If you want an ApsaraMQ for Kafka instance to be accessed only over a virtual private cloud (VPC), you can purchase and deploy a VPC-connected instance.
Prerequisites
ApsaraMQ for Kafka is authorized to access the resources of other Alibaba Cloud services. For more information, see Step 1: Obtain the access permissions.
A VPC is created. For more information, see Create and manage a VPC.
Step 1: Purchase an ApsaraMQ for Kafka instance
Log on to the ApsaraMQ for Kafka console. In the left-side navigation pane, click Instances.
In the top navigation bar, select a region and click Buy Instance.
In the Select Instance Billing Method panel, configure the Instance Edition parameter, set the Billing Method to Subscription or Pay-as-you-go (Hourly) based on your business requirements, and then click OK.
On the instance buy page, follow the on-screen instructions to configure the parameters, click Buy Now, and then complete the payment. The following table describes the parameters.
Parameters for creating an instance
Parameter
Example
Instance Edition
Standard Edition (High Write)
For information about the differences among instance editions, see Instance editions.
Region
China (Hangzhou)
Network Type
VPC
Traffic Specification
alikafka.hw.2xlarge
For information about the peak traffic of elastic network interfaces (ENIs) in each traffic specification and the number of partitions provided free of charge by each traffic specification, see Billing rules.
Partitions
100
This parameter specifies the number of partitions that you want to purchase. The total number of partitions in an instance is calculated based on the following formula: Total number of partitions = Number of partitions provided free of charge by the traffic specification + Number of partitions you purchase. For information about the number of partitions provided free of charge by each specification, see Billing rules.
Disk Type
SSD
An SSD delivers higher IOPS than an ultra disk. In scenarios in which the message throughput is high or a large number of messages are accumulated, we recommend that you select SSD for this parameter.
Disk Capacity
900 GB
Resource Group
Default Resource Group
Step 2: Obtain the VPC information
Log on to the VPC console.
In the left-side navigation pane, click vSwitch. In the top navigation bar, select the region where the VPC is deployed.
On the vSwitch page, find your VPC and view the vSwitch ID and VPC ID.
The vSwitch ID is displayed in the Instance ID/Name column.
The VPC ID is displayed in the VPC column.
Step 3: Deploy the ApsaraMQ for Kafka instance
On the Instances page in the ApsaraMQ for Kafka console, find the instance that you want to deploy and click Deploy in the Actions column.
In the Deploy Instance panel, configure the parameters that are described in the following table and click OK.
Parameters for deploying an instance
Parameter
Description
Example
VPC ID
Select the VPC ID that you obtained in Step 2: Obtain the VPC information.
vpc-bp17fapfdj0dwzjkd****
vSwitch ID
Select the vSwitch ID that you obtained in Step 2: Obtain the VPC Information.
vsw-bp1gbjhj53hdjdkg****
Cross-zone Deployment
If the instance is of Professional Edition, you can specify whether to deploy the instance across zones. Instances that are deployed across zones provide excellent disaster recovery capabilities and have a high tolerance for data center-level faults.
Yes
Candidate Zones of Primary Zone
After you select a vSwitch ID, the system automatically sets the value of this parameter to the zone in which the vSwitch is deployed. You can also change the value of this parameter by selecting another zone or adding a zone. This parameter is required only if you set the Cross-zone Deployment parameter to Yes.
Zone D
Candidate Zones of Secondary Zone
We recommend that you select a new zone as the secondary zone. In most cases, select a zone in reverse alphabetical order. The primary zone and the secondary zone must be different. This parameter is required only if you set the Cross-zone Deployment parameter to Yes.
Zone H
Force Deployment in the Selected Zone
Specify whether to deploy the instance across the specified candidate zones. By default, No is selected. This parameter is required only if you set the Cross-zone Deployment parameter to Yes.
No
Version
The version of the ApsaraMQ for Kafka instance that you want to deploy. The version number must be the same as the version number of the broker that the self-managed Apache Kafka cluster uses.
2.6.2
2.2.0
2.2.0
Message Retention Period
Specify the maximum retention period for messages. Unit: hours.
72
Maximum Message Size
Specify the maximum size of a message that can be received in the instance. Unit: MB.
1
Consumer Offset Retention Period
Specify the maximum retention period for consumer offsets. Unit: minutes.
10080
ACL
Specify whether to enable the access control list (ACL) feature. The ACL feature of ApsaraMQ for Kafka allows you to grant permissions to Simple Authentication and Security Layer (SASL) users to send and receive messages in ApsaraMQ for Kafka. This parameter is required when the instance is of Professional Edition.
Disable
Disk Encryption
Specify whether to enable disk encryption for the instance.
Enable
Disk Encryption Key ID
The key ID for disk encryption in the region where the instance is deployed. Follow the on-screen instructions to specify a key ID. This parameter is required only if you set the Disk Encryption parameter to Enable.
0d24xxxx-da7b-4786-b981-9a164dxxxxxx
After the parameters are configured, the instance enters the Deploying state. The instance deployment requires approximately 10 to 30 minutes to complete.
Step 4: View the endpoints of the instance
On the Instances page in the ApsaraMQ for Kafka console, click the name of the instance whose endpoints you want to view.
In the Endpoint Information section of the Instance Details page, view the endpoints of the instance. For more information about how to select an endpoint, see Comparison among endpoints.
Step 5: Configure the whitelist for the endpoint and check whether a network connection is established
In the Endpoint Information section of the Instance Details page, find the endpoint that you want to manage and click Manage Whitelist in the Actions column.
On the Whitelists page, click Create Whitelist. In the panel that appears, configure the Name parameter and specify the IP addresses or CIDR blocks that you want to add to the whitelist. Then, click OK.
Enable Telnet on your on-premises client and run the
telnet Domain name in an endpoint Port number
command to check whether you can connect to ApsaraMQ for Kafka.For example, if you want to connect the client to the default endpoint of the ApsaraMQ for Kafka instance, run the
telnet alikafka-pre-cn-zv**********-1-vpc.alikafka.aliyuncs.com 9092
command to check whether you can connect to the instance.If the telnet command returns a success response, the network connection works as expected.
If the instance is running but the network fails to be connected, use the self-check tool to perform a self-check. For more information, see Perform a health check on an ApsaraMQ for Kafka instance.