course: Confluent Cloud Networking
Hands On: Configuring a VPC Peered Cluster
14 min
Dennis Wittekind
Customer Success Technical Architect (Presenter)
Configuring a VPC Peered Cluster
Prerequisites:
-
AWS login
- Permissions to create VPCs
- Permissions to create EC2 instances
- Permission to accept Peerings
-
Confluent Cloud Login
-
Confluent Cloud CLI
Launch a Confluent Cloud Network.
- Log in to Confluent Cloud, and navigate to the Cloud-Networking environment.
- Click Network Management -> Create your first network.
- Select AWS, and the cloud provider region where you created your VPC (us-east-2 in this example).
- Select VPC Peering, and leave the AZs as is. Enter a CIDR for Confluent Cloud to use. It must not conflict with the VPC CIDR range you just created.
- Give the network a name, and click Create Network.
- The network provisioning will take a few minutes to complete.
- Once the network is ready, create a peering.
- Complete the details using the VPC that you created earlier.
- Back in the AWS console, accept the peering.
- Then edit the route tables to establish connectivity, click add route, set the destination as the Confluent Cloud CIDR used during creation of the network, and the target as the Peering Connection ID for which you accepted the peering.
- Once saved, the peering connection should show as “Ready” in the Confluent Cloud UI.
- Next, create a cluster by selecting the clusters tab, and add cluster.
- Complete the cluster creation wizard using the defaults, and then click Launch Cluster.
Now that the cluster is provisioned, configure UI access and try some produce/consume operations.
- Next, log into the instance and configure nginx per the documentation.
- After you’ve installed nginx, you can configure it to route traffic to allow for UI access, using the hostname provided in the error message in the Confluent Cloud UI.
- Now, modify your local host file to simulate updating a DNS record to point to the HAProxy instance’s IP address.
- You can also add a security group rule to allow HTTPS traffic for the UI.
- Once the security group is added, the error message should disappear, and you should be able to create topics!
To test some production and consumption, as before, create a datagen connector to produce some data to your topic.
- Create the connector with defaults like in the previous exercise.
- Back on your EC2 instance, consume the topic data!
Note that you won’t be able to produce/consume from your local machine, since it's not part of the VPC.
Clean up.
- Delete the Datagen connector.
- Delete the API keys.
- Delete the cluster.
- Delete the peering connection to AWS.
- Delete the Network.
- Revert your host file back to the previous state.
Use the promo code NETWORKING101 to get $25 of free Confluent Cloud usage
Be the first to get updates and new content
We will only share developer content and updates, including notifications when new content is added. We will never send you sales emails. 🙂 By subscribing, you understand we will process your personal information in accordance with our Privacy Statement.