Expose HiveMQ Control Center service using HiveMQ Operator
Prequisite:
Access to infrastructure with Kubectl. E.g.
Running HiveMQ Cluster Install HiveMQ using Kubernetes Operator
Values.yaml file Install HiveMQ using Kubernetes Operator | Add Helm repository and download values.yaml file
Kubectl, Helm and MQTT CLI Prerequisite - Software Packages
The default login for the control center is username admin
and password hivemq
.
Exposing port 8080 using Port Forwarding
Run the following command to get the services and look for the MQTT service (hivemq-hivemq-cc in our case)
kubectl get services
Run the port forwarding as follows
kubectl port-forward hivemq-hivemq-cc 8080:8080
After running this command, you can access the control center on localhost:8080
Exposing the control center using a Load Balancer
Exposing ip via load balancer in the following steps makes it public. Please check out HiveMQ authentication and authorisation extensions to control client access and scope. HiveMQ Extensions Marketplace: MQTT Integration Made Easy
Open values.yaml and search for port 1880 under hivemq.ports.port
- name: "cc" port: 8080 expose: true patch: - '[{"op":"add","path":"/spec/sessionAffinity","value":"ClientIP"}]' # If you want Kubernetes to expose the HiveMQ control center via load balancer. # Warning: You should consider configuring proper security and TLS beforehand. Ingress may be a better option here. # - '[{"op":"add","path":"/spec/type","value":"LoadBalancer"}]'
Uncomment and expose the loadbalancer for control center
Save the file and apply the changes
Check if the service for port 8080 has an external IP address (98.67.131.223 in our case)
Open the browser using the IP address and port e.g.
98.67.131.223:8080
Securing your setup with basic username/password change
Open values.yaml and look for the following section under override
Generate an encrypted shasum (in our case, username : test , password : abc123 ). This generates a hashed password.
Update the field username and password
Save the file and apply the changes
Once the pods spin up again, the new username/password should be applied. We tested it with incorrect password which leads to an error. The correct password works.
Please check out official documentation here HiveMQ Control Center Configuration :: HiveMQ Documentation