerdata/rocketmq/broker/store
mkdir -p /home/dockerdata/rocketmq/broker/logs mkdir -p /home/dockerdata/rocketmq/broker/conf

mkdir -p /home/dockerdata/rocketmq/console/data

cd /home/dockerdata/rocketmq
chmod 777 -R namesrv
chmod 777 -R broker
chmod 777 -R console

3、运行nameServer容器

docker run -d \
--restart=always \ -v /home/dockerdata/rocketmq/namesrv/logs:/home/rocketmq/logs \ --name rmqnamesrv \ -e "JAVA_OPT_EXT=-Xms128M -Xmx512M -Xmn128m" \ -p 9876:9876 \ foxiswho/rocketmq:4.8.0 \ sh mqnamesrv

5、创建配置文件/home/dockerdata/rocketmq/broker/conf/broker.conf  注意绿色文字

# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements.  See the NOTICE file distributed with # this work for additional information regarding copyright ownership. # The ASF licenses this file to You under the Apache License, Version 2.0 # (the "License"); you may not use this file except in compliance with # the License. You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. #所属集群名字 brokerClusterName=DefaultCluster #broker名字，注意此处不同的配置文件填写的不一样，如果在broker-a.properties使用:broker-a, #在broker-b.properties使用:broker-b brokerName=broker-a #0 表示Master，>0 表示Slave brokerId=0 #nameServer地址，分号分割 #namesrvAddr=rocketmq-nameserver1:9876;rocketmq-nameserver2:9876 namesrvAddr=172.168.1.xxx:9876 #启动IP,如果 docker 报 com.alibaba.rocketmq.remoting.exception.RemotingConnectException: connect to <192.168.0.120:10909> failed # 解决方式1 加上一句producer.setVipChannelEnabled(false);，解决方式2 brokerIP1 设置宿主机IP，不要使用docker 内部IP
 brokerIP1=172.168.1.xxx
 #在发送消息时，自动创建服务器不存在的topic，默认创建的队列数 defaultTopicQueueNums=4 #是否允许 Broker 自动创建Topic，建议线下开启，线上关闭 ！！！这里仔细看是false，false，false #原因下篇博客见~ 哈哈哈哈 autoCreateTopicEnable=true #是否允许 Broker 自动创建订阅组，建议线下开启，线上关闭 autoCreateSubscriptionGroup=true

#此参数控制是否开启密码
#aclEnable=true
 #Broker 对外服务的监听端口 listenPort=10911 #删除文件时间点，默认凌晨4点 deleteWhen=04 #文件保留时间，默认48小时 fileReservedTime=120 #commitLog每个文件的大小默认1G mapedFileSizeCommitLog=1073741824 #ConsumeQueue每个文件默认存30W条，根据业务情况调整 mapedFileSizeConsumeQueue=300000 #destroyMapedFileIntervalForcibly=120000 #redeleteHangedFileInterval=120000 #检测物理文件磁盘空间 diskMaxUsedSpaceRatio=88 #存储路径 #storePathRootDir=/home/ztztdata/rocketmq-all-4.1.0-incubating/store #commitLog 存储路径 #storePathCommitLog=/home/ztztdata/rocketmq-all-4.1.0-incubating/store/commitlog #消费队列存储 #storePathConsumeQueue=/home/ztztdata/rocketmq-all-4.1.0-incubating/store/consumequeue #消息索引存储路径 #storePathIndex=/home/ztztdata/rocketmq-all-4.1.0-incubating/store/index #checkpoint 文件存储路径 #storeCheckpoint=/home/ztztdata/rocketmq-all-4.1.0-incubating/store/checkpoint #abort 文件存储路径 #abortFile=/home/ztztdata/rocketmq-all-4.1.0-incubating/store/abort #限制的消息大小 maxMessageSize=65536 #flushCommitLogLeastPages=4 #flushConsumeQueueLeastPages=2 #flushCommitLogThoroughInterval=10000 #flushConsumeQueueThoroughInterval=60000 #Broker 的角色 #- ASYNC_MASTER 异步复制Master #- SYNC_MASTER 同步双写Master #- SLAVE brokerRole=ASYNC_MASTER #刷盘方式 #- ASYNC_FLUSH 异步刷盘 #- SYNC_FLUSH 同步刷盘 flushDiskType=ASYNC_FLUSH #发消息线程池数量 #sendMessageThreadPoolNums=128 #拉消息线程池数量 #pullMessageThreadPoolNums=128

