Hi,
I am new to MQTT and am deploying a EMQX cluster that has 3 listeners as follows:
- 2 listeners, default and quic, that are accessible publicly via username/password authentication and uses SSL encryption.
- 1 internal listener that does not require any authentication and does not use SSL encryption.
I would like to know if such a setup is possible.
Then, how to deploy this with Kubernetes.
So far, I came up with this as part of the deployment.yaml file:
bootstrapConfig: |
dashboard {
listeners.http {
bind: 18083
}
default_username: "admin"
default_password: "xxx"
}
listeners.tcp.default {
bind = "0.0.0.0:1883"
max_connections = 1024000
}
listeners.tcp.internal {
bind = "0.0.0.0:1884"
max_connections = 1024000
}
listeners.tcp.quic {
bind = "0.0.0.0:1885"
max_connections = 1024000
}
This works, but I am not sure how to add the layers of SSL and password authentication that I need for 2 out of those 3 listeners.
So far, I used this as a reference:
I have tried adding lines into the configuration of each of the listeners, such as:
authentication=[{enable=true, backend="built_in_database", mechanism="password_based"}]
and
ssl_options.verify = "verify_peer"
I have not found the right code snippet to use.
Can someone point me to some kind of documentation or examples that I could follow?
Thank you.