Introduction
MQTT (Message Queue Telemetry Transport), originally designed as a lightweight publish/subscribe messaging transport, is now the de facto standard messaging protocol for the Internet of Things (IoT). An MQTT Broker is critical in connecting clients, such as IoT devices, and moving MQTT messages between them.
As a16z said over a decade ago, "Software is eating the world." Open source is eating up software. More than 20 open-source MQTT broker implementations are available today, making the selection process challenging for software architects and developers.
In this post series, we’ll explore the top open-source MQTT brokers in 2023 and compare them in-depth to help you choose the best one for your needs.
Evaluation Criteria: Community and Popularity
To thoroughly compare open-source MQTT brokers in 2023, it is essential to consider the following evaluation criteria:
- Community: evaluated by the number of GitHub stars, contributors, and issues.
- Popularity: evaluated by examining the user base, downloads, and docker pulls.
- Project Activity: evaluated the frequency of GitHub commits, PRs, and releases, especially those made within the last 12 months.
Based on the criteria, we choose to focus on four popular open-source MQTT brokers that have the most influence in the open-source community:
- EMQX: This is the most starred MQTT broker on GitHub, with 11.4k stars.
- Mosquitto: This is the second-most-starred but the most prevalent among MQTT brokers.
- NanoMQ: This is the latest and one of the most active MQTT brokers available.
- VerneMQ: Although not actively developing on Github, this MQTT broker has the third-highest number of stars.
Here is a summary of the four projects hosted on GitHub:
Overview of Top Open Source MQTT Brokers
EMQX
EMQX is one of the most popular MQTT brokers and has 11.5k stars on GitHub. The EMQX project was launched in 2012 and is licensed under Apache version 2.0. EMQX is written in Erlang/OTP, a programming language for building massively scalable soft real-time systems.
EMQX is the world's most scalable MQTT broker that supports advanced features such as MQTT 5.0, MQTT-SN, and MQTT over QUIC. It supports masterless clustering for high availability and horizontal scalability. EMQX 5.0, the latest version, scales to establish 100 million concurrent MQTT connections with a single cluster of 23 nodes.
See: Reaching 100M MQTT connections with EMQX 5.0
EMQX offers rich enterprise features, data integration, cloud hosting services, and commercial support from EMQ Technologies Inc. Over the years, EMQX has gained popularity among enterprises, startups, and individuals due to its performance, reliability, and scalability. EMQX is widely used for business-critical applications in various industries, such as IoT, industrial IoT, connected cars, manufacturing, and telecommunications.
Official Website: https://www.emqx.io/
GitHub: https://github.com/emqx/emqx
Pros:
- Supports large-scale deployments
- High availability
- Horizontal scalability
- High-performance and low-latency
- Rich enterprise features
- Pioneering MQTT over QUIC
Cons:
- Complex to set up and configure
- Difficult to manage effectively
- Logs may be confusing
- Download EMQX
- The most scalable open-source MQTT broker for IoT, IIoT, and connected vehicles.
Mosquitto
The Mosquitto project was initially developed by Roger Light in 2009 and later donated to the Eclipse Foundation, licensed under the Eclipse Public License (EPL/EDL license). As of March 2023, it is the most widely deployed open-source MQTT broker with a large community and over 7k GitHub stars.
Mosquitto is written in C/C++ and uses a single-threaded architecture. Mosquitto implements MQTT protocol versions 5.0, 3.1.1, and 3.1, and supports SSL/TLS and WebSocket. Its lightweight design makes Mosquitto suitable for deployment on embedded devices or servers with limited resources.
Mosquitto is known for its small booting footprint of about 200k. However, it does not provide native support for multi-threading or clustering. Mosquitto is available for various platforms, including Linux, Windows, and macOS.
Official website: https://mosquitto.org/
GitHub: https://github.com/eclipse/mosquitto
Pros:
- Easy to setup and use
- MQTT 5.0 protocol support
- Lightweight and small footprint
- Active community support
Cons:
- Single-threaded architecture
- Limited scalability in production ( <100k )
- No clustering support
- Lacking enterprise features
- Limited cloud-native support
NanoMQ
NanoMQ, an open-source project released in 2020, is a lightweight and fast MQTT messaging broker designed for edge computing scenarios in the Internet of Things (IoT).
NanoMQ is implemented in purely C, based on NNG's asynchronous I/O with a multi-threading Actor Model. It fully supports MQTT 3.1.1 and MQTT 5.0 protocol versions and pioneers MQTT over QUIC.
NanoMQ is lightweight and high-performance, making it suitable for various edge computing platforms. It is highly compatible and portable, relying solely on the native POSIX API. This makes it easy to deploy on any POSIX-compatible platform and runs smoothly on various CPU architectures, including x86_64, ARM, MIPS, and RISC-V.
Official website: https://nanomq.io/
GitHub: https://github.com/emqx/nanomq
Pros
- Lightweight design
- Multi-threading and Async IO
- Highly portable
- Small booting footprint
- Easy to deploy
- Bridging with brokerless protocols
Cons
- No clustering support
- Small community and user base
- Lack of documentation and tutorials
- Lack of enterprise features (data Integrations)
VerneMQ
The VerneMQ project was launched in 2014 and initially developed by Erlio GmbH. The project is licensed under Apache Version 2.0. It supports MQTT versions 3.1, 3.1.1, and 5.0. As the second broker wrote in Erlang/OTP, it borrowed some code from the EMQX project.
