├── .github ├── ISSUE_TEMPLATE │ └── issue_template.md └── workflows │ └── docker-publish.yml ├── .gitignore ├── CONTRIBUTING.md ├── LICENSE ├── NOTICE ├── README.md ├── image-build-ci ├── Dockerfile-alpine ├── Dockerfile-centos ├── Dockerfile-ubuntu ├── build-image-local.sh └── scripts │ ├── runbroker-customize.sh │ ├── runserver-customize.sh │ └── tools-customize.sh ├── image-build ├── Dockerfile-alpine ├── Dockerfile-centos-dashboard ├── Dockerfile-ubuntu ├── build-image-dashboard.sh ├── build-image.sh ├── scripts │ ├── docker-entrypoint.sh │ ├── runbroker-customize.sh │ └── runserver-customize.sh └── update.sh ├── product ├── README.md ├── conf │ ├── 2m-2s-async │ │ ├── broker-a-s.properties │ │ ├── broker-a.properties │ │ ├── broker-b-s.properties │ │ └── broker-b.properties │ ├── 2m-2s-sync │ │ ├── broker-a-s.properties │ │ ├── broker-a.properties │ │ ├── broker-b-s.properties │ │ └── broker-b.properties │ ├── 2m-noslave │ │ ├── broker-a.properties │ │ ├── broker-b.properties │ │ └── broker-trace.properties │ └── broker.conf ├── start-broker.sh ├── start-dashboard.sh └── start-ns.sh ├── rocketmq-k8s-helm ├── .helmignore ├── Chart.yaml ├── templates │ ├── broker │ │ ├── NOTES.txt │ │ ├── _brokerconfig.tpl │ │ ├── _helpers.tpl │ │ ├── configmap.yaml │ │ ├── service.yaml │ │ └── statefulset.yaml │ ├── controller │ │ ├── _controllerconfig.tpl │ │ ├── _helpers.tpl │ │ ├── configmap.yaml │ │ ├── service.yaml │ │ └── statefulset.yaml │ ├── nameserver │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── configmap.yaml │ │ ├── deployment.yaml │ │ └── service.yaml │ └── proxy │ │ ├── _helpers.tpl │ │ ├── _proxyconfig.tpl │ │ ├── configmap.yaml │ │ ├── deployment.yaml │ │ └── service.yaml └── values.yaml ├── stage.sh └── templates ├── data ├── broker │ └── conf │ │ ├── broker.conf │ │ └── broker1.conf ├── broker0 │ └── conf │ │ └── dledger │ │ └── broker.conf ├── broker1 │ └── conf │ │ └── dledger │ │ └── broker.conf └── broker2 │ └── conf │ └── dledger │ └── broker.conf ├── docker-compose ├── data │ └── broker │ │ └── conf │ │ └── broker.conf ├── data1 │ └── broker │ │ └── conf │ │ └── broker.conf ├── proxy │ └── conf │ │ └── rmq-proxy.json ├── rmq4-docker-compose.yml └── rmq5-docker-compose.yml ├── kubernetes ├── deployment.yaml └── deployment2.yaml ├── play-consumer.sh ├── play-docker-compose.sh ├── play-docker-dledger.sh ├── play-docker-tls.sh ├── play-docker.sh ├── play-kubernetes.sh ├── play-producer.sh └── ssl ├── README.md ├── ca.crt ├── ca.srl ├── ca_rsa_private.pem ├── client.crt ├── client.csr ├── client_rsa_private.pem ├── client_rsa_private.pem.unsecure ├── client_rsa_private_pkcs8.pem ├── server.crt ├── server.csr ├── server_rsa_private.pem ├── server_rsa_private.pem.unsecure ├── server_rsa_private_pkcs8.pem └── ssl.properties /.github/ISSUE_TEMPLATE/issue_template.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: ISSUE_TEMPLATE 3 | about: Describe this issue template's purpose here. 4 | title: '' 5 | labels: '' 6 | assignees: '' 7 | 8 | --- 9 | 10 | The issue tracker is **ONLY** used for bug report(feature request need to follow [RIP process](https://github.com/apache/rocketmq/wiki/RocketMQ-Improvement-Proposal)). Keep in mind, please check whether there is an existing same report before your raise a new one. 11 | 12 | Alternately (especially if your communication is not a bug report), you can send mail to our [mailing lists](http://rocketmq.apache.org/about/contact/). We welcome any friendly suggestions, bug fixes, collaboration and other improvements. 13 | 14 | Please ensure that your bug report is clear and that it is complete. Otherwise, we may be unable to understand it or to reproduce it, either of which would prevent us from fixing the bug. We strongly recommend the report(bug report or feature request) could include some hints as the following: 15 | 16 | **BUG REPORT** 17 | 18 | 1. Please describe the issue you observed: 19 | 20 | - What did you do (The steps to reproduce)? 21 | 22 | - What did you expect to see? 23 | 24 | - What did you see instead? 25 | 26 | 2. Please tell us about your environment: 27 | 28 | 3. Other information (e.g. detailed explanation, logs, related issues, suggestions how to fix, etc): 29 | 30 | **FEATURE REQUEST** 31 | 32 | 1. Please describe the feature you are requesting. 33 | 34 | 2. Provide any additional detail on your proposed use case for this feature. 35 | 36 | 2. Indicate the importance of this issue to you (blocker, must-have, should-have, nice-to-have). Are you currently using any workarounds to address this issue? 37 | 38 | 4. If there are some sub-tasks using -[] for each subtask and create a corresponding issue to map to the sub task: 39 | 40 | - [sub-task1-issue-number](example_sub_issue1_link_here): sub-task1 description here, 41 | - [sub-task2-issue-number](example_sub_issue2_link_here): sub-task2 description here, 42 | - ... 43 | -------------------------------------------------------------------------------- /.github/workflows/docker-publish.yml: -------------------------------------------------------------------------------- 1 | name: docker-publish 2 | 3 | on: 4 | schedule: 5 | - cron: '0 * * * *' 6 | push: 7 | branches: [ "master" ] 8 | pull_request: 9 | branches: [ "master" ] 10 | 11 | env: 12 | REGISTRY: docker.io 13 | # github.repository as / 14 | IMAGE_NAME: apache/rocketmq 15 | 16 | 17 | jobs: 18 | build: 19 | 20 | runs-on: ubuntu-latest 21 | permissions: 22 | contents: read 23 | packages: write 24 | 25 | steps: 26 | - name: Checkout repository 27 | uses: actions/checkout@v4 28 | 29 | - name: Get the latest release version with GitHub Script 30 | id: get_release 31 | uses: actions/github-script@v6 32 | with: 33 | script: | 34 | const { data: latestRelease } = await github.rest.repos.getLatestRelease({ 35 | owner: 'apache', 36 | repo: 'rocketmq' 37 | }); 38 | core.setOutput('version_on_github', latestRelease.tag_name.replaceAll("rocketmq-all-", "")); 39 | 40 | - name: Output the latest release version 41 | run: echo "The latest release version is ${{ steps.get_release.outputs.version_on_github }}" 42 | 43 | - name: Check if Docker image exists 44 | id: check_image 45 | run: | 46 | TAG="${{ steps.get_release.outputs.version_on_github }}" 47 | EXISTS=$(curl -s -o /dev/null -w "%{http_code}" "https://hub.docker.com/v2/repositories/${{ env.IMAGE_NAME }}/tags/$TAG/") 48 | if [ "$EXISTS" -eq "200" ]; then 49 | echo "exists=true" >> $GITHUB_ENV 50 | else 51 | echo "exists=false" >> $GITHUB_ENV 52 | fi 53 | 54 | - name: Set up Docker Buildx 55 | if: env.exists == 'false' 56 | uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 57 | 58 | - name: Log into registry ${{ env.REGISTRY }} 59 | if: env.exists == 'false' && github.event_name != 'pull_request' 60 | uses: docker/login-action@v3 61 | with: 62 | registry: ${{ env.REGISTRY }} 63 | username: ${{ secrets.DOCKERHUB_USER }} 64 | password: ${{ secrets.DOCKERHUB_TOKEN }} 65 | 66 | - name: Build and push Docker image 67 | id: build-and-push 68 | if: env.exists == 'false' 69 | uses: docker/build-push-action@v6 70 | with: 71 | context: "{{defaultContext}}:image-build" 72 | file: Dockerfile-ubuntu 73 | platforms: linux/amd64,linux/arm64 74 | pull: true 75 | push: ${{ github.event_name != 'pull_request' }} 76 | tags: | 77 | ${{ env.IMAGE_NAME }}:latest 78 | ${{ env.IMAGE_NAME }}:${{ steps.get_release.outputs.version_on_github }} 79 | build-args: version=${{ steps.get_release.outputs.version_on_github }} 80 | cache-from: type=gha 81 | cache-to: type=gha,mode=max 82 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | stages/ 2 | 3 | .idea/ 4 | *.py -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | ## How To Contribute 2 | 3 | We are always very happy to have contributions, whether for trivial cleanups or big new features. 4 | We want to have high quality, well documented codes for each programming language, as well as the surrounding [ecosystem](https://github.com/apache/rocketmq-externals) of integration tools that people use with RocketMQ. 5 | 6 | Nor is code the only way to contribute to the project. We strongly value documentation, integration with other project, and gladly accept improvements for these aspects. 7 | 8 | ## Contributing code 9 | 10 | To submit a change for inclusion, please do the following: 11 | 12 | #### If the change is non-trivial please include some unit tests that cover the new functionality. 13 | #### If you are introducing a completely new feature or API it is a good idea to start a [RIP](https://github.com/apache/rocketmq/wiki/RocketMQ-Improvement-Proposal) and get consensus on the basic design first. 14 | #### It is our job to follow up on patches in a timely fashion. Nag us if we aren't doing our job (sometimes we drop things). 15 | 16 | ## Becoming a Committer 17 | 18 | We are always interested in adding new contributors. What we look for are series of contributions, good taste and ongoing interest in the project. If you are interested in becoming a committer, please let one of the existing committers know and they can help you walk through the process. 19 | 20 | Nowadays,we have several important contribution points: 21 | #### Wiki & JavaDoc 22 | #### RocketMQ SDK(C++\.Net\Php\Python\Go\Node.js) 23 | #### RocketMQ Connectors 24 | 25 | ##### Prerequisite 26 | If you want to contribute the above listing points, you must abide our some prerequisites: 27 | 28 | ###### Readability - API must have Javadoc,some very important methods also must have javadoc 29 | ###### Testability - 80% above unit test coverage about main process 30 | ###### Maintainability - Comply with our [checkstyle spec](style/rmq_checkstyle.xml), and at least 3 month update frequency 31 | ###### Deployability - We encourage you to deploy into [maven repository](http://search.maven.org/) 32 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | 2 | Apache License 3 | Version 2.0, January 2004 4 | http://www.apache.org/licenses/ 5 | 6 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 7 | 8 | 1. Definitions. 9 | 10 | "License" shall mean the terms and conditions for use, reproduction, 11 | and distribution as defined by Sections 1 through 9 of this document. 12 | 13 | "Licensor" shall mean the copyright owner or entity authorized by 14 | the copyright owner that is granting the License. 15 | 16 | "Legal Entity" shall mean the union of the acting entity and all 17 | other entities that control, are controlled by, or are under common 18 | control with that entity. For the purposes of this definition, 19 | "control" means (i) the power, direct or indirect, to cause the 20 | direction or management of such entity, whether by contract or 21 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 22 | outstanding shares, or (iii) beneficial ownership of such entity. 23 | 24 | "You" (or "Your") shall mean an individual or Legal Entity 25 | exercising permissions granted by this License. 26 | 27 | "Source" form shall mean the preferred form for making modifications, 28 | including but not limited to software source code, documentation 29 | source, and configuration files. 30 | 31 | "Object" form shall mean any form resulting from mechanical 32 | transformation or translation of a Source form, including but 33 | not limited to compiled object code, generated documentation, 34 | and conversions to other media types. 35 | 36 | "Work" shall mean the work of authorship, whether in Source or 37 | Object form, made available under the License, as indicated by a 38 | copyright notice that is included in or attached to the work 39 | (an example is provided in the Appendix below). 40 | 41 | "Derivative Works" shall mean any work, whether in Source or Object 42 | form, that is based on (or derived from) the Work and for which the 43 | editorial revisions, annotations, elaborations, or other modifications 44 | represent, as a whole, an original work of authorship. For the purposes 45 | of this License, Derivative Works shall not include works that remain 46 | separable from, or merely link (or bind by name) to the interfaces of, 47 | the Work and Derivative Works thereof. 48 | 49 | "Contribution" shall mean any work of authorship, including 50 | the original version of the Work and any modifications or additions 51 | to that Work or Derivative Works thereof, that is intentionally 52 | submitted to Licensor for inclusion in the Work by the copyright owner 53 | or by an individual or Legal Entity authorized to submit on behalf of 54 | the copyright owner. For the purposes of this definition, "submitted" 55 | means any form of electronic, verbal, or written communication sent 56 | to the Licensor or its representatives, including but not limited to 57 | communication on electronic mailing lists, source code control systems, 58 | and issue tracking systems that are managed by, or on behalf of, the 59 | Licensor for the purpose of discussing and improving the Work, but 60 | excluding communication that is conspicuously marked or otherwise 61 | designated in writing by the copyright owner as "Not a Contribution." 62 | 63 | "Contributor" shall mean Licensor and any individual or Legal Entity 64 | on behalf of whom a Contribution has been received by Licensor and 65 | subsequently incorporated within the Work. 66 | 67 | 2. Grant of Copyright License. Subject to the terms and conditions of 68 | this License, each Contributor hereby grants to You a perpetual, 69 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 70 | copyright license to reproduce, prepare Derivative Works of, 71 | publicly display, publicly perform, sublicense, and distribute the 72 | Work and such Derivative Works in Source or Object form. 73 | 74 | 3. Grant of Patent License. Subject to the terms and conditions of 75 | this License, each Contributor hereby grants to You a perpetual, 76 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 77 | (except as stated in this section) patent license to make, have made, 78 | use, offer to sell, sell, import, and otherwise transfer the Work, 79 | where such license applies only to those patent claims licensable 80 | by such Contributor that are necessarily infringed by their 81 | Contribution(s) alone or by combination of their Contribution(s) 82 | with the Work to which such Contribution(s) was submitted. If You 83 | institute patent litigation against any entity (including a 84 | cross-claim or counterclaim in a lawsuit) alleging that the Work 85 | or a Contribution incorporated within the Work constitutes direct 86 | or contributory patent infringement, then any patent licenses 87 | granted to You under this License for that Work shall terminate 88 | as of the date such litigation is filed. 89 | 90 | 4. Redistribution. You may reproduce and distribute copies of the 91 | Work or Derivative Works thereof in any medium, with or without 92 | modifications, and in Source or Object form, provided that You 93 | meet the following conditions: 94 | 95 | (a) You must give any other recipients of the Work or 96 | Derivative Works a copy of this License; and 97 | 98 | (b) You must cause any modified files to carry prominent notices 99 | stating that You changed the files; and 100 | 101 | (c) You must retain, in the Source form of any Derivative Works 102 | that You distribute, all copyright, patent, trademark, and 103 | attribution notices from the Source form of the Work, 104 | excluding those notices that do not pertain to any part of 105 | the Derivative Works; and 106 | 107 | (d) If the Work includes a "NOTICE" text file as part of its 108 | distribution, then any Derivative Works that You distribute must 109 | include a readable copy of the attribution notices contained 110 | within such NOTICE file, excluding those notices that do not 111 | pertain to any part of the Derivative Works, in at least one 112 | of the following places: within a NOTICE text file distributed 113 | as part of the Derivative Works; within the Source form or 114 | documentation, if provided along with the Derivative Works; or, 115 | within a display generated by the Derivative Works, if and 116 | wherever such third-party notices normally appear. The contents 117 | of the NOTICE file are for informational purposes only and 118 | do not modify the License. You may add Your own attribution 119 | notices within Derivative Works that You distribute, alongside 120 | or as an addendum to the NOTICE text from the Work, provided 121 | that such additional attribution notices cannot be construed 122 | as modifying the License. 123 | 124 | You may add Your own copyright statement to Your modifications and 125 | may provide additional or different license terms and conditions 126 | for use, reproduction, or distribution of Your modifications, or 127 | for any such Derivative Works as a whole, provided Your use, 128 | reproduction, and distribution of the Work otherwise complies with 129 | the conditions stated in this License. 130 | 131 | 5. Submission of Contributions. Unless You explicitly state otherwise, 132 | any Contribution intentionally submitted for inclusion in the Work 133 | by You to the Licensor shall be under the terms and conditions of 134 | this License, without any additional terms or conditions. 135 | Notwithstanding the above, nothing herein shall supersede or modify 136 | the terms of any separate license agreement you may have executed 137 | with Licensor regarding such Contributions. 138 | 139 | 6. Trademarks. This License does not grant permission to use the trade 140 | names, trademarks, service marks, or product names of the Licensor, 141 | except as required for reasonable and customary use in describing the 142 | origin of the Work and reproducing the content of the NOTICE file. 143 | 144 | 7. Disclaimer of Warranty. Unless required by applicable law or 145 | agreed to in writing, Licensor provides the Work (and each 146 | Contributor provides its Contributions) on an "AS IS" BASIS, 147 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 148 | implied, including, without limitation, any warranties or conditions 149 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 150 | PARTICULAR PURPOSE. You are solely responsible for determining the 151 | appropriateness of using or redistributing the Work and assume any 152 | risks associated with Your exercise of permissions under this License. 153 | 154 | 8. Limitation of Liability. In no event and under no legal theory, 155 | whether in tort (including negligence), contract, or otherwise, 156 | unless required by applicable law (such as deliberate and grossly 157 | negligent acts) or agreed to in writing, shall any Contributor be 158 | liable to You for damages, including any direct, indirect, special, 159 | incidental, or consequential damages of any character arising as a 160 | result of this License or out of the use or inability to use the 161 | Work (including but not limited to damages for loss of goodwill, 162 | work stoppage, computer failure or malfunction, or any and all 163 | other commercial damages or losses), even if such Contributor 164 | has been advised of the possibility of such damages. 165 | 166 | 9. Accepting Warranty or Additional Liability. While redistributing 167 | the Work or Derivative Works thereof, You may choose to offer, 168 | and charge a fee for, acceptance of support, warranty, indemnity, 169 | or other liability obligations and/or rights consistent with this 170 | License. However, in accepting such obligations, You may act only 171 | on Your own behalf and on Your sole responsibility, not on behalf 172 | of any other Contributor, and only if You agree to indemnify, 173 | defend, and hold each Contributor harmless for any liability 174 | incurred by, or claims asserted against, such Contributor by reason 175 | of your accepting any such warranty or additional liability. 176 | 177 | END OF TERMS AND CONDITIONS 178 | 179 | APPENDIX: How to apply the Apache License to your work. 180 | 181 | To apply the Apache License to your work, attach the following 182 | boilerplate notice, with the fields enclosed by brackets "[]" 183 | replaced with your own identifying information. (Don't include 184 | the brackets!) The text should be enclosed in the appropriate 185 | comment syntax for the file format. We also recommend that a 186 | file or class name and description of purpose be included on the 187 | same "printed page" as the copyright notice for easier 188 | identification within third-party archives. 189 | 190 | Copyright [yyyy] [name of copyright owner] 191 | 192 | Licensed under the Apache License, Version 2.0 (the "License"); 193 | you may not use this file except in compliance with the License. 194 | You may obtain a copy of the License at 195 | 196 | http://www.apache.org/licenses/LICENSE-2.0 197 | 198 | Unless required by applicable law or agreed to in writing, software 199 | distributed under the License is distributed on an "AS IS" BASIS, 200 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 201 | See the License for the specific language governing permissions and 202 | limitations under the License. -------------------------------------------------------------------------------- /NOTICE: -------------------------------------------------------------------------------- 1 | Apache RocketMQ 2 | Copyright 2016-2019 The Apache Software Foundation 3 | 4 | This product includes software developed at 5 | The Apache Software Foundation (http://www.apache.org/). 6 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # RocketMQ-Docker 2 | [![License](https://img.shields.io/badge/license-Apache%202-4EB1BA.svg)](https://www.apache.org/licenses/LICENSE-2.0.html) 3 | [![Average time to resolve an issue](http://isitmaintained.com/badge/resolution/apache/rocketmq-docker.svg)](http://isitmaintained.com/project/apache/rocketmq-docker "Average time to resolve an issue") 4 | [![Percentage of issues still open](http://isitmaintained.com/badge/open/apache/rocketmq-docker.svg)](http://isitmaintained.com/project/apache/rocketmq-docker "Percentage of issues still open") 5 | ![Docker Automated](https://img.shields.io/docker/automated/apache/rocketmq) 6 | [![Docker Pulls](https://img.shields.io/docker/pulls/apache/rocketmq-broker)](https://hub.docker.com/repository/docker/apache/rocketmq) 7 | [![Docker TAG](https://img.shields.io/docker/v/apache/rocketmq?label=tags&sort=date)](https://hub.docker.com/r/apache/rocketmq/tags) 8 | ![Docker Iamge](https://img.shields.io/docker/image-size/apache/rocketmq) 9 | ![Twitter Follow](https://img.shields.io/twitter/follow/ApacheRocketMQ?style=social) 10 | 11 | This is the Git repo of the Docker Image for Apache RocketMQ and official docker hub repo: https://hub.docker.com/repository/docker/apache/rocketmq 12 | . You could run it through the following ways: 13 | 14 | 1. Generate a RocketMQ Docker image 15 | 2. Run the docker image with the below modes: 16 | 2.1. Single Node. 17 | 2.2. Cluster with docker-compose. 18 | 2.3. Cluster on Kubernetes. 19 | 2.4. Cluster of Dledger storage 20 | 3. TLS support 21 | 4. Generate a RocketMQ Dashboard Docker image 22 | 23 | ## Prerequisites 24 | 25 | The Docker images in this repository should support Docker version 1.12+, and Kubernetes version 1.9+. 26 | 27 | 28 | ## Quick start 29 | 30 | ### A. Generate a RocketMQ docker image 31 | 32 | Note: This is an experimented code to allow users to build docker image locally according to a given RocketMQ version. Actually the formal images have been generated by RocketMQ official maintainer and stored in docker hub. Suggest common users to use these remote images directly. 33 | 34 | ``` 35 | cd image-build 36 | sh build-image.sh RMQ-VERSION BASE-IMAGE 37 | ``` 38 | 39 | > Tip: The supported RMQ-VERSIONs can be obtained from [here](https://archive.apache.org/dist/rocketmq/). The supported BASE-IMAGEs are [ubuntu, alpine]. For example: ```sh build-image.sh 4.5.0 alpine``` 40 | 41 | ### B. Stage a specific version 42 | 43 | Users can generate a runtime (stage) directory based on a specific version and docker style operate the RocketMQ cluster/server/nameserver beneath the directory. 