Broker Configuration Reference
This document describes all configuration items for the RobustMQ Broker service. For logging configuration, see Logging.md.
Overview
RobustMQ uses TOML format configuration files for system configuration. The main configuration file is config/server.toml.
Configuration Loading Priority
- Environment variables (highest)
- Configuration file
- Default values (lowest)
Environment Variable Override
Configuration file settings can be overridden using environment variables. Naming convention:
text
ROBUST_MQ_SERVER_{SECTION}_{KEY}- Top-level items:
ROBUST_MQ_SERVER_{KEY} - Section items:
ROBUST_MQ_SERVER_{SECTION}_{KEY} - All letters uppercase,
.replaced with_
Examples:
bash
export ROBUST_MQ_SERVER_CLUSTER_NAME="my-cluster"
export ROBUST_MQ_SERVER_MQTT_SERVER_TCP_PORT=1883
export ROBUST_MQ_SERVER_PROMETHEUS_PORT=90911. Basic Configuration
Top-level configuration items defining cluster and node information.
toml
cluster_name = "robust_mq_cluster_default"
broker_id = 1
broker_ip = "127.0.0.1"
roles = ["broker", "meta"]
grpc_port = 1228
http_port = 58080
[meta_addrs]
1 = "127.0.0.1:1228"| Configuration | Type | Default | Description |
|---|---|---|---|
cluster_name | string | "robust_mq_cluster_default" | Cluster name, must be identical across all nodes |
broker_id | u64 | 1 | Unique node identifier |
broker_ip | string | Auto-detect local IP | Node IP address |
roles | array | ["broker", "meta"] | Node role list, options: meta, broker, engine |
grpc_port | u32 | 1228 | gRPC service port |
http_port | u32 | 58080 | HTTP API service port |
meta_addrs | table | {1 = "127.0.0.1:1228"} | Meta node address mapping, key is node ID, value is IP:port |
Deployment Modes
- Integrated deployment:
roles = ["meta", "broker", "engine"] - Separated deployment:
- Meta nodes:
roles = ["meta"] - Broker nodes:
roles = ["broker"] - Engine nodes:
roles = ["engine"]
- Meta nodes:
2. Runtime Configuration
[runtime]
Tokio runtime and TLS configuration. RobustMQ uses three independent Tokio runtimes internally, each serving a distinct role that can be tuned separately.
toml
[runtime]
tls_cert = "./config/certs/cert.pem"
tls_key = "./config/certs/key.pem"
# Worker threads per runtime, 0 = auto (recommended)
# server_worker_threads = 0
# meta_worker_threads = 0
# broker_worker_threads = 0
# runtime_worker_threads = 1 # Legacy compat field, prefer per-runtime fields
# pprof_enable = false| Configuration | Type | Default | Description |
|---|---|---|---|
tls_cert | string | "./config/certs/cert.pem" | TLS certificate file path |
tls_key | string | "./config/certs/key.pem" | TLS private key file path |
server_worker_threads | usize | 0 (auto) | server-runtime worker threads, auto = max(4, CPU / 2) |
meta_worker_threads | usize | 0 (auto) | meta-runtime worker threads, auto = max(4, CPU / 2) |
broker_worker_threads | usize | 0 (auto) | broker-runtime worker threads, auto = CPU cores |
runtime_worker_threads | usize | 1 | Legacy global thread multiplier, used as fallback when per-runtime fields are 0 |
pprof_enable | bool | false | Enable built-in pprof profiling collection (no separate port required) |
Runtime Roles:
| Runtime | Responsibilities | Default Threads |
|---|---|---|
server-runtime | gRPC service, HTTP Admin API, Prometheus metrics | max(4, CPU/2) |
meta-runtime | Raft state machines, RocksDB writes | max(4, CPU/2) |
broker-runtime | MQTT connection handling, message delivery hot path | CPU cores |
Tuning tip: Keep the default
0. Use thetokio_runtime_busy_ratiometric in Grafana to guide adjustments: if a runtime's busy ratio consistently exceeds 80%, consider increasing its thread count.
