docker 搭建 RocketMQ docker搭建RocketMQ 可视化界面 ,开启控制台密码和acl密码

1、拉取镜像

docker pull foxiswho/rocketmq:4.8.0

2、创建数据目录

mkdir -p /home/dockerdata/rocketmq/namesrv/logs

mkdir -p /home/dockerdata/rocketmq/broker/store
mkdir -p /home/dockerdata/rocketmq/broker/logs
mkdir -p /home/dockerdata/rocketmq/broker/conf

mkdir -p /home/dockerdata/rocketmq/console/data

cd /home/dockerdata/rocketmq
chmod 777 -R namesrv
chmod 777 -R broker
chmod 777 -R console

3、运行nameServer容器

docker run -d 
--restart=always 
-v /home/dockerdata/rocketmq/namesrv/logs:/home/rocketmq/logs 
--name rmqnamesrv 
-e "JAVA_OPT_EXT=-Xms128M -Xmx512M -Xmn128m" 
-p 9876:9876 
foxiswho/rocketmq:4.8.0 
sh mqnamesrv

5、创建配置文件/home/dockerdata/rocketmq/broker/conf/broker.conf  注意绿色文字

# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements.  See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License.  You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
#  Unless required by applicable law or agreed to in writing, software
#  distributed under the License is distributed on an "AS IS" BASIS,
#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
#  See the License for the specific language governing permissions and
#  limitations under the License.


#所属集群名字
brokerClusterName=DefaultCluster

#broker名字，注意此处不同的配置文件填写的不一样，如果在broker-a.properties使用:broker-a,
#在broker-b.properties使用:broker-b
brokerName=broker-a

#0 表示Master，>0 表示Slave
brokerId=0

#nameServer地址，分号分割
#namesrvAddr=rocketmq-nameserver1:9876;rocketmq-nameserver2:9876
namesrvAddr=172.168.1.xxx:9876

#启动IP,如果 docker 报 com.alibaba.rocketmq.remoting.exception.RemotingConnectException: connect to <192.168.0.120:10909> failed
# 解决方式1 加上一句producer.setVipChannelEnabled(false);，解决方式2 brokerIP1 设置宿主机IP，不要使用docker 内部IP

brokerIP1=172.168.1.xxx

#在发送消息时，自动创建服务器不存在的topic，默认创建的队列数
defaultTopicQueueNums=4

#是否允许 Broker 自动创建Topic，建议线下开启，线上关闭 ！！！这里仔细看是false，false，false
#原因下篇博客见~ 哈哈哈哈
autoCreateTopicEnable=true

#是否允许 Broker 自动创建订阅组，建议线下开启，线上关闭
autoCreateSubscriptionGroup=true

#此参数控制是否开启密码
#aclEnable=true


#Broker 对外服务的监听端口
listenPort=10911

#删除文件时间点，默认凌晨4点
deleteWhen=04

#文件保留时间，默认48小时
fileReservedTime=120

#commitLog每个文件的大小默认1G
mapedFileSizeCommitLog=1073741824

#ConsumeQueue每个文件默认存30W条，根据业务情况调整
mapedFileSizeConsumeQueue=300000

#destroyMapedFileIntervalForcibly=120000
#redeleteHangedFileInterval=120000
#检测物理文件磁盘空间
diskMaxUsedSpaceRatio=88
#存储路径
#storePathRootDir=/home/ztztdata/rocketmq-all-4.1.0-incubating/store
#commitLog 存储路径
#storePathCommitLog=/home/ztztdata/rocketmq-all-4.1.0-incubating/store/commitlog
#消费队列存储
#storePathConsumeQueue=/home/ztztdata/rocketmq-all-4.1.0-incubating/store/consumequeue
#消息索引存储路径
#storePathIndex=/home/ztztdata/rocketmq-all-4.1.0-incubating/store/index
#checkpoint 文件存储路径
#storeCheckpoint=/home/ztztdata/rocketmq-all-4.1.0-incubating/store/checkpoint
#abort 文件存储路径
#abortFile=/home/ztztdata/rocketmq-all-4.1.0-incubating/store/abort
#限制的消息大小
maxMessageSize=65536

#flushCommitLogLeastPages=4
#flushConsumeQueueLeastPages=2
#flushCommitLogThoroughInterval=10000
#flushConsumeQueueThoroughInterval=60000