44 | 45 | ``` 46 | sh stage.sh RMQ-VERSION 47 | ``` 48 | 49 | > Note: RMQ-VERSION is the tag of the RocketMQ image. 50 | After executing the above shell script, (e.g. sh stage.sh 4.5.0), it will generate a stage directory (./stages/4.5.0). User can do the following works under the directory, assuming the RMQ-version is defined with 4.5.0. 51 | 52 | #### 2.1 Single Node 53 | 54 | Run: 55 | 56 | ``` 57 | cd stages/4.5.0/templates 58 | 59 | ./play-docker.sh alpine 60 | 61 | ``` 62 | 63 | #### 2.2 Cluster with docker-compose 64 | 65 | Run: 66 | 67 | ``` 68 | cd stages/4.5.0/templates 69 | 70 | ./play-docker-compose.sh 71 | 72 | ``` 73 | 74 | 75 | #### 2.3 Cluster on Kubernetes 76 | 77 | Run: 78 | 79 | ``` 80 | cd stages/4.5.0/templates 81 | 82 | ./play-kubernetes.sh 83 | 84 | ``` 85 | 86 | #### 2.4 Cluster of Dledger storage 87 | 88 | Run: (Note: This feature needs RMQ version is 4.4.0 or above) 89 | 90 | ``` 91 | cd stages/4.5.0/templates 92 | 93 | ./play-docker-dledger.sh 94 | 95 | ``` 96 | 97 | ## 3. TLS support 98 | 99 | Run: (It will startup nameserver and broker with SSL enabled style. The client will not invoke nameserver or broker until related SSL client is configurated. ) 100 | 101 | You can see detailed TLS config instruction from [here](templates/ssl/README.md) 102 | 103 | ``` 104 | cd stages/4.5.0/templates 105 | 106 | ./play-docker-tls.sh 107 | 108 | # Once nameserver and broker startup correctly, you still can use the following script to test produce/consume in SSL mode, why, due to they still use the SSL setting which exists in JAVA-OPT of the docker rmqbroker container. 109 | ./play-producer.sh 110 | ./play-consumer.sh 111 | ``` 112 | 113 | ## 4. Generate a RocketMQ Dashboard Docker image 114 | - 4.1 build command 115 | ``` 116 | cd image-build && sh build-image-dashboard.sh `VERSION` centos 117 | 118 | demo: sh build-image-dashboard.sh 1.0.0 centos 119 | ``` 120 | 121 | - 4.2 start command 122 | ``` 123 | sh product/start-dashboard.sh `VERSION` 124 | 125 | demo: sh product/start-dashboard.sh 1.0.0 126 | ``` 127 | 128 | 129 | ### How to update RocketMQ image repository using update.sh 130 | Run: 131 | 132 | ``` 133 | cd image-build 134 | ./update.sh 135 | ``` 136 | 137 | This script will get the latest release version of RocketMQ and build the docker images based on ```alpine``` and ```ubuntu``` respectively, then push the new images to the current official repository ```apache/rocketmq```. 138 | 139 | ### How to verify RocketMQ works well 140 | 141 | #### Verify with Docker and docker-compose 142 | 143 | 1. Use `docker ps|grep rmqbroker` to find your RocketMQ broker container id. 144 | 145 | 2. Use `docker exec -it {container_id} ./mqadmin clusterList -n {nameserver_ip}:9876` to verify if RocketMQ broker works, for example: 146 | ``` 147 | root$ docker exec -it 63950574b491 ./mqadmin clusterList -n 192.168.43.56:9876 148 | OpenJDK 64-Bit Server VM warning: ignoring option PermSize=128m; support was removed in 8.0 149 | OpenJDK 64-Bit Server VM warning: ignoring option MaxPermSize=128m; support was removed in 8.0 150 | #Cluster Name #Broker Name #BID #Addr #Version #InTPS(LOAD) #OutTPS(LOAD) #PCWait(ms) #Hour #SPACE 151 | DefaultCluster 63950574b491 0 172.17.0.3:10911 V4_3_0 0.00(0,0ms) 0.00(0,0ms) 0 429398.92 -1.0000 152 | 153 | ``` 154 | 155 | #### Verify with Kubernetes 156 | 157 | 1. Use `kubectl get pods|grep rocketmq` to find your RocketMQ broker Pod id, for example: 158 | ``` 159 | [root@k8s-master rocketmq]# kubectl get pods |grep rocketmq 160 | rocketmq-7697d9d574-b5z7g 2/2 Running 0 2d 161 | ``` 162 | 163 | 2. Use `kubectl -n {namespace} exec -it {pod_id} -c broker bash` to login the broker pod, for example: 164 | ``` 165 | [root@k8s-master rocketmq]# kubectl -n default exec -it rocketmq-7697d9d574-b5z7g -c broker bash 166 | [root@rocketmq-7697d9d574-b5z7g bin]# 167 | ``` 168 | 169 | 3. Use `mqadmin clusterList -n {nameserver_ip}:9876` to verify if RocketMQ broker works, for example: 170 | ``` 171 | [root@rocketmq-7697d9d574-b5z7g bin]# ./mqadmin clusterList -n localhost:9876 172 | OpenJDK 64-Bit Server VM warning: ignoring option PermSize=128m; support was removed in 8.0 173 | OpenJDK 64-Bit Server VM warning: ignoring option MaxPermSize=128m; support was removed in 8.0 174 | #Cluster Name #Broker Name #BID #Addr #Version #InTPS(LOAD) #OutTPS(LOAD) #PCWait(ms) #Hour #SPACE 175 | DefaultCluster rocketmq-7697d9d574-b5z7g 0 192.168.196.14:10911 V4_3_0 0.00(0,0ms) 0.00(0,0ms) 0 429399.44 -1.0000 176 | 177 | ``` 178 | 179 | So you will find it works, enjoy ! 180 | 181 | ### C. Product level configuration 182 | 183 | The project also provides a usage reference for product level cluster docker configuration and startup. Please see the [README.md](product/README.md) details in /product directory. 184 | 185 | 186 | ## FAQ 187 | 188 | #### 1. If I want the broker container to load my customized configuration file (which means `broker.conf`) when it starts, how can I achieve this? 189 | 190 | First, create the customized `broker.conf`, like below: 191 | ``` 192 | brokerClusterName = DefaultCluster 193 | brokerName = broker-a 194 | brokerId = 0 195 | deleteWhen = 04 196 | fileReservedTime = 48 197 | brokerRole = ASYNC_MASTER 198 | flushDiskType = ASYNC_FLUSH 199 | #set `brokerIP1` if you want to set physical IP as broker IP. 200 | brokerIP1=10.10.101.80 #change you own physical IP Address 201 | ``` 202 | 203 | And put the customized `broker.conf` file at a specific path, like "`pwd`/data/broker/conf/broker.conf". 204 | 205 | Then we can modify the `play-docker.sh` and volume this file to the broker container when it starts. For example: 206 | 207 | ``` 208 | docker run -d -p 10911:10911 -p 10909:10909 -v `pwd`/data/broker/logs:/root/logs -v `pwd`/data/broker/store:/root/store -v `pwd`/data/broker/conf/broker.conf:/home/rocketmq/rocketmq-4.5.0/conf/broker.conf --name rmqbroker --link rmqnamesrv:namesrv -e "NAMESRV_ADDR=namesrv:9876" apache/rocketmq:4.5.0 sh mqbroker -c /home/rocketmq/rocketmq-4.5.0/conf/broker.conf 209 | 210 | ``` 211 | 212 | Finally we can find the customized `broker.conf` has been used in the broker container. For example: 213 | 214 | ``` 215 | MacBook-Pro:4.5.0 huan$ docker ps |grep mqbroker 216 | a32c67aed6dd apache/rocketmq:4.5.0 "sh mqbroker" 20 minutes ago Up 20 minutes 0.0.0.0:10909->10909/tcp, 9876/tcp, 0.0.0.0:10911->10911/tcp rmqbroker 217 | MacBook-Pro:4.5.0 $ docker exec -it a32c67aed6dd cat /home/rocketmq/rocketmq-4.5.0/conf/broker.conf 218 | brokerClusterName = DefaultCluster 219 | brokerName = broker-a 220 | brokerId = 0 221 | deleteWhen = 04 222 | fileReservedTime = 48 223 | brokerRole = ASYNC_MASTER 224 | flushDiskType = ASYNC_FLUSH 225 | #set `brokerIP1` if you want to set physical IP as broker IP. 226 | brokerIP1=10.10.101.80 #change you own physical IP Address 227 | 228 | ``` 229 | 230 | In the case of docker-compose, change the docker-compose.yml like following: 231 | ``` 232 | version: '2' 233 | services: 234 | namesrv: 235 | image: apache/rocketmq:4.5.0 236 | container_name: rmqnamesrv 237 | ports: 238 | - 9876:9876 239 | volumes: 240 | - ./data/namesrv/logs:/home/rocketmq/logs 241 | command: sh mqnamesrv 242 | broker: 243 | image: apache/rocketmq:4.5.0 244 | container_name: rmqbroker 245 | ports: 246 | - 10909:10909 247 | - 10911:10911 248 | - 10912:10912 249 | volumes: 250 | - ./data/broker/logs:/home/rocketmq/logs 251 | - ./data/broker/store:/home/rocketmq/store 252 | - ./data/broker/conf/broker.conf:/home/rocketmq/rocketmq-4.5.0/conf/broker.conf 253 | command: sh mqbroker -n namesrv:9876 -c ../conf/broker.conf 254 | depends_on: 255 | - namesrv 256 | 257 | ``` 258 | -------------------------------------------------------------------------------- /image-build-ci/Dockerfile-alpine: -------------------------------------------------------------------------------- 1 | # 2 | # Licensed to the Apache Software Foundation (ASF) under one or more 3 | # contributor license agreements. See the NOTICE file distributed with 4 | # this work for additional information regarding copyright ownership. 5 | # The ASF licenses this file to You under the Apache License, Version 2.0 6 | # (the "License"); you may not use this file except in compliance with 7 | # the License. You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | # 17 | 18 | ARG BASE_IMAGE 19 | FROM $BASE_IMAGE 20 | 21 | USER root 22 | 23 | RUN apk add --no-cache bash gettext nmap-ncat openssl busybox-extras libc6-compat 24 | 25 | ARG version 26 | 27 | # Rocketmq version 28 | ENV ROCKETMQ_VERSION ${version} 29 | 30 | # Rocketmq home 31 | ENV ROCKETMQ_HOME /home/rocketmq/rocketmq-${ROCKETMQ_VERSION} 32 | 33 | WORKDIR ${ROCKETMQ_HOME} 34 | 35 | # Install 36 | COPY rocketmq/ ${ROCKETMQ_HOME}/dist 37 | 38 | RUN mv ${ROCKETMQ_HOME}/dist/rocketmq*/rocketmq*/* ${ROCKETMQ_HOME}/; \ 39 | rm -rf ${ROCKETMQ_HOME}/dist; \ 40 | ls ${ROCKETMQ_HOME} 41 | 42 | # Copy customized scripts 43 | COPY scripts ${ROCKETMQ_HOME}/bin/ 44 | 45 | RUN chown -R ${uid}:${gid} ${ROCKETMQ_HOME} 46 | 47 | 48 | # Expose namesrv&proxy port 49 | EXPOSE 9876 8080 8081 7001 50 | 51 | RUN mv ${ROCKETMQ_HOME}/bin/runserver-customize.sh ${ROCKETMQ_HOME}/bin/runserver.sh \ 52 | && mv ${ROCKETMQ_HOME}/bin/tools-customize.sh ${ROCKETMQ_HOME}/bin/tools.sh \ 53 | && chmod a+x ${ROCKETMQ_HOME}/bin/runserver.sh \ 54 | && chmod a+x ${ROCKETMQ_HOME}/bin/mqadmin \ 55 | && chmod a+x ${ROCKETMQ_HOME}/bin/mqnamesrv \ 56 | && chmod a+x ${ROCKETMQ_HOME}/bin/mqproxy 57 | 58 | # Expose broker port 59 | EXPOSE 10909 10911 10912 60 | 61 | RUN mv ${ROCKETMQ_HOME}/bin/runbroker-customize.sh ${ROCKETMQ_HOME}/bin/runbroker.sh \ 62 | && chmod a+x ${ROCKETMQ_HOME}/bin/runbroker.sh \ 63 | && chmod a+x ${ROCKETMQ_HOME}/bin/mqbroker 64 | 65 | # Export Java options 66 | RUN export JAVA_OPT=" -Duser.home=/opt" 67 | 68 | # Add ${JAVA_HOME}/lib/ext as java.ext.dirs 69 | RUN sed -i 's/${JAVA_HOME}\/jre\/lib\/ext/${JAVA_HOME}\/jre\/lib\/ext:${JAVA_HOME}\/lib\/ext/' ${ROCKETMQ_HOME}/bin/tools.sh 70 | 71 | WORKDIR ${ROCKETMQ_HOME}/bin -------------------------------------------------------------------------------- /image-build-ci/Dockerfile-centos: -------------------------------------------------------------------------------- 1 | # 2 | # Licensed to the Apache Software Foundation (ASF) under one or more 3 | # contributor license agreements. See the NOTICE file distributed with 4 | # this work for additional information regarding copyright ownership. 5 | # The ASF licenses this file to You under the Apache License, Version 2.0 6 | # (the "License"); you may not use this file except in compliance with 7 | # the License. You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | # 17 | 18 | ARG BASE_IMAGE 19 | FROM $BASE_IMAGE 20 | 21 | USER root 22 | 23 | RUN yum install -y java-1.8.0-openjdk-devel.x86_64 unzip gettext nmap-ncat openssl, which gnupg, telnet \ 24 | && yum clean all -y 25 | 26 | ARG version 27 | 28 | # Rocketmq version 29 | ENV ROCKETMQ_VERSION ${version} 30 | 31 | # Rocketmq home 32 | ENV ROCKETMQ_HOME /home/rocketmq/rocketmq-${ROCKETMQ_VERSION} 33 | 34 | WORKDIR ${ROCKETMQ_HOME} 35 | 36 | # Install 37 | COPY rocketmq/ ${ROCKETMQ_HOME}/dist 38 | 39 | RUN mv ${ROCKETMQ_HOME}/dist/rocketmq*/rocketmq*/* ${ROCKETMQ_HOME}/; \ 40 | rm -rf ${ROCKETMQ_HOME}/dist; \ 41 | ls ${ROCKETMQ_HOME} 42 | 43 | # Copy customized scripts 44 | COPY scripts ${ROCKETMQ_HOME}/bin/ 45 | 46 | RUN chown -R ${uid}:${gid} ${ROCKETMQ_HOME} 47 | 48 | 49 | # Expose namesrv&proxy port 50 | EXPOSE 9876 8080 8081 7001 51 | 52 | RUN mv ${ROCKETMQ_HOME}/bin/runserver-customize.sh ${ROCKETMQ_HOME}/bin/runserver.sh \ 53 | && mv ${ROCKETMQ_HOME}/bin/tools-customize.sh ${ROCKETMQ_HOME}/bin/tools.sh \ 54 | && chmod a+x ${ROCKETMQ_HOME}/bin/runserver.sh \ 55 | && chmod a+x ${ROCKETMQ_HOME}/bin/mqadmin \ 56 | && chmod a+x ${ROCKETMQ_HOME}/bin/mqnamesrv \ 57 | && chmod a+x ${ROCKETMQ_HOME}/bin/mqproxy 58 | 59 | # Expose broker port 60 | EXPOSE 10909 10911 10912 61 | 62 | RUN mv ${ROCKETMQ_HOME}/bin/runbroker-customize.sh ${ROCKETMQ_HOME}/bin/runbroker.sh \ 63 | && chmod a+x ${ROCKETMQ_HOME}/bin/runbroker.sh \ 64 | && chmod a+x ${ROCKETMQ_HOME}/bin/mqbroker 65 | 66 | # export Java options 67 | RUN export JAVA_OPT=" -Duser.home=/opt" 68 | 69 | # Add ${JAVA_HOME}/lib/ext as java.ext.dirs 70 | RUN sed -i 's/${JAVA_HOME}\/jre\/lib\/ext/${JAVA_HOME}\/jre\/lib\/ext:${JAVA_HOME}\/lib\/ext/' ${ROCKETMQ_HOME}/bin/tools.sh 71 | 72 | WORKDIR ${ROCKETMQ_HOME}/bin 73 | -------------------------------------------------------------------------------- /image-build-ci/Dockerfile-ubuntu: -------------------------------------------------------------------------------- 1 | # 2 | # Licensed to the Apache Software Foundation (ASF) under one or more 3 | # contributor license agreements. See the NOTICE file distributed with 4 | # this work for additional information regarding copyright ownership. 5 | # The ASF licenses this file to You under the Apache License, Version 2.0 6 | # (the "License"); you may not use this file except in compliance with 7 | # the License. You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | # 17 | 18 | ARG BASE_IMAGE 19 | FROM $BASE_IMAGE 20 | 21 | USER root 22 | 23 | RUN apt-get update && apt-get install -y --no-install-recommends \ 24 | bash vim unzip telnet openssl wget gnupg ca-certificates 25 | 26 | ARG version 27 | 28 | # Rocketmq version 29 | ENV ROCKETMQ_VERSION ${version} 30 | 31 | # Rocketmq home 32 | ENV ROCKETMQ_HOME /root/rocketmq-${ROCKETMQ_VERSION} 33 | 34 | WORKDIR ${ROCKETMQ_HOME} 35 | 36 | # Install 37 | COPY rocketmq/ ${ROCKETMQ_HOME}/dist 38 | 39 | RUN mv ${ROCKETMQ_HOME}/dist/rocketmq*/rocketmq*/* ${ROCKETMQ_HOME}/; \ 40 | rm -rf ${ROCKETMQ_HOME}/dist; \ 41 | ls ${ROCKETMQ_HOME} 42 | 43 | # Copy customized scripts 44 | COPY scripts ${ROCKETMQ_HOME}/bin/ 45 | 46 | RUN chown -R ${uid}:${gid} ${ROCKETMQ_HOME} 47 | 48 | 49 | # Expose namesrv&proxy port 50 | EXPOSE 9876 8080 8081 7001 2023 51 | 52 | RUN wget https://repo1.maven.org/maven2/org/jacoco/jacoco/0.8.8/jacoco-0.8.8.zip -O jacoco-0.8.8.zip && \ 53 | unzip jacoco-0.8.8.zip -d jacoco 54 | 55 | ENV JAVA_OPT="-javaagent:${ROCKETMQ_HOME}/jacoco/lib/jacocoagent.jar=includes=*,output=tcpserver,port=2023,address=0.0.0.0" 56 | 57 | RUN mv ${ROCKETMQ_HOME}/bin/runserver-customize.sh ${ROCKETMQ_HOME}/bin/runserver.sh \ 58 | && mv ${ROCKETMQ_HOME}/bin/tools-customize.sh ${ROCKETMQ_HOME}/bin/tools.sh \ 59 | && chmod a+x ${ROCKETMQ_HOME}/bin/runserver.sh \ 60 | && chmod a+x ${ROCKETMQ_HOME}/bin/mqadmin \ 61 | && chmod a+x ${ROCKETMQ_HOME}/bin/mqnamesrv \ 62 | && chmod a+x ${ROCKETMQ_HOME}/bin/mqproxy \ 63 | && chmod a+x ${ROCKETMQ_HOME}/bin/mqcontroller 64 | 65 | # Expose broker port 66 | EXPOSE 10909 10911 10912 67 | 68 | RUN mv ${ROCKETMQ_HOME}/bin/runbroker-customize.sh ${ROCKETMQ_HOME}/bin/runbroker.sh \ 69 | && chmod a+x ${ROCKETMQ_HOME}/bin/runbroker.sh \ 70 | && chmod a+x ${ROCKETMQ_HOME}/bin/mqbroker 71 | 72 | # export Java options 73 | RUN export JAVA_OPT=" -Duser.home=/opt" 74 | 75 | # Add ${JAVA_HOME}/lib/ext as java.ext.dirs 76 | RUN sed -i 's/${JAVA_HOME}\/jre\/lib\/ext/${JAVA_HOME}\/jre\/lib\/ext:${JAVA_HOME}\/lib\/ext/' ${ROCKETMQ_HOME}/bin/tools.sh 77 | 78 | WORKDIR ${ROCKETMQ_HOME}/bin 79 | -------------------------------------------------------------------------------- /image-build-ci/build-image-local.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | # Licensed to the Apache Software Foundation (ASF) under one or more 4 | # contributor license agreements. See the NOTICE file distributed with 5 | # this work for additional information regarding copyright ownership. 6 | # The ASF licenses this file to You under the Apache License, Version 2.0 7 | # (the "License"); you may not use this file except in compliance with 8 | # the License. You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, software 13 | # distributed under the License is distributed on an "AS IS" BASIS, 14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | # See the License for the specific language governing permissions and 16 | # limitations under the License. 17 | 18 | if [ $# -lt 4 ]; then 19 | echo -e "Usage: sh $0 ROCKETMQ_VERSION BASE_IMAGE JAVA_VERSION IMAGE_REPO " 20 | exit -1 21 | fi 22 | 23 | ROCKETMQ_VERSION=$1 24 | BASE_IMAGE=$2 25 | JAVA_VERSION=$3 26 | IMAGE_REPO=$4 27 | 28 | TAG=${ROCKETMQ_VERSION}-$(echo $BASE_IMAGE | sed -e "s/:/-/g") 29 | 30 | cp -r ../../rocketmq ./ 31 | 32 | # Build rocketmq 33 | case "${BASE_IMAGE}" in 34 | #alpine) 35 | # if [ "$JAVA_VERSION" -eq 8 ]; then 36 | # docker build --no-cache -f Dockerfile-alpine -t ${IMAGE_REPO}:${TAG} --build-arg version=${ROCKETMQ_VERSION} --build-arg BASE_IMAGE=eclipse-temurin:8-jre-alpine . 37 | # elif [ "$JAVA_VERSION" -eq 11 ]; then 38 | # docker build --no-cache -f Dockerfile-alpine -t ${IMAGE_REPO}:${TAG} --build-arg version=${ROCKETMQ_VERSION} --build-arg BASE_IMAGE=eclipse-temurin:11-jre-alpine . 39 | # else 40 | # echo "in ${BASE_IMAGE}, jdk ${JAVA_VERSION} is not supported, supported java versions: 8, 11" 41 | # fi 42 | # ;; 43 | #centos) 44 | # if [ "$JAVA_VERSION" -eq 8 ]; then 45 | # docker build --no-cache -f Dockerfile-centos -t ${IMAGE_REPO}:${TAG} --build-arg version=${ROCKETMQ_VERSION} --build-arg BASE_IMAGE=eclipse-temurin:8-centos7 . 46 | # elif [ "$JAVA_VERSION" -eq 11 ]; then 47 | # docker build --no-cache -f Dockerfile-centos -t ${IMAGE_REPO}:${TAG} --build-arg version=${ROCKETMQ_VERSION} --build-arg BASE_IMAGE=eclipse-temurin:11-centos7 . 48 | # else 49 | # echo "in ${BASE_IMAGE}, jdk ${JAVA_VERSION} is not supported, supported java versions: 8, 11" 50 | # fi 51 | # ;; 52 | ubuntu) 53 | if [ "$JAVA_VERSION" -eq 8 ]; then 54 | docker build --no-cache -f Dockerfile-ubuntu -t ${IMAGE_REPO}:${TAG} --build-arg version=${ROCKETMQ_VERSION} --build-arg BASE_IMAGE=eclipse-temurin:8-jre . 55 | # elif [ "$JAVA_VERSION" -eq 11 ]; then 56 | # docker build --no-cache -f Dockerfile-ubuntu -t ${IMAGE_REPO}:${TAG} --build-arg version=${ROCKETMQ_VERSION} --build-arg BASE_IMAGE=eclipse-temurin:11-jre . 57 | else 58 | echo "in ${BASE_IMAGE}, jdk ${JAVA_VERSION} is not supported, supported java versions: 8, 11" 59 | fi 60 | ;; 61 | #windows) 62 | # if [ "$JAVA_VERSION" -eq 8 ]; then 63 | # docker build --no-cache -f Dockerfile-windows -t ${IMAGE_REPO}:${TAG} --build-arg version=${ROCKETMQ_VERSION} --build-arg BASE_IMAGE=eclipse-temurin:8-jre-windowsservercore . 64 | # elif [ "$JAVA_VERSION" -eq 11 ]; then 65 | # docker build --no-cache -f Dockerfile-windows -t ${IMAGE_REPO}:${TAG} --build-arg version=${ROCKETMQ_VERSION} --build-arg BASE_IMAGE=eclipse-temurin:11-jre-windowsservercore . 66 | # else 67 | # echo "in ${BASE_IMAGE}, jdk ${JAVA_VERSION} is not supported, supported java versions: 8, 11" 68 | # fi 69 | # ;; 70 | *) 71 | echo "${BASE_IMAGE} is not supported, supported base images: ubuntu, centos, alpine, windows" 72 | exit -1 73 | ;; 74 | esac 75 | 76 | docker push ${IMAGE_REPO}:${TAG} 77 | -------------------------------------------------------------------------------- /image-build-ci/scripts/runbroker-customize.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Licensed to the Apache Software Foundation (ASF) under one or more 4 | # contributor license agreements. See the NOTICE file distributed with 5 | # this work for additional information regarding copyright ownership. 6 | # The ASF licenses this file to You under the Apache License, Version 2.0 7 | # (the "License"); you may not use this file except in compliance with 8 | # the License. You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, software 13 | # distributed under the License is distributed on an "AS IS" BASIS, 14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | # See the License for the specific language governing permissions and 16 | # limitations under the License. 17 | 18 | #=========================================================================================== 19 | # Java Environment Setting 20 | #=========================================================================================== 21 | error_exit () 22 | { 23 | echo "ERROR: $1 !!" 24 | exit 1 25 | } 26 | 27 | find_java_home() 28 | { 29 | case "`uname`" in 30 | Darwin) 31 | JAVA_HOME=$(/usr/libexec/java_home) 32 | ;; 33 | *) 34 | JAVA_HOME=$(dirname $(dirname $(readlink -f $(which java)))) 35 | ;; 36 | esac 37 | } 38 | 39 | find_java_home 40 | 41 | [ ! -e "$JAVA_HOME/bin/java" ] && JAVA_HOME=$HOME/jdk/java 42 | [ ! -e "$JAVA_HOME/bin/java" ] && JAVA_HOME=/usr/java 43 | [ ! -e "$JAVA_HOME/bin/java" ] && error_exit "Please set the JAVA_HOME variable in your environment, We need java(x64)!" 44 | 45 | export JAVA_HOME 46 | export JAVA="$JAVA_HOME/bin/java" 47 | export BASE_DIR=$(dirname $0)/.. 48 | export CLASSPATH=.:${BASE_DIR}/conf:${CLASSPATH} 49 | 50 | #=========================================================================================== 51 | # JVM Configuration 52 | #=========================================================================================== 53 | 54 | # Set default JVM memory options if not provided 55 | DEFAULT_HEAP_OPTS="-Xms2g -Xmx2g -Xmn1g -XX:MaxDirectMemorySize=1g" 56 | HEAP_OPTS=${HEAP_OPTS:-$DEFAULT_HEAP_OPTS} 57 | 58 | # Setting JAVA options 59 | JAVA_OPT="${JAVA_OPT} -server ${HEAP_OPTS}" 60 | JAVA_OPT="${JAVA_OPT} -XX:+UseG1GC -XX:G1HeapRegionSize=16m -XX:G1ReservePercent=25 -XX:InitiatingHeapOccupancyPercent=30 -XX:SoftRefLRUPolicyMSPerMB=0 -XX:SurvivorRatio=8" 61 | JAVA_OPT="${JAVA_OPT} -verbose:gc -Xloggc:/dev/shm/mq_gc_%p.log -XX:+PrintGCDetails -XX:+PrintGCDateStamps -XX:+PrintGCApplicationStoppedTime -XX:+PrintAdaptiveSizePolicy" 62 | JAVA_OPT="${JAVA_OPT} -XX:+UseGCLogFileRotation -XX:NumberOfGCLogFiles=5 -XX:GCLogFileSize=30m" 63 | JAVA_OPT="${JAVA_OPT} -XX:-OmitStackTraceInFastThrow" 64 | JAVA_OPT="${JAVA_OPT} -XX:+AlwaysPreTouch" 65 | JAVA_OPT="${JAVA_OPT} -XX:-UseLargePages -XX:-UseBiasedLocking" 66 | JAVA_OPT="${JAVA_OPT} -Djava.ext.dirs=${JAVA_HOME}/jre/lib/ext:${BASE_DIR}/lib" 67 | #JAVA_OPT="${JAVA_OPT} -Xdebug -Xrunjdwp:transport=dt_socket,address=9555,server=y,suspend=n" 68 | JAVA_OPT="${JAVA_OPT} ${JAVA_OPT_EXT}" 69 | JAVA_OPT="${JAVA_OPT} -cp ${CLASSPATH}" 70 | 71 | numactl --interleave=all pwd > /dev/null 2>&1 72 | if [ $? -eq 0 ] 73 | then 74 | if [ -z "$RMQ_NUMA_NODE" ] ; then 75 | numactl --interleave=all $JAVA ${JAVA_OPT} $@ 76 | else 77 | numactl --cpunodebind=$RMQ_NUMA_NODE --membind=$RMQ_NUMA_NODE $JAVA ${JAVA_OPT} $@ 78 | fi 79 | else 80 | $JAVA ${JAVA_OPT} $@ 81 | fi 82 | -------------------------------------------------------------------------------- /image-build-ci/scripts/runserver-customize.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Licensed to the Apache Software Foundation (ASF) under one or more 4 | # contributor license agreements. See the NOTICE file distributed with 5 | # this work for additional information regarding copyright ownership. 6 | # The ASF licenses this file to You under the Apache License, Version 2.0 7 | # (the "License"); you may not use this file except in compliance with 8 | # the License. You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, software 13 | # distributed under the License is distributed on an "AS IS" BASIS, 14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | # See the License for the specific language governing permissions and 16 | # limitations under the License. 17 | 18 | #=========================================================================================== 19 | # Java Environment Setting 20 | #=========================================================================================== 21 | error_exit () 22 | { 23 | echo "ERROR: $1 !!" 24 | exit 1 25 | } 26 | 27 | find_java_home() 28 | { 29 | case "`uname`" in 30 | Darwin) 31 | JAVA_HOME=$(/usr/libexec/java_home) 32 | ;; 33 | *) 34 | JAVA_HOME=$(dirname $(dirname $(readlink -f $(which java)))) 35 | ;; 36 | esac 37 | } 38 | 39 | find_java_home 40 | 41 | [ ! -e "$JAVA_HOME/bin/java" ] && JAVA_HOME=$HOME/jdk/java 42 | [ ! -e "$JAVA_HOME/bin/java" ] && JAVA_HOME=/usr/java 43 | [ ! -e "$JAVA_HOME/bin/java" ] && error_exit "Please set the JAVA_HOME variable in your environment, We need java(x64)!" 