4. Meta Runtime Configuration
[meta_runtime]
Metadata service heartbeat and Raft configuration.
toml
[meta_runtime]
heartbeat_timeout_ms = 30000
heartbeat_check_time_ms = 1000
raft_write_timeout_sec = 30
offset_raft_group_num = 1
data_raft_group_num = 1
group_offset_expire_sec = 604800| Configuration | Type | Default | Description |
|---|---|---|---|
heartbeat_timeout_ms | u64 | 30000 | Node heartbeat timeout (ms); node marked unavailable after timeout |
heartbeat_check_time_ms | u64 | 1000 | Heartbeat check interval (ms) |
raft_write_timeout_sec | u64 | 30 | Raft write operation timeout (seconds) |
offset_raft_group_num | u32 | 1 | Number of Offset Raft groups |
data_raft_group_num | u32 | 1 | Number of Data Raft groups |
group_offset_expire_sec | u64 | 604800 | Consumer group offset expiry time (seconds), default 7 days |
5. RocksDB Configuration
[rocksdb]
Local RocksDB storage configuration.
toml
[rocksdb]
data_path = "./data"
max_open_files = 10000| Configuration | Type | Default | Description |
|---|---|---|---|
data_path | string | "./data" | RocksDB data storage directory |
max_open_files | i32 | 10000 | Maximum simultaneously open files |
6. Storage Engine Runtime Configuration
[storage_runtime]
Journal storage engine runtime configuration.
toml
[storage_runtime]
tcp_port = 1778
max_segment_size = 1073741824
io_thread_num = 8
data_path = []
expire_scan_task_num = 10
[storage_runtime.network]
accept_thread_num = 2
handler_thread_num = 16
queue_size = 1000| Configuration | Type | Default | Description |
|---|---|---|---|
tcp_port | u32 | 1778 | Storage engine TCP port |
max_segment_size | u32 | 1073741824 (1 GB) | Maximum segment file size (bytes) |
io_thread_num | u32 | 8 | IO processing thread count |
data_path | array | [] | Data storage path list |
expire_scan_task_num | usize | 10 | Concurrent expired data scan tasks |
[storage_runtime.network] network thread configuration:
| Configuration | Type | Default | Description |
|---|---|---|---|
accept_thread_num | usize | 2 | Threads for accepting new connections |
handler_thread_num | usize | 16 | Request handler thread count |
queue_size | usize | 1000 | Internal processing queue size |
6a. Kafka Runtime Configuration
[kafka_runtime]
Kafka protocol service configuration.
toml
[kafka_runtime]
tcp_port = 9095| Configuration | Type | Default | Description |
|---|---|---|---|
tcp_port | u32 | 9095 | Kafka protocol TCP listener port |
6b. AMQP Runtime Configuration
[amqp_runtime]
AMQP protocol service configuration.
toml
[amqp_runtime]
tcp_port = 5672| Configuration | Type | Default | Description |
|---|---|---|---|
tcp_port | u32 | 5672 | AMQP protocol TCP listener port |
7. Message Storage Configuration
[message_storage]
Message persistence storage backend configuration.
toml
[message_storage]
storage_type = "EngineMemory"| Configuration | Type | Default | Description |
|---|---|---|---|
storage_type | string | "EngineMemory" | Storage type |
Available storage types:
| Value | Description |
|---|---|
EngineMemory | In-memory storage (data lost on restart, suitable for testing) |
EngineSegment | Segment-based storage engine |
EngineRocksDB | RocksDB-based local storage |
Mysql | MySQL database storage |
MinIO | MinIO object storage |
S3 | AWS S3 object storage |
Depending on the selected storage_type, configure the corresponding sub-items:
memory_config (optional for EngineMemory):
| Configuration | Type | Default | Description |
|---|---|---|---|
max_records_per_shard | usize | 1000 | Maximum records per shard |
max_shard_size_limit | usize | 10000000 | Maximum total size per shard |
mysql_config (for Mysql):
| Configuration | Type | Default | Description |
|---|---|---|---|
mysql_addr | string | "" | MySQL database address |
minio_config (for MinIO):
| Configuration | Type | Default | Description |
|---|---|---|---|
data_dir | string | "" | MinIO data directory |
bucket | string | "" | MinIO bucket name |
s3_config (for S3):
| Configuration | Type | Default | Description |
|---|---|---|---|
endpoint | string | "" | S3 endpoint address |
bucket | string | "" | S3 bucket name |
region | string | "" | S3 region |
access_key | string | "" | Access key |
secret_key | string | "" | Secret key |
enable_virtual_host_style | bool | false | Whether to use virtual host style access |
8. Offset Storage Configuration
[storage_offset]
Message consumption offset cache configuration.
