This project provides a Terraform script for deploying either the open-source or enterprise versions of EMQX on Microsoft Azure. EMQX is an open-source, distributed MQTT message broker for IoT applications and is designed to handle large amounts of concurrent client connections.
OS/Version | EMQX Enterprise 4.4.x | EMQX Open Source 4.4.x | EMQX Open Source 5.1.x | EMQX enterprise 5.1.x |
---|---|---|---|---|
ubuntu 20.04 | ✓ | ✓ | ✓ | ✓ |
- Azure account with necessary permissions
- Terraform installed on your machine. If not, please follow this guide
- Azure CLI installed and configured
Set up your Azure credentials by following this guide. After setting up, export the Azure credentials:
export ARM_SUBSCRIPTION_ID=${ARM_SUBSCRIPTION_ID}
export ARM_TENANT_ID=${ARM_TENANT_ID}
export ARM_CLIENT_ID=${ARM_CLIENT_ID}
export ARM_CLIENT_SECRET=${ARM_CLIENT_SECRET}
To deploy EMQX version 4.4.x, provide the package URL in the emqx4_package variable. Replace ${emqx4_package_url} with your actual URL.
emqx4_package = ${emqx4_package_url}
To deploy EMQX version 5.1.x, provide the package URL in the emqx5_package variable. Replace ${emqx5_package_url} with your actual URL.
emqx5_package = ${emqx5_package_url}
is_emqx5 = true
emqx5_core_count = 2
emqx_vm_count = 3
Note
The emq5_core_count should be less than or equal to emqx_vm_count.
To deploy an EMQX cluster, run the following commands:
cd services/emqx_cluster
terraform init
terraform plan
terraform apply -auto-approve
Note
If you want to deploy more than 10 nodes when using EMQX Enterprise, you need to apply for an EMQX license.
Run the following command to apply the license:
terraform apply -auto-approve -var="emqx_lic=${your_license_content}"
After successful deployment, you will see the following output:
Outputs:
loadbalancer_public_ip = ${loadbalancer_public_ip}
You can now access various services on their respective ports:
Dashboard: ${loadbalancer_public_ip}:18083
MQTT: ${loadbalancer_public_ip}:1883
MQTTS: ${loadbalancer_public_ip}:8883
WS: ${loadbalancer_public_ip}:8083
WSS: ${loadbalancer_public_ip}:8084
lb_type = "private"
Below are some configurations for enabling SSL/TLS:
# default one-way SSL
enable_ssl_two_way = false
# common name for root ca
ca_common_name = "RootCA"
# common name for cert
common_name = "Server"
# organization name
org = "EMQ"
# hours that the cert will valid for
validity_period_hours = 8760
# hours before its actual expiry time
early_renewal_hours = 720
Run the following commands to store the CA, cert, and key to files for client connections:
terraform output -raw tls_ca > tls_ca.pem
terraform output -raw tls_cert > tls_cert.pem
terraform output -raw tls_key > tls_key.key
If a client needs to verify the server's certificate chain and host name, you must configure the hosts file:
${loadbalancer_ip} ${common_name}
After you've finished with the EMQX cluster, you can destroy it using the following command:
terraform destroy -auto-approve
This will delete all resources created by Terraform in this module.
We welcome contributions from the community. Please submit your pull requests for bug fixes, improvements, and new features.
This project is licensed under the terms of the MIT License.
If you encounter any problems or have any questions about this module, please open an issue in the GitHub repository.