nats
A command line utility to interact with and manage NATS.
This utility replaces various past tools that were named in the form nats-sub and nats-pub, adds several new capabilities and supports full JetStream management.
Check out the repo for all the details: github.com/nats-io/natscli.

Installing nats

For macOS:
1
brew tap nats-io/nats-tools
2
brew install nats-io/nats-tools/nats
Copied!
For Arch Linux:
1
yay natscli
Copied!
Binaries are also available as GitHub Releases.

Using nats

Getting help

  • nats help
  • nats help [<command>...] or nats [<command>...] --help
  • Remember to look at the cheat sheets!
    • nats cheat
    • nats cheat --sections
    • nats cheat <section>>

Interacting with NATS

  • nats context
  • nats account
  • nats pub
  • nats sub
  • nats request
  • nats reply
  • nats bench

Monitoring NATS

  • nats events
  • nats rtt
  • nats server
  • nats latency
  • nats governor

Managing and interacting with streams

  • nats stream
  • nats consumer
  • nats backup
  • nats restore

Managing and interacting with the K/V Store

  • nats kv

Get reference information

  • nats errors
  • nats schema

Configuration Contexts

In practice, it is quite common for the administrators of a NATS service infrastructure to have to connect using various NATS URLs and security credentials, the CLI has a number of environment configuration settings that can be passed as command line arguments or set in environment variables. In order to facilitate switching between NATS environments or servers, clusters, operators, etc... nats lets you use 'contexts' that you can store and easily select.
1
nats --help
Copied!
Output extract
1
...
2
-s, --server=NATS_URL NATS servers
3
--user=NATS_USER Username of Token
4
--password=NATS_PASSWORD Password
5
--creds=NATS_CREDS User credentials
6
--nkey=NATS_NKEY User NKEY
7
--tlscert=NATS_CERT TLS public certificate
8
--tlskey=NATS_KEY TLS private key
9
--tlsca=NATS_CA TLS certificate authority chain
10
--timeout=NATS_TIMEOUT Time to wait on responses from NATS
11
--context=CONTEXT NATS Configuration Context to use for access
12
...
Copied!
You can set these using the CLI flag, the environment variable - like NATS_URL - or using our context feature.

NATS Contexts

A context is a named configuration that stores all of these settings, you can switch between access configurations and designate a default.
Creating one is easy, just specify the settings with nats context save
1
nats context save example --server nats://nats.example.net:4222 --description 'Example.Net Server'
2
nats context save local --server nats://localhost:4222 --description 'Local Host' --select
Copied!
Or you can use nats context create my_context_name and then edit the created context file (i.e. in ~/.config/nats/context/my_context_name.json)
List your contexts
1
nats context ls
Copied!
Output
1
Known contexts:
2
3
example Example.Net Server
4
local* Local Host
Copied!
We passed --select to the local one meaning it will be the default when nothing is set.
Select a context
1
nats context select
Copied!
Check the round trip time to the server (using the currently selected context)
1
nats rtt
Copied!
Output
1
nats://localhost:4222:
2
3
nats://127.0.0.1:4222: 245.115µs
4
nats://[::1]:4222: 390.239µs
Copied!
You can also specify a context directly
1
nats rtt --context example
Copied!
Example output
1
nats://nats.example.net:4222:
2
3
nats://192.0.2.10:4222: 41.560815ms
4
nats://192.0.2.11:4222: 41.486609ms
5
nats://192.0.2.12:4222: 41.178009ms
Copied!
All nats commands are context aware and the nats context command has various commands to view, edit and remove contexts.
Server URLs and Credential paths can be resolved via the nsc command by specifying an URL, for example to find user new within the orders account of the acme operator you can use this:
1
nats context save example --description 'Example.Net Server' --nsc nsc://acme/orders/new
Copied!
The server list and credentials path will now be resolved via nsc, if these are specifically set in the context, the specific context configuration will take precedence.

Generating bcrypted passwords

The server supports hashing of passwords and authentication tokens using bcrypt. To take advantage of this, simply replace the plaintext password in the configuration with its bcrypt hash, and the server will automatically utilize bcrypt as needed.
The nats utility has a command for creating bcrypt hashes. This can be used for a password or a token in the configuration.
1
nats server passwd
Copied!
Output
1
? Enter password [? for help] **********************
2
? Reenter password [? for help] **********************
3
4
$2a$11$3kIDaCxw.Glsl1.u5nKa6eUnNDLV5HV9tIuUp7EHhMt6Nm9myW1aS
Copied!
To use the password on the server, add the hash into the server configuration file's authorization section.
1
authorization {
2
user: derek
3
password: $2a$11$3kIDaCxw.Glsl1.u5nKa6eUnNDLV5HV9tIuUp7EHhMt6Nm9myW1aS
4
}
Copied!
Note the client will still have to provide the plain text version of the password, the server however will only store the hash to verify that the password is correct when supplied.

See Also

Publish-subscribe pattern using the NATS CLI
Publish-subscribe Pattern using NATS CLI
Last modified 12h ago