toml
[storage_offset]
enable_cache = true| Configuration | Type | Default | Description |
|---|---|---|---|
enable_cache | bool | true | Whether to enable offset caching |
9. MQTT Server Configuration
[mqtt_server]
MQTT protocol listener port configuration.
toml
[mqtt_server]
tcp_port = 1883
tls_port = 1885
websocket_port = 8083
websockets_port = 8085
quic_port = 9083| Configuration | Type | Default | Description |
|---|---|---|---|
tcp_port | u32 | 1883 | MQTT over TCP port |
tls_port | u32 | 1885 | MQTT over TLS port |
websocket_port | u32 | 8083 | MQTT over WebSocket port |
websockets_port | u32 | 8085 | MQTT over WebSocket Secure port |
quic_port | u32 | 9083 | MQTT over QUIC port |
10. MQTT Runtime Configuration
[mqtt_runtime]
MQTT runtime basic parameters.
toml
[mqtt_runtime]
default_user = "admin"
default_password = "robustmq"
durable_sessions_enable = false
secret_free_login = false
is_self_protection_status = false
[mqtt_runtime.network]
accept_thread_num = 2
handler_thread_num = 16
queue_size = 1000| Configuration | Type | Default | Description |
|---|---|---|---|
default_user | string | "admin" | System default username |
default_password | string | "robustmq" | System default password |
durable_sessions_enable | bool | false | Whether to enable durable sessions (false for transient sessions, better performance) |
secret_free_login | bool | false | Whether to allow password-free login |
is_self_protection_status | bool | false | Whether to enable self-protection mode (reject new connections under overload) |
[mqtt_runtime.network] network thread configuration:
| Configuration | Type | Default | Description |
|---|---|---|---|
accept_thread_num | usize | 2 | Threads for accepting new connections |
handler_thread_num | usize | 16 | Request handler thread count |
queue_size | usize | 1000 | Internal processing queue size |
11. MQTT Keep Alive Configuration
[mqtt_keep_alive]
MQTT heartbeat keep-alive configuration.
toml
[mqtt_keep_alive]
enable = true
default_time = 180
max_time = 3600
default_timeout = 2| Configuration | Type | Default | Description |
|---|---|---|---|
enable | bool | true | Whether to enable Keep Alive heartbeat detection |
default_time | u16 | 180 | Default heartbeat interval (seconds) |
max_time | u16 | 3600 | Maximum heartbeat interval (seconds) |
default_timeout | u16 | 2 | Disconnect after this many consecutive timeouts |
12. MQTT Protocol Configuration
[mqtt_protocol]
MQTT protocol parameter configuration.
toml
[mqtt_protocol]
max_session_expiry_interval = 1800
default_session_expiry_interval = 30
topic_alias_max = 65535
max_packet_size = 10485760
receive_max = 65535
max_message_expiry_interval = 3600
client_pkid_persistent = false| Configuration | Type | Default | Description |
|---|---|---|---|
max_session_expiry_interval | u32 | 1800 | Maximum session expiry time (seconds) |
default_session_expiry_interval | u32 | 30 | Default session expiry time (seconds) |
topic_alias_max | u16 | 65535 | Maximum number of topic aliases |
max_packet_size | u32 | 10485760 (10 MB) | Maximum MQTT packet size (bytes) |
receive_max | u16 | 65535 | Maximum unacknowledged PUBLISH packets |
max_message_expiry_interval | u64 | 3600 | Maximum message expiry time (seconds) |
client_pkid_persistent | bool | false | Whether to persist client Packet IDs |
13. Rate Limiting Configuration
[limit]
Cluster and tenant level resource rate limiting configuration.