44 | 45 | export JAVA_HOME 46 | export JAVA="$JAVA_HOME/bin/java" 47 | export BASE_DIR=$(dirname $0)/.. 48 | export CLASSPATH=.:${BASE_DIR}/conf:${CLASSPATH} 49 | 50 | #=========================================================================================== 51 | # JVM Configuration 52 | #=========================================================================================== 53 | DEFAULT_HEAP_OPTS="-Xms1g -Xmx1g -Xmn512M" 54 | HEAP_OPTS=${HEAP_OPTS:-$DEFAULT_HEAP_OPTS} 55 | 56 | # Set for `JAVA_OPT`. 57 | JAVA_OPT="${JAVA_OPT} -server ${HEAP_OPTS}" 58 | JAVA_OPT="${JAVA_OPT} -XX:+UseConcMarkSweepGC -XX:+UseCMSCompactAtFullCollection -XX:CMSInitiatingOccupancyFraction=70 -XX:+CMSParallelRemarkEnabled -XX:SoftRefLRUPolicyMSPerMB=0 -XX:+CMSClassUnloadingEnabled -XX:SurvivorRatio=8 -XX:-UseParNewGC" 59 | JAVA_OPT="${JAVA_OPT} -verbose:gc -Xloggc:/dev/shm/rmq_srv_gc.log -XX:+PrintGCDetails" 60 | JAVA_OPT="${JAVA_OPT} -XX:-OmitStackTraceInFastThrow" 61 | JAVA_OPT="${JAVA_OPT} -XX:-UseLargePages" 62 | JAVA_OPT="${JAVA_OPT} -Djava.ext.dirs=${JAVA_HOME}/jre/lib/ext:${BASE_DIR}/lib" 63 | #JAVA_OPT="${JAVA_OPT} -Xdebug -Xrunjdwp:transport=dt_socket,address=9555,server=y,suspend=n" 64 | JAVA_OPT="${JAVA_OPT} ${JAVA_OPT_EXT}" 65 | JAVA_OPT="${JAVA_OPT} -cp ${CLASSPATH}" 66 | 67 | $JAVA ${JAVA_OPT} $@ 68 | -------------------------------------------------------------------------------- /image-build-ci/scripts/tools-customize.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # Licensed to the Apache Software Foundation (ASF) under one or more 4 | # contributor license agreements. See the NOTICE file distributed with 5 | # this work for additional information regarding copyright ownership. 6 | # The ASF licenses this file to You under the Apache License, Version 2.0 7 | # (the "License"); you may not use this file except in compliance with 8 | # the License. You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, software 13 | # distributed under the License is distributed on an "AS IS" BASIS, 14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | # See the License for the specific language governing permissions and 16 | # limitations under the License. 17 | 18 | #=========================================================================================== 19 | # Java Environment Setting 20 | #=========================================================================================== 21 | error_exit () 22 | { 23 | echo "ERROR: $1 !!" 24 | exit 1 25 | } 26 | 27 | [ ! -e "$JAVA_HOME/bin/java" ] && JAVA_HOME=$HOME/jdk/java 28 | [ ! -e "$JAVA_HOME/bin/java" ] && JAVA_HOME=/usr/java 29 | [ ! -e "$JAVA_HOME/bin/java" ] && error_exit "Please set the JAVA_HOME variable in your environment, We need java(x64)!" 30 | 31 | export JAVA_HOME 32 | export JAVA="$JAVA_HOME/bin/java" 33 | export BASE_DIR=$(dirname $0)/.. 34 | export CLASSPATH=.:${BASE_DIR}/conf:${BASE_DIR}/lib/*:${CLASSPATH} 35 | 36 | #=========================================================================================== 37 | # JVM Configuration 38 | #=========================================================================================== 39 | JAVA_OPTS="${JAVA_OPTS} -server -Xms1g -Xmx1g -Xmn256m -XX:MetaspaceSize=128m -XX:MaxMetaspaceSize=128m" 40 | JAVA_OPTS="${JAVA_OPTS} -cp ${CLASSPATH}" 41 | 42 | $JAVA ${JAVA_OPTS} "$@" 43 | -------------------------------------------------------------------------------- /image-build/Dockerfile-alpine: -------------------------------------------------------------------------------- 1 | # 2 | # Licensed to the Apache Software Foundation (ASF) under one or more 3 | # contributor license agreements. See the NOTICE file distributed with 4 | # this work for additional information regarding copyright ownership. 5 | # The ASF licenses this file to You under the Apache License, Version 2.0 6 | # (the "License"); you may not use this file except in compliance with 7 | # the License. You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | # 17 | 18 | ################################################################################ 19 | # Build stage 1 `builder`: 20 | # Download and extract RocketMQ 21 | ################################################################################ 22 | FROM eclipse-temurin:8-jdk-alpine AS builder 23 | 24 | ARG version 25 | 26 | RUN set -eux; \ 27 | apk add --virtual .build-deps curl gnupg unzip; 28 | 29 | RUN curl -L https://archive.apache.org/dist/rocketmq/${version}/rocketmq-all-${version}-bin-release.zip -o rocketmq.zip; \ 30 | curl -L https://archive.apache.org/dist/rocketmq/${version}/rocketmq-all-${version}-bin-release.zip.asc -o rocketmq.zip.asc; \ 31 | curl -L https://www.apache.org/dist/rocketmq/KEYS -o KEYS; \ 32 | gpg --import KEYS; \ 33 | gpg --batch --verify rocketmq.zip.asc rocketmq.zip; 34 | 35 | RUN unzip rocketmq.zip; \ 36 | mkdir -p /tmp/rocketmq-${version}; \ 37 | mv rocketmq*/* /tmp/rocketmq-${version} 38 | 39 | 40 | ################################################################################ 41 | # Build stage 2: 42 | # Make the actual RocketMQ docker image 43 | ################################################################################ 44 | FROM eclipse-temurin:8-jdk-alpine 45 | 46 | ARG user=rocketmq 47 | ARG group=rocketmq 48 | ARG uid=3000 49 | ARG gid=3000 50 | 51 | ARG version 52 | 53 | # Rocketmq version 54 | ENV ROCKETMQ_VERSION ${version} 55 | 56 | # Rocketmq home 57 | ENV ROCKETMQ_HOME /home/rocketmq/rocketmq-${ROCKETMQ_VERSION} 58 | 59 | 60 | # Expose namesrv port 61 | EXPOSE 9876 62 | # Expose broker ports 63 | EXPOSE 10909 10911 10912 64 | 65 | # RocketMQ is run with user `rocketmq`, uid = 3000 66 | # If you bind mount a volume from the host or a data container, 67 | # ensure you use the same uid 68 | RUN addgroup --gid ${gid} ${group} \ 69 | && adduser --uid ${uid} -G ${group} ${user} -s /bin/bash -D \ 70 | && apk add --no-cache bash gettext nmap-ncat openssl busybox-extras which 71 | 72 | # Copy customized scripts 73 | COPY scripts/ ${ROCKETMQ_HOME}/bin/ 74 | 75 | # Copy RocketMQ artifact from builder 76 | COPY --from=builder --chown=${uid}:${gid} /tmp/rocketmq-${version}/ ${ROCKETMQ_HOME} 77 | 78 | 79 | # Override customized scripts for namesrv 80 | # Override customized scripts for broker 81 | # Export Java options 82 | # Add ${JAVA_HOME}/lib/ext as java.ext.dirs 83 | RUN mv ${ROCKETMQ_HOME}/bin/runserver-customize.sh ${ROCKETMQ_HOME}/bin/runserver.sh \ 84 | && mv ${ROCKETMQ_HOME}/bin/runbroker-customize.sh ${ROCKETMQ_HOME}/bin/runbroker.sh \ 85 | && chmod -R a+x ${ROCKETMQ_HOME}/bin/ \ 86 | && export JAVA_OPT=" -Duser.home=/opt" \ 87 | && sed -i 's/${JAVA_HOME}\/jre\/lib\/ext/${JAVA_HOME}\/jre\/lib\/ext:${JAVA_HOME}\/lib\/ext/' ${ROCKETMQ_HOME}/bin/tools.sh \ 88 | && chown -R ${uid}:${gid} ${ROCKETMQ_HOME} 89 | 90 | USER ${user} 91 | 92 | WORKDIR ${ROCKETMQ_HOME}/bin 93 | 94 | ENTRYPOINT ["./docker-entrypoint.sh"] 95 | # Dummy overridable parameter parsed by entrypoint 96 | CMD ["dummy"] 97 | 98 | -------------------------------------------------------------------------------- /image-build/Dockerfile-centos-dashboard: -------------------------------------------------------------------------------- 1 | # 2 | # Licensed to the Apache Software Foundation (ASF) under one or more 3 | # contributor license agreements. See the NOTICE file distributed with 4 | # this work for additional information regarding copyright ownership. 5 | # The ASF licenses this file to You under the Apache License, Version 2.0 6 | # (the "License"); you may not use this file except in compliance with 7 | # the License. You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | # 17 | 18 | FROM centos:7 19 | 20 | RUN yum install -y java-1.8.0-openjdk-devel.x86_64 unzip openssl, which gnupg, wget \ 21 | && yum clean all -y 22 | 23 | # FROM openjdk:8-jdk 24 | # RUN apt-get update && apt-get install -y --no-install-recommends \ 25 | # bash libapr1 unzip telnet wget gnupg ca-certificates \ 26 | # && rm -rf /var/lib/apt/lists/* 27 | 28 | ARG user=rocketmq 29 | ARG group=rocketmq 30 | ARG uid=3000 31 | ARG gid=3000 32 | 33 | # RocketMQ Dashboard runs with user `rocketmq`, uid = 3000 34 | # If you bind mount a volume from the host or a data container, 35 | # ensure you use the same uid 36 | RUN groupadd -g ${gid} ${group} \ 37 | && useradd -u ${uid} -g ${gid} -m -s /bin/bash ${user} 38 | 39 | ARG version 40 | 41 | # install maven 3.6.3 42 | ARG MAVEN_VERSION=3.6.3 43 | ARG MAVEN_DOWNLOAD_URL=https://dlcdn.apache.org/maven/maven-3/${MAVEN_VERSION}/binaries/apache-maven-${MAVEN_VERSION}-bin.tar.gz 44 | 45 | RUN mkdir -p /usr/share/maven /usr/share/maven/ref && \ 46 | wget -O /tmp/apache-maven.tar.gz ${MAVEN_DOWNLOAD_URL} --no-check-certificate && \ 47 | tar -xzf /tmp/apache-maven.tar.gz -C /usr/share/maven --strip-components=1 && \ 48 | rm -f /tmp/apache-maven.tar.gz && \ 49 | ln -s /usr/share/maven/bin/mvn /usr/bin/mvn 50 | 51 | ### make it faster if remove those "#"s bellow 52 | # RUN sed -i '159i \ 53 | # \ 54 | # nexus-tencentyun \ 55 | # * \ 56 | # Nexus tencentyun \ 57 | # http://mirrors.cloud.tencent.com/nexus/repository/maven-public/ \ 58 | # \ 59 | # ' /usr/share/maven/conf/settings.xml 60 | 61 | RUN cat /usr/share/maven/conf/settings.xml 62 | 63 | ENV ROCKETMQ_DASHBOARD_VERSION ${version} 64 | ENV ROCKETMQ_DASHBOARD_HOME /home/rocketmq/rocketmq-dashboard-${ROCKETMQ_DASHBOARD_VERSION} 65 | WORKDIR ${ROCKETMQ_DASHBOARD_HOME} 66 | 67 | RUN set -eux; \ 68 | curl -L https://dist.apache.org/repos/dist/release/rocketmq/rocketmq-dashboard/${ROCKETMQ_DASHBOARD_VERSION}/rocketmq-dashboard-${ROCKETMQ_DASHBOARD_VERSION}-source-release.zip -o rocketmq-dashboard.zip; \ 69 | curl -L https://dist.apache.org/repos/dist/release/rocketmq/rocketmq-dashboard/${ROCKETMQ_DASHBOARD_VERSION}/rocketmq-dashboard-${ROCKETMQ_DASHBOARD_VERSION}-source-release.zip.asc -o rocketmq-dashboard.zip.asc; \ 70 | wget https://www.apache.org/dist/rocketmq/KEYS --no-check-certificate; \ 71 | \ 72 | gpg --import KEYS; \ 73 | gpg --batch --verify rocketmq-dashboard.zip.asc rocketmq-dashboard.zip ; \ 74 | unzip rocketmq-dashboard.zip ; \ 75 | rm rocketmq-dashboard.zip rocketmq-dashboard.zip.asc KEYS; 76 | 77 | RUN cd rocketmq-dashboard-${ROCKETMQ_DASHBOARD_VERSION} ; \ 78 | mvn -DskipTests clean install ;\ 79 | ls -l target ; 80 | 81 | 82 | RUN mkdir bin; \ 83 | mv rocketmq-dashboard-${ROCKETMQ_DASHBOARD_VERSION}/target/rocketmq-dashboard-${ROCKETMQ_DASHBOARD_VERSION}.jar bin/ ; \ 84 | mv bin/rocketmq-dashboard-${ROCKETMQ_DASHBOARD_VERSION}.jar bin/rocketmq-dashboard.jar; \ 85 | ls -l bin; \ 86 | rm -rf rocketmq-dashboard-${ROCKETMQ_DASHBOARD_VERSION} 87 | 88 | RUN rm -rf /root/.m2/repository/* 89 | RUN rm -rf /usr/share/maven 90 | RUN yum remove wget unzip openssl -y 91 | 92 | RUN chown -R ${uid}:${gid} ${ROCKETMQ_DASHBOARD_HOME} 93 | EXPOSE 8080 94 | ENTRYPOINT ["java", "-jar", "bin/rocketmq-dashboard.jar"]; -------------------------------------------------------------------------------- /image-build/Dockerfile-ubuntu: -------------------------------------------------------------------------------- 1 | # 2 | # Licensed to the Apache Software Foundation (ASF) under one or more 3 | # contributor license agreements. See the NOTICE file distributed with 4 | # this work for additional information regarding copyright ownership. 5 | # The ASF licenses this file to You under the Apache License, Version 2.0 6 | # (the "License"); you may not use this file except in compliance with 7 | # the License. You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | # 17 | 18 | ################################################################################ 19 | # Build stage 1 `builder`: 20 | # Download and extract RocketMQ 21 | ################################################################################ 22 | FROM eclipse-temurin:8-jdk AS builder 23 | 24 | ARG version 25 | 26 | RUN set -eux; \ 27 | apt-get update; \ 28 | DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ 29 | gnupg2 \ 30 | unzip \ 31 | ; \ 32 | rm -rf /var/lib/apt/lists/* 33 | 34 | RUN curl -L https://archive.apache.org/dist/rocketmq/${version}/rocketmq-all-${version}-bin-release.zip -o rocketmq.zip \ 35 | && curl -L https://archive.apache.org/dist/rocketmq/${version}/rocketmq-all-${version}-bin-release.zip.asc -o rocketmq.zip.asc \ 36 | && curl -L https://www.apache.org/dist/rocketmq/KEYS -o KEYS \ 37 | && gpg --import KEYS \ 38 | && gpg --batch --verify rocketmq.zip.asc rocketmq.zip 39 | 40 | RUN unzip rocketmq.zip \ 41 | && mkdir -p /tmp/rocketmq-${version} \ 42 | && mv rocketmq*/* /tmp/rocketmq-${version} 43 | 44 | ################################################################################ 45 | # Build stage 2: 46 | # Make the actual RocketMQ docker image 47 | ################################################################################ 48 | FROM eclipse-temurin:8-jdk 49 | 50 | ARG user=rocketmq 51 | ARG group=rocketmq 52 | ARG uid=3000 53 | ARG gid=3000 54 | 55 | ARG version 56 | 57 | # Rocketmq version 58 | ENV ROCKETMQ_VERSION=${version} 59 | 60 | # Rocketmq home 61 | ENV ROCKETMQ_HOME=/home/rocketmq/rocketmq-${ROCKETMQ_VERSION} 62 | 63 | # expose namesrv port 64 | EXPOSE 9876 65 | 66 | # expose broker ports 67 | EXPOSE 10909 10911 10912 68 | 69 | # RocketMQ is run with user `rocketmq`, uid = 3000 70 | # If you bind mount a volume from the host or a data container, 71 | # ensure you use the same uid 72 | RUN groupadd -g ${gid} ${group} \ 73 | && useradd -l -u ${uid} -g ${gid} -m -s /bin/bash ${user} \ 74 | && apt-get update; \ 75 | DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ 76 | less \ 77 | openssl \ 78 | which \ 79 | \ 80 | && apt-get clean; \ 81 | rm -rf /var/lib/apt/lists/* 82 | 83 | # Copy customized scripts 84 | COPY scripts/ ${ROCKETMQ_HOME}/bin/ 85 | 86 | # Copy RocketMQ artifact from builder 87 | COPY --from=builder --chown=${uid}:${gid} /tmp/rocketmq-${version}/ ${ROCKETMQ_HOME} 88 | 89 | # Override customized scripts for namesrv 90 | # Override customized scripts for broker 91 | # Export Java options 92 | # Add ${JAVA_HOME}/lib/ext as java.ext.dirs 93 | RUN mv ${ROCKETMQ_HOME}/bin/runserver-customize.sh ${ROCKETMQ_HOME}/bin/runserver.sh \ 94 | && mv ${ROCKETMQ_HOME}/bin/runbroker-customize.sh ${ROCKETMQ_HOME}/bin/runbroker.sh \ 95 | && chmod -R a+x ${ROCKETMQ_HOME}/bin/ \ 96 | && export JAVA_OPT=" -Duser.home=/opt" \ 97 | && sed -i 's/${JAVA_HOME}\/jre\/lib\/ext/${JAVA_HOME}\/jre\/lib\/ext:${JAVA_HOME}\/lib\/ext/' ${ROCKETMQ_HOME}/bin/tools.sh \ 98 | && chown -R ${uid}:${gid} ${ROCKETMQ_HOME} 99 | 100 | 101 | USER ${user} 102 | 103 | WORKDIR ${ROCKETMQ_HOME}/bin 104 | 105 | ENTRYPOINT ["./docker-entrypoint.sh"] 106 | # Dummy overridable parameter parsed by entrypoint 107 | CMD ["dummy"] 108 | -------------------------------------------------------------------------------- /image-build/build-image-dashboard.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | # Licensed to the Apache Software Foundation (ASF) under one or more 4 | # contributor license agreements. See the NOTICE file distributed with 5 | # this work for additional information regarding copyright ownership. 6 | # The ASF licenses this file to You under the Apache License, Version 2.0 7 | # (the "License"); you may not use this file except in compliance with 8 | # the License. You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, software 13 | # distributed under the License is distributed on an "AS IS" BASIS, 14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | # See the License for the specific language governing permissions and 16 | # limitations under the License. 17 | 18 | checkVersion() { 19 | echo "Version = $1" 20 | echo $1 |grep -E "^[0-9]+\.[0-9]+\.[0-9]+" > /dev/null 21 | if [ $? = 0 ]; then 22 | return 1 23 | fi 24 | 25 | echo "Version $1 illegal, it should be X.X.X format(e.g. 4.5.0), please check released versions in 'https://archive.apache.org/dist/rocketmq/'" 26 | exit -1 27 | } 28 | 29 | if [ $# -lt 2 ]; then 30 | echo -e "Usage: sh $0 Version BaseImage" 31 | exit -1 32 | fi 33 | 34 | ROCKETMQ_DASHBOARD_VERSION=$1 35 | BASE_IMAGE=$2 36 | 37 | checkVersion $ROCKETMQ_DASHBOARD_VERSION 38 | 39 | # Build rocketmq 40 | case "${BASE_IMAGE}" in 41 | centos) 42 | docker build --no-cache -f Dockerfile-centos-dashboard -t apache/rocketmq-dashboard:${ROCKETMQ_DASHBOARD_VERSION}-centos --build-arg version=${ROCKETMQ_DASHBOARD_VERSION} . 43 | ;; 44 | *) 45 | echo "${BASE_IMAGE} is not supported, supported base images: centos" 46 | exit -1 47 | ;; 48 | esac 49 | 50 | -------------------------------------------------------------------------------- /image-build/build-image.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | # Licensed to the Apache Software Foundation (ASF) under one or more 4 | # contributor license agreements. See the NOTICE file distributed with 5 | # this work for additional information regarding copyright ownership. 6 | # The ASF licenses this file to You under the Apache License, Version 2.0 7 | # (the "License"); you may not use this file except in compliance with 8 | # the License. You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, software 13 | # distributed under the License is distributed on an "AS IS" BASIS, 14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | # See the License for the specific language governing permissions and 16 | # limitations under the License. 17 | 18 | checkVersion() { 19 | echo "Version = $1" 20 | echo $1 |grep -E "^[0-9]+\.[0-9]+\.[0-9]+" > /dev/null 21 | if [ $? = 0 ]; then 22 | return 1 23 | fi 24 | 25 | echo "Version $1 illegal, it should be X.X.X format(e.g. 4.5.0), please check released versions in 'https://archive.apache.org/dist/rocketmq/'" 26 | exit -1 27 | } 28 | 29 | if [ $# -lt 2 ]; then 30 | echo -e "Usage: sh $0 Version BaseImage" 31 | exit -1 32 | fi 33 | 34 | ROCKETMQ_VERSION=$1 35 | BASE_IMAGE=$2 36 | 37 | checkVersion $ROCKETMQ_VERSION 38 | 39 | # Build rocketmq 40 | case "${BASE_IMAGE}" in 41 | alpine) 42 | docker build --no-cache -f Dockerfile-alpine -t apache/rocketmq:${ROCKETMQ_VERSION}-alpine --build-arg version=${ROCKETMQ_VERSION} . 43 | ;; 44 | ubuntu) 45 | docker build --no-cache -f Dockerfile-ubuntu -t apache/rocketmq:${ROCKETMQ_VERSION} --build-arg version=${ROCKETMQ_VERSION} . 46 | ;; 47 | *) 48 | echo "${BASE_IMAGE} is not supported, supported base images: ubuntu, alpine" 49 | exit -1 50 | ;; 51 | esac 52 | 53 | -------------------------------------------------------------------------------- /image-build/scripts/docker-entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -e 3 | 4 | # Allow user specify custom CMD, maybe run /bin/bash to check the image 5 | if [[ "$1" == "nameserver" || "${NODE_ROLE}" == "nameserver" ]]; then 6 | shift 7 | exec ./mqnamesrv "${@}" 8 | elif [[ "$1" == "broker" || "${NODE_ROLE}" == "broker" ]]; then 9 | shift 10 | exec ./mqbroker "${@}" 11 | elif [[ "$1" == "controller" || "${NODE_ROLE}" == "controller" ]]; then 12 | shift 13 | exec ./mqcontroller "${@}" 14 | else 15 | # Run whatever command the user wants 16 | exec "$@" 17 | fi 18 | -------------------------------------------------------------------------------- /image-build/scripts/runbroker-customize.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Licensed to the Apache Software Foundation (ASF) under one or more 4 | # contributor license agreements. See the NOTICE file distributed with 5 | # this work for additional information regarding copyright ownership. 6 | # The ASF licenses this file to You under the Apache License, Version 2.0 7 | # (the "License"); you may not use this file except in compliance with 8 | # the License. You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, software 13 | # distributed under the License is distributed on an "AS IS" BASIS, 14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | # See the License for the specific language governing permissions and 16 | # limitations under the License. 17 | 18 | #=========================================================================================== 19 | # Java Environment Setting 20 | #=========================================================================================== 21 | error_exit () 22 | { 23 | echo "ERROR: $1 !!" 24 | exit 1 25 | } 26 | 27 | find_java_home() 28 | { 29 | case "`uname`" in 30 | Darwin) 31 | JAVA_HOME=$(/usr/libexec/java_home) 32 | ;; 33 | *) 34 | JAVA_HOME=$(dirname $(dirname $(readlink -f $(which javac)))) 35 | ;; 36 | esac 37 | } 38 | 39 | find_java_home 40 | 41 | [ ! -e "$JAVA_HOME/bin/java" ] && JAVA_HOME=$HOME/jdk/java 42 | [ ! -e "$JAVA_HOME/bin/java" ] && JAVA_HOME=/usr/java 43 | [ ! -e "$JAVA_HOME/bin/java" ] && error_exit "Please set the JAVA_HOME variable in your environment, We need java(x64)!" 44 | 45 | export JAVA_HOME 46 | export JAVA="$JAVA_HOME/bin/java" 47 | export BASE_DIR=$(dirname $0)/.. 48 | export CLASSPATH=.:${BASE_DIR}/conf:${CLASSPATH} 49 | 50 | #=========================================================================================== 51 | # JVM Configuration 52 | #=========================================================================================== 53 | 54 | # Set default JVM memory options if not provided 55 | DEFAULT_HEAP_OPTS="-Xms2g -Xmx2g -Xmn1g -XX:MaxDirectMemorySize=1g" 56 | HEAP_OPTS=${HEAP_OPTS:-$DEFAULT_HEAP_OPTS} 57 | 58 | # Setting JAVA options 59 | JAVA_OPT="${JAVA_OPT} -server ${HEAP_OPTS}" 60 | JAVA_OPT="${JAVA_OPT} -XX:+UseG1GC -XX:G1HeapRegionSize=16m -XX:G1ReservePercent=25 -XX:InitiatingHeapOccupancyPercent=30 -XX:SoftRefLRUPolicyMSPerMB=0 -XX:SurvivorRatio=8" 61 | JAVA_OPT="${JAVA_OPT} -verbose:gc -Xloggc:/dev/shm/mq_gc_%p.log -XX:+PrintGCDetails -XX:+PrintGCDateStamps -XX:+PrintGCApplicationStoppedTime -XX:+PrintAdaptiveSizePolicy" 62 | JAVA_OPT="${JAVA_OPT} -XX:+UseGCLogFileRotation -XX:NumberOfGCLogFiles=5 -XX:GCLogFileSize=30m" 63 | JAVA_OPT="${JAVA_OPT} -XX:-OmitStackTraceInFastThrow" 64 | JAVA_OPT="${JAVA_OPT} -XX:+AlwaysPreTouch" 65 | JAVA_OPT="${JAVA_OPT} -XX:-UseLargePages -XX:-UseBiasedLocking" 66 | JAVA_OPT="${JAVA_OPT} -Djava.ext.dirs=${JAVA_HOME}/jre/lib/ext:${BASE_DIR}/lib" 67 | #JAVA_OPT="${JAVA_OPT} -Xdebug -Xrunjdwp:transport=dt_socket,address=9555,server=y,suspend=n" 68 | JAVA_OPT="${JAVA_OPT} ${JAVA_OPT_EXT}" 69 | JAVA_OPT="${JAVA_OPT} -cp ${CLASSPATH}" 70 | 71 | numactl --interleave=all pwd > /dev/null 2>&1 72 | if [ $? -eq 0 ] 73 | then 74 | if [ -z "$RMQ_NUMA_NODE" ] ; then 75 | numactl --interleave=all $JAVA ${JAVA_OPT} $@ 76 | else 77 | numactl --cpunodebind=$RMQ_NUMA_NODE --membind=$RMQ_NUMA_NODE $JAVA ${JAVA_OPT} $@ 78 | fi 79 | else 80 | $JAVA ${JAVA_OPT} $@ 81 | fi 82 | -------------------------------------------------------------------------------- /image-build/scripts/runserver-customize.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Licensed to the Apache Software Foundation (ASF) under one or more 4 | # contributor license agreements. See the NOTICE file distributed with 5 | # this work for additional information regarding copyright ownership. 6 | # The ASF licenses this file to You under the Apache License, Version 2.0 7 | # (the "License"); you may not use this file except in compliance with 8 | # the License. You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, software 13 | # distributed under the License is distributed on an "AS IS" BASIS, 14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | # See the License for the specific language governing permissions and 16 | # limitations under the License. 17 | 18 | #=========================================================================================== 19 | # Java Environment Setting 20 | #=========================================================================================== 21 | error_exit () 22 | { 23 | echo "ERROR: $1 !!" 