6、创建acl文件，用于开启用户名密码，不用用户密码可以忽略此步骤 /home/dockerdata/rocketmq/broker/conf/plain_acl.yml

springboot 服务的ip如果在globalWhiteRemoteAddresses白名单中，不会走acl鉴权

# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements.  See the NOTICE file distributed with # this work for additional information regarding copyright ownership. # The ASF licenses this file to You under the Apache License, Version 2.0 # (the "License"); you may not use this file except in compliance with # the License. You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. globalWhiteRemoteAddresses: - 10.10.103.* - 172.168.1.* accounts: - accessKey: RocketMQ secretKey: 12345678 whiteRemoteAddress: admin: false defaultTopicPerm: DENY defaultGroupPerm: SUB topicPerms: - topicA=DENY - topicB=PUB|SUB - topicC=SUB groupPerms: # the group should convert to retry topic - groupA=DENY - groupB=PUB|SUB - groupC=SUB - accessKey: rocketmq2 secretKey: 12345678 whiteRemoteAddress: 172.168.1.* # if it is admin, it could access all resources admin: true

 

7、运行broker，如果报错，试试把/home/dockerdata/rocketmq/broker/conf/broker.conf 配置文件中的brokerIP1=172.168.1.xxx这个启用，IP 地址填写 你docker 所在 宿主机的IP

docker run -d  \
--restart=always \ -v /home/dockerdata/rocketmq/broker/logs:/home/rocketmq/logs \ -v /home/dockerdata/rocketmq/broker/store:/home/rocketmq/store \ -v /home/dockerdata/rocketmq/broker/conf/broker.conf:/home/rocketmq/rocketmq-4.8.0/conf/broker.conf \
-v /home/dockerdata/rocketmq/broker/conf/plain_acl.yml:/home/rocketmq/rocketmq-4.8.0/conf/plain_acl.yml \ --name rmqbroker \ -e "NAMESRV_ADDR=172.168.1.xxx:9876" \ -e "JAVA_OPT_EXT=-Xms128M -Xmx1024M -Xmn128m" \ -p 10911:10911 \ -p 10912:10912 \ -p 10909:10909 \ foxiswho/rocketmq:4.8.0 \ sh mqbroker -c /home/rocketmq/rocketmq-4.8.0/conf/broker.conf 

7、设置管理界面账号密码 /home/dockerdata/rocketmq/console/data/users.properties 

# This file supports hot change, any change will be auto-reloaded without Console restarting.
# Format: a user per line, username=password[,N] #N is optional, 0 (Normal User); 1 (Admin) # Define Admin # =============用户名和密码规则「用户名=密码,权限」，这里的权限为1表示管理员，为0表示普通用户============= # 例如：admin=admin123,1 admin=123456,1 # Define Users # =============屏蔽下边两个账户============= #user1=user1 #user2=user2

 

8、运行管理界面（可视化界面）

docker run -d --restart=always --name rmqconsole \
-v /home/dockerdata/rocketmq/console/data:/tmp/rocketmq-console/data \
-e "JAVA_OPTS=-Drocketmq.namesrv.addr=172.168.1.xxx:9876 -Dcom.rocketmq.sendMessageWithVIPChannel=false -Drocketmq.config.loginRequired=true -Drocketmq.config.aclEnabled=true -Drocketmq.config.accessKey=rocketmq2 -Drocketmq.config.secretKey=12345678" \
-p 18180:8080 -t iamverygood/rocketmq-console:4.7.1

rocketmq.config.loginRequired:开启控制台访问密码
rocketmq.config.aclEnabled： broker acl开启
rocketmq.config.accessKey： broker acl账号
rocketmq.config.secretKey： broker acl密码

 

 

 

9、浏览器访问，http://ip:18180，输入admin/123456登录访问