toml
[limit.cluster]
max_connections_per_node = 10000000
max_connection_rate = 100000
max_topics = 5000000
max_sessions = 50000000
max_publish_rate = 10000
[limit.tenant]
max_connections_per_node = 1000000
max_connection_rate = 10000
max_topics = 500000
max_sessions = 5000000
max_publish_rate = 10000| Field | Type | Description |
|---|---|---|
max_connections_per_node | u64 | Maximum connections per node |
max_connection_rate | u32 | Maximum new connection rate per second |
max_topics | u64 | Maximum number of topics |
max_sessions | u64 | Maximum number of sessions |
max_publish_rate | u32 | Maximum publish message rate per second |
15. MQTT Offline Message Configuration
[mqtt_offline_message]
Message storage configuration for offline clients.
toml
[mqtt_offline_message]
enable = true
expire_ms = 0
max_messages_num = 0| Configuration | Type | Default | Description |
|---|---|---|---|
enable | bool | true | Whether to enable offline messages |
expire_ms | u32 | 0 | Offline message expiry time (ms), 0 means no expiry |
max_messages_num | u32 | 0 | Maximum offline messages per client, 0 means unlimited |
16. MQTT Flapping Detection Configuration
[mqtt_flapping_detect]
Detect clients that connect/disconnect frequently (flapping) and auto-ban them.
toml
[mqtt_flapping_detect]
enable = false
window_time = 1
max_client_connections = 15
ban_time = 5| Configuration | Type | Default | Description |
|---|---|---|---|
enable | bool | false | Whether to enable flapping detection |
window_time | u32 | 1 | Detection time window (seconds) |
max_client_connections | u64 | 15 | Maximum connection attempts within the time window |
ban_time | u32 | 5 | Ban duration after triggering flapping (seconds) |
17. MQTT Slow Subscribe Detection Configuration
[mqtt_slow_subscribe]
Slow subscription monitoring for detecting message delivery delays.
toml
[mqtt_slow_subscribe]
enable = false
record_time = 1000
delay_type = "Whole"| Configuration | Type | Default | Description |
|---|---|---|---|
enable | bool | false | Whether to enable slow subscribe detection |
record_time | u64 | 1000 | Slow subscribe threshold (milliseconds) |
delay_type | string | "Whole" | Delay calculation type: Whole (end-to-end), Partial (partial) |
18. MQTT Schema Validation Configuration
[mqtt_schema]
Message Schema validation configuration.
toml
[mqtt_schema]
enable = true
strategy = "ALL"
failed_operation = "Discard"
echo_log = true
log_level = "info"| Configuration | Type | Default | Description |
|---|---|---|---|
enable | bool | true | Whether to enable Schema validation |
strategy | string | "ALL" | Validation strategy |
failed_operation | string | "Discard" | Operation when validation fails |
echo_log | bool | true | Whether to output Schema validation logs |
log_level | string | "info" | Schema validation log level |
Validation strategies (strategy):
ALL: Message must pass all bound Schema validationsAny: Message only needs to pass any one Schema validation
Failed operations (failed_operation):
Discard: Discard messages that fail validationDisconnectAndDiscard: Disconnect and discard messagesIgnore: Ignore validation failures and continue processing
19. MQTT System Monitor Configuration
[mqtt_system_monitor]
System resource monitoring configuration.
toml
[mqtt_system_monitor]
enable = false
os_cpu_high_watermark = 70.0
os_memory_high_watermark = 80.0
system_topic_interval_ms = 60000| Configuration | Type | Default | Description |
|---|---|---|---|
enable | bool | false | Whether to enable system resource monitoring |
os_cpu_high_watermark | f32 | 70.0 | CPU usage high watermark (%) |
os_memory_high_watermark | f32 | 80.0 | Memory usage high watermark (%) |
system_topic_interval_ms | u64 | 60000 | System topic metrics publish interval (milliseconds) |
19b. Delay Task Configuration
[delay_task]
Delayed message processing task queue configuration.