24 | exit 1 25 | } 26 | 27 | find_java_home() 28 | { 29 | case "`uname`" in 30 | Darwin) 31 | JAVA_HOME=$(/usr/libexec/java_home) 32 | ;; 33 | *) 34 | JAVA_HOME=$(dirname $(dirname $(readlink -f $(which javac)))) 35 | ;; 36 | esac 37 | } 38 | 39 | find_java_home 40 | 41 | [ ! -e "$JAVA_HOME/bin/java" ] && JAVA_HOME=$HOME/jdk/java 42 | [ ! -e "$JAVA_HOME/bin/java" ] && JAVA_HOME=/usr/java 43 | [ ! -e "$JAVA_HOME/bin/java" ] && error_exit "Please set the JAVA_HOME variable in your environment, We need java(x64)!" 44 | 45 | export JAVA_HOME 46 | export JAVA="$JAVA_HOME/bin/java" 47 | export BASE_DIR=$(dirname $0)/.. 48 | export CLASSPATH=.:${BASE_DIR}/conf:${CLASSPATH} 49 | 50 | #=========================================================================================== 51 | # JVM Configuration 52 | #=========================================================================================== 53 | DEFAULT_HEAP_OPTS="-Xms1g -Xmx1g -Xmn512M" 54 | HEAP_OPTS=${HEAP_OPTS:-$DEFAULT_HEAP_OPTS} 55 | 56 | # Set for `JAVA_OPT`. 57 | JAVA_OPT="${JAVA_OPT} -server ${HEAP_OPTS}" 58 | JAVA_OPT="${JAVA_OPT} -XX:+UseConcMarkSweepGC -XX:+UseCMSCompactAtFullCollection -XX:CMSInitiatingOccupancyFraction=70 -XX:+CMSParallelRemarkEnabled -XX:SoftRefLRUPolicyMSPerMB=0 -XX:+CMSClassUnloadingEnabled -XX:SurvivorRatio=8 -XX:-UseParNewGC" 59 | JAVA_OPT="${JAVA_OPT} -verbose:gc -Xloggc:/dev/shm/rmq_srv_gc.log -XX:+PrintGCDetails" 60 | JAVA_OPT="${JAVA_OPT} -XX:-OmitStackTraceInFastThrow" 61 | JAVA_OPT="${JAVA_OPT} -XX:-UseLargePages" 62 | JAVA_OPT="${JAVA_OPT} -Djava.ext.dirs=${JAVA_HOME}/jre/lib/ext:${BASE_DIR}/lib" 63 | #JAVA_OPT="${JAVA_OPT} -Xdebug -Xrunjdwp:transport=dt_socket,address=9555,server=y,suspend=n" 64 | JAVA_OPT="${JAVA_OPT} ${JAVA_OPT_EXT}" 65 | JAVA_OPT="${JAVA_OPT} -cp ${CLASSPATH}" 66 | 67 | $JAVA ${JAVA_OPT} $@ 68 | -------------------------------------------------------------------------------- /image-build/update.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Licensed to the Apache Software Foundation (ASF) under one or more 4 | # contributor license agreements. See the NOTICE file distributed with 5 | # this work for additional information regarding copyright ownership. 6 | # The ASF licenses this file to You under the Apache License, Version 2.0 7 | # (the "License"); you may not use this file except in compliance with 8 | # the License. You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, software 13 | # distributed under the License is distributed on an "AS IS" BASIS, 14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | # See the License for the specific language governing permissions and 16 | # limitations under the License. 17 | 18 | checkVersion() 19 | { 20 | echo "Version = $1" 21 | echo $1 |grep -E "^[0-9]+\.[0-9]+\.[0-9]+" > /dev/null 22 | if [ $? = 0 ]; then 23 | return 0 24 | fi 25 | 26 | echo "Version $1 illegal, it should be X.X.X format(e.g. 4.5.0), please check released versions in 'https://archive.apache.org/dist/rocketmq/'" 27 | exit -1 28 | } 29 | 30 | set -eu; 31 | 32 | # Update the image of the latest released version 33 | LATEST_VERSION=$(curl -s https://archive.apache.org/dist/rocketmq/ | awk -F '>' '{print $3}' | awk -F '/' '{print $1}' | grep '^[0-9]' | sort | tail -1) 34 | 35 | checkVersion ${LATEST_VERSION} 36 | 37 | baseImages=("alpine" "ubuntu") 38 | 39 | for baseImage in ${baseImages[@]} 40 | do 41 | echo "Building image of version ${LATEST_VERSION}, base-image ${baseImage}" 42 | bash build-image.sh ${LATEST_VERSION} ${baseImage} 43 | if [ "${baseImage}" = "ubuntu" ];then 44 | TAG=${LATEST_VERSION} 45 | else 46 | TAG=${LATEST_VERSION}-${baseImage} 47 | fi 48 | docker push apache/rocketmq:${TAG} 49 | done 50 | -------------------------------------------------------------------------------- /product/README.md: -------------------------------------------------------------------------------- 1 | # Config Reference of RocketMQ Docker in production 2 | 3 | ## Background 4 | 5 | This is a simple instructions for how to use a persistent storage and configuration information in a production environment to deploy a NameServer cluster and a master-slave broker cluster under distributed network nodes. 6 | 7 | Note: Here only contains the configuration and startup Docker containers, without mentioning the container's monitoring and management, the container machine's DNS configuration, message distribution and reliability storage details. This part needs to depend on the advanced deployment capabilities related to RocketMQ-Operator in conjunction with the capabilities of Kubernetes. 8 | 9 | ## Steps to deploy and run docker containers 10 | 11 | 1. Determine the IP and DNS information of the host (physical or virtual machine) to be deployed with NameServer or Broker, the storage file location in the hosted node, and ensure that the relevant ports (9876, 10911, 10912, 10909) are not occupied. 12 | 2. Prepare the configuration file used by the broker, select the reference configuration file according to the requirements of the Cluster, and modify the necessary attribute parameters in the file. 13 | 3. Call the docker container startup script, set the docker parameters, and start the container (look for the RocketMQ image version from [here]()) 14 | 4. Verify the container startup status 15 | 16 | ## Directory Structure 17 | 18 | product / 19 | 20 | ​ | - conf / (Several typical cluster configuration references ) 21 | 22 | ​ | - start-ns.sh (Shell script for starting a name-server container, which is called once for each name-server container on different node) 23 | 24 | ​ | - start-broker.sh (Shell script for starting a broker container, which is called once for creating different broker cluster member on different node) 25 | 26 | | - README.md 27 | 28 | | - README_cn.md 29 | 30 | ## Use Case 31 | 32 | How to config a 2m-2s-async cluster in Docker style. 33 | 34 | ### Startup nameserver cluster 35 | 36 | Note: You can skip this step if you use an existing nameserver cluster 37 | 38 | 1. Confirm the host machine where the nameserver is to be deployed and copy the product directory into the host. Determine the directory (DATA_HOME) where the container persistences content (logs/storage) on the host, as well as the RocketMQ image version (ROCKETMQ_VERSION) and base image alpine or ubuntu (BASE_IMAGE) 39 | 40 | 2. Run the script start-ns.sh, for example: 41 | 42 | ``` 43 | sh start-ns.sh /home/nameserver/data 4.5.0 alpine 44 | ``` 45 | 46 | 3. Repeat above steps if there are multiple nameservers in the cluster. 47 | 48 | ### Startup broker cluster 49 | 50 | 1. Confirm the NameServer Cluster address. (fomart e.g. "ns1:9876;ns2:9876;...") 51 | 52 | 2. Confirm the host machine where the broker-a master is to be deployed,determine the directory (DATA_HOME) where the container persistence content (logs/storage) exists on the host, e.g. DATA_HOME is set as /home/broker/data/; then you need to copy the reference config file conf/2m-2s-async/broker-a.properties as /home/broker/data/conf/2m-2s-async/broker-a.properties in the host. 53 | 54 | Change file broker-a.properties and make the property 'brokerIP1' value as the dns-hostname(Precautions #3) of the host. 55 | 56 | 3. Confirm the ROCKETMQ_VERSION (e.g. 4.5.0), start broker with shell script start-broker.sh through the following command: 57 | 58 | ``` 59 | sh start-broker.sh /home/broker/data 4.5.0 "ns1:9876;ns2:9876" conf/2m-2s-async/broker-a.properties alpine 60 | ``` 61 | 62 | 4. Check if the broker container is start up correctly (Note:The dir DATA_HOME in host needs to open read/write permissions for the rocketmq user in the container, Precautions #1) 63 | 64 | 5. Confirm the host machine where the broker-a slave is to be deployed,determine the directory (DATA_HOME) where the container persistences content (logs/storage) on the host, e.g. DATA_HOME is set as /home/broker/data/; then you need to copy the reference config file conf/2m-2s-async/broker-a-s.properties as /home/broker/data/conf/2m-2s-async/broker-a-s.properties in the host. 65 | 66 | Change file broker-a-s.properties and the proeprty 'brokerIP1' valueas the dns-hostname of the host. 67 | 68 | 6. Confirm the ROCKETMQ_VERSION,start slave broker with shell script start-broker.sh: 69 | 70 | ``` 71 | sh start-broker.sh /home/broker/data 4.5.0 "ns1:9876;ns2:9876" conf/2m-2s-async/broker-a-s.properties alpine 72 | ``` 73 | 74 | 7. Check if the broker container is start up correctly. 75 | 76 | 8. Repeat above steps to create master and slave broker docker containers. 77 | 78 | ## Precautions 79 | 80 | 1. Ensure the DATA_HOME directory r/w permissions 81 | 82 | The broker container needs to write data that needs to be persisted in the DATA_HOME directory of the host, these data include operation logs and message storage files. It is required to open the permissions in the DATA_HOME directory to ensure that the relevant files can be written when the broker is started and running. 83 | A case: After starting the broker, the broker automatically quits after a period of time, without any log writes, this may be due to the container does not write DATA_HOME / logs directory permissions. 84 | 85 | 2. Declare the external map port in the script (start-broker.sh, start-ns.sh) 86 | The default mapping ports have been defined in the relevant script. If the user has special requirements (such as a port is already occupied by other applications), you need to modify the shell script to define a new port mapping. 87 | 88 | 3. Recommended to use DNS to configure the broker and name-server address. 89 | 90 | The broker running in the docker container uses the property brokerIP1 to specify the address of the host it is on, and register/publish this address in the NameServer so that the RocketMQ client can obtain externally available broker addresses through the NameServer. When specifying the brokerIP1 property value, a good practice is to use dns- Hostname (instead of the direct IP address), so that when a large-scale broker changes or ip address migration, it will not affect the deployed containers. -------------------------------------------------------------------------------- /product/conf/2m-2s-async/broker-a-s.properties: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one or more 2 | # contributor license agreements. See the NOTICE file distributed with 3 | # this work for additional information regarding copyright ownership. 4 | # The ASF licenses this file to You under the Apache License, Version 2.0 5 | # (the "License"); you may not use this file except in compliance with 6 | # the License. You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | brokerClusterName=DefaultCluster 16 | brokerName=broker-a 17 | brokerId=1 18 | deleteWhen=04 19 | fileReservedTime=48 20 | brokerRole=SLAVE 21 | flushDiskType=ASYNC_FLUSH 22 | 23 | 24 | #Slave host dns-name/ip 25 | brokerIP1=REPLACE_IT 26 | #with Master's BroperIP1 27 | brokerIP2=REPLACE_IT 28 | 29 | #with Master's haListenPort, default 10912 30 | #haListenPort=10912 31 | -------------------------------------------------------------------------------- /product/conf/2m-2s-async/broker-a.properties: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one or more 2 | # contributor license agreements. See the NOTICE file distributed with 3 | # this work for additional information regarding copyright ownership. 4 | # The ASF licenses this file to You under the Apache License, Version 2.0 5 | # (the "License"); you may not use this file except in compliance with 6 | # the License. You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | brokerClusterName=DefaultCluster 16 | brokerName=broker-a 17 | brokerId=0 18 | deleteWhen=04 19 | fileReservedTime=48 20 | brokerRole=ASYNC_MASTER 21 | flushDiskType=ASYNC_FLUSH 22 | 23 | # Host node's dns-name or ip 24 | brokerIP1=REPLACE_IT 25 | 26 | # Optional config different value rather than default ports. 27 | # Caution: changing default ports need to update port mapping setting (-p) in start-broker.sh 28 | #listenPort=10911 29 | #haListenPort=10912 -------------------------------------------------------------------------------- /product/conf/2m-2s-async/broker-b-s.properties: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one or more 2 | # contributor license agreements. See the NOTICE file distributed with 3 | # this work for additional information regarding copyright ownership. 4 | # The ASF licenses this file to You under the Apache License, Version 2.0 5 | # (the "License"); you may not use this file except in compliance with 6 | # the License. You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | brokerClusterName=DefaultCluster 16 | brokerName=broker-b 17 | brokerId=1 18 | deleteWhen=04 19 | fileReservedTime=48 20 | brokerRole=SLAVE 21 | flushDiskType=ASYNC_FLUSH 22 | 23 | #Slave host dns-name/ip 24 | brokerIP1=REPLACE_IT 25 | #with Master's BroperIP1 26 | brokerIP2=REPLACE_IT 27 | 28 | # with Master's haListenPort, default 10912 29 | #haListenPort=10912 -------------------------------------------------------------------------------- /product/conf/2m-2s-async/broker-b.properties: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one or more 2 | # contributor license agreements. See the NOTICE file distributed with 3 | # this work for additional information regarding copyright ownership. 4 | # The ASF licenses this file to You under the Apache License, Version 2.0 5 | # (the "License"); you may not use this file except in compliance with 6 | # the License. You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | brokerClusterName=DefaultCluster 16 | brokerName=broker-b 17 | brokerId=0 18 | deleteWhen=04 19 | fileReservedTime=48 20 | brokerRole=ASYNC_MASTER 21 | flushDiskType=ASYNC_FLUSH 22 | 23 | # Host node's dns-name or ip 24 | brokerIP1=REPLACE_IT 25 | 26 | # Optional config different value rather than default ports. 27 | # Caution: changing default ports need to update port mapping setting (-p) in start-broker.sh 28 | #listenPort=10911 29 | #haListenPort=10912 -------------------------------------------------------------------------------- /product/conf/2m-2s-sync/broker-a-s.properties: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one or more 2 | # contributor license agreements. See the NOTICE file distributed with 3 | # this work for additional information regarding copyright ownership. 4 | # The ASF licenses this file to You under the Apache License, Version 2.0 5 | # (the "License"); you may not use this file except in compliance with 6 | # the License. You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | brokerClusterName=DefaultCluster 16 | brokerName=broker-a 17 | brokerId=1 18 | deleteWhen=04 19 | fileReservedTime=48 20 | brokerRole=SLAVE 21 | flushDiskType=ASYNC_FLUSH 22 | 23 | #Slave host dns-name/ip 24 | brokerIP1=REPLACE_IT 25 | #with Master's BroperIP1 26 | brokerIP2=REPLACE_IT 27 | 28 | #with Master's haListenPort, default 10912 29 | #haListenPort=10912 -------------------------------------------------------------------------------- /product/conf/2m-2s-sync/broker-a.properties: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one or more 2 | # contributor license agreements. See the NOTICE file distributed with 3 | # this work for additional information regarding copyright ownership. 4 | # The ASF licenses this file to You under the Apache License, Version 2.0 5 | # (the "License"); you may not use this file except in compliance with 6 | # the License. You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | brokerClusterName=DefaultCluster 16 | brokerName=broker-a 17 | brokerId=0 18 | deleteWhen=04 19 | fileReservedTime=48 20 | brokerRole=SYNC_MASTER 21 | flushDiskType=ASYNC_FLUSH 22 | 23 | # Host node's dns-name or ip 24 | brokerIP1=REPLACE_IT 25 | 26 | # Optional config different value rather than default ports. 27 | # Caution: changing default ports need to update port mapping setting (-p) in start-broker.sh 28 | #listenPort=10911 29 | #haListenPort=10912 -------------------------------------------------------------------------------- /product/conf/2m-2s-sync/broker-b-s.properties: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one or more 2 | # contributor license agreements. See the NOTICE file distributed with 3 | # this work for additional information regarding copyright ownership. 4 | # The ASF licenses this file to You under the Apache License, Version 2.0 5 | # (the "License"); you may not use this file except in compliance with 6 | # the License. You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | brokerClusterName=DefaultCluster 16 | brokerName=broker-b 17 | brokerId=1 18 | deleteWhen=04 19 | fileReservedTime=48 20 | brokerRole=SLAVE 21 | flushDiskType=ASYNC_FLUSH 22 | 23 | #Slave host dns-name/ip 24 | brokerIP1=REPLACE_IT 25 | #with Master's BroperIP1 26 | brokerIP2=REPLACE_IT 27 | 28 | # with Master's haListenPort, default 10912 29 | #haListenPort=10912 -------------------------------------------------------------------------------- /product/conf/2m-2s-sync/broker-b.properties: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one or more 2 | # contributor license agreements. See the NOTICE file distributed with 3 | # this work for additional information regarding copyright ownership. 4 | # The ASF licenses this file to You under the Apache License, Version 2.0 5 | # (the "License"); you may not use this file except in compliance with 6 | # the License. You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | brokerClusterName=DefaultCluster 16 | brokerName=broker-b 17 | brokerId=0 18 | deleteWhen=04 19 | fileReservedTime=48 20 | brokerRole=SYNC_MASTER 21 | flushDiskType=ASYNC_FLUSH 22 | 23 | # Host node's dns-name or ip 24 | brokerIP1=REPLACE_IT 25 | 26 | # Optional config different value rather than default ports. 27 | # Caution: changing default ports need to update port mapping setting (-p) in start-broker.sh 28 | #listenPort=10911 29 | #haListenPort=10912 -------------------------------------------------------------------------------- /product/conf/2m-noslave/broker-a.properties: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one or more 2 | # contributor license agreements. See the NOTICE file distributed with 3 | # this work for additional information regarding copyright ownership. 4 | # The ASF licenses this file to You under the Apache License, Version 2.0 5 | # (the "License"); you may not use this file except in compliance with 6 | # the License. You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | brokerClusterName=DefaultCluster 16 | brokerName=broker-a 17 | brokerId=0 18 | deleteWhen=04 19 | fileReservedTime=48 20 | brokerRole=ASYNC_MASTER 21 | flushDiskType=ASYNC_FLUSH 22 | 23 | # Host node's dns-name or ip 24 | brokerIP1=REPLACE_IT 25 | 26 | # Optional config different value rather than default ports. 27 | # Caution: changing default ports need to update port mapping setting (-p) in start-broker.sh 28 | #listenPort=10911 -------------------------------------------------------------------------------- /product/conf/2m-noslave/broker-b.properties: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one or more 2 | # contributor license agreements. See the NOTICE file distributed with 3 | # this work for additional information regarding copyright ownership. 4 | # The ASF licenses this file to You under the Apache License, Version 2.0 5 | # (the "License"); you may not use this file except in compliance with 6 | # the License. You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | brokerClusterName=DefaultCluster 16 | brokerName=broker-b 17 | brokerId=0 18 | deleteWhen=04 19 | fileReservedTime=48 20 | brokerRole=ASYNC_MASTER 21 | flushDiskType=ASYNC_FLUSH 22 | 23 | # Host node's dns-name or ip 24 | brokerIP1=REPLACE_IT 25 | 26 | # Optional config different value rather than default ports. 27 | # Caution: changing default ports need to update port mapping setting (-p) in start-broker.sh 28 | #listenPort=10911 29 | #haListenPort=10912 -------------------------------------------------------------------------------- /product/conf/2m-noslave/broker-trace.properties: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one or more 2 | # contributor license agreements. See the NOTICE file distributed with 3 | # this work for additional information regarding copyright ownership. 4 | # The ASF licenses this file to You under the Apache License, Version 2.0 5 | # (the "License"); you may not use this file except in compliance with 6 | # the License. You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | brokerClusterName=DefaultCluster 16 | brokerName=broker-trace 17 | brokerId=0 18 | deleteWhen=04 19 | fileReservedTime=48 20 | brokerRole=ASYNC_MASTER 21 | flushDiskType=ASYNC_FLUSH 22 | 23 | # Host node's dns-name or ip 24 | brokerIP1=REPLACE_IT 25 | 26 | # Optional config different value rather than default ports. 27 | # Caution: changing default ports need to update port mapping setting (-p) in start-broker.sh 28 | #listenPort=10911 -------------------------------------------------------------------------------- /product/conf/broker.conf: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one or more 2 | # contributor license agreements. See the NOTICE file distributed with 3 | # this work for additional information regarding copyright ownership. 4 | # The ASF licenses this file to You under the Apache License, Version 2.0 5 | # (the "License"); you may not use this file except in compliance with 6 | # the License. You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | 16 | brokerClusterName = DefaultCluster 17 | brokerName = broker-b 18 | brokerId = 0 19 | deleteWhen = 04 20 | fileReservedTime = 48 21 | brokerRole = ASYNC_MASTER 22 | flushDiskType = ASYNC_FLUSH 23 | 24 | # Set self-defined brokerIP address (e.g. the host node's) 25 | #brokerIP1=30.25.90.82 26 | -------------------------------------------------------------------------------- /product/start-broker.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # Licensed to the Apache Software Foundation (ASF) under one or more 4 | # contributor license agreements. See the NOTICE file distributed with 5 | # this work for additional information regarding copyright ownership. 6 | # The ASF licenses this file to You under the Apache License, Version 2.0 7 | # (the "License"); you may not use this file except in compliance with 8 | # the License. You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, software 13 | # distributed under the License is distributed on an "AS IS" BASIS, 14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | # See the License for the specific language governing permissions and 16 | # limitations under the License. 17 | 18 | ## Main 19 | if [ $# -lt 4 ]; then 20 | echo "Usage: sh $0 DATA_HOME ROCKETMQ_VERSION NAMESRV_ADDR CONF_FILE" 21 | exit -1 22 | fi 23 | 24 | DATA_HOME=$1 25 | ROCKETMQ_VERSION=$2 26 | NAMESRV_ADDR=$3 27 | CONF_FILE=$4 28 | BASE_IMAGE=$5 29 | 30 | ## Show Env Setting 31 | echo "ENV Setting: " 32 | echo " DATA_HOME=${DATA_HOME} ROCKETMQ_VERSION=${ROCKETMQ_VERSION}" 33 | echo " NAMESRV_ADDR=${NAMESRV_ADDR}" 34 | echo " CONF_FILE=${CONF_FILE}" 35 | 36 | ## Check config file existing 37 | if [ ! -f "${DATA_HOME}/conf/${CONF_FILE}" ]; then 38 | echo "You must ensure the broker config file [${DATA_HOME}/conf/${CONF_FILE}] is pre-defined!!!" 39 | exit -1 40 | fi 41 | 42 | 43 | # Start Broker 44 | start_broker() 45 | { 46 | TAG_SUFFIX=$1 47 | docker run -d -v ${DATA_HOME}/logs:/home/rocketmq/logs -v ${DATA_HOME}/store:/home/rocketmq/store \ 48 | -v ${DATA_HOME}/conf:/home/rocketmq/conf \ 49 | --name rmqbroker \ 50 | -e "NAMESRV_ADDR=${NAMESRV_ADDR}" \ 51 | -p 10911:10911 -p 10912:10912 -p 10909:10909 \ 52 | apache/rocketmq:${ROCKETMQ_VERSION}${TAG_SUFFIX} \ 53 | sh mqbroker -c /home/rocketmq/conf/${CONF_FILE} 54 | } 55 | 56 | case "${BASE_IMAGE}" in 57 | alpine) 58 | start_broker -alpine 59 | ;; 60 | ubuntu|centos) 61 | start_broker 62 | ;; 63 | *) 64 | echo "${BASE_IMAGE} is not supported, supported base images: ubuntu, alpine, centos (deprecated)" 65 | exit -1 66 | ;; 67 | esac -------------------------------------------------------------------------------- /product/start-dashboard.