#Broker 的角色
#- ASYNC_MASTER 异步复制Master
#- SYNC_MASTER 同步双写Master
#- SLAVE
brokerRole=ASYNC_MASTER

#刷盘方式
#- ASYNC_FLUSH 异步刷盘
#- SYNC_FLUSH 同步刷盘
flushDiskType=ASYNC_FLUSH

#发消息线程池数量
#sendMessageThreadPoolNums=128
#拉消息线程池数量
#pullMessageThreadPoolNums=128

6、创建acl文件，用于开启用户名密码，不用用户密码可以忽略此步骤 /home/dockerdata/rocketmq/broker/conf/plain_acl.yml

springboot 服务的ip如果在globalWhiteRemoteAddresses白名单中，不会走acl鉴权

# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements.  See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License.  You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
#  Unless required by applicable law or agreed to in writing, software
#  distributed under the License is distributed on an "AS IS" BASIS,
#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
#  See the License for the specific language governing permissions and
#  limitations under the License.

globalWhiteRemoteAddresses:
- 10.10.103.*
- 172.168.1.*

accounts:
- accessKey: RocketMQ
  secretKey: 12345678
  whiteRemoteAddress:
  admin: false
  defaultTopicPerm: DENY
  defaultGroupPerm: SUB
  topicPerms:
  - topicA=DENY
  - topicB=PUB|SUB
  - topicC=SUB
  groupPerms:
  # the group should convert to retry topic
  - groupA=DENY
  - groupB=PUB|SUB
  - groupC=SUB

- accessKey: rocketmq2
  secretKey: 12345678
  whiteRemoteAddress: 172.168.1.*
  # if it is admin, it could access all resources
  admin: true

7、运行broker，如果报错，试试把/home/dockerdata/rocketmq/broker/conf/broker.conf 配置文件中的brokerIP1=172.168.1.xxx这个启用，IP 地址填写 你docker 所在 宿主机的IP

docker run -d  
--restart=always 
-v /home/dockerdata/rocketmq/broker/logs:/home/rocketmq/logs 
-v /home/dockerdata/rocketmq/broker/store:/home/rocketmq/store 
-v /home/dockerdata/rocketmq/broker/conf/broker.conf:/home/rocketmq/rocketmq-4.8.0/conf/broker.conf 
-v /home/dockerdata/rocketmq/broker/conf/plain_acl.yml:/home/rocketmq/rocketmq-4.8.0/conf/plain_acl.yml 
--name rmqbroker 
-e "NAMESRV_ADDR=172.168.1.xxx:9876" 
-e "JAVA_OPT_EXT=-Xms128M -Xmx1024M -Xmn128m" 
-p 10911:10911 
-p 10912:10912 
-p 10909:10909 
foxiswho/rocketmq:4.8.0 
sh mqbroker -c /home/rocketmq/rocketmq-4.8.0/conf/broker.conf 

7、设置管理界面账号密码 /home/dockerdata/rocketmq/console/data/users.properties 

# This file supports hot change, any change will be auto-reloaded without Console restarting.
# Format: a user per line, username=password[,N] #N is optional, 0 (Normal User); 1 (Admin)
 
# Define Admin
# =============用户名和密码规则「用户名=密码,权限」，这里的权限为1表示管理员，为0表示普通用户=============
# 例如：admin=admin123,1
admin=123456,1
 
 
# Define Users
# =============屏蔽下边两个账户=============
#user1=user1
#user2=user2

8、运行管理界面（可视化界面）

docker run -d --restart=always --name rmqconsole
-v /home/dockerdata/rocketmq/console/data:/tmp/rocketmq-console/data
-e "JAVA_OPTS=-Drocketmq.namesrv.addr=172.168.1.xxx:9876 -Dcom.rocketmq.sendMessageWithVIPChannel=false -Drocketmq.config.loginRequired=true -Drocketmq.config.aclEnabled=true -Drocketmq.config.accessKey=rocketmq2 -Drocketmq.config.secretKey=12345678"
-p 18180:8080 -t iamverygood/rocketmq-console:4.7.1

rocketmq.config.loginRequired:开启控制台访问密码
rocketmq.config.aclEnabled： broker acl开启
rocketmq.config.accessKey： broker acl账号
rocketmq.config.secretKey： broker acl密码

9、浏览器访问，http://ip:18180，输入admin/123456登录访问