toml
[delay_task]
delay_task_queue_num = 100
delay_task_handler_concurrency = 100| Configuration | Type | Default | Description |
|---|---|---|---|
delay_task_queue_num | usize | 100 | Number of delay task queues |
delay_task_handler_concurrency | usize | 100 | Delay task handler concurrency |
19c. NATS Runtime Configuration
[nats_runtime]
NATS/mq9 protocol service configuration.
toml
[nats_runtime]
tcp_port = 4222
tls_port = 4223
ws_port = 4080
wss_port = 4443
max_payload = 1048576
auth_required = false
ping_interval = 60
ping_max = 3
ping_send_chunk = 10000
core_shard_num = 10
push_thread_num = 1
push_queue_thread_num = 10
mq9_mailbox_default_ttl = 86400| Configuration | Type | Default | Description |
|---|---|---|---|
tcp_port | u32 | 4222 | NATS TCP listener port |
tls_port | u32 | 4223 | NATS TLS listener port |
ws_port | u32 | 4080 | NATS WebSocket listener port |
wss_port | u32 | 4443 | NATS WebSocket Secure listener port |
max_payload | u64 | 1048576 (1 MB) | Maximum payload size per message (bytes) |
auth_required | bool | false | Whether to require client authentication |
ping_interval | u64 | 60 | Server-initiated PING interval (seconds) |
ping_max | u64 | 3 | Maximum unanswered PINGs before connection is closed |
ping_send_chunk | usize | 10000 | Connections processed per batch when sending PINGs |
core_shard_num | usize | 10 | Number of internal core shards |
push_thread_num | usize | 1 | Direct-push thread count (one per bucket) |
push_queue_thread_num | usize | 10 | Queue-push thread count (one per queue-group bucket) |
mq9_mailbox_default_ttl | u64 | 86400 | Default TTL for mq9 mailboxes when client does not specify one (seconds) |
19d. Broker Network Configuration
[broker_network]
Broker internal general network thread configuration.
toml
[broker_network]
accept_thread_num = 2
handler_thread_num = 16
queue_size = 1000| Configuration | Type | Default | Description |
|---|---|---|---|
accept_thread_num | usize | 2 | Threads for accepting new connections |
handler_thread_num | usize | 16 | Request handler thread count |
queue_size | usize | 1000 | Internal processing queue size |
20. gRPC Client Configuration
[grpc_client]
Controls the connection pool behavior of the Broker's internal gRPC client. RobustMQ uses HTTP/2 for inter-node communication. Each Channel is an independent TCP connection that supports multiplexing.
toml
[grpc_client]
channels_per_address = 4| Configuration | Type | Default | Description |
|---|---|---|---|
channels_per_address | usize | 4 | Number of HTTP/2 Channels maintained per gRPC server address |
Tuning Guide:
Each HTTP/2 Channel supports approximately 200 concurrent Streams (concurrent RPC requests). The default value of 4 supports approximately 800 concurrent gRPC requests, covering the vast majority of production scenarios.
| Scenario | Recommended Value |
|---|---|
| Default / general production | 4 |
| High concurrency (tens of thousands of MQTT connections) | 8 ~ 16 |
| Extreme concurrency / stress testing | 32 |
Note: Setting this value too high causes a surge in open TCP file descriptors (each Channel occupies one fd). In environments with a low
ulimit -n, this may triggerToo many open files.