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | # Licensed to the Apache Software Foundation (ASF) under one or more 4 | # contributor license agreements. See the NOTICE file distributed with 5 | # this work for additional information regarding copyright ownership. 6 | # The ASF licenses this file to You under the Apache License, Version 2.0 7 | # (the "License"); you may not use this file except in compliance with 8 | # the License. You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, software 13 | # distributed under the License is distributed on an "AS IS" BASIS, 14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | # See the License for the specific language governing permissions and 16 | # limitations under the License. 17 | 18 | ROCKETMQ_DASHBOARD_VERSION=$1 19 | 20 | docker run -d -it --name rocketmq-dashboard -p 6765:8080 apache/rocketmq-dashboard:${ROCKETMQ_DASHBOARD_VERSION}-centos -------------------------------------------------------------------------------- /product/start-ns.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # Licensed to the Apache Software Foundation (ASF) under one or more 4 | # contributor license agreements. See the NOTICE file distributed with 5 | # this work for additional information regarding copyright ownership. 6 | # The ASF licenses this file to You under the Apache License, Version 2.0 7 | # (the "License"); you may not use this file except in compliance with 8 | # the License. You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, software 13 | # distributed under the License is distributed on an "AS IS" BASIS, 14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | # See the License for the specific language governing permissions and 16 | # limitations under the License. 17 | 18 | 19 | ## Main 20 | if [ $# -lt 3 ]; then 21 | echo "Usage: sh $0 DATA_HOME ROCKETMQ_VERSION BASE_IMAGE" 22 | exit -1 23 | fi 24 | 25 | DATA_HOME=$1 26 | ROCKETMQ_VERSION=$2 27 | BASE_IMAGE=$3 28 | 29 | ## Show Env Setting 30 | echo "ENV Setting: " 31 | echo "DATA_HOME=${DATA_HOME} ROCKETMQ_VERSION=${ROCKETMQ_VERSION}" 32 | 33 | # Start nameserver 34 | start_namesrv() 35 | { 36 | TAG_SUFFIX=$1 37 | docker run -d -v ${DATA_HOME}/logs:/home/rocketmq/logs \ 38 | --name rmqnamesrv \ 39 | -p 9876:9876 \ 40 | apache/rocketmq:${ROCKETMQ_VERSION}${TAG_SUFFIX} \ 41 | sh mqnamesrv 42 | } 43 | 44 | case "${BASE_IMAGE}" in 45 | alpine) 46 | start_namesrv -alpine 47 | ;; 48 | ubuntu|centos) 49 | start_namesrv 50 | ;; 51 | *) 52 | echo "${BASE_IMAGE} is not supported, supported base images: ubuntu, alpine, centos (deprecated)" 53 | exit -1 54 | ;; 55 | esac -------------------------------------------------------------------------------- /rocketmq-k8s-helm/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /rocketmq-k8s-helm/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: rocketmq 3 | description: A Helm chart for Kubernetes 4 | 5 | # A chart can be either an 'application' or a 'library' chart. 6 | # 7 | # Application charts are a collection of templates that can be packaged into versioned archives 8 | # to be deployed. 9 | # 10 | # Library charts provide useful utilities or functions for the chart developer. They're included as 11 | # a dependency of application charts to inject those utilities and functions into the rendering 12 | # pipeline. Library charts do not define any templates and therefore cannot be deployed. 13 | type: application 14 | 15 | # This is the chart version. This version number should be incremented each time you make changes 16 | # to the chart and its templates, including the app version. 17 | # Versions are expected to follow Semantic Versioning (https://semver.org/) 18 | version: 0.0.1 19 | 20 | # This is the version number of the application being deployed. This version number should be 21 | # incremented each time you make changes to the application. Versions are not expected to 22 | # follow Semantic Versioning. They should reflect the version the application is using. 23 | # It is recommended to use it with quotes. 24 | appVersion: "1.16.0" 25 | -------------------------------------------------------------------------------- /rocketmq-k8s-helm/templates/broker/NOTES.txt: -------------------------------------------------------------------------------- 1 | 1. Get the application URL by running these commands: -------------------------------------------------------------------------------- /rocketmq-k8s-helm/templates/broker/_brokerconfig.tpl: -------------------------------------------------------------------------------- 1 | {{- define "rocketmq-broker.config" -}} 2 | {{- $name := include "rocketmq-broker.fullname" . }} 3 | {{- $clusterName := include "rocketmq-broker.clusterName" . }} 4 | {{- $brokerNamePrefix := include "rocketmq-broker.brokerNamePrefix" . }} 5 | {{- $config := .Values.broker.config }} 6 | {{- $replicaCount := .Values.broker.replicaCount | int }} 7 | {{- range $index := until $replicaCount }} 8 | {{ $name }}-{{ $index }}: | 9 | brokerClusterName={{ $clusterName }} 10 | brokerName={{ $brokerNamePrefix }}-{{ $index }} 11 | enableNameServerAddressResolve=true 12 | 13 | # common configs 14 | traceOn=true 15 | autoCreateTopicEnable=false 16 | autoCreateSubscriptionGroup=true 17 | enableIncrementalTopicCreation=true 18 | generateConfigForScaleOutEnable=false 19 | enableNotifyAfterPopOrderLockRelease=true 20 | autoMessageVersionOnTopicLen=true 21 | 22 | # pop config 23 | enablePopBufferMerge=true 24 | enableConsumePopRetryTopic=true 25 | enableConsumePullRetryTopic=true 26 | enableSkipLongWaitAck=true 27 | 28 | # Store config 29 | flushDiskType=SYNC_FLUSH 30 | 31 | # Enable SQL92 32 | enablePropertyFilter=true 33 | 34 | # Transaction config 35 | transactionCheckMaxTimeInMs=14400000 36 | transactionCheckInterval=60000 37 | 38 | # Delay config 39 | timerWheelEnable=true 40 | timerMaxDelaySec=86400 41 | 42 | waitTimeMillsInSendQueue=900 43 | maxMessageSize=5242880 44 | 45 | # stream 46 | litePullMessageEnable=true 47 | {{ $config | indent 4 }} 48 | {{- end }} 49 | {{- end }} -------------------------------------------------------------------------------- /rocketmq-k8s-helm/templates/broker/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* 2 | Expand the name of the chart. 3 | */}} 4 | {{- define "rocketmq-broker.name" -}} 5 | {{- default .Chart.Name .Values.broker.nameOverride | trunc 63 | trimSuffix "-" }} 6 | {{- end }} 7 | 8 | {{/* 9 | Create a default fully qualified app name. 10 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 11 | If release name contains chart name it will be used as a full name. 12 | */}} 13 | {{- define "rocketmq-broker.fullname" -}} 14 | {{- if .Values.broker.fullnameOverride }} 15 | {{- .Values.broker.fullnameOverride | trunc 63 | trimSuffix "-" }} 16 | {{- else }} 17 | {{- $name := default .Chart.Name .Values.broker.nameOverride }} 18 | {{- if contains $name .Release.Name }} 19 | {{- .Release.Name | trunc 63 | trimSuffix "-" }} 20 | {{- else }} 21 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} 22 | {{- end }} 23 | {{- end }} 24 | {{- end }} 25 | 26 | {{/* 27 | Create chart name and version as used by the chart label. 28 | */}} 29 | {{- define "rocketmq-broker.chart" -}} 30 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} 31 | {{- end }} 32 | 33 | {{/* 34 | Common labels 35 | */}} 36 | {{- define "rocketmq-broker.labels" -}} 37 | {{ include "rocketmq-broker.selectorLabels" . }} 38 | {{- if .Chart.AppVersion }} 39 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} 40 | {{- end }} 41 | app.kubernetes.io/managed-by: {{ .Release.Service }} 42 | {{- end }} 43 | 44 | {{/* 45 | Selector labels 46 | */}} 47 | {{- define "rocketmq-broker.selectorLabels" -}} 48 | app.kubernetes.io/name: {{ include "rocketmq-broker.name" . }} 49 | app.kubernetes.io/instance: {{ .Release.Name }} 50 | {{- end }} 51 | 52 | {{- define "rocketmq-broker.clusterName" -}} 53 | {{- if .Values.broker.conf.clusterNameOverride }} 54 | {{- .Values.broker.conf.clusterNameOverride | trunc 63 | trimSuffix "-" }} 55 | {{- else -}} 56 | DefaultCluster 57 | {{- end }} 58 | {{- end }} 59 | 60 | {{- define "rocketmq-broker.brokerNamePrefix" -}} 61 | {{- if .Values.broker.conf.brokerNamePrefixOverride }} 62 | {{- .Values.broker.conf.brokerNamePrefixOverride | trunc 63 | trimSuffix "-" }} 63 | {{- else }} 64 | {{- include "rocketmq-broker.fullname" . }} 65 | {{- end }} 66 | {{- end }} 67 | 68 | {{- define "rocketmq-broker.brokerImage" -}} 69 | {{ .Values.broker.image.repository }}:{{ .Values.broker.image.tag | default .Chart.AppVersion }} 70 | {{- end }} 71 | -------------------------------------------------------------------------------- /rocketmq-k8s-helm/templates/broker/configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: broker-conf 5 | labels: 6 | {{- include "rocketmq-broker.labels" . | nindent 4 }} 7 | data: 8 | {{- include "rocketmq-broker.config" . }} -------------------------------------------------------------------------------- /rocketmq-k8s-helm/templates/broker/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ include "rocketmq-broker.fullname" . }} 5 | labels: 6 | {{- include "rocketmq-broker.labels" . | nindent 4 }} 7 | spec: 8 | ports: 9 | - port: {{ .Values.broker.service.port }} 10 | targetPort: broker-port 11 | protocol: TCP 12 | name: broker-port 13 | selector: 14 | {{- include "rocketmq-broker.selectorLabels" . | nindent 4 }} 15 | clusterIP: None 16 | -------------------------------------------------------------------------------- /rocketmq-k8s-helm/templates/broker/statefulset.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: StatefulSet 3 | metadata: 4 | name: {{ include "rocketmq-broker.fullname" . }} 5 | spec: 6 | replicas: {{ .Values.broker.replicaCount }} 7 | serviceName: {{ include "rocketmq-broker.fullname" . }} 8 | selector: 9 | matchLabels: 10 | {{- include "rocketmq-broker.selectorLabels" . | nindent 6 }} 11 | podManagementPolicy: Parallel 12 | updateStrategy: 13 | type: RollingUpdate 14 | template: 15 | metadata: 16 | labels: 17 | {{- include "rocketmq-broker.selectorLabels" . | nindent 8 }} 18 | spec: 19 | {{- with .Values.proxy.imagePullSecrets }} 20 | imagePullSecrets: 21 | {{- toYaml . | nindent 8 }} 22 | {{- end }} 23 | containers: 24 | - name: broker 25 | image: {{ include "rocketmq-broker.brokerImage" . }} 26 | {{- if $.Values.broker.image.pullPolicy }} 27 | imagePullPolicy: {{ $.Values.broker.image.pullPolicy }} 28 | {{- end }} 29 | command: [ "/bin/sh" ] 30 | args: [ "-c", "./mqbroker -c /home/rocketmq/conf/$(POD_NAME)" ] 31 | env: 32 | - name: POD_NAME 33 | valueFrom: 34 | fieldRef: 35 | fieldPath: metadata.name 36 | - name: POD_IP 37 | valueFrom: 38 | fieldRef: 39 | fieldPath: status.podIP 40 | - name: HEAP_OPTS 41 | value: {{ .Values.broker.jvmMemory }} 42 | - name: NAMESRV_ADDR 43 | value: {{ include "rocketmq-nameserver.fullname" . }}:9876 44 | ports: 45 | - name: broker 46 | containerPort: 10911 47 | protocol: TCP 48 | - name: con-nameserver 49 | containerPort: 10909 50 | protocol: TCP 51 | - name: ha 52 | containerPort: 10912 53 | protocol: TCP 54 | - name: proxy 55 | containerPort: 8081 56 | protocol: TCP 57 | readinessProbe: 58 | failureThreshold: 3 59 | initialDelaySeconds: 60 60 | periodSeconds: 15 61 | successThreshold: 1 62 | tcpSocket: 63 | port: 10911 64 | timeoutSeconds: 1 65 | livenessProbe: 66 | failureThreshold: 3 67 | initialDelaySeconds: 60 68 | periodSeconds: 15 69 | successThreshold: 1 70 | tcpSocket: 71 | port: 10911 72 | timeoutSeconds: 1 73 | resources: 74 | {{- toYaml .Values.broker.resources | nindent 12 }} 75 | volumeMounts: 76 | - mountPath: /home/rocketmq/conf 77 | name: broker-config 78 | - mountPath: /home/rocketmq/logs 79 | name: broker-storage 80 | subPath: home/rocketmq/rocketmq-broker 81 | - mountPath: /root/store 82 | name: broker-storage 83 | subPath: store/rocketmq-broker 84 | {{- with .Values.broker.nodeSelector }} 85 | nodeSelector: 86 | {{- toYaml . | nindent 8 }} 87 | {{- end }} 88 | volumes: 89 | - name: broker-config 90 | configMap: 91 | name: broker-conf 92 | {{- if not $.Values.broker.persistence.enabled }} 93 | - name: broker-storage 94 | emptyDir: { } 95 | {{- else }} 96 | volumeClaimTemplates: 97 | - metadata: 98 | name: broker-storage 99 | spec: 100 | accessModes: [ "ReadWriteOnce" ] 101 | resources: 102 | requests: 103 | storage: {{ .Values.broker.persistence.size }} 104 | {{- end }} -------------------------------------------------------------------------------- /rocketmq-k8s-helm/templates/controller/_controllerconfig.tpl: -------------------------------------------------------------------------------- 1 | {{- /* 2 | SPDX-License-Identifier: APACHE-2.0 3 | */}} 4 | 5 | {{- define "controller.jRaftInitConf" -}} 6 | {{- $replicaCount := .Values.controller.replicas | int }} 7 | {{- $args := list -}} 8 | {{- $name := include "controller.fullname" . }} 9 | {{- $namespace := .Release.Namespace -}} 10 | {{- $result := "" -}} 11 | {{- $port := .Values.controller.service.internalport | int -}} 12 | {{- range untilStep 0 $replicaCount 1 -}} 13 | {{- $args = printf "%s-%d.%s.%s:%d" $name . $name $namespace $port | append $args -}} 14 | {{- end }} 15 | {{- $result = printf "%s=%s" "jRaftInitConf" (join "," $args) -}} 16 | {{- $result -}} 17 | {{- end -}} 18 | 19 | {{- define "controller.jRaftControllerRPCAddr" -}} 20 | {{- $replicaCount := .Values.controller.replicas | int }} 21 | {{- $args := list -}} 22 | {{- $name := include "controller.fullname" . }} 23 | {{- $namespace := .Release.Namespace -}} 24 | {{- $result := "" -}} 25 | {{- $port := .Values.controller.service.port | int -}} 26 | {{- range untilStep 0 $replicaCount 1 -}} 27 | {{- $args = printf "%s-%d.%s.%s:%d" $name . $name $namespace $port | append $args -}} 28 | {{- end }} 29 | {{- $result = printf "%s=%s" "jRaftControllerRPCAddr" (join "," $args) -}} 30 | {{- $result -}} 31 | {{- end -}} 32 | 33 | {{- define "controller.config" -}} 34 | {{- $name := include "controller.fullname" . }} 35 | {{- $config := .Values.controller.config }} 36 | {{- $replicaCount := .Values.controller.replicas | int }} 37 | {{- $jRaftInitConf := include "controller.jRaftInitConf" . -}} 38 | {{- $jRaftControllerRPCAddr := include "controller.jRaftControllerRPCAddr" . -}} 39 | {{- range $index := until $replicaCount }} 40 | {{ $name }}-{{ $index }}: | 41 | controllerType=jRaft 42 | jRaftGroupId=jRaft-controller-group 43 | jRaftServerId = {{ $name }}-{{ $index }}.{{ $name }}.{{ $.Release.Namespace }}:{{ $.Values.controller.service.internalport }} 44 | {{ $jRaftInitConf }} 45 | {{ $jRaftControllerRPCAddr }} 46 | jRaftSnapshotIntervalSecs = 3600 47 | controllerStorePath=/home/rocketmq/store 48 | {{ $config | indent 4 }} 49 | {{- end }} 50 | {{- end }} 51 | -------------------------------------------------------------------------------- /rocketmq-k8s-helm/templates/controller/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{- /* 2 | SPDX-License-Identifier: APACHE-2.0 3 | */}} 4 | 5 | {{/* 6 | Expand the name of the chart. 7 | */}} 8 | {{- define "controller.name" -}} 9 | {{- default .Chart.Name .Values.controller.nameOverride | trunc 63 | trimSuffix "-" }} 10 | {{- end }} 11 | 12 | {{/* 13 | Create a default fully qualified app name. 14 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 15 | If release name contains chart name it will be used as a full name. 16 | */}} 17 | {{- define "controller.fullname" -}} 18 | {{- if .Values.fullnameOverride }} 19 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} 20 | {{- else }} 21 | {{- $name := default .Chart.Name .Values.controller.nameOverride }} 22 | {{- if contains $name .Release.Name }} 23 | {{- .Release.Name | trunc 63 | trimSuffix "-" }} 24 | {{- else }} 25 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} 26 | {{- end }} 27 | {{- end }} 28 | {{- end }} 29 | 30 | {{/* 31 | Create chart name and version as used by the chart label. 32 | */}} 33 | {{- define "controller.chart" -}} 34 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} 35 | {{- end }} 36 | 37 | {{/* 38 | Common labels 39 | */}} 40 | {{- define "controller.labels" -}} 41 | helm.sh/chart: {{ include "controller.chart" . }} 42 | {{ include "controller.selectorLabels" . }} 43 | {{- if .Chart.AppVersion }} 44 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} 45 | {{- end }} 46 | app.kubernetes.io/managed-by: {{ .Release.Service }} 47 | {{- end }} 48 | 49 | {{/* 50 | Selector labels 51 | */}} 52 | {{- define "controller.selectorLabels" -}} 53 | app.kubernetes.io/name: {{ include "controller.name" . }} 54 | app.kubernetes.io/instance: {{ .Release.Name }} 55 | {{- end }} 56 | -------------------------------------------------------------------------------- /rocketmq-k8s-helm/templates/controller/configmap.yaml: -------------------------------------------------------------------------------- 1 | {{- /* 2 | SPDX-License-Identifier: APACHE-2.0 3 | */}} 4 | 5 | apiVersion: v1 6 | kind: ConfigMap 7 | metadata: 8 | name: {{ include "controller.fullname" . }}-conf 9 | labels: 10 | {{- include "controller.labels" . | nindent 4 }} 11 | data: 12 | {{- include "controller.config" . }} -------------------------------------------------------------------------------- /rocketmq-k8s-helm/templates/controller/service.yaml: -------------------------------------------------------------------------------- 1 | {{- /* 2 | SPDX-License-Identifier: APACHE-2.0 3 | */}} 4 | 5 | apiVersion: v1 6 | kind: Service 7 | metadata: 8 | name: {{ include "controller.fullname" . }} 9 | labels: 10 | {{- include "controller.labels" . | nindent 4 }} 11 | spec: 12 | type: ClusterIP 13 | clusterIP: None 14 | ports: 15 | - name: main 16 | port: {{ .Values.controller.service.port }} 17 | protocol: TCP 18 | targetPort: main 19 | - name: internal 20 | port: {{ .Values.controller.service.internalport }} 21 | protocol: TCP 22 | targetPort: internal 23 | publishNotReadyAddresses: true 24 | selector: 25 | {{- include "controller.selectorLabels" . | nindent 4 }} 26 | -------------------------------------------------------------------------------- /rocketmq-k8s-helm/templates/controller/statefulset.yaml: -------------------------------------------------------------------------------- 1 | {{- /* 2 | SPDX-License-Identifier: APACHE-2.0 3 | */}} 4 | 5 | apiVersion: apps/v1 6 | kind: StatefulSet 7 | metadata: 8 | name: {{ include "controller.fullname" . }} 9 | labels: 10 | {{- include "controller.labels" . | nindent 4 }} 11 | spec: 12 | replicas: {{ .Values.controller.replicas }} 13 | selector: 14 | matchLabels: 15 | {{- include "controller.selectorLabels" . | nindent 6 }} 16 | serviceName: {{ include "controller.fullname" . }} 17 | template: 18 | metadata: 19 | annotations: 20 | checksum/config: {{ include (print $.Template.BasePath "/controller/configmap.yaml") . | sha256sum }} 21 | labels: 22 | {{- include "controller.labels" . | nindent 8 }} 23 | spec: 24 | {{- with .Values.controller.image.pullSecrets }} 25 | imagePullSecrets: 26 | {{- toYaml . | nindent 8 }} 27 | {{- end }} 28 | {{- with .Values.controller.affinity }} 29 | affinity: 30 | {{- toYaml . | nindent 8 }} 31 | {{- end }} 32 | {{- with .Values.controller.nodeSelector }} 33 | nodeSelector: 34 | {{- toYaml . | nindent 8 }} 35 | {{- end }} 36 | {{- with .Values.controller.tolerations }} 37 | tolerations: 38 | {{- toYaml . | nindent 8 }} 39 | {{- end }} 40 | containers: 41 | - name: controller 42 | image: "{{ .Values.controller.image.repository }}:{{ .Values.controller.image.tag }}" 43 | imagePullPolicy: {{ .Values.controller.image.pullPolicy }} 44 | env: 45 | - name: NODE_ROLE 46 | value: controller 47 | - name: POD_NAME 48 | valueFrom: 49 | fieldRef: 50 | apiVersion: v1 51 | fieldPath: metadata.name 52 | command: [ "/bin/sh" ] 53 | args: [ "-c", "./mqcontroller -c /home/rocketmq/conf/$(POD_NAME)" ] 54 | ports: 55 | - name: main 56 | containerPort: {{ .Values.controller.service.port }} 57 | protocol: TCP 58 | - name: internal 59 | containerPort: {{ .Values.controller.service.internalport }} 60 | protocol: TCP 61 | livenessProbe: 62 | {{- toYaml .Values.controller.livenessProbe | nindent 10 }} 63 | readinessProbe: 64 | {{- toYaml .Values.controller.readinessProbe | nindent 10 }} 65 | startupProbe: 66 | {{- toYaml .Values.controller.startupProbe | nindent 10 }} 67 | resources: 68 | {{- toYaml .Values.controller.resources | nindent 10 }} 69 | volumeMounts: 70 | - mountPath: /home/rocketmq/conf 71 | name: controller-config 72 | - mountPath: /home/rocketmq/logs 73 | name: controller-storage 74 | subPath: logs 75 | - mountPath: /home/rocketmq/store 76 | name: controller-storage 77 | subPath: store 78 | securityContext: 79 | fsGroup: 3000 80 | volumes: 81 | - name: controller-config 82 | configMap: 83 | name: {{ include "controller.fullname" . }}-conf 84 | {{- if not $.Values.controller.persistence.enabled }} 85 | - name: controller-storage 86 | emptyDir: { } 87 | {{- else if .Values.controller.persistence.existingClaim }} 88 | - name: controller-storage 89 | persistentVolumeClaim: 90 | claimName: {{ printf "%s" (tpl .Values.controller.persistence.existingClaim .) }} 91 | {{- end }} 92 | {{- if and .Values.controller.persistence.enabled (not .Values.controller.persistence.existingClaim) }} 93 | volumeClaimTemplates: 94 | - metadata: 95 | name: controller-storage 96 | spec: 97 | accessModes: [ "ReadWriteOnce" ] 98 | resources: 99 | requests: 100 | storage: {{ .Values.controller.persistence.size | quote }} 101 | {{- if (eq "-" .Values.controller.persistence.storageClass) -}} 102 | storageClassName: "" 103 | {{- else }} 104 | storageClassName: {{ .Values.controller.persistence.storageClass }} 105 | {{- end -}} 106 | {{- end }} 107 | 108 | 109 | 110 | -------------------------------------------------------------------------------- /rocketmq-k8s-helm/templates/nameserver/NOTES.txt: -------------------------------------------------------------------------------- 1 | 1. Get the application URL by running these commands: 2 | {{- if .Values.nameserver.ingress.enabled }} 3 | {{- range $host := .Values.nameserver.ingress.hosts }} 4 | {{- range .paths }} 5 | http{{ if $.Values.nameserver.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} 6 | {{- end }} 7 | {{- end }} 8 | {{- else if contains "NodePort" .Values.nameserver.service.type }} 9 | export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "rocketmq-nameserver.fullname" . }}) 10 | export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") 11 | echo http://$NODE_IP:$NODE_PORT 12 | {{- else if contains "LoadBalancer" .Values.nameserver.service.type }} 13 | NOTE: It may take a few minutes for the LoadBalancer IP to be available. 14 | You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "rocketmq-nameserver.fullname" . }}' 15 | export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "rocketmq-nameserver.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") 16 | echo http://$SERVICE_IP:{{ .Values.nameserver.service.port }} 17 | {{- else if contains "ClusterIP" .Values.nameserver.service.type }} 18 | export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "rocketmq-nameserver.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") 19 | export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") 20 | echo "Visit http://127.0.0.1:8080 to use your application" 21 | kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT 22 | {{- end }} 23 | helm ls --all-namespaces -------------------------------------------------------------------------------- /rocketmq-k8s-helm/templates/nameserver/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* 2 | Expand the name of the chart. 3 | */}} 4 | {{- define "rocketmq-nameserver.name" -}} 5 | {{- default .Chart.Name .Values.nameserver.nameOverride | trunc 63 | trimSuffix "-" }} 6 | {{- end }} 7 | 8 | {{/* 9 | Create a default fully qualified app name. 10 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 11 | If release name contains chart name it will be used as a full name. 12 | */}} 13 | {{- define "rocketmq-nameserver.fullname" -}} 14 | {{- if .Values.nameserver.fullnameOverride }} 15 | {{- .Values.nameserver.fullnameOverride | trunc 63 | trimSuffix "-" }} 16 | {{- else }} 17 | {{- $name := default .Chart.Name .Values.nameserver.nameOverride }} 18 | {{- if contains $name .Release.Name }} 19 | {{- .Release.Name | trunc 63 | trimSuffix "-" }} 20 | {{- else }} 21 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} 22 | {{- end }} 23 | {{- end }} 24 | {{- end }} 25 | 26 | {{/* 27 | Create chart name and version as used by the chart label. 