= RB1100AHx4 Dude = {{{ [admin@T108] /container> /disk/print Flags: B - BLOCK-DEVICE; M - MOUNTED Columns: SLOT, MOUNT-POINT, MODEL, SERIAL, INTERFACE, SIZE # SLOT MOUNT-POINT MODEL SERIAL INTERFACE SIZE 0 BM sata1 sata1 M.2 (S42) 3TE7 2.5in B0012307210120143 SATA 6.0 Gbps 55 021 510 656 }}} {{{ [admin@T108] /container/config> print registry-url: https://registry-1.docker.io username: password: layer-dir: tmpdir: pull memory-high: unlimited memory-current: 63.5MiB [admin@T108] /container/config> .. [admin@T108] /container> mounts/print Columns: NAME, SRC, DST, READ-ONLY # NAME SRC DST READ-ONLY 0 msqt_config /mosquitto_mounted /mosquitto/config no 1 linux_nginx /sata1/nginx /docker/nginx no [admin@T108] /container> [admin@T108] /container> /container/add remote-image=library/nginx:latest interface=veth1 root-dir=/sata1/nginx mount=linux_nginx logging=yes }}} == Crate alpine in HD of RB1100AHx4 == {{{ [admin@T108] /container> /container/add remote-image=library/alpine:latest interface=veth2 root-dir=sata1/alpine cmd="tail -f /dev/null" name=alpine logging=yes [admin@T108] /container> print Flags: R - RUNNING Columns: NAME, ROOT-DIR, INTERFACE, MOUNTS, CMD, WORKDIR, MEMORY-CURRENT # NAME ROOT-DIR INTERFACE MOUNTS CMD WORKDIR MEMORY-C 0 R nginx /sata1/nginx veth1 linux_nginx 12.8MiB 1 R alpine sata1/alpine veth2 tail -f /dev/null / 752.0KiB }}} {{{ [admin@T108] /container> config/print registry-url: https://registry-1.docker.io username: password: layer-dir: tmpdir: sata1/tmp memory-high: unlimited memory-current: 13.5MiB [admin@T108] /container> }}} == Hap ax2 == Setup firewall NAT on Mikrotik {{{ [admin@MK53] /ip/firewall/nat> print Flags: X - disabled, I - invalid; D - dynamic 0 ;;; defconf: masquerade chain=srcnat action=masquerade in-interface=bridge out-interface=wifi1 out-interface-list=WAN log=no log-prefix="" ipsec-policy=out,none 1 ;;; NAT all out traffic from containers to the wolrd chain=srcnat action=masquerade src-address=172.17.0.0/24 2 ;;; Allow in comming 192.168.108.1:8000 to 172.17.0.3:8000 chain=dstnat action=dst-nat to-addresses=172.17.0.3 to-ports=8000 protocol=tcp dst-address=192.168.108.1 dst-port=8000 [admin@MK53] /ip/firewall/nat> }}} {{{ /disk add type=tmpfs tmpfs-max-size=128M slot=ram /container/add remote-image=library/alpine:latest interface=veth1 root-dir=ram/ cmd="tail -f /dev/null" logging=yes name=alpine }}} After we shell in container {{{ apk update apk add --no-cache python3 apk add --no-cache inetutils-telnet root@MK53:~# cat .ashrc alias ls='ls --color=auto' alias grep='grep --color=auto' # ANSI Color Codes (e.g., 31=Red, 32=Green, 34=Blue) # Reset color is 0 export PS1_RED='\e[31m' export PS1_GREEN='\e[32m' export PS1_BLUE='\e[34m' export PS1_YELLOW='\e[33m' export PS1_RESET='\e[0m' export PS1_MAGENTA='\e[35m' export PS1_CYAN='\e[36m' export PS1_GRAY='\e[37m' # Example: [user@host] /path $ # \u = username, \h = hostname, \w = working dir # \n = newline, \$ = # or $ PS1='${PS1_RED}[\u${PS1_GRAY}@${PS1_MAGENTA}\h]${PS1_YELLOW}:${PS1_GREEN}\W${PS1_RESET} \$ ' #PS1='\[\e[31m\]\u@\h\[\e[0m\]:\[\e[32m\]\w\[\e[0m\]\$ ' }}} This script is good "/system/script/alpine_start" {{{ :do { :local cname "alpine" # Find existing container :local cid [/container find where name=$cname] :if ($cid != "") do={ :put ("Removing existing container: " . $cname) /container remove $cid :delay 5s } else={ :put ("No existing container: " . $cname) } :put "Creating alpine container..." /container add \ name=$cname \ remote-image=library/alpine:latest \ interface=veth1 \ root-dir=ram \ cmd="tail -f /dev/null" \ logging=yes :delay 20s :local newcid [/container find where name=$cname] :if ($newcid = "") do={ :put "ERROR: container was not created" :error "container create failed" } :put "Starting alpine container..." /container start $newcid :delay 5s :put "Installing packages..." /container shell $newcid cmd="apk update" :delay 5s /container shell $newcid cmd="apk add --no-cache python3 inetutils-telnet tzdata " /container shell $newcid cmd="ln -s /usr/share/zoneinfo/Asia/Bangkok /etc/localtime" :delay 3s :put "Downloading .profile..." /container shell $newcid cmd="wget -O /root/.profile http://192.168.108.200:8000/.profile" :put "Alpine container setup complete" } }}} mosquitto.conf {{{ # Listen on all IPv4 interfaces, port 1883 listener 1883 0.0.0.0 # Allow anonymous clients (no username/password) allow_anonymous true # Disable persistence (optional, useful for containers) persistence false # Log to stdout (recommended for containers) log_dest stdout log_type all }}} Then start mosquitto service {{{ mosquitto -c /etc/mosquitto/mosquitto.conf -d }}} == Install mosquitto broker == use '''apk add --no-cache mosquitto''' {{{ [root@MK53]:mosquitto # cat acl.conf # This affects access control for clients with no username. topic read $SYS/# # This only affects clients with username "roger". user IoTdevices #topic foo/bar topic foo/# # This affects all clients. pattern write $SYS/broker/connection/%c/state [root@MK53]:mosquitto # cat mosquitto.conf listener 1883 0.0.0.0 allow_anonymous false password_file /etc/mosquitto/pwfile # Specify the path to the ACL file acl_file /etc/mosquitto/acl.conf log_dest file /var/log/mosquitto/mosquitto.log #log_type warning #log_type error #log_type information #log_type notice [root@MK53]:mosquitto # ls /etc/mosquitto/ acl.conf mosquitto.conf pskfile.example pwfile.example aclfile.example mosquitto.confORG pwfile [root@MK53]:mosquitto # mosquitto -c /etc/mosquitto/mosquitto.conf ^Z[1]+ Stopped mosquitto -c /etc/mosquitto/mosquitto.conf [root@MK53]:mosquitto # bg [1] mosquitto -c /etc/mosquitto/mosquitto.conf [root@MK53]:mosquitto # netstat -tnpl Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:1883 0.0.0.0:* LISTEN 93/mosquitto tcp 0 0 :::445 :::* LISTEN - tcp 0 0 :::445 :::* LISTEN - [root@MK53]:mosquitto # }}}