Environment variable:
bash
export ROBUST_MQ_SERVER_GRPC_CLIENT_CHANNELS_PER_ADDRESS=821. LLM Client Configuration
[llm_client]
Configures the Broker's unified LLM client (LLMClient). This section is optional. If omitted, the LLM client is not enabled.
toml
[llm_client]
platform = "open_ai"
model = "gpt-4o-mini"
token = "your_api_token"
# Optional: useful for OpenAI-compatible gateways or private deployments
# base_url = "https://api.openai.com/v1/"
# embedding = "text-embedding-3-small"
# embedding_model_path = "./models/embedding"| Configuration | Type | Default | Description |
|---|---|---|---|
platform | string | none | LLM provider identifier |
model | string | none | Model name, e.g. gpt-4o-mini, claude-3-5-sonnet, gemini-2.0-flash |
token | string | none | Access token. Required for all providers except ollama |
base_url | string | none | Custom API base URL (optional) |
embedding | string | none | Embedding model name (optional) |
embedding_model_path | string | none | Local embedding model file path (optional) |
base_url behavior (important):
- If
base_urlis omitted,genaiuses the provider's default official endpoint. - Set
base_urlwhen using a proxy gateway, an OpenAI-compatible service, private deployment, or internal routing. - For
ollama, if omitted, the default ishttp://localhost:11434/v1/.
Default endpoint behavior when base_url is omitted:
platform | Can omit base_url | Default endpoint |
|---|---|---|
open_ai / open_ai_resp | yes | OpenAI official |
gemini | yes | Google Gemini official |
anthropic | yes | Anthropic official |
cohere | yes | Cohere official |
xai | yes | xAI official |
deep_seek | yes | DeepSeek official |
groq / together / fireworks / nebius / mimo / zai / big_model | yes | Each provider official |
ollama | yes | http://localhost:11434/v1/ |
Allowed platform values:
open_ai,open_ai_resp,gemini,anthropic,fireworks,together,groqmimo,nebius,xai,deep_seek,zai,big_model,cohere,ollama
Environment variable example:
bash
export ROBUST_MQ_SERVER_LLM_CLIENT_PLATFORM=open_ai
export ROBUST_MQ_SERVER_LLM_CLIENT_MODEL=gpt-4o-mini
export ROBUST_MQ_SERVER_LLM_CLIENT_TOKEN=your_api_token22. Admin HTTP API Authentication
[admin]
Authentication configuration for the Admin HTTP API. See API Authentication for details.
toml
[admin]
username = "admin"
password = "admin"
jwt_secret = "robustmq-change-me-in-production"
token_ttl_hours = 8| Field | Type | Default | Description |
|---|---|---|---|
username | string | "admin" | Admin username |
password | string | "admin" | Admin password — change this in production |
jwt_secret | string | "robustmq-change-me-in-production" | HMAC-SHA256 secret used to sign JWT tokens — use a random string of 32+ chars in production |
token_ttl_hours | u64 | 8 | Token validity period in hours |
⚠️ Security notice: The default
passwordandjwt_secretvalues are insecure. Always change them before deploying to production.
Auth rules:
- Requests from
127.0.0.1/::1(loopback): no token required, allowed through directly - Requests from any other IP: must include
Authorization: Bearer <token> /api/v1/login,/health/*,/metrics: always public, no auth required
23. Monitoring Configuration
[prometheus]
Prometheus metrics exposure configuration.
toml
[prometheus]
enable = true
port = 9090| Configuration | Type | Default | Description |
|---|---|---|---|
enable | bool | true | Whether to enable Prometheus metrics collection |
port | u32 | 9090 | Prometheus metrics exposure port |
[pprof]
PProf performance profiling configuration.
