Abdul Basit I hate semicolons

Setup Mosquitto Broker via Docker compose

One of my office collegue got an assignment to setup Mosquitto in test environment. He was not aware of Mosquitto and how to setup, asked me to help him. After doing some research, I figured out, Mosquitto can be setup using DOCKER containers

Before diving in deep, You should know what is Mosquitto:

Eclipse Mosquitto is an open source message broker that implements the MQTT protocol. The MQTT protocol provides a lightweight method of carrying out messaging using a publish/subscribe model. This makes it suitable for Internet of Things messaging such as with low power sensors or mobile devices such as phones, embedded computers or microcontrollers -- Wikipedia

Following is the docker-compose.yml I used to setup Mosquitto:

version: "3"
        container_name: mqtt
        image: eclipse-mosquitto
            - 1883:1883
            - "./mosquitto/config/broker.conf:/mosquitto/config/mosquitto.conf"
            - "./mosquitto/config/password.passwd:/mosquitto/config/mosquitto.passwd"
            - "./mosquitto/data:/mosquitto/data"
            - app-network
        driver: bridge

Here is some explanation:

I gave my container a user-friendly name : “mqtt” so that I can access it and run some commands

container_name: mqtt

“eclipse-mosquitto” is the official image mentioned on their website. I used the latest image, thats why did not mentioned any version.

image: eclipse-mosquitto

“1883” is default port used by Mosquitto to enqueue/dequeue messages in broker. Since we are running in container, We need to also expose the port to host machine.

    - 1883:1883

Three directories, I used as volume to preconfigure the setup.

    - "./mosquitto/config/broker.conf:/mosquitto/config/mosquitto.conf"
    - "./mosquitto/config/password.passwd:/mosquitto/config/mosquitto.passwd"
    - "./mosquitto/data:/mosquitto/data"

Configuration file:

listener 1883
password_file /mosquitto/config/mosquitto.passwd
allow_anonymous false

persistence true
persistence_location /mosquitto/data
autosave_interval 10s
max_queued_messages 100


To up the container, you can run following command in command line or terminal:

docker-compose up -d

To start interactive session, run following command:

docker exec -it mqtt /bin/sh

Note: Image does not support “bash” alias

Security measurement:

I disabled anonymous usage in configuration file by changing allow_anonymous to false and provided the location of password file by password_file.

After starting the container, You need to add a user with password so that pub/sub can connect with your broker. Since, directory was mounted added user will presist even after restarting the container. Use

mosquitto_passwd -c password username

to store passwords in file. For example, command

mosquitto_passwd -c golang golang

will write following content in password file.


End to End connectivity:

Installation of Mosquitto comes with some utilities to check end to end connectivity. These utilities will be accessable after starting up the docker container successfully.

Mosquitto Producer: This utility helps to enqueue messages in plain text. After opening the interactive bash session in mqtt container, You can run following command to enqueue the message:

mosquitto_pub -h localhost -p 1883 -u golang -P golang -t my-mqtt-topic -m "Test Message"

Mosquitto Subscriber: This utility helps to dequeue messages in plain text. After opening the interactive bash session in mqtt container, You can run following command to dequeue the message:

mosquitto_sub -h localhost -p 1883 -u golang -P golang -t my-mqtt-topic

Note: Make sure that credentials you set through password utility are correct.

Conclusion: I hope this post gave you a useful overview of getting an MQTT Mosquitto Broker up and running using Docker.