求助：1883端口昨天突然连不上

bintong2689 · 2023 年9 月 28 日 01:39

EMQX服务都正常，防火墙和SELinux已关闭
1883端口正常监听，但MQTTX客户端就是连接不上(已关闭重进多次)，一直在显示重连

以下是配置文件

## NOTE:
## Configs in this file might be overridden by:
## 1. Environment variables which start with 'EMQX_' prefix
## 2. File $EMQX_NODE__DATA_DIR/configs/cluster-override.conf
## 3. File $EMQX_NODE__DATA_DIR/configs/local-override.conf
##
## The *-override.conf files are overwritten at runtime when changes
## are made from EMQX dashboard UI, management HTTP API, or CLI.
## All configuration details can be found in emqx.conf.example

node {
  name = "emqx@10.88.78.184"
  cookie = "emqxsecretcookie"
  data_dir = "/var/lib/emqx"
}

log {
  file_handlers.default {
    level = debug 
    file = "/var/log/emqx/emqx.log"
  }
}

cluster {
  name = emqxctl
  discovery_strategy = static
}

listeners.tcp.default {
  bind = "0.0.0.0:1883"
}

listeners.ssl.default {
  bind = "0.0.0.0:8883"
  max_connections = 512000
  ssl_options {
    keyfile = "/etc/emqx/certs/key.pem"
    certfile = "/etc/emqx/certs/cert.pem"
    cacertfile = "/etc/emqx/certs/cacert.pem"
	 # 开启对端验证
    verify = verify_peer
	 # 强制开启双向认证，如果客户端无法提供证书，则 SSL/TLS 连接将被拒绝
    fail_if_no_peer_cert = true
  }
}

listeners.ws.default {
  bind = "0.0.0.0:8083"
  max_connections = 1024000
  websocket.mqtt_path = "/mqtt"
}

listeners.wss.default {
  bind = "0.0.0.0:8084"
  max_connections = 512000
  websocket.mqtt_path = "/mqtt"
  ssl_options {
    keyfile = "/etc/emqx/certs/key.pem"
    certfile = "/etc/emqx/certs/cert.pem"
    cacertfile = "/etc/emqx/certs/cacert.pem"
  }
}

# listeners.quic.default {
#  enabled = true
#  bind = "0.0.0.0:14567"
#  max_connections = 1024000
#  ssl_options {
#   verify = verify_none
#   keyfile = "/etc/emqx/certs/key.pem"
#   certfile = "/etc/emqx/certs/cert.pem"
#   cacertfile = "/etc/emqx/certs/cacert.pem"
#  }
# }

dashboard {
    listeners.http {
    bind = 18083
    }
    listeners.https {
    enable = true
    bind = 18084
        cacertfile = "/etc/emqx/certs/cacert.pem"
        certfile = "/etc/emqx/certs/cert.pem"
        keyfile = "/etc/emqx/certs/key.pem"
        #cacertfile = "/etc/emqx/certs/ca.pem"
        #certfile = "/etc/emqx/certs/emqx.pem"
        #keyfile = "/etc/emqx/certs/emqx.key"
        verify = verify_peer
 }
}
authorization {
  deny_action = ignore
  no_match = allow
  cache = { enable = true }
  sources =  [
    {
      type = file
      enable = true
      # This file is immutable to EMQX.
      # Once new rules are created from dashboard UI or HTTP API,
      # the file 'data/authz/acl.conf' is used instead of this one
      path = "/etc/emqx/acl.conf"
    }
  ]
}

api_key {
  bootstrap_file  =  "/etc/emqx/api_key.bootstrap"
}

Shawn · 2023 年9 月 28 日 01:46

打开 emqx 的 debug 日志级别，并查看日志观察是否数据已经发送到 emqx 了。/var/log/emqx/emqx.log.*
也可以抓包看看消息交互流程。
emqx ctl listeners 命令可以看到各个端口上，客户端断开原因码的一个统计。

bintong2689 · 2023 年9 月 28 日 01:49

已观测tail -f /var/log/emqx/emqx.log.7客户端连接情况，未有客户端连进来的记录

bintong2689 · 2023 年9 月 28 日 02:23

麻烦再帮看看，关键。
另外，EMQX升级到5.2后，端口配置文件挪到什么地方去了。
emqx.conf里只有18083的相关端口了。其它的端口后台看已经在监听了，怎么修改相关配置呢？