28 | */}} 29 | {{- define "rocketmq-nameserver.chart" -}} 30 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} 31 | {{- end }} 32 | 33 | {{/* 34 | Common labels 35 | */}} 36 | {{- define "rocketmq-nameserver.labels" -}} 37 | helm.sh/chart: {{ include "rocketmq-nameserver.chart" . }} 38 | {{ include "rocketmq-nameserver.selectorLabels" . }} 39 | {{- if .Chart.AppVersion }} 40 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} 41 | {{- end }} 42 | app.kubernetes.io/managed-by: {{ .Release.Service }} 43 | {{- end }} 44 | 45 | {{/* 46 | Selector labels 47 | */}} 48 | {{- define "rocketmq-nameserver.selectorLabels" -}} 49 | app.kubernetes.io/name: {{ include "rocketmq-nameserver.name" . }} 50 | app.kubernetes.io/instance: {{ .Release.Name }} 51 | {{- end }} 52 | 53 | {{- define "rocketmq-nameserver.namesrvImage" -}} 54 | {{ .Values.nameserver.image.repository }}:{{ .Values.nameserver.image.tag | default .Chart.AppVersion }} 55 | {{- end }} 56 | 57 | {{- define "rocketmq-nameserver.port" -}} 58 | {{- .Values.nameserver.port }} 59 | {{- end }} 60 | -------------------------------------------------------------------------------- /rocketmq-k8s-helm/templates/nameserver/configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: nameserver-conf 5 | labels: 6 | {{- include "rocketmq-nameserver.labels" . | nindent 4 }} 7 | data: 8 | namesrv.p: | 9 | listenPort={{ include "rocketmq-nameserver.port" . }} 10 | {{ .Values.nameserver.configmap | indent 4 | trim }} 11 | -------------------------------------------------------------------------------- /rocketmq-k8s-helm/templates/nameserver/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: {{ include "rocketmq-nameserver.fullname" . }} 5 | spec: 6 | replicas: {{ .Values.nameserver.replicaCount }} 7 | selector: 8 | matchLabels: 9 | {{- include "rocketmq-nameserver.selectorLabels" . | nindent 6 }} 10 | component: nameserver 11 | template: 12 | metadata: 13 | labels: 14 | {{- include "rocketmq-nameserver.selectorLabels" . | nindent 8 }} 15 | component: nameserver 16 | spec: 17 | {{- with .Values.proxy.imagePullSecrets }} 18 | imagePullSecrets: 19 | {{- toYaml . | nindent 8 }} 20 | {{- end }} 21 | containers: 22 | - name: nameserver 23 | image: {{ include "rocketmq-nameserver.namesrvImage" . }} 24 | {{- if .Values.nameserver.image.pullPolicy }} 25 | imagePullPolicy: {{ .Values.nameserver.image.pullPolicy | quote }} 26 | {{- end }} 27 | command: [ "/bin/sh" ] 28 | args: [ "-c", "./mqnamesrv -c /home/rocketmq/config/namesrv.p" ] 29 | env: 30 | - name: JAVA_HEAP_SIZE 31 | value: {{ .Values.nameserver.heapSize }} 32 | ports: 33 | - name: nameserver 34 | containerPort: {{ include "rocketmq-nameserver.port" . }} 35 | protocol: TCP 36 | startupProbe: 37 | tcpSocket: 38 | port: nameserver 39 | periodSeconds: 5 40 | initialDelaySeconds: 20 41 | failureThreshold: 3 42 | livenessProbe: 43 | tcpSocket: 44 | port: nameserver 45 | initialDelaySeconds: 5 46 | periodSeconds: 5 47 | failureThreshold: 3 48 | readinessProbe: 49 | tcpSocket: 50 | port: nameserver 51 | initialDelaySeconds: 5 52 | periodSeconds: 5 53 | timeoutSeconds: 1 54 | failureThreshold: 3 55 | resources: 56 | {{- toYaml .Values.nameserver.resources | nindent 12 }} 57 | volumeMounts: 58 | - mountPath: /home/rocketmq/config 59 | name: nameserver-config 60 | - mountPath: /home/rocketmq/logs 61 | name: nameserver-log 62 | volumes: 63 | - name: nameserver-config 64 | configMap: 65 | name: nameserver-conf 66 | - name: nameserver-log 67 | emptyDir: { } 68 | {{- with .Values.nameserver.nodeSelector }} 69 | nodeSelector: 70 | {{- toYaml . | nindent 8 }} 71 | {{- end }} -------------------------------------------------------------------------------- /rocketmq-k8s-helm/templates/nameserver/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ include "rocketmq-nameserver.fullname" . }} 5 | labels: 6 | {{- include "rocketmq-nameserver.labels" . | nindent 4 }} 7 | spec: 8 | clusterIP: None 9 | ports: 10 | - port: {{ .Values.nameserver.service.servicePort }} 11 | targetPort: {{ include "rocketmq-nameserver.port" . }} 12 | protocol: TCP 13 | name: nameserver-service 14 | selector: 15 | {{- include "rocketmq-nameserver.selectorLabels" . | nindent 4 }} 16 | -------------------------------------------------------------------------------- /rocketmq-k8s-helm/templates/proxy/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* 2 | Expand the name of the chart. 3 | */}} 4 | {{- define "rocketmq-proxy.name" -}} 5 | {{- default .Chart.Name .Values.proxy.nameOverride | trunc 63 | trimSuffix "-" }} 6 | {{- end }} 7 | 8 | {{/* 9 | Create a default fully qualified app name. 10 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 11 | If release name contains chart name it will be used as a full name. 12 | */}} 13 | {{- define "rocketmq-proxy.fullname" -}} 14 | {{- if .Values.proxy.fullnameOverride }} 15 | {{- .Values.proxy.fullnameOverride | trunc 63 | trimSuffix "-" }} 16 | {{- else }} 17 | {{- $name := default .Chart.Name .Values.proxy.nameOverride }} 18 | {{- if contains $name .Release.Name }} 19 | {{- .Release.Name | trunc 63 | trimSuffix "-" }} 20 | {{- else }} 21 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} 22 | {{- end }} 23 | {{- end }} 24 | {{- end }} 25 | 26 | {{/* 27 | Common labels 28 | */}} 29 | {{- define "rocketmq-proxy.labels" -}} 30 | {{ include "rocketmq-proxy.selectorLabels" . }} 31 | {{- if .Chart.AppVersion }} 32 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} 33 | {{- end }} 34 | app.kubernetes.io/managed-by: {{ .Release.Service }} 35 | {{- end }} 36 | 37 | {{/* 38 | Selector labels 39 | */}} 40 | {{- define "rocketmq-proxy.selectorLabels" -}} 41 | app.kubernetes.io/name: {{ include "rocketmq-proxy.name" . }} 42 | app.kubernetes.io/instance: {{ .Release.Name }} 43 | {{- end }} 44 | 45 | {{- define "rocketmq-proxy.proxyImage" -}} 46 | {{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag | default .Chart.AppVersion }} 47 | {{- end }} 48 | -------------------------------------------------------------------------------- /rocketmq-k8s-helm/templates/proxy/_proxyconfig.tpl: -------------------------------------------------------------------------------- 1 | {{/* 2 | Using mergeOverwrite to merge configs from Values into regional config, 3 | valuse from .Values.config have the higher priority. 4 | */}} 5 | 6 | {{- define "rocketmq-proxy.conf" -}} 7 | {{- $commonConf := fromYaml (include "rocketmq-proxy.common.conf" . ) -}} 8 | rmq-proxy.json: | 9 | {{- mergeOverwrite $commonConf .Values.proxy.config | mustToPrettyJson | nindent 4 }} 10 | {{- end }} 11 | {{- define "rocketmq-proxy.common.conf" -}} 12 | enableFlowControl: true 13 | enableFlowLimitAction: true 14 | metricCollectorMode: "proxy" 15 | longPollingReserveTimeInMillis: 1000 16 | maxMessageSize: 4194304 17 | maxUserPropertySize: 16384 18 | userPropertyMaxNum: 128 19 | maxMessageGroupSize: 64 20 | grpcClientProducerBackoffInitialMillis: 5 21 | grpcClientProducerBackoffMultiplier: 5 22 | grpcClientProducerBackoffMaxMillis: 1000 23 | transactionHeartbeatBatchNum: 1 24 | rocketMQClusterName: "{{ include "rocketmq-broker.clusterName" . }}" 25 | namesrvAddr: "{{ include "rocketmq-nameserver.fullname" . }}:9876" 26 | {{- end -}} -------------------------------------------------------------------------------- /rocketmq-k8s-helm/templates/proxy/configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: proxy-conf 5 | data: 6 | {{ include "rocketmq-proxy.conf" . }} 7 | -------------------------------------------------------------------------------- /rocketmq-k8s-helm/templates/proxy/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: {{ include "rocketmq-proxy.fullname" . }} 5 | spec: 6 | {{- if not .Values.proxy.autoscaling.enabled }} 7 | replicas: {{ .Values.proxy.replicaCount }} 8 | {{- end }} 9 | selector: 10 | matchLabels: 11 | {{- include "rocketmq-proxy.selectorLabels" . | nindent 6 }} 12 | template: 13 | metadata: 14 | {{- with .Values.proxy.podAnnotations }} 15 | annotations: 16 | {{- toYaml . | nindent 8 }} 17 | {{- end }} 18 | labels: 19 | {{- include "rocketmq-proxy.selectorLabels" . | nindent 8 }} 20 | spec: 21 | {{- with .Values.proxy.imagePullSecrets }} 22 | imagePullSecrets: 23 | {{- toYaml . | nindent 8 }} 24 | {{- end }} 25 | containers: 26 | - name: proxy 27 | image: {{ include "rocketmq-proxy.proxyImage" . }} 28 | {{- if .Values.proxy.image.pullPolicy }} 29 | imagePullPolicy: {{ .Values.proxy.image.pullPolicy | quote }} 30 | {{- end }} 31 | command: [ "/bin/sh" ] 32 | args: [ "-c", "./mqproxy -pc /home/rocketmq/rocketmq-proxy/configmap/rmq-proxy.json" ] 33 | env: 34 | - name: RMQ_PROXY_NAME 35 | valueFrom: 36 | fieldRef: 37 | fieldPath: metadata.name 38 | - name: NAMESRV_ADDR 39 | value: {{ include "rocketmq-nameserver.fullname" . }}:9876 40 | - name: RMQ_PROXY_CONFIG_PATH 41 | value: /home/rocketmq/rocketmq-proxy/configmap 42 | lifecycle: 43 | preStop: 44 | exec: 45 | command: 46 | - sh 47 | - ./bin/mqshutdown 48 | - proxy 49 | ports: 50 | - name: remote 51 | containerPort: 8080 52 | protocol: TCP 53 | - name: grpc 54 | containerPort: 8081 55 | protocol: TCP 56 | startupProbe: 57 | tcpSocket: 58 | port: grpc 59 | initialDelaySeconds: 10 60 | failureThreshold: 30 61 | periodSeconds: 10 62 | readinessProbe: 63 | tcpSocket: 64 | port: grpc 65 | periodSeconds: 5 66 | livenessProbe: 67 | tcpSocket: 68 | port: grpc 69 | periodSeconds: 10 70 | resources: 71 | {{- toYaml .Values.proxy.resources | nindent 12 }} 72 | volumeMounts: 73 | - name: conf 74 | mountPath: /home/rocketmq/rocketmq-proxy/configmap/ 75 | volumes: 76 | - name: conf 77 | configMap: 78 | name: proxy-conf 79 | {{- with .Values.proxy.nodeSelector }} 80 | nodeSelector: 81 | {{- toYaml . | nindent 8 }} 82 | {{- end }} -------------------------------------------------------------------------------- /rocketmq-k8s-helm/templates/proxy/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ include "rocketmq-proxy.fullname" . }} 5 | labels: 6 | {{- include "rocketmq-proxy.labels" . | nindent 4 }} 7 | spec: 8 | clusterIP: None 9 | ports: 10 | - port: {{ .Values.proxy.service.remotingInternetPort }} 11 | targetPort: 7001 12 | protocol: TCP 13 | name: remoting-internet 14 | - port: {{ .Values.proxy.service.grpcPort }} 15 | targetPort: 8081 16 | protocol: TCP 17 | name: grpc 18 | selector: 19 | {{- include "rocketmq-proxy.selectorLabels" . | nindent 4 }} -------------------------------------------------------------------------------- /rocketmq-k8s-helm/values.yaml: -------------------------------------------------------------------------------- 1 | # Default values for rocketmq-proxy. 2 | # This is a YAML-formatted file. 3 | # Declare variables to be passed into your templates. 4 | 5 | nameserver: 6 | replicaCount: 1 7 | image: 8 | pullPolicy: IfNotPresent 9 | repository: "apache/rocketmq" 10 | tag: "latest" 11 | 12 | imagePullSecrets: [ ] 13 | nameOverride: "nameserver" 14 | fullnameOverride: "" 15 | 16 | port: 9876 17 | heapSize: "1792M" 18 | 19 | serviceAccount: 20 | # Specifies whether a service account should be created 21 | create: false 22 | # Annotations to add to the service account 23 | annotations: { } 24 | # The name of the service account to use. 25 | # If not set and create is true, a name is generated using the fullname template 26 | name: "" 27 | 28 | podAnnotations: { } 29 | nodeSelector: { } 30 | 31 | podSecurityContext: 32 | { } 33 | # fsGroup: 2000 34 | 35 | service: 36 | type: ClusterIP 37 | servicePort: 9876 38 | enableDraining: true 39 | drainTimeout: 30 40 | 41 | ingress: 42 | enabled: false 43 | className: "" 44 | annotations: 45 | { } 46 | # kubernetes.io/ingress.class: nginx 47 | # kubernetes.io/tls-acme: "true" 48 | hosts: 49 | - host: chart-example.local 50 | paths: 51 | - path: / 52 | pathType: ImplementationSpecific 53 | tls: [ ] 54 | # - secretName: chart-example-tls 55 | # hosts: 56 | # - chart-example.local 57 | 58 | persistence: 59 | enabled: false 60 | size: 8Gi 61 | 62 | resources: 63 | limits: 64 | cpu: 1 65 | memory: 2Gi 66 | requests: 67 | cpu: 250m 68 | memory: 2Gi 69 | 70 | autoscaling: 71 | enabled: false 72 | minReplicas: 1 73 | maxReplicas: 100 74 | targetCPUUtilizationPercentage: 80 75 | # targetMemoryUtilizationPercentage: 80 76 | 77 | configmap: | 78 | defaultThreadPoolNums=4 79 | 80 | 81 | proxy: 82 | replicaCount: 1 83 | image: 84 | pullPolicy: IfNotPresent 85 | repository: "apache/rocketmq" 86 | tag: "latest" 87 | 88 | imagePullSecrets: [ ] 89 | nameOverride: "proxy" 90 | fullnameOverride: "" 91 | 92 | heapSize: "1920M" 93 | maxDirectMemorySize: "384M" 94 | rocketMQClusterName: "DefaultCluster" 95 | 96 | config: { } 97 | 98 | serviceAccount: 99 | # Specifies whether a service account should be created 100 | create: false 101 | # Annotations to add to the service account 102 | annotations: { } 103 | # The name of the service account to use. 104 | # If not set and create is true, a name is generated using the fullname template 105 | name: "" 106 | 107 | podAnnotations: 108 | 109 | service: 110 | remotingInternetPort: 8080 111 | grpcPort: 8081 112 | adminPort: 8088 113 | internet: 114 | enabled: false 115 | acl: 116 | enabled: false 117 | id: "" 118 | configs: 119 | - id: "" 120 | 121 | ingress: 122 | enabled: false 123 | annotations: { } 124 | # kubernetes.io/ingress.class: nginx 125 | # kubernetes.io/tls-acme: "true" 126 | hosts: 127 | - host: chart-example.local 128 | paths: [ ] 129 | tls: [ ] 130 | # - secretName: chart-example-tls 131 | # hosts: 132 | # - chart-example.local 133 | 134 | resources: 135 | limits: 136 | cpu: 1 137 | memory: 8Gi 138 | requests: 139 | cpu: 1 140 | memory: 8Gi 141 | 142 | autoscaling: 143 | enabled: false 144 | minReplicas: 1 145 | maxReplicas: 100 146 | targetCPUUtilizationPercentage: 80 147 | 148 | nodeSelector: { } 149 | 150 | tolerations: [ ] 151 | 152 | affinity: { } 153 | 154 | 155 | broker: 156 | replicaCount: 1 157 | image: 158 | pullPolicy: IfNotPresent 159 | repository: "apache/rocketmq" 160 | tag: "latest" 161 | 162 | imagePullSecrets: [ ] 163 | partition: 0 164 | persistence: 165 | enabled: false 166 | size: 8Gi 167 | 168 | nameOverride: "broker" 169 | fullnameOverride: "" 170 | namesrvAddr: "" 171 | 172 | conf: 173 | clusterNameOverride: "" 174 | brokerNamePrefixOverride: "" 175 | tlsMode: disabled 176 | heapSize: "3G" 177 | enableStartupProbe: false 178 | startupProbeNamesrvAddr: "" 179 | nameServerHeadlessAddr: "" 180 | 181 | config: "" 182 | 183 | service: 184 | port: 10911 185 | 186 | jvmMemory: " -Xms4g -Xmx4g -Xmn2g -XX:MaxDirectMemorySize=8g " 187 | resources: 188 | limits: 189 | cpu: 2 190 | memory: 6Gi 191 | requests: 192 | cpu: 2 193 | memory: 6Gi 194 | 195 | nodeSelector: { } 196 | 197 | tolerations: [ ] 198 | 199 | controller: 200 | nameOverride: "controller" 201 | fullnameOverride: "" 202 | replicas: 3 203 | image: 204 | repository: "apache/rocketmq" 205 | tag: "latest" 206 | pullPolicy: IfNotPresent 207 | imagePullSecrets: [ ] 208 | service: 209 | port: 9878 210 | internalport: 9888 211 | resources: 212 | limits: 213 | cpu: 2 214 | memory: 4Gi 215 | requests: 216 | cpu: 1 217 | memory: 4Gi 218 | readinessProbe: 219 | tcpSocket: 220 | port: 9878 221 | initialDelaySeconds: 5 222 | periodSeconds: 10 223 | livenessProbe: 224 | tcpSocket: 225 | port: 9878 226 | periodSeconds: 10 227 | startupProbe: 228 | tcpSocket: 229 | port: 9878 230 | failureThreshold: 30 231 | periodSeconds: 10 232 | successThreshold: 1 233 | timeoutSeconds: 10 234 | config: "" 235 | persistence: 236 | enabled: false 237 | existingClaim: "" 238 | storageClass: "" 239 | size: 20Gi 240 | -------------------------------------------------------------------------------- /stage.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # Licensed to the Apache Software Foundation (ASF) under one or more 4 | # contributor license agreements. See the NOTICE file distributed with 5 | # this work for additional information regarding copyright ownership. 6 | # The ASF licenses this file to You under the Apache License, Version 2.0 7 | # (the "License"); you may not use this file except in compliance with 8 | # the License. You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, software 13 | # distributed under the License is distributed on an "AS IS" BASIS, 14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | # See the License for the specific language governing permissions and 16 | # limitations under the License. 17 | 18 | checkVersion() 19 | { 20 | echo "Stage version = $1" 21 | echo $1 |grep -E "^[0-9]+\.[0-9]+\.[0-9]+" > /dev/null 22 | if [ $? = 0 ]; then 23 | return 1 24 | fi 25 | 26 | echo "Version $1 illegal, it should be X.X.X format(e.g. 4.5.0), please check released versions in 'https://archive.apache.org/dist/rocketmq/'" 27 | return 0 28 | } 29 | 30 | CURRENT_DIR="$(cd "$(dirname "$0")"; pwd)" 31 | 32 | [ ! -d "$STAGE_DIR" ] && STAGE_DIR=$CURRENT_DIR/stages 33 | mkdir -p $STAGE_DIR 34 | 35 | if [ $# -lt 1 ]; then 36 | echo "Usage: sh $0 version" 37 | exit -1 38 | fi 39 | 40 | version=$1 41 | checkVersion $version 42 | if [ $? = 0 ]; then 43 | exit -1 44 | fi 45 | 46 | echo "mkdir $STAGE_DIR/$version" 47 | mkdir -p "$STAGE_DIR/$version" 48 | 49 | cp -rf "$CURRENT_DIR/templates" "$STAGE_DIR/$version" 50 | 51 | echo "staged templates into folder $STAGE_DIR/$version" 52 | 53 | # Replace string "ROCKETMQ_VERSION" with real version in all files under $STAGE_DIR/$version 54 | find "$STAGE_DIR/$version" -type f | xargs perl -pi -e "s/ROCKETMQ_VERSION/${version}/g" 55 | 56 | 57 | if [[ "${version}" > "5.0.0" ]]; then 58 | cp $STAGE_DIR/$version/templates/docker-compose/rmq5-docker-compose.yml $STAGE_DIR/$version/templates/docker-compose/docker-compose.yml 59 | else 60 | cp $STAGE_DIR/$version/templates/docker-compose/rmq4-docker-compose.yml $STAGE_DIR/$version/templates/docker-compose/docker-compose.yml 61 | fi 62 | 63 | rm $STAGE_DIR/$version/templates/docker-compose/rmq4-docker-compose.yml $STAGE_DIR/$version/templates/docker-compose/rmq5-docker-compose.yml -------------------------------------------------------------------------------- /templates/data/broker/conf/broker.conf: -------------------------------------------------------------------------------- 1 | brokerClusterName = DefaultCluster 2 | brokerName = broker-abc 3 | brokerId = 0 4 | deleteWhen = 04 5 | fileReservedTime = 48 6 | brokerRole = ASYNC_MASTER 7 | flushDiskType = ASYNC_FLUSH 8 | brokerIP1 = 30.25.90.30 9 | -------------------------------------------------------------------------------- /templates/data/broker/conf/broker1.conf: -------------------------------------------------------------------------------- 1 | brokerClusterName = DefaultCluster 2 | brokerName = broker-abc1 3 | brokerId = 1 4 | deleteWhen = 04 5 | fileReservedTime = 48 6 | brokerRole = ASYNC_MASTER 7 | flushDiskType = ASYNC_FLUSH 8 | brokerIP1 = m30 9 | listenPort = 10921 10 | -------------------------------------------------------------------------------- /templates/data/broker0/conf/dledger/broker.conf: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one or more 2 | # contributor license agreements. See the NOTICE file distributed with 3 | # this work for additional information regarding copyright ownership. 4 | # The ASF licenses this file to You under the Apache License, Version 2.0 5 | # (the "License"); you may not use this file except in compliance with 6 | # the License. You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | 16 | brokerClusterName = RaftCluster 17 | brokerName=RaftNode00 18 | listenPort=30911 19 | #namesrvAddr=127.0.0.1:9876 20 | storePathRootDir=/tmp/rmqstore/node00 21 | storePathCommitLog=/tmp/rmqstore/node00/commitlog 22 | enableDLegerCommitLog=true 23 | dLegerGroup=RaftNode00 24 | dLegerPeers=n0-172.18.0.12:40911;n1-172.18.0.13:40912;n2-172.18.0.14:40913 25 | ## must be unique 26 | dLegerSelfId=n0 27 | sendMessageThreadPoolNums=16 28 | -------------------------------------------------------------------------------- /templates/data/broker1/conf/dledger/broker.conf: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one or more 2 | # contributor license agreements. See the NOTICE file distributed with 3 | # this work for additional information regarding copyright ownership. 4 | # The ASF licenses this file to You under the Apache License, Version 2.0 5 | # (the "License"); you may not use this file except in compliance with 6 | # the License. You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | 16 | brokerClusterName = RaftCluster 17 | brokerName=RaftNode01 18 | listenPort=30911 19 | #namesrvAddr=127.0.0.1:9876 20 | storePathRootDir=/tmp/rmqstore/node00 21 | storePathCommitLog=/tmp/rmqstore/node00/commitlog 22 | enableDLegerCommitLog=true 23 | dLegerGroup=RaftNode00 24 | dLegerPeers=n0-172.18.0.12:40911;n1-172.18.0.13:40912;n2-172.18.0.14:40913 25 | ## must be unique 26 | dLegerSelfId=n1 27 | sendMessageThreadPoolNums=16 28 | -------------------------------------------------------------------------------- /templates/data/broker2/conf/dledger/broker.conf: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one or more 2 | # contributor license agreements. See the NOTICE file distributed with 3 | # this work for additional information regarding copyright ownership. 