Docker版部署RocketMQ开启ACL验证

一、拉取镜像

docker pull apache/rocketmq:latest

二、准备挂载目录

mkdir /usr/local/rocketmq/data
mkdir /usr/local/rocketmq/conf

三、运行

docker run \
-d \
-p 9876:9876 \
-v /usr/local/rocketmq/data/logs:/home/rocketmq/logs \
-v /usr/local/rocketmq/data/store:/home/rocketmq/store \
--name mqnamesrv \
-e "MAX_POSSIBLE_HEAP=100000000" \
apache/rocketmq:latest \
sh mqnamesrv

四、启动broker

1. 查看配置目录,进入查看conf所在目录: /home/rocketmq/rocketmq-5.1.3/conf

docker exec -it mqnamesrv /bin/bash

     2.挂载启动

docker run -d \
-v /usr/local/rocketmq/conf:/home/rocketmq/rocketmq-5.1.3/conf \
--name rmqbroker \
--link mqnamesrv:namesrv \
-e "JAVA_OPT_EXT=-Xms512M -Xmx512M -Xmn128m" \
-e "NAMESRV_ADDR=namesrv:9876" \
-p 10911:10911 \
-p 10912:10912 \
-p 10909:10909 \
apache/rocketmq:latest \
sh mqbroker -c /home/rocketmq/rocketmq-5.1.3/conf/broker.conf

五、配置文件

修改broker.conf、plain_acl.yml

brokerClusterName=DefaultCluster
brokerName=broker-a
brokerId=0
deleteWhen=04
fileReservedTime=48
brokerRole=ASYNC_MASTER
flushDiskType=ASYNC_FLUSH
autoCreateSubscriptionGroup=true
autoCreateTopicEnable=true
aclEnable=true
brokerIP1=xxx.xxx.xxx.xxx

# 配置用户信息
accounts:
- accessKey: ********
  secretKey: ********
  # 用户级别的IP地址白名单
  whiteRemoteAddress: 10.3.32.*
  # 当为true可以执行更新、删除主题或者订阅组
  admin: false
  # DENY拒绝、SUB订阅权限、PUB发送权限
  defaultTopicPerm: SUB|PUB
  defaultGroupPerm: SUB|PUB