How to access ApsaraMQ for Kafka in a VPC - ApsaraMQ for Kafka

If you require access to ApsaraMQ for Kafka exclusively within a VPC network, you can purchase and deploy a VPC-connected instance.

Prerequisites

The ApsaraMQ for Kafka has been granted permission to access other cloud service resources. For more information, see Step 1: Obtain Access Authorization.
A VPC network must be established. For specific operations, see Create and manage a virtual private cloud.

Step 1: purchase an instance

Log on to the ApsaraMQ for Kafka console and, in the left-side navigation pane, click Instances.
In the top menu bar, select a region, then click the Buy Instance button.
In the Select Instance Billing Method panel, select Instance Edition and Billing Method. Choose Serverless,Subscription or Pay-as-you-go (Hourly) as needed, and then click OK.

In the Purchase panel, configure the parameters according to your business needs, then click Purchase Now and follow the on-screen instructions to complete the payment.

Non-serverless instances

Parameter	Example value
Edition type	Standard Edition (High Write) For differences between editions, see Instance type.
Region	China (Hangzhou)
Instance type	VPC-connected instance
Traffic specification	alikafka.hw.2xlarge For the peak traffic of network interface cards and the number of partitions provided free of charge for different traffic specifications, see Traffic specification description.
Number of partitions	100 This parameter specifies the number of partitions that you want to purchase. The total number of partitions on an instance is calculated based on the following formula: Total number of partitions = Number of partitions provided free of charge by the traffic specification + Number of partitions that you purchase. For the number of partitions provided free of charge for different traffic specifications, see Traffic specification description.
Disk type	SSD An SSD delivers higher IOPS than an ultra disk. In scenarios in which the message throughput is high or many messages are accumulated, we recommend that you select SSD for this parameter.
Disk capacity	900 GB
Resource group	Shared resource group

Serverless instances

Parameter	Example value
Edition type	Standard Edition For differences between editions, see Instance type.
Region and zone	China (Hangzhou)
Instance type	VPC-connected instance
Reserved sending capacity	60 MB/s
Reserved subscription capacity	60 MB/s
Resource group	Shared resource group

Step 2: obtain VPC information

Log in to the Virtual Private Cloud console.
In the left-side navigation pane, click vSwitch. Then, select the region from the top menu bar where your VPC network is deployed.
On the vSwitch page, you can view the target vSwitch ID and VPC ID.
- The Instance ID/Name column displays the vSwitch ID.
- The VPC column shows the VPC ID where the vSwitch is located.

Step 3: deploy the instance

On the ApsaraMQ for Kafka console, navigate to the Instances page, locate the Not Deployed instance, and in the right-side column, click Operation, followed by Deploy.

In the Deploy Instance panel, configure the following parameters, and then click OK.

Non-serverless instances

Parameter	Description	Example
VPC ID	Select the VPC ID obtained in Step 2: Obtain VPC information.	vpc-bp17fapfdj0dwzjkd****
vSwitch ID	Select the vSwitch ID obtained in Step 2: Obtain VPC information.	vsw-bp1gbjhj53hdjdkg****
Cross-zone Deployment	If the instance edition is Professional Edition, you can specify whether to deploy the instance across zones. Instances that are deployed across zones provide excellent disaster recovery capabilities and have a high tolerance for faults that affect data centers.	Yes
Candidate Zones of Primary Zone	After you select a vSwitch ID, the system automatically sets the value of this parameter to the zone where the vSwitch is deployed. You can also change the value of this parameter by selecting or adding other zones. This parameter is required only if Cross-zone Deployment is set to Yes.	Zone D
Candidate Zones of Secondary Zone	We recommend that you select a new zone as the secondary zone. In most cases, select the zone from bottom to top in alphabetical order. The primary and secondary zones do not overlap. This parameter is required only if Cross-zone Deployment is set to Yes.	Zone H
Force Deployment in the Selected Zone	Specify whether to deploy the instance in the selected zone candidate set. The default value is No. This parameter is required only if Cross-zone Deployment is set to Yes.	No
Version	The version of ApsaraMQ for Kafka that you want to deploy. The supported version numbers correspond to the version numbers of open source Apache Kafka. 2.6.2 2.2.0	2.2.0
Message Retention Period	Specify the retention period of messages. Unit: hours.	72
Maximum Message Size	Specify the maximum size of a message that can be received on the instance. Unit: MB.	1
Consumer Offset Retention Period	Specify the retention period of consumer offsets. Unit: minutes.	10080
ACL	Specify whether to enable the ACL feature. With the ApsaraMQ for Kafka ACL feature, you can grant SASL users the permissions to send and receive messages from ApsaraMQ for Kafka as needed to achieve permission separation. Note Only Professional Edition instances support the ACL feature. Enable Disable	Disable
VPC Transmission Encryption	Specify whether to enable message transmission encryption. This parameter can be configured only if the ACL is enabled. Enable Disable	Disable
Disk Encryption	Specify whether to enable instance encryption.	Enable
Disk Encryption Key ID	The key ID for disk encryption in the region where the instance is deployed. Follow the on-screen instructions to specify a key ID. This parameter is required only if the Disk Encryption parameter is set to Enable.	0d24xxxx-da7b-4786-b981-9a164dxxxxxx

Serverless instances

Parameter	Description	Example
VPC ID	Select the VPC ID obtained in Step 2: Obtain VPC information.	vpc-bp17fapfdj0dwzjkd****
vSwitch ID	Select the vSwitch ID obtained in Step 2: Obtain VPC information.	vsw-bp1gbjhj53hdjdkg****
Version	The version of ApsaraMQ for Kafka that you want to deploy. The supported version numbers correspond to the version numbers of open source Apache Kafka.	3.3.1
Message Retention Period	Specify the retention period of messages. Unit: hours.	72
Maximum Message Size	Specify the maximum size of a message that can be received on the instance. Unit: MB.	1
Consumer Offset Retention Period	Specify the retention period of consumer offsets. Unit: minutes.	10080
ACL	Specify whether to enable the ACL feature. With the ApsaraMQ for Kafka ACL feature, you can grant SASL users the permissions to send and receive messages from ApsaraMQ for Kafka as needed to achieve permission separation. Enable Disable	Disable
VPC Transmission Encryption	Specify whether to enable message transmission encryption. This parameter can be configured only if the ACL is enabled. Enable Disable	Disable

The instance will enter the Deploying status. Deployment typically takes about 10 to 30 minutes to complete.

Step 4: view instance endpoints

On the ApsaraMQ for Kafka console, click the name of the desired instance on the Instances page.
On the Instance Details page, you can view the instance's endpoints in the Endpoint Information area. For more information on how to select an endpoint, see Endpoint comparison.

Step 5: Configure the endpoint whitelist and test the network

On the Instance Details page, locate the desired endpoint in the Endpoint Information section, and click Actions under the Manage Whitelist column.
On the Whitelist Management page, click Create Whitelist. Then, enter the Name and an IP address or segment. Finally, click OK.
On the local client, enable Telnet and execute telnet endpoint domain name port number to test the connectivity to ApsaraMQ for Kafka.

For instance, the client accesses ApsaraMQ for Kafka using the default endpoint and executes telnet alikafka-pre-cn-zv**********-1-vpc.alikafka.aliyuncs.com 9092.

If the Telnet test is successful, network connectivity is established.

If the instance is operational but the client cannot connect, use the self-check tool for troubleshooting. For instructions, see Guide to self-checking the health of an instance.

What to do next

To proceed, create resources.