4 | # The ASF licenses this file to You under the Apache License, Version 2.0 5 | # (the "License"); you may not use this file except in compliance with 6 | # the License. You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | 16 | brokerClusterName = RaftCluster 17 | brokerName=RaftNode02 18 | listenPort=30911 19 | #namesrvAddr=127.0.0.1:9876 20 | storePathRootDir=/tmp/rmqstore/node00 21 | storePathCommitLog=/tmp/rmqstore/node00/commitlog 22 | enableDLegerCommitLog=true 23 | dLegerGroup=RaftNode00 24 | dLegerPeers=n0-172.18.0.12:40911;n1-172.18.0.13:40912;n2-172.18.0.14:40913 25 | ## must be unique 26 | dLegerSelfId=n2 27 | sendMessageThreadPoolNums=16 28 | -------------------------------------------------------------------------------- /templates/docker-compose/data/broker/conf/broker.conf: -------------------------------------------------------------------------------- 1 | brokerClusterName = DefaultCluster 2 | brokerName = broker-a 3 | brokerId = 0 4 | deleteWhen = 04 5 | fileReservedTime = 48 6 | brokerRole = ASYNC_MASTER 7 | flushDiskType = ASYNC_FLUSH 8 | -------------------------------------------------------------------------------- /templates/docker-compose/data1/broker/conf/broker.conf: -------------------------------------------------------------------------------- 1 | brokerClusterName = DefaultCluster 2 | brokerName = broker-b 3 | brokerId = 0 4 | deleteWhen = 04 5 | fileReservedTime = 48 6 | brokerRole = ASYNC_MASTER 7 | flushDiskType = ASYNC_FLUSH 8 | -------------------------------------------------------------------------------- /templates/docker-compose/proxy/conf/rmq-proxy.json: -------------------------------------------------------------------------------- 1 | { 2 | "rocketMQClusterName": "DefaultCluster" 3 | } -------------------------------------------------------------------------------- /templates/docker-compose/rmq4-docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '2' 2 | services: 3 | #Service for nameserver 4 | namesrv: 5 | image: apache/rocketmq:ROCKETMQ_VERSION 6 | container_name: rmqnamesrv 7 | ports: 8 | - 9876:9876 9 | volumes: 10 | - ./data/namesrv/logs:/home/rocketmq/logs 11 | command: sh mqnamesrv 12 | 13 | #Service for broker 14 | broker: 15 | image: apache/rocketmq:ROCKETMQ_VERSION 16 | container_name: rmqbroker 17 | links: 18 | - namesrv 19 | ports: 20 | - 10909:10909 21 | - 10911:10911 22 | - 10912:10912 23 | environment: 24 | - NAMESRV_ADDR=namesrv:9876 25 | volumes: 26 | - ./data/broker/logs:/home/rocketmq/logs 27 | - ./data/broker/store:/home/rocketmq/store 28 | - ./data/broker/conf/broker.conf:/opt/rocketmq-ROCKETMQ_VERSION/conf/broker.conf 29 | command: sh mqbroker -c /opt/rocketmq-ROCKETMQ_VERSION/conf/broker.conf 30 | 31 | #Service for another broker -- broker1 32 | broker1: 33 | image: apache/rocketmq:ROCKETMQ_VERSION 34 | container_name: rmqbroker-b 35 | links: 36 | - namesrv 37 | ports: 38 | - 10929:10909 39 | - 10931:10911 40 | - 10932:10912 41 | environment: 42 | - NAMESRV_ADDR=namesrv:9876 43 | volumes: 44 | - ./data1/broker/logs:/home/rocketmq/logs 45 | - ./data1/broker/store:/home/rocketmq/store 46 | - ./data1/broker/conf/broker.conf:/opt/rocketmq-ROCKETMQ_VERSION/conf/broker.conf 47 | command: sh mqbroker -c /opt/rocketmq-ROCKETMQ_VERSION/conf/broker.conf 48 | -------------------------------------------------------------------------------- /templates/docker-compose/rmq5-docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '2' 2 | services: 3 | #Service for nameserver 4 | namesrv: 5 | image: apache/rocketmq:ROCKETMQ_VERSION 6 | container_name: rmqnamesrv 7 | ports: 8 | - 9876:9876 9 | volumes: 10 | - ./data/namesrv/logs:/home/rocketmq/logs 11 | command: sh mqnamesrv 12 | 13 | #Service for broker 14 | broker: 15 | image: apache/rocketmq:ROCKETMQ_VERSION 16 | container_name: rmqbroker 17 | links: 18 | - namesrv 19 | ports: 20 | - 10909:10909 21 | - 10911:10911 22 | - 10912:10912 23 | environment: 24 | - NAMESRV_ADDR=namesrv:9876 25 | volumes: 26 | - ./data/broker/logs:/home/rocketmq/logs 27 | - ./data/broker/store:/home/rocketmq/store 28 | - ./data/broker/conf/broker.conf:/opt/rocketmq-ROCKETMQ_VERSION/conf/broker.conf 29 | command: sh mqbroker -c /opt/rocketmq-ROCKETMQ_VERSION/conf/broker.conf 30 | 31 | #Service for another broker -- broker1 32 | broker1: 33 | image: apache/rocketmq:ROCKETMQ_VERSION 34 | container_name: rmqbroker-b 35 | links: 36 | - namesrv 37 | ports: 38 | - 10929:10909 39 | - 10931:10911 40 | - 10932:10912 41 | environment: 42 | - NAMESRV_ADDR=namesrv:9876 43 | volumes: 44 | - ./data1/broker/logs:/home/rocketmq/logs 45 | - ./data1/broker/store:/home/rocketmq/store 46 | - ./data1/broker/conf/broker.conf:/opt/rocketmq-ROCKETMQ_VERSION/conf/broker.conf 47 | command: sh mqbroker -c /opt/rocketmq-ROCKETMQ_VERSION/conf/broker.conf 48 | 49 | #Service for proxy 50 | proxy: 51 | image: apache/rocketmq:ROCKETMQ_VERSION 52 | container_name: rmqproxy 53 | links: 54 | - namesrv 55 | - broker 56 | - broker1 57 | depends_on: 58 | - broker 59 | - broker1 60 | ports: 61 | - 8080:8080 62 | - 8081:8081 63 | restart: on-failure 64 | environment: 65 | - NAMESRV_ADDR=namesrv:9876 66 | volumes: 67 | - ./proxy/logs:/home/rocketmq/logs 68 | - ./proxy/conf/rmq-proxy.json:/opt/rocketmq-ROCKETMQ_VERSION/conf/rmq-proxy.json 69 | command: sh mqproxy -pc /opt/rocketmq-ROCKETMQ_VERSION/conf/rmq-proxy.json -------------------------------------------------------------------------------- /templates/kubernetes/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Deployment 3 | metadata: 4 | name: rocketmq 5 | spec: 6 | replicas: 1 7 | template: 8 | metadata: 9 | labels: 10 | app: rocketmq 11 | spec: 12 | containers: 13 | - name: broker 14 | image: apache/rocketmq:ROCKETMQ_VERSION 15 | command: ["sh","mqbroker", "-n","localhost:9876"] 16 | imagePullPolicy: IfNotPresent 17 | ports: 18 | - containerPort: 10909 19 | - containerPort: 10911 20 | volumeMounts: 21 | - mountPath: /home/rocketmq/logs 22 | name: brokeroptlogs 23 | - mountPath: /home/rocketmq/store 24 | name: brokeroptstore 25 | - name: namesrv 26 | image: apache/rocketmq:ROCKETMQ_VERSION 27 | command: ["sh","mqnamesrv"] 28 | imagePullPolicy: IfNotPresent 29 | ports: 30 | - containerPort: 9876 31 | volumeMounts: 32 | - mountPath: /home/rocketmq/logs 33 | name: namesrvoptlogs 34 | volumes: 35 | - name: brokeroptlogs 36 | hostPath: 37 | path: /data/broker/logs 38 | - name: brokeroptstore 39 | hostPath: 40 | path: /data/broker/store 41 | - name: namesrvoptlogs 42 | hostPath: 43 | path: /data/namesrv/logs 44 | - name: namesrvoptstore 45 | hostPath: 46 | path: /data/namesrv/store 47 | -------------------------------------------------------------------------------- /templates/kubernetes/deployment2.yaml: -------------------------------------------------------------------------------- 1 | kind: Deployment 2 | apiVersion: extensions/v1beta1 3 | metadata: 4 | name: rocketmq-ns-deployment 5 | spec: 6 | replicas: 1 7 | selector: 8 | matchLabels: 9 | app: rocketmq-nameserver 10 | name: rocketmq-nameserver 11 | template: 12 | metadata: 13 | labels: 14 | app: rocketmq-nameserver 15 | name: rocketmq-nameserver 16 | spec: 17 | containers: 18 | - name: rocketmq-nameserver 19 | image: apache/rocketmq:ROCKETMQ_VERSION 20 | command: ["sh","mqnamesrv"] 21 | imagePullPolicy: IfNotPresent 22 | ports: 23 | - containerPort: 9876 24 | volumeMounts: 25 | - mountPath: /home/rocketmq/logs 26 | name: namesrvlogs 27 | volumes: 28 | - name: namesrvlogs 29 | emptyDir: {} 30 | - name: namesrvstore 31 | emptyDir: {} 32 | --- 33 | kind: Deployment 34 | apiVersion: extensions/v1beta1 35 | metadata: 36 | name: rocketmq-broker-deployment 37 | spec: 38 | replicas: 1 39 | selector: 40 | matchLabels: 41 | app: rocketmq-broker 42 | name: rocketmq-broker 43 | template: 44 | metadata: 45 | labels: 46 | app: rocketmq-broker 47 | name: rocketmq-broker 48 | spec: 49 | containers: 50 | - name: rocketmq-broker 51 | image: apache/rocketmq:ROCKETMQ_VERSION 52 | command: ["sh","mqbroker", "-n","rocketmq-ns-deployment:9876"] 53 | imagePullPolicy: IfNotPresent 54 | ports: 55 | - containerPort: 10909 56 | - containerPort: 10911 57 | volumeMounts: 58 | - mountPath: /home/rocketmq/logs 59 | name: brokerlogs 60 | - mountPath: /home/rocketmq/store 61 | name: brokerstore 62 | volumes: 63 | - name: brokerlogs 64 | emptyDir: {} 65 | - name: brokerstore 66 | emptyDir: {} 67 | 68 | 69 | -------------------------------------------------------------------------------- /templates/play-consumer.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Licensed to the Apache Software Foundation (ASF) under one or more 4 | # contributor license agreements. See the NOTICE file distributed with 5 | # this work for additional information regarding copyright ownership. 6 | # The ASF licenses this file to You under the Apache License, Version 2.0 7 | # (the "License"); you may not use this file except in compliance with 8 | # the License. You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, software 13 | # distributed under the License is distributed on an "AS IS" BASIS, 14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | # See the License for the specific language governing permissions and 16 | # limitations under the License. 17 | 18 | 19 | # Consume messages 20 | docker exec -ti rmqbroker sh ./tools.sh org.apache.rocketmq.example.quickstart.Consumer -------------------------------------------------------------------------------- /templates/play-docker-compose.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Licensed to the Apache Software Foundation (ASF) under one or more 4 | # contributor license agreements. See the NOTICE file distributed with 5 | # this work for additional information regarding copyright ownership. 6 | # The ASF licenses this file to You under the Apache License, Version 2.0 7 | # (the "License"); you may not use this file except in compliance with 8 | # the License. You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, software 13 | # distributed under the License is distributed on an "AS IS" BASIS, 14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | # See the License for the specific language governing permissions and 16 | # limitations under the License. 17 | 18 | RMQ_CONTAINER=$(docker ps -a|awk '/rmq/ {print $1}') 19 | if [[ -n "$RMQ_CONTAINER" ]]; then 20 | echo "Removing RocketMQ Container..." 21 | docker rm -fv $RMQ_CONTAINER 22 | # Wait till the existing containers are removed 23 | sleep 5 24 | fi 25 | 26 | prepare_dir() 27 | { 28 | dirs=("docker-compose/data/namesrv/logs" "docker-compose/data/broker/logs" "docker-compose/data/broker/store" "docker-compose/data1/broker/logs" "docker-compose/data1/broker/store" "docker-compose/proxy/logs") 29 | 30 | for dir in ${dirs[@]} 31 | do 32 | if [ ! -d "`pwd`/${dir}" ]; then 33 | mkdir -p "`pwd`/${dir}" 34 | chmod a+rw "`pwd`/${dir}" 35 | fi 36 | done 37 | } 38 | 39 | prepare_dir 40 | 41 | # Run nameserver and broker 42 | docker compose -f ./docker-compose/docker-compose.yml up -d 43 | -------------------------------------------------------------------------------- /templates/play-docker-dledger.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Licensed to the Apache Software Foundation (ASF) under one or more 4 | # contributor license agreements. See the NOTICE file distributed with 5 | # this work for additional information regarding copyright ownership. 6 | # The ASF licenses this file to You under the Apache License, Version 2.0 7 | # (the "License"); you may not use this file except in compliance with 8 | # the License. You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, software 13 | # distributed under the License is distributed on an "AS IS" BASIS, 14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | # See the License for the specific language governing permissions and 16 | # limitations under the License. 17 | 18 | RMQ_CONTAINER=$(docker ps -a|awk '/rmq/ {print $1}') 19 | if [[ -n "$RMQ_CONTAINER" ]]; then 20 | echo "Removing RocketMQ Container..." 21 | docker rm -fv $RMQ_CONTAINER 22 | # Wait till the existing containers are removed 23 | sleep 5 24 | fi 25 | 26 | DLEDGER_NET=$(docker network ls |awk '/dledger-br/ {print $1}') 27 | if [[ -n "$DLEDGER_NET" ]]; then 28 | echo "Removing DLedger Bridge network..." 29 | docker network rm $DLEDGER_NET 30 | # Wait till the existing networks are removed 31 | sleep 5 32 | fi 33 | 34 | prepare_dir() 35 | { 36 | dirs=("data/namesrv/logs" "data/broker0/logs" "data/broker0/store" "data/broker1/logs" "data/broker1/store" "data/broker2/logs" "data/broker2/store") 37 | 38 | for dir in ${dirs[@]} 39 | do 40 | if [ ! -d "`pwd`/${dir}" ]; then 41 | mkdir -p "`pwd`/${dir}" 42 | chmod a+rw "`pwd`/${dir}" 43 | fi 44 | done 45 | } 46 | 47 | prepare_dir 48 | 49 | echo "Starting RocketMQ nodes..." 50 | 51 | # Create network 52 | docker network create --subnet=172.18.0.0/16 dledger-br 53 | 54 | # Start nameserver 55 | docker run --net dledger-br --ip 172.18.0.11 -d -p 9876:9876 -v `pwd`/data/namesrv/logs:/home/rocketmq/logs --name rmqnamesrv apache/rocketmq:ROCKETMQ_VERSION sh mqnamesrv 56 | 57 | # Start Brokers 58 | docker run --net dledger-br --ip 172.18.0.12 -d -p 30911:30911 -p 30909:30909 -v `pwd`/data/broker0/logs:/home/rocketmq/logs -v `pwd`/data/broker0/store:/home/rocketmq/store -v `pwd`/data/broker0/conf/dledger:/opt/rocketmq-ROCKETMQ_VERSION/conf/dledger --name rmqbroker --link rmqnamesrv:namesrv -e "NAMESRV_ADDR=namesrv:9876" apache/rocketmq:ROCKETMQ_VERSION sh mqbroker -c ../conf/dledger/broker.conf 59 | docker run --net dledger-br --ip 172.18.0.13 -d -p 30921:30921 -p 30919:30919 -v `pwd`/data/broker1/logs:/home/rocketmq/logs -v `pwd`/data/broker1/store:/home/rocketmq/store -v `pwd`/data/broker1/conf/dledger:/opt/rocketmq-ROCKETMQ_VERSION/conf/dledger --name rmqbroker1 --link rmqnamesrv:namesrv -e "NAMESRV_ADDR=namesrv:9876" apache/rocketmq:ROCKETMQ_VERSION sh mqbroker -c ../conf/dledger/broker.conf 60 | docker run --net dledger-br --ip 172.18.0.14 -d -p 30931:30931 -p 30929:30929 -v `pwd`/data/broker2/logs:/home/rocketmq/logs -v `pwd`/data/broker2/store:/home/rocketmq/store -v `pwd`/data/broker2/conf/dledger:/opt/rocketmq-ROCKETMQ_VERSION/conf/dledger --name rmqbroker2 --link rmqnamesrv:namesrv -e "NAMESRV_ADDR=namesrv:9876" apache/rocketmq:ROCKETMQ_VERSION sh mqbroker -c ../conf/dledger/broker.conf 61 | 62 | # Service unavailable when not ready 63 | # sleep 20 64 | 65 | # Produce messages 66 | # sh ./play-producer.sh 67 | -------------------------------------------------------------------------------- /templates/play-docker-tls.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Licensed to the Apache Software Foundation (ASF) under one or more 4 | # contributor license agreements. See the NOTICE file distributed with 5 | # this work for additional information regarding copyright ownership. 6 | # The ASF licenses this file to You under the Apache License, Version 2.0 7 | # (the "License"); you may not use this file except in compliance with 8 | # the License. You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, software 13 | # distributed under the License is distributed on an "AS IS" BASIS, 14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | # See the License for the specific language governing permissions and 16 | # limitations under the License. 17 | 18 | RMQ_CONTAINER=$(docker ps -a|awk '/rmq/ {print $1}') 19 | if [[ -n "$RMQ_CONTAINER" ]]; then 20 | echo "Removing RocketMQ Container..." 21 | docker rm -fv $RMQ_CONTAINER 22 | # Wait till the existing containers are removed 23 | sleep 5 24 | fi 25 | 26 | prepare_dir() 27 | { 28 | dirs=("data/namesrv/logs" "data/broker/logs" "data/broker/store") 29 | 30 | for dir in ${dirs[@]} 31 | do 32 | if [ ! -d "`pwd`/${dir}" ]; then 33 | mkdir -p "`pwd`/${dir}" 34 | chmod a+rw "`pwd`/${dir}" 35 | fi 36 | done 37 | } 38 | 39 | prepare_dir 40 | 41 | echo "Starting RocketMQ nodes..." 42 | 43 | # Start nameserver 44 | docker run -d -v `pwd`/ssl:/home/rocketmq/ssl -v `pwd`/data/namesrv/logs:/home/rocketmq/logs --name rmqnamesrv -e "JAVA_OPT=-Dtls.test.mode.enable=false -Dtls.config.file=/home/rocketmq/ssl/ssl.properties -Dtls.test.mode.enable=false -Dtls.server.need.client.auth=required" apache/rocketmq:ROCKETMQ_VERSION sh mqnamesrv 45 | 46 | # Start Broker 47 | docker run -d -v `pwd`/ssl:/home/rocketmq/ssl -v `pwd`/data/broker/logs:/home/rocketmq/logs -v `pwd`/data/broker/store:/home/rocketmq/store --name rmqbroker --link rmqnamesrv:namesrv -e "NAMESRV_ADDR=namesrv:9876" -e "JAVA_OPT=-Dtls.enable=true -Dtls.client.authServer=true -Dtls.test.mode.enable=false -Dtls.config.file=/home/rocketmq/ssl/ssl.properties -Dtls.test.mode.enable=false -Dtls.server.mode=enforcing -Dtls.server.need.client.auth=required" apache/rocketmq:ROCKETMQ_VERSION sh mqbroker 48 | 49 | # Service unavailable when not ready 50 | # sleep 20 51 | 52 | # Produce messages 53 | # sh ./play-producer.sh 54 | -------------------------------------------------------------------------------- /templates/play-docker.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Licensed to the Apache Software Foundation (ASF) under one or more 4 | # contributor license agreements. See the NOTICE file distributed with 5 | # this work for additional information regarding copyright ownership. 6 | # The ASF licenses this file to You under the Apache License, Version 2.0 7 | # (the "License"); you may not use this file except in compliance with 8 | # the License. You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, software 13 | # distributed under the License is distributed on an "AS IS" BASIS, 14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | # See the License for the specific language governing permissions and 16 | # limitations under the License. 17 | 18 | start_namesrv_broker() 19 | { 20 | TAG_SUFFIX=$1 21 | # Start nameserver 22 | docker run -d -v `pwd`/data/namesrv/logs:/home/rocketmq/logs --name rmqnamesrv -p 9876:9876 apache/rocketmq:ROCKETMQ_VERSION${TAG_SUFFIX} sh mqnamesrv 23 | # Start Broker 24 | docker run -d -v `pwd`/data/broker/logs:/home/rocketmq/logs -v `pwd`/data/broker/store:/home/rocketmq/store -v `pwd`/data/broker/conf/broker.conf:/home/rocketmq/rocketmq-ROCKETMQ_VERSION/conf/broker.conf --name rmqbroker --link rmqnamesrv:namesrv -e "NAMESRV_ADDR=namesrv:9876" -p 10909:10909 -p 10911:10911 -p 10912:10912 apache/rocketmq:ROCKETMQ_VERSION${TAG_SUFFIX} sh mqbroker -c /home/rocketmq/rocketmq-ROCKETMQ_VERSION/conf/broker.conf 25 | } 26 | 27 | if [ $# -lt 1 ]; then 28 | echo -e "Usage: sh $0 BaseImage" 29 | exit -1 30 | fi 31 | 32 | export BASE_IMAGE=$1 33 | 34 | echo "Play RocketMQ docker image of tag ROCKETMQ_VERSION-${BASE_IMAGE}" 35 | 36 | RMQ_CONTAINER=$(docker ps -a|awk '/rmq/ {print $1}') 37 | if [[ -n "$RMQ_CONTAINER" ]]; then 38 | echo "Removing RocketMQ Container..." 39 | docker rm -fv $RMQ_CONTAINER 40 | # Wait till the existing containers are removed 41 | sleep 5 42 | fi 43 | 44 | prepare_dir() 45 | { 46 | dirs=("data/namesrv/logs" "data/broker/logs" "data/broker/store") 47 | 48 | for dir in ${dirs[@]} 49 | do 50 | if [ ! -d "`pwd`/${dir}" ]; then 51 | mkdir -p "`pwd`/${dir}" 52 | chmod a+rw "`pwd`/${dir}" 53 | fi 54 | done 55 | } 56 | 57 | prepare_dir 58 | 59 | echo "Starting RocketMQ nodes..." 60 | 61 | case "${BASE_IMAGE}" in 62 | alpine) 63 | start_namesrv_broker -alpine 64 | ;; 65 | ubuntu|centos) 66 | start_namesrv_broker 67 | ;; 68 | *) 69 | echo "${BASE_IMAGE} is not supported, supported base images: ubuntu, alpine, centos (deprecated)" 70 | exit -1 71 | ;; 72 | esac 73 | 74 | # Service unavailable when not ready 75 | # sleep 20 76 | 77 | # Produce messages 78 | # sh ./play-producer.sh 79 | -------------------------------------------------------------------------------- /templates/play-kubernetes.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Licensed to the Apache Software Foundation (ASF) under one or more 4 | # contributor license agreements. See the NOTICE file distributed with 5 | # this work for additional information regarding copyright ownership. 6 | # The ASF licenses this file to You under the Apache License, Version 2.0 7 | # (the "License"); you may not use this file except in compliance with 8 | # the License. You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, software 13 | # distributed under the License is distributed on an "AS IS" BASIS, 14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | # See the License for the specific language governing permissions and 16 | # limitations under the License. 17 | 18 | if [ ! -d "`pwd`/data" ]; then 19 | mkdir -p "data" 20 | fi 21 | 22 | # Run nameserver and broker on your Kubernetes cluster 23 | kubectl apply -f kubernetes/deployment.yaml 24 | -------------------------------------------------------------------------------- /templates/play-producer.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Licensed to the Apache Software Foundation (ASF) under one or more 4 | # contributor license agreements. See the NOTICE file distributed with 5 | # this work for additional information regarding copyright ownership. 6 | # The ASF licenses this file to You under the Apache License, Version 2.0 7 | # (the "License"); you may not use this file except in compliance with 8 | # the License. You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, software 13 | # distributed under the License is distributed on an "AS IS" BASIS, 14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | # See the License for the specific language governing permissions and 16 | # limitations under the License. 17 | 18 | # Produce messages 19 | docker exec -ti rmqbroker sh ./tools.sh org.apache.rocketmq.example.quickstart.Producer -------------------------------------------------------------------------------- /templates/ssl/README.md: -------------------------------------------------------------------------------- 1 | # Description of TLS related files 2 | 3 | The purpose of this README file is to show how to generate SSL-related key pairs and self-signed certificates for testing, and how to configure the RocketMQ TLS configuration file parameters. 4 | 5 | ## 1. Generating SSL related files 6 | 7 | ### CA certificate and key file generation (directly generate CA key and its self-signed certificate) 8 | ``` 9 | openssl req -newkey rsa:2048 -passout pass:123456 -keyout ca_rsa_private.pem -x509 -days 365 -out ca.crt -subj "/C=CN/ST=BJ/L=BJ/O=COM/OU=NSP/CN=CA/emailAddress=youremail@apache.com" 10 | ``` 11 | 12 | ### Server certificate and key file generation (directly generate server key and certificate to be signed) 13 | ``` 14 | openssl req -newkey rsa:2048 -passout pass:server -keyout server_rsa_private.pem -out server.csr -subj "/C=CN/ST=BJ/L=BJ/O=COM/OU=NSP/CN=SERVER/emailAddress=youremail@apache.com" 15 | ``` 16 | 17 | ### Signing a server certificate with a CA certificate and key 18 | ``` 19 | openssl x509 -req -days 365 -in server.csr -CA ca.crt -CAkey ca_rsa_private.pem -passin pass:123456 -CAcreateserial -out server.crt 20 | # Alternatively, convert the encrypted RSA key to an unencrypted RSA key, avoiding the requirement to enter the decryption password for each read. 21 | openssl rsa -in server_rsa_private.pem -out server_rsa_private.pem.unsecure -passin pass:server 22 | ``` 23 | 24 | ### Client certificate and key file generation (directly generate client key and certificate to be signed) 25 | ``` 26 | openssl req -newkey rsa:2048 -passout pass:client -keyout client_rsa_private.pem -out client.csr -subj "/C=CN/ST=BJ/L=BJ/O=COM/OU=NSP/CN=CLIENT/emailAddress=youremail@apache.com" 27 | ``` 28 | 29 | ### Signing a client certificate with a CA certificate and key 30 | ``` 31 | openssl x509 -req -days 365 -in client.csr -CA ca.crt -CAkey ca_rsa_private.pem -passin pass:123456 -CAcreateserial -out client.crt 32 | # Alternatively, convert the encrypted RSA key to an unencrypted RSA key 33 | openssl rsa -in client_rsa_private.pem -out client_rsa_private.pem.unsecure -passin pass:client 34 | ``` 35 | 36 | ### PKCS8 processing of the client and server keys (Reason: see Appendix 1) 37 | ``` 38 | openssl pkcs8 -topk8 -v1 PBE-SHA1-RC4-128 -in server_rsa_private.pem -out server_rsa_private_pkcs8.pem -passout pass:server -passin pass:server 39 | openssl pkcs8 -topk8 -v1 PBE-SHA1-RC4-128 -in client_rsa_private.pem -out client_rsa_private_pkcs8.pem -passout pass:client -passin pass:client 40 | ``` 41 | 42 | ## 2. RocketMQ TLS Configuration Instructions 43 | ssl.properties (Note: there should be no spaces after the attribute value) 44 | ``` 45 | ## client setting 46 | tls.client.certPath=/home/rocketmq/ssl/client.crt 47 | tls.client.keyPath=/home/rocketmq/ssl/client_rsa_private_pkcs8.pem 48 | tls.client.keyPassword=client 49 | tls.client.trustCertPath=/home/rocketmq/ssl/ca.crt 50 | 51 | ## server setting 52 | tls.server.certPath=/home/rocketmq/ssl/server.crt 53 | tls.server.keyPath=/home/rocketmq/ssl/server_rsa_private_pkcs8.pem 54 | tls.server.keyPassword=server 55 | tls.server.trustCertPath=/home/rocketmq/ssl/ca.crt 56 | #server.auth.client 57 | tls.server.need.client.auth=required 58 | ``` 59 | 60 | ## 3. Use the SSL config on RocketMQ 61 | 1. Client Side (System Properties) 62 | ``` 63 | -Dtls.enable=true 64 | -Dtls.client.authServer=true # force verifying server cert 65 | -Dtls.test.mode.enable=false # not a test mode 66 | -Dtls.config.file=/home/rocketmq/ssl/ssl.properties 67 | ``` 68 | 2. Broker Side (System Properties) 69 | ``` 70 | -Dtls.test.mode.enable=false #not a test mode 71 | -Dtls.config.file=/home/rocketmq/ssl/ssl.properties 72 | -Dtls.server.need.client.auth=required 73 | ``` 74 | 75 | 76 | ## 4. Appendix 77 | 78 | 1. It's a bug in Java: https://bugs.openjdk.java.net/browse/JDK-8076999 79 | ``` 80 | $ docker logs rmqbroker 81 | java.lang.IllegalArgumentException: Input stream does not contain valid private key. 82 | at io.netty.handler.ssl.SslContextBuilder.keyManager(SslContextBuilder.java:278) 83 | at org.apache.rocketmq.remoting.netty.TlsHelper.buildSslContext(TlsHelper.java:124) 84 | at org.apache.rocketmq.remoting.netty.NettyRemotingClient.(NettyRemotingClient.java:133) 85 | at org.apache.rocketmq.remoting.netty.NettyRemotingClient.(NettyRemotingClient.java:99) 86 | at org.apache.rocketmq.broker.out.BrokerOuterAPI.(BrokerOuterAPI.java:74) 87 | at org.apache.rocketmq.broker.out.BrokerOuterAPI.(BrokerOuterAPI.java:70) 88 | at org.apache.rocketmq.broker.BrokerController.(BrokerController.java:189) 89 | at org.apache.rocketmq.broker.BrokerStartup.createBrokerController(BrokerStartup.java:210) 90 | at org.apache.rocketmq.broker.BrokerStartup.main(BrokerStartup.java:58) 91 | Caused by: java.io.IOException: ObjectIdentifier() -- data isn't an object ID (tag = 48) 92 | at sun.security.util.ObjectIdentifier.