This recipe is a work in progress
This recipe is incomplete, and is featured to align the patrons's "premix" repository with the cookbook. "premix" is a private git repository available to all Patreon patrons, which includes all the necessary .yml files for all published recipes. This means that patrons can launch any recipe with just a
git pull and a
kubectl create -f *.yml 👍
So... There may be errors and inaccuracies. Jump into Discord if you're encountering issues 😁
There's currently a mysterious bug though, which prevents TCP communication between Home Assistant and the camera, when MQTT services are enabled on the camera and the mqtt broker runs on the same Raspberry Pi as Home Assistant, using Hass.io.
A workaround to this bug is to run an MQTT broker external to the raspberry pi, which makes the whole problem GoAway™. Since an MQTT broker is a single, self-contained container, I've written this recipe as an introduction to our Kubernetes cluster design.
MQTT stands for MQ Telemetry Transport. It is a publish/subscribe, extremely simple and lightweight messaging protocol, designed for constrained devices and low-bandwidth, high-latency or unreliable networks. The design principles are to minimise network bandwidth and device resource requirements whilst also attempting to ensure reliability and some degree of assurance of delivery. These principles also turn out to make the protocol ideal of the emerging “machine-to-machine” (M2M) or “Internet of Things” world of connected devices, and for mobile applications where bandwidth and battery power are at a premium.
Create data locations¶
Although we could simply bind-mount local volumes to a local Kubuernetes cluster, since we're targetting a cloud-based Kubernetes deployment, we only need a local path to store the YAML files which define the various aspects of our Kubernetes deployment.
We use Kubernetes namespaces for service discovery and isolation between our stacks, so create a namespace for the mqtt stack by creating the following .yaml:
1 2 3 4 5 6 7
Create persistent volume claim¶
Persistent volume claims are a streamlined way to create a persistent volume and assign it to a container in a pod. Create a claim for the certbot data:
1 2 3 4 5 6 7 8 9 10 11 12 13 14
Create nodeport service¶
I like to expose my services using nodeport (limited to ports 30000-32767), and then use an external haproxy load balancer to make these available externally. (This avoids having to pay per-port changes for a loadbalancer from the cloud provider)
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17
It's not always desirable to have sensitive data stored in your .yml files. Maybe you want to check your config into a git repository, or share it. Using Kubernetes Secrets means that you can create "secrets", and use these in your deployments by name, without exposing their contents.
1 2 3 4 5 6 7 8
Because. See my blog post here for the pain of hunting invisible newlines, that's why!
Now that we have a volume, a service, and a namespace, we can create a deployment for the mqtt pod. Note below the use of volume mounts, environment variables, as well as the secrets.
I share (with my patreon patrons) a private "premix" git repository, which includes necessary .yml files for all published recipes. This means that patrons can launch any recipe with just a
git pull and a
kubectl create -f *.yml 👍
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74
Check that your deployment is running, with
kubectl get pods -n mqtt. After a minute or so, you should see a "Running" pod, as illustrated below:
1 2 3 4
To actually use your new MQTT broker, you'll need to connect to any one of your nodes (
kubectl get nodes -o wide) on port 30883 (the nodeport service we created earlier). More info on that, and a loadbalancer design, to follow shortly :)
Chef's Notes 📓¶
Tip your waiter (support me) 👏¶
Did you receive excellent service? Want to make your waiter happy? (..and support development of current and future recipes!) See the support page for (free or paid) ways to say thank you! 👏
Flirt with waiter (subscribe) 💌¶
Want to know now when this recipe gets updated, or when future recipes are added? Subscribe to the RSS feed, or leave your email address below, and we'll keep you updated. (double-opt-in, no monkey business, no spam either - check the archive for proof!)