Regarding architectural design, VerneMQ is designed to handle millions of concurrent connections and messages with low latency and high throughput. It supports MQTT message persistence in LevelDB and uses a clustering architecture based on the Plumtree library, which implements the Epidemic Broadcast Trees algorithm.
Unfortunately, this Plumtree cluster architecture has not proven to work, even though it seems perfect in theory. The VerneMQ team and community have spent many years trying to make it work, fixing problems such as network split, data inconsistency, and crash recovery.
Finally, the project has stopped being actively developed and maintained, with only about 50 commits in the last 12 months.
Official website: https://www.vernemq.com/
GitHub: https://github.com/vernemq/vernemq
Pros:
- High availability
- Horizontal scalability
- Message persistence
Cons:
- Not proofed clustering
- Limited documentation
- Limited enterprise features
- Not actively developing
Scalability, Performance, and Reliability
Before we dive into the comparison of features and capabilities of these MQTT brokers, let's review their scalability, availability, performance, latency, and reliability first.
- Scalability: Can the broker scale horizontally to handle millions of concurrent MQTT connections?
- Availability: Does the broker support highly available clustering for mission-critical applications?
- Performance: How many QoS/0/1/2 MQTT messages per second can the broker route and deliver?
- Latency: How fast can the broker dispatch and deliver an MQTT message from one client to another?
- Reliability: Does the broker support MQTT message persistence and delivery without data loss?
Below is a brief analysis of the four MQTT brokers:
? here means that we were unable to find any publicly available documentation or files that could serve as evidence regarding the item under discussion.
MQTT Protocol and Connectivity
All the presented brokers fully implement MQTT versions 3.1.1 and 5.0 and support MQTT over WebSocket and SSL/TLS encryption. Additionally, EMQX supports MQTT-SN, CoAP, and LwM2M protocol gateways. NanoMQ supports brokerless mode and can work with DDS, ZeroMQ, and Nanomsg.
EMQX and NanoMQ have committed to advancing the MQTT standard. They are pioneers in implementing MQTT over QUIC, the next generation of MQTT protocol that aims to optimize further IoT communication.
Security, Authentication & Authorization
Security is crucial for connecting IoT devices and data exchanged between connected devices using MQTT brokers. All the compared brokers support secure connections based on TLS/SSL and authentication and authorization mechanisms such as username/password, JWT, X.509 certificates, and access control lists.
Additionally, EMQX offers advanced security features like integration with external databases, OCSP Stapling, fine-grained access control policies, flapping detection, and support for OAuth 2.0 authorization.
Data Integrations (Out-of-the-Box)
All the brokers support integration with external services using REST APIs and WebHook. As lightweight brokers, Mosquitto and NanoMQ do not support data integration. Users can write code to consume MQTT messages from Mosquitto and ingest them into external databases or cloud services.
EMQX implements a built-in SQL-based rule engine to help extract, filter, enrich, and transform MQTT messages in real time within the broker. And the Enterprise Edition of EMQX can seamlessly integrate with Kafka, databases, and cloud services using out-of-the-box data bridges.
Operability, Observability, and Compatibility
Each broker is user-friendly and equipped with essential logging and debugging features to monitor their status and troubleshoot issues effectively. They can run on various operating systems and public cloud platforms. Besides, EMQX has excellent support for Kubernetes Operator and Terraform.
Additionally, EMQX provides rich visual monitoring capabilities through HTTP API and Dashboard, making it easier to monitor and manage. In addition, EMQX supports integration with Prometheus and Grafana, enabling O&M teams to use third-party monitoring platforms easily.
See: Monitoring MQTT broker with Prometheus and Grafana
Head-to-Head Comparison Chart
Finally, we summarize an overall evaluation of the top open-source MQTT brokers in the following chart.
Final Thoughts on the Comparison
Over the past decade, open-source MQTT brokers have led the way in innovating MQTT technology. These brokers have played a significant role in advancing the functionality, scalability, and interoperability of the MQTT messaging protocol. Without these contributions, MQTT may not have become as widely adopted and versatile as it is today.
Choosing an MQTT broker depends on various factors, such as the number of connected devices, message throughput, and integration requirements. From the comparison, we can conclude that EMQX is a highly scalable and enterprise-grade broker for large-scale, mission-critical deployments in the cloud. While Mosquitto and NanoMQ are fast and lightweight, making them suitable for deployment on resource-constrained embedded hardware, industrial gateways, and IoT edge servers.
Future Developments
With the rapid expansion of IoT, the number of connected devices is predicted to exceed 100 billion by 2030. As a result, MQTT is poised to become even more indispensable and could potentially serve as the nervous system of the IoT.
Several exciting technological advancements are in the pipeline, including MQTT over QUIC, MQTT Serverless, MQTT Unified Namespace, and more. To learn more about these developments, feel free to check out our blog posts at:
Shaping the Future of IoT: 7 MQTT Technology Trends in 2023
MQTT over QUIC: Next-Generation IoT Standard Protocol
References
[1] 125 billion IoT devices by 2030 says IHS Markit
[2] Comparison of MQTT implementations
[3] A Comparison of MQTT Brokers for Distributed IoT Edge Computing
Top comments (1)
With first test I was stunned how poorly security had implemented at EMQX. By no means you cannot give "excellent" rating for software what by default open admin portal with default password directly to intertnet. Also if you want https to admin portal it need lot of manual configuration and work. Also non existence cert managment for modern software is quite odd choise.
Also preferred installation manuals encourage installation what does not get upgraded.
So many red flags at different places that there is non exsistene security culture in EMQX so just wondering that how full of holes that codebase it self is.