Nginx配置域名反向代理MQTT 配置mqtt /ws /wss访问域名连接。
<p>有时候我们想通过域名的方式来进行mqtt的连接。</p><p>首先在阿里云上安装mqtt服务器端。本文mqtt服务器端ip地址为: xx.xx.67.177</p>
<p>并配置mqtt监听端口 tcp : 1883 , http /ws 为 8083 </p>
<p>安装好之后下载mqttbox 工具进行测试连接。</p>
<p>一、使用TCP的方式验证mqtt服务器。</p>
<p><img src="https://img-blog.csdnimg.cn/20200308213436231.jpg?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L2ZlbmdzaDk5OA==,size_16,color_FFFFFF,t_70"></p>
<p><img src="https://img-blog.csdnimg.cn/20200308213631264.jpg?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L2ZlbmdzaDk5OA==,size_16,color_FFFFFF,t_70"></p>
<p>至此说明mqtt服务器 1883端口正常,并能通过mqtt客户端工具连接上。</p>
<p>二、使用ws 的方式验证mqtt服务器</p>
<p><img src="https://img-blog.csdnimg.cn/20200308214640730.jpg?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L2ZlbmdzaDk5OA==,size_16,color_FFFFFF,t_70"></p>
<p><img src="https://img-blog.csdnimg.cn/20200308214710290.jpg?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L2ZlbmdzaDk5OA==,size_16,color_FFFFFF,t_70"></p>
<p><strong>下面讲使用nginx进行域名配置及反向代理。</strong></p>
<p>准备 :申请一个域名,并解释到nginx 所在的机器上。</p>
<p> 一、配置ws 的域名反向代理.</p>
<p>mqtt_ws.conf </p>
<pre><code class="language-bash">map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
upstream mqtt_ws_server {
server xx.xx.67.177:8083; #可以配置多个,作为高可用
}
server {
listen 80;
server_name dxxxxd.sxxxxt.com; #修改为自己的域名
access_log/wwwlogs/mqtt_ws.log; #日志路径
error_log /wwwlogs/mqtt_ws_err.log; #错误日志路径
location / {
proxy_pass http://mqtt_ws_server/mqtt;#这里是否带/mqtt路径处决于你mqtt服务端部署
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
}
}</code></pre>
<p>可以将conf进行include进去就好了。</p>
<p>使用mqttbox进行验证代理。</p>
<p><img src="https://img-blog.csdnimg.cn/20200308215446843.jpg?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L2ZlbmdzaDk5OA==,size_16,color_FFFFFF,t_70"></p>
<p><img src="https://img-blog.csdnimg.cn/20200308220025455.jpg?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L2ZlbmdzaDk5OA==,size_16,color_FFFFFF,t_70"></p>
<p>二、配置域名访问支持wss (wss 和ws 的区别,就当https 和http吧详细度娘)</p>
<p>mqtt_wss.conf</p>
<pre><code class="language-ruby">map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
upstream mqtt_wss_server {
server xx.xxx.67.177:8083; #可配多个高可用
}
server {
listen 443;
server_name dxxxxd.sxxxxt.com; #域名
ssl_certificate "/opt/nginx/cert/sxxxxt.com.pem"; #要配证书
ssl_certificate_key "/opt/nginx/cert/sxxxxt.com.key";#要配证书key
ssl_session_cache shared:SSL:1m;
ssl_session_timeout10m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
access_log/wwwlogs/mqtt_wss.log; #日志
error_log /wwwlogs/mqtt_wss_err.log;
location / {
proxy_pass http://mqtt_wss_server/mqtt;#反向代理的地址
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
}
}</code></pre>
<p>验证</p>
<p><img src="https://img-blog.csdnimg.cn/20200308221203705.jpg?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L2ZlbmdzaDk5OA==,size_16,color_FFFFFF,t_70"></p>
<p><img src="https://img-blog.csdnimg.cn/20200308221235913.jpg?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L2ZlbmdzaDk5OA==,size_16,color_FFFFFF,t_70"></p>
<p>这里的443也可以不加</p>
<p>三、配置反向代理Tcp的方式。</p>
<p> 注意配置tcp 要使用nginx的stream服务节点。</p>
<p>mqtt_tcp.conf</p>
<pre><code class="language-ruby">stream {
log_format proxy '$remote_addr [$time_local] '
'$protocol $status $bytes_sent $bytes_received '
'$session_time "$upstream_addr" '
'"$upstream_bytes_sent" "$upstream_bytes_received" "$upstream_connect_time"';
access_log /wwwlogs/tcp-access.log proxy;
open_log_file_cache off;
upstream mqtt_tcp_server {
server xx.xx.67.177:1883; #高可用均衡配置
server xx.xx.123.132:1883;
}
server {
listen 18883;#监听端口 也可以使用1883
#listen 80;#则使用mqtt://dxxxd.sxxxxt.com:80
proxy_connect_timeout 150s;
proxy_timeout 150s;
proxy_pass mqtt_tcp_server;#反向代理地址
proxy_buffer_size 3M;
tcp_nodelay on;
}
}</code></pre>
<p>验证</p>
<p><img src="https://img-blog.csdnimg.cn/20200308222707615.jpg?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L2ZlbmdzaDk5OA==,size_16,color_FFFFFF,t_70"></p>
<p><img src="https://img-blog.csdnimg.cn/2020030822273938.jpg?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L2ZlbmdzaDk5OA==,size_16,color_FFFFFF,t_70"></p>
<p> </p>
<p>验证结束。</p>
<p>至此已经可以通过域名进行mqtt/ws/wss 等访问了。</p><br><br>
来源:https://www.cnblogs.com/cheyunhua/p/16252379.html
頁:
[1]