This topic describes how to purchase and deploy a Message Queue for Apache Kafka instance that can be accessed only over a virtual private cloud (VPC).

Prerequisites

Step 1: Purchase a Message Queue for Apache Kafka instance

  1. Log on to the Message Queue for Apache Kafka console.
  2. In the Resource Distribution section of the Overview page, select the region where your instance is deployed.
  3. On the Instances page, click Buy Instance.
  4. In the Select Instance Billing Method panel, set the Billing Method parameter to Subscription or Pay-as-you-go and click OK.
  5. On the page that appears, select VPC for the Network parameter, configure other parameters based on your business requirements, and then click Buy Now. On the page that appears, complete the payment by following the on-screen instructions.

Step 2: Obtain the VPC information

  1. Log on to the VPC console.
  2. In the top navigation bar, select the region where your VPC is deployed.
  3. In the left-side navigation pane, click vSwitch.
  4. On the vSwitch page, find your VPC, and view the vSwitch ID and the VPC ID.
    • The vSwitch ID is displayed in the Instance ID/Name column.
    • The VPC ID is displayed in the VPC column.

Step 3: Deploy the Message Queue for Apache Kafka instance

  1. In the left-side navigation pane of the Message Queue for Apache Kafka console, click Instances. On the page that appears, find the instance that you purchased, and click Deploy. The instance is in the Not Deployed state.
  2. In the Deploy Instance panel, configure the following parameters and click OK.
    Parameter Description Example
    VPC ID Select the VPC ID that you obtained in Step 2. For more information, see Step 2: Obtain the VPC information. vpc-bp17fapfdj0dwzjkd****
    vSwitch ID Select the vSwitch ID that you obtained in Step 2. For more information, see Step 2: Obtain the VPC information. vsw-bp1gbjhj53hdjdkg****
    Cross-zone Deployment If the instance edition is Professional Edition, you can specify whether to deploy the instance across zones. Instances that are deployed across zones provide excellent disaster recovery capabilities and have a high tolerance for faults that occur in data centers. Yes
    Candidate Zones of Primary Zone After you select a vSwitch ID, the system automatically sets the value of this parameter to the zone where the vSwitch is deployed. You can also change the value of this parameter by selecting other zones or adding other zones. This parameter is required only if the Cross-zone Deployment parameter is set to Yes. Zone D
    Candidate Zones of Secondary Zone We recommend that you select a newer zone as the secondary zone. In most cases, select the zone from bottom to top in alphabetical order. The primary zone and the secondary zone must be different. This parameter is required only if the Cross-zone Deployment parameter is set to Yes. Zone H
    Force Deployment in the Selected Zone Specify whether to deploy the instance across the specified candidate zones. By default, No is selected. This parameter is required only if the Cross-zone Deployment parameter is set to Yes. No
    Version The version of the Message Queue for Apache Kafka instance that you want to deploy. The supported version numbers correspond to the version numbers of open source Apache Kafka.
    • 0.10.2
    • 2.6.2
    • 2.2.0
    2.2.0
    Message Retention Period Specify the maximum retention period for messages. Unit: hours. 72
    Maximum Message Size Specify the maximum message size that can be received on the instance. Unit: MB. 1
    Consumer Offset Retention Period Specify the maximum retention period for consumer offsets. Unit: minutes. 10080
    ACL Specify whether to enable the access control list (ACL) feature. The ACL feature of Message Queue for Apache Kafka allows you to authorize Simple Authentication and Security Layer (SASL) users to send and consume messages in the Message Queue for Apache Kafka instance based on your business requirements. Disable
    Custom Username and Password Specify whether to use a custom username and a custom password. If you select No, the default username and password that the system assigns to the instance are used. No
    Disk Encryption Specify whether to enable disk encryption for the instance. Enable
    Disk Encryption Key ID The key ID for disk encryption in the region where the instance is deployed. Follow the on-screen instructions to specify a key ID. This parameter is required if the Disk Encryption parameter is set to Enable. 0d24xxxx-da7b-4786-b981-9a164dxxxxxx
    The instance enters the Deploying state. It may take approximately 10 to 30 minutes to deploy the instance.

Step 4: View the endpoints of the instance

  1. In the left-side navigation pane of the Message Queue for Apache Kafka console, click Instances. On the page that appears, click the name of the instance whose endpoints you want to view.
  2. On the Instance Details page, view the endpoints of the instance in the Endpoint Information section. For information about how to select an endpoint, see Comparison among endpoints.

Step 5: Configure the whitelist for an endpoint and check whether you can connect to the instance

  1. In the Endpoint Information section of the Instance Details page, find the endpoint for which you want to configure the whitelist and click Edit Whitelist in the Actions column.
  2. In the Edit Whitelist of Endpoint panel, click Add IP Address to Whitelist, enter the IP addresses or CIDR blocks from which you want to allow access to the Message Queue for Apache Kafka instance, and then click OK.
  3. Enable Telnet on your local client and run the telnet Domain name in an endpoint Port number command to check whether you can connect to Message Queue for Apache Kafka.
    For example, if you want to connect the client to the default endpoint of the Message Queue for Apache Kafka instance, run the telnet alikafka-pre-cn-zv**********-1-vpc.alikafka.aliyuncs.com 9092 command to check whether you can connect to the instance.
    If the Telnet command returns a success response, the client is connected to the Message Queue for Apache Kafka instance. VPC

    If the instance is running but the client fails to connect to the instance, use the self-check tool to perform a self-check. For more information, see Perform health self-check on instances.

What to do next

Create resources