toml
[pprof]
enable = false
port = 6060
frequency = 100| Configuration | Type | Default | Description |
|---|---|---|---|
enable | bool | false | Whether to enable PProf profiling |
port | u16 | 6060 | PProf service port |
frequency | i32 | 100 | Sampling frequency |
Complete Configuration Example
toml
# ========== Basic Configuration ==========
cluster_name = "production-cluster"
broker_id = 1
roles = ["meta", "broker", "engine"]
grpc_port = 1228
http_port = 58080
[meta_addrs]
1 = "192.168.1.10:1228"
2 = "192.168.1.11:1228"
3 = "192.168.1.12:1228"
# ========== Runtime ==========
[runtime]
tls_cert = "./config/certs/cert.pem"
tls_key = "./config/certs/key.pem"
# server_worker_threads = 0
# meta_worker_threads = 0
# broker_worker_threads = 0
# ========== Meta ==========
[meta_runtime]
heartbeat_timeout_ms = 30000
heartbeat_check_time_ms = 1000
raft_write_timeout_sec = 30
offset_raft_group_num = 1
data_raft_group_num = 1
group_offset_expire_sec = 604800
# ========== RocksDB ==========
[rocksdb]
data_path = "/data/robustmq"
max_open_files = 20000
# ========== Storage Engine ==========
[storage_runtime]
tcp_port = 1778
max_segment_size = 1073741824
io_thread_num = 8
expire_scan_task_num = 10
[storage_runtime.network]
accept_thread_num = 2
handler_thread_num = 16
queue_size = 1000
# ========== Kafka Runtime ==========
[kafka_runtime]
tcp_port = 9095
# ========== AMQP Runtime ==========
[amqp_runtime]
tcp_port = 5672
# ========== NATS Runtime ==========
[nats_runtime]
tcp_port = 4222
tls_port = 4223
ws_port = 4080
wss_port = 4443
max_payload = 1048576
auth_required = false
ping_interval = 60
ping_max = 3
mq9_mailbox_default_ttl = 86400
# ========== Delay Task ==========
[delay_task]
delay_task_queue_num = 100
delay_task_handler_concurrency = 100
# ========== Message Storage ==========
[message_storage]
storage_type = "EngineMemory"
# ========== Offset Cache ==========
[storage_offset]
enable_cache = true
# ========== MQTT Server ==========
[mqtt_server]
tcp_port = 1883
tls_port = 1885
websocket_port = 8083
websockets_port = 8085
quic_port = 9083
# ========== MQTT Runtime ==========
[mqtt_runtime]
default_user = "admin"
default_password = "your_secure_password"
durable_sessions_enable = false
secret_free_login = false
is_self_protection_status = false
[mqtt_runtime.network]
accept_thread_num = 2
handler_thread_num = 16
queue_size = 1000
# ========== MQTT Keep Alive ==========
[mqtt_keep_alive]
enable = true
default_time = 180
max_time = 3600
default_timeout = 2
# ========== MQTT Protocol ==========
[mqtt_protocol]
max_session_expiry_interval = 1800
default_session_expiry_interval = 30
topic_alias_max = 65535
max_packet_size = 10485760
receive_max = 65535
max_message_expiry_interval = 3600
client_pkid_persistent = false
# ========== MQTT Offline Messages ==========
[mqtt_offline_message]
enable = true
expire_ms = 0
max_messages_num = 0
# ========== MQTT Flapping Detection ==========
[mqtt_flapping_detect]
enable = false
window_time = 1
max_client_connections = 15
ban_time = 5
# ========== MQTT Slow Subscribe ==========
[mqtt_slow_subscribe]
enable = false
record_time = 1000
delay_type = "Whole"
# ========== MQTT Schema ==========
[mqtt_schema]
enable = true
strategy = "ALL"
failed_operation = "Discard"
echo_log = true
log_level = "info"
# ========== MQTT System Monitor ==========
[mqtt_system_monitor]
enable = false
os_cpu_high_watermark = 70.0
os_memory_high_watermark = 80.0
system_topic_interval_ms = 60000
# ========== Monitoring ==========
[prometheus]
enable = true
port = 9090
[pprof]
enable = false
port = 6060
frequency = 100
# ========== gRPC Client ==========
[grpc_client]
channels_per_address = 4
# ========== LLM Client (optional) ==========
[llm_client]
platform = "open_ai"
model = "gpt-4o-mini"
token = "your_api_token"
# base_url = "https://api.openai.com/v1/"
# embedding = "text-embedding-3-small"
# embedding_model_path = "./models/embedding"
# ========== Admin Authentication ==========
[admin]
username = "admin"
password = "your_secure_password"
jwt_secret = "your-random-jwt-secret-32-chars-min"
token_ttl_hours = 8
# ========== Logging ==========
[log]
log_config = "./config/broker-tracing.toml"
log_path = "./logs"