(ObjectIdentifier.java:257) 93 | at sun.security.util.DerInputStream.getOID(DerInputStream.java:314) 94 | at com.sun.crypto.provider.PBES2Parameters.engineInit(PBES2Parameters.java:267) 95 | at java.security.AlgorithmParameters.init(AlgorithmParameters.java:293) 96 | at sun.security.x509.AlgorithmId.decodeParams(AlgorithmId.java:132) 97 | at sun.security.x509.AlgorithmId.(AlgorithmId.java:114) 98 | at sun.security.x509.AlgorithmId.parse(AlgorithmId.java:372) 99 | at javax.crypto.EncryptedPrivateKeyInfo.(EncryptedPrivateKeyInfo.java:95) 100 | at io.netty.handler.ssl.SslContext.generateKeySpec(SslContext.java:907) 101 | at io.netty.handler.ssl.SslContext.getPrivateKeyFromByteBuffer(SslContext.java:963) 102 | at io.netty.handler.ssl.SslContext.toPrivateKey(SslContext.java:953) 103 | at io.netty.handler.ssl.SslContextBuilder.keyManager(SslContextBuilder.java:276) 104 | ... 8 more 105 | 106 | For illustration purposes: 107 | 108 | openssl genrsa -out private_openssl.pem 109 | openssl pkcs8 -topk8 -v1 PBE-SHA1-RC4-128 -in private_openssl.pem -out private_pkcs8_v1.pem -passout pass:123456 110 | openssl pkcs8 -topk8 -v2 des3 -in private_openssl.pem -out private_pkcs8_v2.pem -passout pass:123456 111 | KSE can open private_pkcs8_v1.pem just fine (that is when running under Java8, things are even worse with Java7), while trying to open private_pkcs8_v2.pem will cause java.io.IOException: ObjectIdentifier() -- data isn't an object ID (tag = 48). 112 | 113 | ``` -------------------------------------------------------------------------------- /templates/ssl/ca.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIDZjCCAk4CCQCtAwqWe7vLNzANBgkqhkiG9w0BAQsFADB1MQswCQYDVQQGEwJD 3 | TjELMAkGA1UECAwCQkoxCzAJBgNVBAcMAkJKMQwwCgYDVQQKDANDT00xDDAKBgNV 4 | BAsMA05TUDELMAkGA1UEAwwCQ0ExIzAhBgkqhkiG9w0BCQEWFHlvdXJlbWFpbEBh 5 | cGFjaGUuY29tMB4XDTE5MDYxMzA3MDk1M1oXDTIwMDYxMjA3MDk1M1owdTELMAkG 6 | A1UEBhMCQ04xCzAJBgNVBAgMAkJKMQswCQYDVQQHDAJCSjEMMAoGA1UECgwDQ09N 7 | MQwwCgYDVQQLDANOU1AxCzAJBgNVBAMMAkNBMSMwIQYJKoZIhvcNAQkBFhR5b3Vy 8 | ZW1haWxAYXBhY2hlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB 9 | ANdzKEOXr/NRkJir0+vHGYkbAYhRZaFvAJTnjymAOtipAEWENgUTcNSOfdJu+0EZ 10 | Xiw8sItYgj/WOBMdsHLDFDv2Z/tKZodPFOH2UkgmqrHEQLVSXoRcEaOMs9OXrVBy 11 | 0tzv2VQdGyihIM0hWHGXEcf7jbh7mhho0fVI0Kc7YfWrx1Q57ad4WzM9zAvsU5J4 12 | tyBGfgZQcScwVbyqc01N5Q0pUKRbVNgIYbr806a6lOHc0NfHrZFyyo0TGCF/U3o5 13 | Wkyb2Nm67IGJXwbFICi3u8IEVcqy/8JLHja8IXW89oksqY6lSkergsHpUESW1y7q 14 | tREeeLbZqJVUUA/T8yLAr7UCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAResTmwE0 15 | JW9mvWfZX9jI5/ERUOklYkiTRNfbVtXMJv2dnqpI6ZqUoAt7Yq+W1jYHqqf+sSYP 16 | jbaxO2aC5nTQIigdbrtNazpUScSiFCydu9wThlY4sGWu39Yy5YJ55MsE/Ra7J8lj 17 | v7EjWe+eG54f9kOfjwAsH2oKIntxSvHvGoNZ7/46JwU3volL+EAVA+Yvs5mwR4F2 18 | NB9FItBK2TCRErmf6JrP/2TZ399kabVRk1ZSjGNoe3UQc5ZxlvtW3shGR0d98ysf 19 | /AkVb6P77tAc4VX9ccoznc1xR/kzZMCu/AWc8TNV5lzVL4EfmKrtrzWAHkkeTLjY 20 | lSck/qDdF0uKNg== 21 | -----END CERTIFICATE----- 22 | -------------------------------------------------------------------------------- /templates/ssl/ca.srl: -------------------------------------------------------------------------------- 1 | E58D4036D019CAA5 2 | -------------------------------------------------------------------------------- /templates/ssl/ca_rsa_private.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN ENCRYPTED PRIVATE KEY----- 2 | MIIFHzBJBgkqhkiG9w0BBQ0wPDAbBgkqhkiG9w0BBQwwDgQIlNAfpmmINeQCAggA 3 | MB0GCWCGSAFlAwQBKgQQxMXaVtdrGf1s/DOwm1C3gQSCBNA5DnEMy5d3auB7nZVm 4 | MNe4zwNSgQ/iEY7XLPIHTy2d+xyUcQBHbGw1dyHpUPJJfCLS0w46BZWoiMTZRhpO 5 | sCNDbpGhaIVf54zZlXUm5suy3lIrydQTftn1TsUN5Ba2UVkmKNzfyoWFebfYx/YO 6 | ZjyB4nxaQcxLjOl18eq+36uZHae5Oo8ccYO9rUHqWTpShalK4TH92qwQpH9YNoJP 7 | zTPu/sCvovUPuyPNZ9RhoaDucwQs2oHzAPCBIHPu0bYVef8gklsSFCyM6o6UayRr 8 | WwB8CSekwYLtGzZnAKQrOEaxwhdZRMzwC86YtFhPD3Qfo7MnsJ10bDCqaaDFkWCn 9 | Y7N+FiBblZG5+QbBwu0ltNSHMr3en2xFkf4pp4TnlNOnqaZmI3Mw4Y9pX3+3XUL5 10 | 3vC0dsygFw76RQNw1QK/XtdvXBKWvO/BPrZQsE6cRWyODsBf3oYJqocf+MWtszGi 11 | wWuYwpA51aXyWiBB4oD43UYO1GVls9hMOcL3SorTT0XQbd9KFtvJoFpl92owlD6J 12 | ht2UbmyrBq/nx8/9mYvPq1vudt0HxpbqJU2CMsUg8FzBrwQpthpdysduEfpyAIhU 13 | iZ9NxM4eLmzPP82TwzjOb642M2Gc150Fbuh//EajSqpA303OcOjNVPtV5ZPv+Jqt 14 | 5JZFUiKwMogIfRllSfFKMihzpHi3y20oDsz96FO8Qz8Iri3VlLk6Hd8nc7Mhk6bL 15 | Az2Nl18sHvPchnolm9/avWuVZb6P2y3xXFmdPk/Ow+rRKBXV9JEGd11KWd2Iof1x 16 | MwDCilPcZG/ifYhbZFvrVQIvUT/PZH83p/3QFrGLZoAYxxyb5qhtPbTrAoPy6j03 17 | cZSLvrExD0iANCg9LRZbKjpz/kRhpChnJ0Xg3C4xgSMilqbsr8DgBp7Bns2ReV4B 18 | DTvJgjgLGekgc2PEqt5IyHkCo4M9E981NiU90rtm/6SOtjXLaBvrEpQc09bmAExE 19 | /Syvj8OgJwpsNBhbgOMILItNf+b5+xeVf1fQZVqaFBx4ENNHPx382+6LWKb1eMMW 20 | fslO0MDcAC+8M7bsAZrvCSdHyF0rNdbjxYpETJRxPkbVaxhHnNKdXUp8YRAk93JE 21 | iC7ZppGUrpizY9kMRGmSFai6jdMWEKOazOkScfbCoyVHbzWxD01WqR7Rfy3+1d2f 22 | HNwPQTOLmPIpw9NZ0E+k6HBw1C1J0ZplhXA6m4vwlq4kJtmki2dvcRjGdViAHc9q 23 | b4gDjGmR8uexs7UHcwxXCCUOKKrWxXnzqhB2NdBuU3Wz1I5VYtxJZxCIDdNlBGBz 24 | jkXwwVS6tTV2MeUTwvel2LLeouf+XemHNjJseR/1d+RThYKbGsas4PiVdQXIJ5Dv 25 | 9OJbiFq7sypIAoLLCJx7zXAFr6CY/EdrcyZ2EISkIBILOfja2Yasm4xUiRE4/hxn 26 | x/b6pCqvuDXbWDFCclMM2VqM+/MFDU7Sixl9xYb75Wnhc/0+C0T5KtrQjy3/1lUD 27 | uBNSty/uKDUPTxxAhVNXKqfOZtTgtZtMqF9m3fVn5eF0ZLzEdoaAaOjIgLTJuxNK 28 | fpUkT8YRwY+r0noBJAtX5Iz4KejrTUzQ2fHjF072ktL2AUCztyuGZKmBHlTnZq99 29 | 639DZUIe/Ejtl2LqMz/ggksS/A== 30 | -----END ENCRYPTED PRIVATE KEY----- 31 | -------------------------------------------------------------------------------- /templates/ssl/client.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIDajCCAlICCQDljUA20BnKpTANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQGEwJD 3 | TjELMAkGA1UECAwCQkoxCzAJBgNVBAcMAkJKMQwwCgYDVQQKDANDT00xDDAKBgNV 4 | BAsMA05TUDELMAkGA1UEAwwCQ0ExIzAhBgkqhkiG9w0BCQEWFHlvdXJlbWFpbEBh 5 | cGFjaGUuY29tMB4XDTE5MDYxMzA3MTA1NVoXDTIwMDYxMjA3MTA1NVoweTELMAkG 6 | A1UEBhMCQ04xCzAJBgNVBAgMAkJKMQswCQYDVQQHDAJCSjEMMAoGA1UECgwDQ09N 7 | MQwwCgYDVQQLDANOU1AxDzANBgNVBAMMBkNMSUVOVDEjMCEGCSqGSIb3DQEJARYU 8 | eW91cmVtYWlsQGFwYWNoZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK 9 | AoIBAQC9DgTX7RfPfdu7kI0LTDJZsEZjcO7v6jjuI5AsGie9V8jCYusJGI7VbHEF 10 | DlAd8Bj+Di+VDSKyVhBwVvE9vCFtccXpnnbq1BuLTiJuMJ8JoAF6BZnnS7heGeXE 11 | 073nco8m90kt2GvDJ+GGtM29tDzAGRZiEXlGABQOvRblqUNK4ZyIOcS+nhPMxu5v 12 | JF1kA2xS03ow+Sas0CtJ90yPCNJEczuyeXuyeJTlMKUsPyjzwQsKQRScipi7X6MO 13 | h+4dDm3FRt0N4+H29yGHSjxgmlzR5H4/je7INW6YXCPoK5YrcsPfbgl2FvqHMMC2 14 | wH7+Yjlf1GCFWWAC84p6x+2DtbgdAgMBAAEwDQYJKoZIhvcNAQEFBQADggEBAH97 15 | Nia1GGSR2oyLD/AYuss3NyPkLvwjd2s2rZR2HfvqivRCrMSt8GAlQBhrN8dnVCd1 16 | j3dLQMEQ7iZ6lsL7Gjo8ppmz6el2yvZ0XHYkCS8YC7pu5G+9H2+SP5pFXA5CFowj 17 | GCwUHETMnGEZ3dGIVn06Ifyu0nPNT22l0gycC7lZDz69i0JE7FN3ijBl2UCsfphm 18 | 9ayBf+bZ+ZQWGTaBO8hQcl4FNPle6Yw63/x4l47ks+zHw7pIOKE59gSbzimvi8zI 19 | uLn0GnJrn+medVSlD1enDrWvEfFSL1ZyGkFiqMlBAQjHGDfj8+sTLfsA4pwnYNqq 20 | 1reXIuFOMouI4UVfgS0= 21 | -----END CERTIFICATE----- 22 | -------------------------------------------------------------------------------- /templates/ssl/client.csr: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE REQUEST----- 2 | MIICvjCCAaYCAQAweTELMAkGA1UEBhMCQ04xCzAJBgNVBAgMAkJKMQswCQYDVQQH 3 | DAJCSjEMMAoGA1UECgwDQ09NMQwwCgYDVQQLDANOU1AxDzANBgNVBAMMBkNMSUVO 4 | VDEjMCEGCSqGSIb3DQEJARYUeW91cmVtYWlsQGFwYWNoZS5jb20wggEiMA0GCSqG 5 | SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9DgTX7RfPfdu7kI0LTDJZsEZjcO7v6jju 6 | I5AsGie9V8jCYusJGI7VbHEFDlAd8Bj+Di+VDSKyVhBwVvE9vCFtccXpnnbq1BuL 7 | TiJuMJ8JoAF6BZnnS7heGeXE073nco8m90kt2GvDJ+GGtM29tDzAGRZiEXlGABQO 8 | vRblqUNK4ZyIOcS+nhPMxu5vJF1kA2xS03ow+Sas0CtJ90yPCNJEczuyeXuyeJTl 9 | MKUsPyjzwQsKQRScipi7X6MOh+4dDm3FRt0N4+H29yGHSjxgmlzR5H4/je7INW6Y 10 | XCPoK5YrcsPfbgl2FvqHMMC2wH7+Yjlf1GCFWWAC84p6x+2DtbgdAgMBAAGgADAN 11 | BgkqhkiG9w0BAQsFAAOCAQEADPNzwKiL4s4XJNv1tUbwMGoxjgoIGit8o/cHkR1t 12 | zM98KREvCsSxhR+oAjnXTq/sw57ZxDW49RABFswsKcq1gi/14XvQOLjn9q8+Lt3d 13 | tZO0wnvF0wbPruMG1BzDNcNZ6cI6MxnffdgHaIvj8jZ6+ky3/AWFm54xQv/k2sos 14 | Am9gTKFad+1nQWK0BB5LlL92CeJ070i1QaLqAcpqLNxQt/AHlcCYsXgh3Em4DE3T 15 | NXQ6LfLDtXRMS4LHsCg9FpX5kdCBhtpR711F3dp/L8FT2mfI4dnpxiow3jE68+S9 16 | o3Xp+QCNmJ8MXlQx3X0mBO1Lb7dy6TgR1FCiltAx0JMhbg== 17 | -----END CERTIFICATE REQUEST----- 18 | -------------------------------------------------------------------------------- /templates/ssl/client_rsa_private.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN ENCRYPTED PRIVATE KEY----- 2 | MIIFHzBJBgkqhkiG9w0BBQ0wPDAbBgkqhkiG9w0BBQwwDgQI3Y+Ip2IEWYcCAggA 3 | MB0GCWCGSAFlAwQBKgQQOKd56H9rUJh0G8frLK/QQASCBNDJCztIrpHwj0g5CusF 4 | YQHVcL5BNDzH9Bg6B5LDmKAgXtgd9Xmy/asAmX1QGDUajGhbxFcLcUibvQKxOhzl 5 | /Dwm2M3fR7gecosMU+K6T519nk/fsugXQfJUUPU7aGYwpSUz8myKHDUKlGRLJ23Z 6 | 1PX/KkB6ud4K5yGEkisCSxPO+rf+YjJCe7+VohsLKnC5mUiBxbGtPKxI5dzijZo+ 7 | MksEaOklvJzJGgwlKgNj3D6OurASGYeyxbORaKkT3YBvW/RwuWJ5BTKMf7nMNIFS 8 | umRPkacE5sgisyJHe4X0SHFvlthG4DXQ9SYE9Yh224RPQ3arv6NvSUO/FF33wDpZ 9 | iKnrsx1GpB2+DmbXUNEYhlG9KFGR2gx2WtQBfcY1dUHQUvZ9XhGsgvkhHVUHrPXW 10 | HfY2SddpIt0sgwTeni7f5AA6n0TEsESPwItbpReEgZv7D23gOEYD5voXzBHxn0YJ 11 | B9ZiebD+SHqScZpJPuCvBIn+na2gdZLo5w4uK2tdMicv9Quf4I7mJXHsxUgGCRK0 12 | qXz3PjvmK/odJZf1+e4RB1wf90Pjp1YIlNzNkTDr0rWAiX5a1a82c2gZwULZZ8uM 13 | yo0Cd6YE2idzzQrfXf4mejfhBc7EPqSbagvEwteUTUpMqHJifr22Cw9jdbXDNtB8 14 | ZyqebxOdfejZ1mMMaTFJSmXhY/a9l3XRPVwOAWcTjrZjAx+gHYYHOUaDdnB+etj6 15 | bhcUjnEM+40WT7n3DuTSnexSE2pwROqKbnrtlMqN5CTqWv1295Q/N6PrTyyQN3xD 16 | zwZaXvIQPFh3BTm4m4otIVeYp3qqE0ESFsE46RZjtw3tSrAWbNrhl9m5LD65aKiO 17 | S0zDW89RenUiLHaDa4r2kD18tAf8cTbls5E03IIcgR12vVT6c0rY5DM7VpI72fN0 18 | xsBML1BbJ8P8V8T5RHzxFhbcDfO7BGe/n4rAyrJQX/B1b5+RrhI8bGdMKjCsPeuG 19 | qsmC+u6BlAd4/2nvvMHvUefkw2k9MiiWH/q7vXRvqi24LURutgM6G1+k7c7Cyeog 20 | HDLz2QA2YYwMKO0sDHeF9D1n2dhCCoi60yRm4Hi8ePBIlJs+yAya+DI8LODM8xBm 21 | ZkGMOUTQayFZ+GGgEe+aqnZiVqkBOIcY+cGofn6EKzPjTqrZ20g31Zlt/NNdJYmt 22 | QiLjWsuHMy8NuAvPJtEKDqzFNI1aHmXVSpMnSujtwBxibnTu+pPjFSpyp4Ftdh1Y 23 | VwfnNDDaoGtmRCVJQ3wxBbmCo85MkLAqsPu0aI3SyiUAYw7WX2vf4U0nzLUobFQQ 24 | AXbdLHI9+eDZ042g76ZLdR5unye89iYoxblXSoUbYhJqmE7rgXpORouljg0GWdbi 25 | +TP/uWlSrp7z0ErwewIydQ17SyA6MVrhhGgp/q/FRYx+dpUswPSvbeR23kzfeFNT 26 | ICJToVli6C1M1+YA0wTehWJtCLYP/tBBRSVROnVdnZQ00ERJ96RzVtKnt0SdV/3e 27 | gpj8NyJYnYuuO9H7NTk9K1SnKLfCBcsCU0Z5dHvoMkxEYr8J8nuZf9hy5IfbyUNO 28 | 9o6KhAB7SVIgwjCwlmzeczWXPVrdeYqWSTFrrIia5PDJkaZlX3pm2jjHHKmxWF0o 29 | H6N5Z5yWW7emy8K+eSvMpfTJeQ== 30 | -----END ENCRYPTED PRIVATE KEY----- 31 | -------------------------------------------------------------------------------- /templates/ssl/client_rsa_private.pem.unsecure: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIIEowIBAAKCAQEAvQ4E1+0Xz33bu5CNC0wyWbBGY3Du7+o47iOQLBonvVfIwmLr 3 | CRiO1WxxBQ5QHfAY/g4vlQ0islYQcFbxPbwhbXHF6Z526tQbi04ibjCfCaABegWZ 4 | 50u4XhnlxNO953KPJvdJLdhrwyfhhrTNvbQ8wBkWYhF5RgAUDr0W5alDSuGciDnE 5 | vp4TzMbubyRdZANsUtN6MPkmrNArSfdMjwjSRHM7snl7sniU5TClLD8o88ELCkEU 6 | nIqYu1+jDofuHQ5txUbdDePh9vchh0o8YJpc0eR+P43uyDVumFwj6CuWK3LD324J 7 | dhb6hzDAtsB+/mI5X9RghVlgAvOKesftg7W4HQIDAQABAoIBAFwuQLhUF58JXCGZ 8 | etw+W/KVW8zS3P5IM1gSKRMH8caFzhLSDo4R1ltEE9uGPhRK5LTDj/naPMe95SgR 9 | jHEwkQ//QKQHqy4XHBMRlwIpXPJhfTbVElTP++aONBWDtP3sQtaaDql29BxlDrcS 10 | 45qTDmgQE3Tf1kUGdsE0+7whivkwLxQS9V0G/Gk20Nfypx26iBGLPlf7DANn6CcM 11 | DYySHF/AYjuwf7bHM7P6YOHGio3aZmV455RNw98lK29DwkAQnHwrs5Q9Dp+fibE8 12 | WrPDjB+mfJg/M5SHExnIbYxC/wO7GC2CnKEQ25jdC820yw/wPp3ug5fh9XDK6rd/ 13 | CCA9mSECgYEA8e3IUZa9Xp3kkkJjPllcy8rsNv79+Ifmtn5Cx4klclHFQe2I8Wvw 14 | /ZkhvjknDWaGxOYb4CEbLQCPQWxrvNp1/pItze68PrtsiSNnJHAjTnjXNaHc9wgy 15 | y+/H4FqJy2Mfo0zGG65fCxiBSoFrx0K8p7Rs4nnrclohsRZ9Qc1/MmUCgYEAyAz2 16 | wwUrj76xUIta/j2Mnbnwcb0oY0uZVs9XMxpR05mGLw9FMSPTVWtE+rRCJ/dKBark 17 | dSGkZ+rG8ICvgek09D6Tl+gSgUiM5mXPNcW3BuNF/EVQCGhakeyTFWUTGeuEb/Og 18 | QsxccwcUHCXM4WryYnUu1yqzcpF+/hqlaMyrt1kCgYEA7hyht6PMeK6gxE9xDHG5 19 | wp7TxQFOCGoB6oX0xh027QCMTGo1CaC6zW8FZgssY6UQagUtVHhhHfbaCINkurit 20 | v8QyLuiVAI1JsuRUZOm15ktLTe8k40J/dHdo22lhC/xgrEIpDh+eTfZtcl5VLQaD 21 | VfBf5rwmvyL03C4NVFGkqn0CgYBf3P5+s8KNLncvvqfK/1mb15dmGZv6ASco11DU 22 | 9z7Q5FfNw0aH5sAFxdKXRLwTBMhe8OZrTsTG21WbuD7iRQuQI1B80cPUWhzS52Sl 23 | QuqTDWPjIJ/ad483MCPHc9j0aczcDOX2PJHsuS6k0mRcfPBLyBW7HAZD138Aa2pq 24 | TvHWeQKBgADj8mPJMyQfn6YcBCL81KvzF/1HmbdehIMh2kJNK/9g8PZOKx0KnIum 25 | 43JZDFnqheoZcHCO/K+IAR7Vw+MV4MWZ/pNG65rcFGwyXygVdV8j5/o5dfbY64jX 26 | WZIixa4+pqr+PbILGC6YJrPBaxJclmzay+jFCkDyrfjIsJVXHmis 27 | -----END RSA PRIVATE KEY----- 28 | -------------------------------------------------------------------------------- /templates/ssl/client_rsa_private_pkcs8.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN ENCRYPTED PRIVATE KEY----- 2 | MIIE4zAcBgoqhkiG9w0BDAEBMA4ECLmmzAmLIjO3AgIIAASCBMETwEYAUaz988mU 3 | 3NyUox7+owFLpeIkqHptQ+KP/iMmP+cXJe+hLMjyvG7HGSauQ5ruNSUqg2OfaHrx 4 | RqzBjESlkqOmJ7u7IGNRGFlds+SHikbgHoJb+sYP1K7qPeHpCMgq+JD3cV0F7UQF 5 | cUZNv/4PLSsw/lo70N8+FaGeGRto0TO8Djhlvs4sPM4rlTazV5h3LpOZCYkO56Gd 6 | DpwYo+bcr1S0GxZMgyRbggAvcL02GTTvSoH5KdzX10UbH/pJh6Q28Syagg713iX8 7 | rku958UMtpluwlOmvjlZ8yxbz49q4UhUS1v9Ox/YB5XRwOQSCopJIWRJSgjLj3mj 8 | o7APtLueV07nZ1jMG35T1kD5KhjwfXSjDpIWfeBuDy7rLzqHHNrCfZO97C8xltTn 9 | 25IItpQ3nKdzFA9+YuwSixPMUnR7pFrDKktU22DNpQGaXOBMKiKHk7nQv7oKCt6q 10 | 0WUa4H/flxVk94kLOKSND1UqNlrsGqoMjjC55DM1s+LsxdvXeMqiNTAJFI3sAxRM 11 | o6SPqKuUxG+m9m/AqWXvwjVlnCXvTiWPUa/FBRvTUZUllxLwunhpJQNkbKLOqWjN 12 | GPc2U8iaUf0FeXeCPoYervkU4cJBR6BAEgHfb7EFXh4gY7I8XOXOSENxVxnSWiWp 13 | zVv0J+egmzbobwW/XvxK1+IyaFL9P9enUnyqmlIYEJqKp/QwMAdUiNuP+VZuFIBE 14 | JldINC8KsvQREtYn3zImDbMvP9cDp9n8EFI0/9+R3BPrBhFBlfY06OfP6G2Dqynx 15 | 3RbbTcQKcCYwOkogZIsqCg4f7gRgTSPw71FrrcZO+JlBF7zF5COv9vr7wKcoBUkc 16 | tVedq08mQOuGdz7NRiwMvapecdK9EQGGuMVrppz/6fbxYqUp3xFcT+KJ7yqfpv0f 17 | KQF8zbjkcFawQic9lTFB/Xa14nOUQC7UDVcOOrBNic0WKRz8+bo78Mtsqe5abKhs 18 | IkhR4w2YfhPMyCZTREeCeFdhSbDadseI+EoTyOYAIBJRCNI5rKDhWlVTdQNZ+wot 19 | JO8Pnyi+FtSrmqoBATeBY4SzTH6+cDX0WLtiJl2KLvY8ezlvv+dzuv1Umm8Hp/El 20 | tjBqNwU3pLQXJpuagX+6zOexghKHR9nvh/McEGWk5NTk8n+dedMkWxU2TB6Cteo/ 21 | JB7zN/xl32uMw+74xuAaS0WblXmfMFm6FJrtOZ2xfxBZSc3yktfca5viIRLtRP0I 22 | 9EyGp05I71gr/5FV1ENitLFnso0GfFZ73gsRtRH1Jdcr09O3XmFcUAXWTJuo6u4h 23 | fYMU98h/0sQ02PYYO1lWhK0zqJ1UD9MtpTUCt6gCgEq4FuZeHzfVbBZX5/b7G+q3 24 | dtmIIrITd8DZa4bzAYJzMPa4KfK95NuECUjGTlM+PuVKHTXC+ej9zlDm35XDJ/FU 25 | N7H+c65GGrYTPro4R9tu/2T/P486icepC3gPC7nnMm7/zdORxWLzDIlZm3vkTG1T 26 | p4Q3vF5+eYkMT42WV92o2JdYWU4YKgTTrrWEjO4MBHitZ/Apz4oz2bDiYZXFB+eS 27 | Bysd1n3lvrk7huZ8o38sFW10mbdWPFjEb7ky7QaHUmpsmFIPT76yJ7+0msEt7Lv8 28 | fPuDvh9oqg== 29 | -----END ENCRYPTED PRIVATE KEY----- 30 | -------------------------------------------------------------------------------- /templates/ssl/server.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIDajCCAlICCQDljUA20BnKpDANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQGEwJD 3 | TjELMAkGA1UECAwCQkoxCzAJBgNVBAcMAkJKMQwwCgYDVQQKDANDT00xDDAKBgNV 4 | BAsMA05TUDELMAkGA1UEAwwCQ0ExIzAhBgkqhkiG9w0BCQEWFHlvdXJlbWFpbEBh 5 | cGFjaGUuY29tMB4XDTE5MDYxMzA3MTAxOVoXDTIwMDYxMjA3MTAxOVoweTELMAkG 6 | A1UEBhMCQ04xCzAJBgNVBAgMAkJKMQswCQYDVQQHDAJCSjEMMAoGA1UECgwDQ09N 7 | MQwwCgYDVQQLDANOU1AxDzANBgNVBAMMBlNFUlZFUjEjMCEGCSqGSIb3DQEJARYU 8 | eW91cmVtYWlsQGFwYWNoZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK 9 | AoIBAQCrcoEkq7+3+/j6kptOBxJSC3y90oGOyQvMJyCmsytwr+Qj0J7so3ZyBp8B 10 | lsUdvgq6Z9NzZpgu+bsjvIws/Ej6yfdM+TSPc7WdctRwtJjbxsYNRXI5X6dLf8gn 11 | u9eXSkTzaJhNyx0+r0hH24ts1rTwAVXB5Rfb0A8748fR5Lx8juN+SSfCWaTQKqmd 12 | QDiQN08WkCeNTnxMWOb9AqN2XAxj9GCCJOIdlr/XyPNWIJuIZkL+R6WsjIcR/7NH 13 | v58VB9I0ve4tjd0fk7SpHrIqi3q87lt43Pf05yQqIp90HU5wu55JT6p9YsW+UaSl 14 | eVVIxVAhehou4Q3oOjPNcJABwgPRAgMBAAEwDQYJKoZIhvcNAQEFBQADggEBAKM2 15 | rIbsKe+kpxdVgoZSznWztN10APYtGM/0ss76B2mT2SCmKDdhbkeCG4VW6qw3CtUs 16 | odPTp4pKtG9UF/J3BAgwIHI0LnWQfxJ973t7vfzP9D1Q7/X6j4UaMbldj442MEDM 17 | pItITWPxpEqMdd4O3EcqsxbqQRWiugjQ57+Z80GxoSFSthIMX3nUjGHfbewxy/Jk 18 | VPdyqElzcJ0CwRE0Dey18h+bbqdyDaG0wJ+HKZlbx2A018SX+VhyTUpnytrTHhVb 19 | SD9rsdtFJFfnyeatJMmtjn/Hlhb19k4kk/UxiStW95zxmesen9OHi1bRlUvPKcOO 20 | bwdeH2xp7R1Tio1CY4E= 21 | -----END CERTIFICATE----- 22 | -------------------------------------------------------------------------------- /templates/ssl/server.csr: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE REQUEST----- 2 | MIICvjCCAaYCAQAweTELMAkGA1UEBhMCQ04xCzAJBgNVBAgMAkJKMQswCQYDVQQH 3 | DAJCSjEMMAoGA1UECgwDQ09NMQwwCgYDVQQLDANOU1AxDzANBgNVBAMMBlNFUlZF 4 | UjEjMCEGCSqGSIb3DQEJARYUeW91cmVtYWlsQGFwYWNoZS5jb20wggEiMA0GCSqG 5 | SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrcoEkq7+3+/j6kptOBxJSC3y90oGOyQvM 6 | JyCmsytwr+Qj0J7so3ZyBp8BlsUdvgq6Z9NzZpgu+bsjvIws/Ej6yfdM+TSPc7Wd 7 | ctRwtJjbxsYNRXI5X6dLf8gnu9eXSkTzaJhNyx0+r0hH24ts1rTwAVXB5Rfb0A87 8 | 48fR5Lx8juN+SSfCWaTQKqmdQDiQN08WkCeNTnxMWOb9AqN2XAxj9GCCJOIdlr/X 9 | yPNWIJuIZkL+R6WsjIcR/7NHv58VB9I0ve4tjd0fk7SpHrIqi3q87lt43Pf05yQq 10 | Ip90HU5wu55JT6p9YsW+UaSleVVIxVAhehou4Q3oOjPNcJABwgPRAgMBAAGgADAN 11 | BgkqhkiG9w0BAQsFAAOCAQEAPVQCIHeZszbwZWBWYxSsOyg8zdGJUJr94coP1Vqf 12 | h4iSiMUQDIAVpobw2Np1f1SfIU/kc3jK3pSk+ac7kb5hf/2WA8UJMtyb4KUYxhYL 13 | U6x+/imKjijLQb2UMOx9QyATMzX9N+r42mblWpGKbeT8v2iXXbFWOB6xffR3VmfO 14 | FmZkHCTe0rO29wfDvJNG7UM7o7a4v9hu3FU3wu0woJKmNm7We8ePIYg1aWAoT7+6 15 | XloBIX4vpmqQgG1DoAwkJIQIyr+4z8o6MXDdMDYHK+OaRz0u7CpZD3fkWm92ceYP 16 | W5jYtEV/krwwbMJJNOc3UlBf1bFnD6PrfCH68G4rnn2OtA== 17 | -----END CERTIFICATE REQUEST----- 18 | -------------------------------------------------------------------------------- /templates/ssl/server_rsa_private.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN ENCRYPTED PRIVATE KEY----- 2 | MIIFHzBJBgkqhkiG9w0BBQ0wPDAbBgkqhkiG9w0BBQwwDgQIFwd6743xwR4CAggA 3 | MB0GCWCGSAFlAwQBKgQQX+Zs4Opeu6nFw/SBfyRyzQSCBNAIkBV3aYRvkRrx9cPC 4 | 4Kui3tXktAPJz7/EAXjCS3ahBmBfCIQCDTvpNFBmtP+rbQFMh2RMVD8ntnhfRblN 5 | ++/XrDCPqA5qsovKXgrrpxsEYY8Z6l1V9N16y14heawVtR82mNDFRZ4i6RS8+B2X 6 | WLf9wv3gmkBJuvkD9q3IT3uO6w8fbF4xaZ3tT+n6tlcvmZ6Ux9AZEpgrZvtIPhF7 7 | aCZMRhi0JqZALIjf3FK4EgFNzNFwLCLixPczvJvGRP8yf4oqC/dg6T5AiAdPLhyt 8 | ccWAtgKDQu7iPGVe0MYlRhtXrSt13WlAt7Yg+0gcIMmYGyeAMZd12vBYUtR3ts3c 9 | gy/K2OzcH0V4a69llbx1NzpoEzt4kKVjDWnIy++a0/nwVAI5WX2HwgPbs+ShQ3VO 10 | +CWpSsGjUkReA2ObbIf9AHk97SysBkfULA0+DYfD7IrdSunmZVpdkj0gYEJo7jy+ 11 | nn98LHBZqlJSerLoF/zInSAY8Ym4abtCvUjlAo+9Rm1DLlIEnbRvkAuLq7d8p6Mn 12 | mHRgvvLlgGmDkOa4LzE/Q8+JD8X4XeVmPXT9JWYmOfJFKu1fP7gVXevyp4XfQNHD 13 | 7/d/0y3OAHpVWEWIT0hmuyYy3t0DOZx8HFlc3d4kHBXDtrVfXuQ7Ny6u3M3pbAGO 14 | RdPT7a2X94o5/IAphmarCHIMosek0voby2oK2JL96hLl2vDFbAowN7TOxuiQKdjz 15 | VW7XiELiXXcE7J9xhu+ZCmvgMTJP29tiu2/i0Tj2Nxz9EkPjIuDRm3BqPAxTReU8 16 | tUFj0t9Wuj2KTLPKbKt664Z92xFaS7MIFJrm3l6H/oGNa3qIpLYiBJeKN6ktCzbC 17 | 4ZQpUkz2uZDJBwcFKh7CJbc0HBSRgxa0MbW01VQBXz8zkzfDr2XUvNddA3gs5iP6 18 | sUtlUVK74MjfHmnsjQUsDNRLH7kMPjAlVS8qyamNMzBWmMcvS+orc59dzCVckmBu 19 | MqJWKZLwU/gcSQRhGzokaYe40qtoNzcQV2YlUP4gotpC3AlyJlYHNEl65MbWjTKB 20 | TyWXXdJJ7Hfn2j6k0PXhzHsNKBfTcy465no+/BR+wBpY7b3fIN5+EgGiisAM2gjX 21 | eMRMhVOfV4+qY+nYARH4tavu2Sn5la6sqEGolu4iLp8hcMoJe9No6T4NDaAqMNWU 22 | 5wH+QunEL/eRfMY9Y1bxP+NspqOIjP++TXHN1i95eZsWF7au/B7Nl/5arkT3dqDO 23 | sNv33Igatad8lkY7wy/lknqYPYyqSuQAmNuhIcNOJIv73ssaXqIhUtl/GDj++j5W 24 | em2J3+cwEZyyQ+Bp4IDz3MHLa7cR8sAyWgREnAsbL1PhH47t44xUxDWe/zEiD1Qm 25 | H4ak6adLQRGfPeSSEk7X4G8MPZ5rIfBX7BFamTnBaFvxCmiVRFd44dP4hEN+ozE8 26 | NQZdgGm4S6MENTgZTypEQ3i4H59sizrdW0kYcBP3taqKN/5p8/D+Pkg7UQf5ma31 27 | 3UJinBWNGFQYUtCWLzkGCVypwnBSworlPHsRmFR/3uqozNNWa0x6uCAkpKzd5tXk 28 | MwkgPA9Sf6ZXCNsfVoz8PfIC9Blj9LrOVkWfUUEztaNjet15gi0NJFuMfDoGeJ7J 29 | OaYpJ1sk8E7q6rd3Br44CfTvlw== 30 | -----END ENCRYPTED PRIVATE KEY----- 31 | -------------------------------------------------------------------------------- /templates/ssl/server_rsa_private.pem.unsecure: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIIEogIBAAKCAQEAq3KBJKu/t/v4+pKbTgcSUgt8vdKBjskLzCcgprMrcK/kI9Ce 3 | 7KN2cgafAZbFHb4KumfTc2aYLvm7I7yMLPxI+sn3TPk0j3O1nXLUcLSY28bGDUVy 4 | OV+nS3/IJ7vXl0pE82iYTcsdPq9IR9uLbNa08AFVweUX29APO+PH0eS8fI7jfkkn 5 | wlmk0CqpnUA4kDdPFpAnjU58TFjm/QKjdlwMY/RggiTiHZa/18jzViCbiGZC/kel 6 | rIyHEf+zR7+fFQfSNL3uLY3dH5O0qR6yKot6vO5beNz39OckKiKfdB1OcLueSU+q 7 | fWLFvlGkpXlVSMVQIXoaLuEN6DozzXCQAcID0QIDAQABAoIBAFKQlSLc1zo6TUAW 8 | pFYiT69VOuCLZLsnlNffK/k7pbrh6eNZj390hREKoT55pjnZkH8OiyUzDizpNTdT 9 | kMoFQPwNkVvvU2GWHqtRZn9UaZzFkBFKFWUN7JoOUozYCE4ihSwXfelQ3KeYcB2y 10 | 2+UxTPecHPmAY0oHW57C5jLtjdwJhjo3m3S+lh79uFE4u+QIUV86Psn8JBLej2QU 11 | AYUy7AaAMuLHsJtWtP5jpaCKikCWYtfaCHismWpN2RbIwVp+unWhpryUpOOZx5F/ 12 | iEE8OaDAkZimPgS2Bh67VmX2+SmaRFDRXKWEUXP3v7EVPY40SIZfZcqW7JSVrHkp 13 | w+/pNUECgYEA0gw84EFJBGumMptwjTffajrtynE/cjtYSp/cmYisQsQXcb2DSjTS 14 | zrK2kJmJUCuEeM1GQRkS0by4lk157BzZaBcMwad/4zwJ8ZU8676yKv0Rf488+DE4 15 | 4IWByoSYElH9N9iW2eWWuH8+BeP86JUt+DgLqPBLsy7PKndNbzJE4BkCgYEA0PRw 16 | JeNfjvcGTLDmm2qbtYYzheIUdQmwYUrYqRQCRPP3jxJIrrvwn9ID6Cx8FS2vdsXr 17 | 3vxYdaDARrijF1pDH3swm3GHrIV/qYAkb4Cy9mdoXK96AB0RD5plbo15952d6kfD 18 | OdZ3D+FXUdJbqHIR0Vk60iRSR+bphfOK73r32HkCgYAd5/Ym68Ssp3MTU4RT5ved 19 | VWST5UnmRsLMZTRwe8AjBW5dGGGACENXgKRztBiT3I5Q8NEm5Z4DVL5nUAKi9nyR 20 | 0G5ViDayMNMtnVT+L7mIW13Jbqh8oe16MigHoJdSTHAkKmdYANNT03IOPqa8qrjP 21 | 1ZL7a7MrgOeoITJaOasKyQKBgES81JOyK4JFQt5Bp2ri9BwP7K0TRTWHHW20CHf+ 22 | bAyw0PRQyHYqvypkFQLwd1UkNT92NnShQJxZaEcbgBMzjzcw+Dl6bG5VcDybOeEw 23 | Ti7+r3cmBpU4+p7OZKWshr3tLMCgINnK8lnYADibYamU9MWQe+gbKLIchR+akU7c 24 | feHJAoGADF8pbOuCpRFZnUYzKh+RP2tHcRJSGSi7VouI9tCx+NXfKuuFlfw3+2ug 25 | /xmbjwzXYUDw+VjpOYA1OAsqmtyk4sJKP2z4oA1RLUfuL1nXyHRgMQ39/KmY4/Uy 26 | 2hPaS1CkfAgSGqTpb0ciY8ELCJQIDrX3QNgCeR1cCHxLygDVGvc= 27 | -----END RSA PRIVATE KEY----- 28 | -------------------------------------------------------------------------------- /templates/ssl/server_rsa_private_pkcs8.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN ENCRYPTED PRIVATE KEY----- 2 | MIIE4jAcBgoqhkiG9w0BDAEBMA4ECJOZ3PKU8BRPAgIIAASCBMAocpv2E45lph1C 3 | G5zcJbwMJw08ER7ouxnhcGyKt+CXIbMESikTUUJDudCWgTiTIt/A0baNPW4m6Zv+ 4 | oJhvMBFl7KfUyCkVRpSw53ygHM6TeeIS0UP6x7eB9++yNCJ3ZVF7OzVvmDwx9FnV 5 | XOfgQjZIIvcyXgn5jwj82PB7YG3fwQye4AUgmr6ngbMk/GZ35XIZSfPptHHdvkxG 6 | DifswZynDX8FeH4NAKZJilC0m/gO2OayVRHl19LVTu9V/1SKya0uLJvP9Lezqwl9 7 | n1cSexe8rbpho3HX5nRbWk3T2/sM1F/fD/ylDdzgrvLe7xmlbExhBMZfIaFnTJu3 8 | 4+dJBYlS7cBBeF2B+9/4r6TXVtZMsjNVmWLEye3ExXCOY41fKvTv5qH4TyXXrsrc 9 | 1G4Bv4+oNXa/WnfF8qDlvtsSouOPWHtQEQMVMKyaLL70Z1wyKFVtFT8EbkGmT878 10 | lJX/XsgXgfq61+OZUpriQb1+0nzlPStnRRUL07D+ryllvFRoIBh1q9OwIvdVHDsI 11 | zh+KCVsPEuq7VdIW+wNRiomIGu4SLjquPYxyOnqV3YVmcSUfzbo+li1QcplC6WVS 12 | LICZsvIuCUtEAOTXzJdcUMKSNgYX+sCLZBrG+EYZhTBFwTELSTGESC3gGGdua1nq 13 | Bm86S1wBgY6i9jIDxvuLXOVcphVUB6/9PQrxbVAtrpeDXGAyMj72h1GSGehr/VuS 14 | jlSNz/LLXoSCZKs6faPo3B0PM0VMN87dVNVpOw+3eTkdy2x/0H2oAoGVIbtSTvbh 15 | bmTbCcMiXlwCBgfUZUu+6YuwRZzxXxS8gNpXW/RT8KNnmCLGNtjJhQN4hHfrKsAI 16 | +M1qAVbkSixHRGWQygbFSUUQ8h7OYFMft5YpnKLgl/BaMjzAsFZOFbcOAerQHcL7 17 | FatCQpBCmQ8MleiEzK7rN7IGYe7yx0HW1NzX6ym2uhCUtwipH6sspT7hDJvMrGFW 18 | vAQwBBdw6ewmjq+XCliSDNFTp1TRkiN0ilgeLS+EIBPKh0SFooXe5oXJhbTNVQem 19 | is958jgJLeDGVDZrjyZq2ptPYb0kXmGQKvhnqZkO8hqI1xGbGZm7tERivolclMN2 20 | e4Yh1D68fcyOzpmfPiVN6T22I0GMAtq8exO+F2LTdarGWnBRr6aOp6QSPz7iMQhf 21 | OHXUj4smLGkZT5XIlinoVK5YlKIq5aUusKrS9hxqNfyMTz9iETiNNg9hCTolXKvN 22 | tuYygAMR44DqhLTsQLr/8++DxdLZ4v3Rd16q/YX1GNAUMvNEMzokDbp50+ET36Mg 23 | VZu3SeRmjnh5SvohDRbM4uool+0KFkGjsB3UpyeF1QgfNcUuc608VnFFF3XIErw9 24 | TaARow1v8LJ9+C2p8ZweSr5npatP4uMcDZ3DalRx7Dhef5PpOmt0BTuV9AJpBLDe 25 | l3qpQo/z5a25wJa1fe7xk2nbVGjI7goxJSJu4BovE9pBw0GkQz44xNiKn+S4Bunp 26 | lIJ9CpB1i9+EN7xxcG2vPkcsajgCmoXqlMfxvuvegZPISAwsxjd9WPO8BuC1a6dA 27 | EmVffgNsK43YGSnBJZEmmOb+1uGvbZJHLiMcpTF2xiaCr9qxDurn1euOFJ4nIF1f 28 | ONZTTyJQ 29 | -----END ENCRYPTED PRIVATE KEY----- 30 | -------------------------------------------------------------------------------- /templates/ssl/ssl.properties: -------------------------------------------------------------------------------- 1 | ## client setting 2 | tls.client.certPath=/home/rocketmq/ssl/client.crt 3 | tls.client.keyPath=/home/rocketmq/ssl/client_rsa_private_pkcs8.pem 4 | tls.client.keyPassword=client 5 | tls.client.trustCertPath=/home/rocketmq/ssl/ca.crt 6 | 7 | ## server setting 8 | tls.server.certPath=/home/rocketmq/ssl/server.crt 9 | tls.server.keyPath=/home/rocketmq/ssl/server_rsa_private_pkcs8.pem 10 | tls.server.keyPassword=server 11 | tls.server.trustCertPath=/home/rocketmq/ssl/ca.crt 12 | #server.auth.client 13 | tls.server.need.client.auth=required --------------------------------------------------------------------------------