Confluent Cloud Network on Azure¶

Each Confluent Cloud network is a virtual network that is provisioned in your Confluent Cloud Azure account.

You can create multiple Dedicated Kafka clusters within each Confluent Cloud network.

For details on default service quotas, see Network service quotas.

Prerequisites¶

Before you create a Confluent Cloud network, you need the following information.

Name your Confluent Cloud network¶

The name you choose is used to identify your network in the Confluent Cloud Console and when using the Confluent CLI. Choose a meaningful name, but consider including the connection type in the name (for example, azure-australia-east-private-link).

Select Region and Availability Zones¶

Dedicated clusters you create in your Confluent Cloud network inherit the selected Region and Availability Zones.

Select CIDR blocks (for VNet Peering only)¶

This prerequisite only applies to networks of type VNet Peering.

Private Link networks allocate addresses from existing VNet subnets and do not require an additional CIDR block.

Select /16 CIDR blocks for your Confluent Cloud network for use with your VNet Peering on Azure.

Review the following requirements for CIDR block selections:

The CIDR block must be in one of the following private networks, as mentioned in RFC 1918.
- 10.0.0.0/8
- 100.64.0.0/10
- 172.16.0.0/12
- 192.168.0.0/16
- 198.18.0.0/15
The CIDR block cannot be any of the following:
- 10.253.0.0/16
- 10.254.0.0/16
- 172.17.0.0/16
- 172.30.0.0/16
- 172.31.0.0/16
CIDRs for your VNet cannot overlap with the above CIDR blocks due to routing conflicts with Confluent services. More specifically, you cannot peer the Confluent Cloud network with your VNet using any of the above CIDRs.
Additional notes when selecting your CIDR block:
- The RFC 6598 shared address space is supported on Azure.
- Must be a /16 CIDR block.
- Cannot be modified after the Confluent Cloud network is provisioned.
- Must not overlap with an existing Confluent Cloud network CIDR block.

Create a Confluent Cloud network¶

Follow the procedure below to create a Confluent Cloud network on Azure.

You can host multiple clusters within one Confluent Cloud network`. For details on service quotas, see Network.

In the Confluent Cloud Console, go to the Network management page for your environment.
Click Create your first network if this is the first network in your environment, or click + Add Network if your environment has existing networks.
Select Azure as the Cloud Provider and the desired geographic region.
Select the connectivity type: Private Link or VNet Peering. Depending on the option selected, different Zone Placement options and CIDR for Confluent Cloud Network fields will appear.
- Private Link: Cluster is accessible using Private Link connections.
- VNet Peering: Cluster is accessible using VNet Peering.
Complete the steps for the connectivity type you selected and then click Continue.

Important

After provisioning your new Confluent Cloud network, you cannot change your selected Availability Zone (AZ) IDs or CIDR block size. Make sure to deploy a network based on your zonal requirements.
1. Under DNS configuration, select the DNS resolution method.
  
  Select Private DNS Resolution to resolve the private DNS name of the Confluent Cloud cluster to the private IP address of the cluster.
  
  If Private DNS Resolution is not selected, the private DNS name of the Confluent Cloud cluster requires public DNS Resolution to resolve the private IP address of the cluster.
  
  Before you select a DNS resolution option, review the details about DNS resolution in Azure Private Link in DNS resolution options.
1. Under CIDR for Confluent Cloud Network, enter a /16 CIDR block. For more information, see Select CIDR blocks (for VNet Peering only) above.
  
  Important
  
  After your network is provisioned, you cannot change the CIDR block.
Under Create Network, specify a Network Name, review your configuration, and click Create Network.

Here is an example REST API request:

HTTP POST request

POST https://api.confluent.cloud/networking/v1/networks

Authentication

See Authentication.

Request specification

Your REST request body specification should include the following:

display_name (optional) A meaningful name for your Confluent Cloud network.
environment
id – The identifier (ID) of your Confluent Cloud environment.
cloud – cloud service provider (AZURE)
region – The Region where the network is located.
connection_types – PEERING or PRIVATELINK
zones – An array listing the three selected Availability Zone IDs in the same Region.
cidr – The CIDR block.
dns_config - Set resolution to PRIVATE or CHASED_PRIVATE. The default value is CHASED_PRIVATE.
- When resolution is CHASED_PRIVATE, clusters in this network require both public and private DNS to resolve cluster endpoints.
- When resolution is PRIVATE, clusters in this network only require private DNS to resolve cluster endpoints.
Before you select a DNS resolution option, review the details about DNS resolution in Azure Private Link in DNS resolution options.

Here are REST specification examples in JSON format. You can use these as templates for your own specification, replacing your unique values.

{
  "spec": {
      "display_name": "My-NW1",
      "cloud": "AZURE",
      "region": "centralus",
      "connection_types": [
          "PEERING"
      ],
      "cidr": "10.0.0.0/16",
      "zones": [
          "1",
          "2",
          "3"
      ],
      "environment":{
         "id":"env-abc123"
     }
  }
}

In the request specification, include values for cloud, region, environment, connection type, and, optionally, add the display name, CIDR, and zones for the Confluent Cloud network. Update the attributes below with the correct values.

{
   "spec":{
      "display_name":"Azure-PL-CCN-1",
      "cloud":"AZURE",
      "region":"centralus",
      "connection_types":[
         "PRIVATELINK"
      ],
      "zones":[
         "1",
         "2",
         "3"
      ],
      "dns_config": {
         "resolution": "PRIVATE"
      },
      "environment":{
         "id":"env-abc123"
      }
   }
}

Typically, it takes up to 15 to 20 minutes to create a Confluent Cloud network. Note the Confluent Cloud network ID from the response to specify it in the following commands.

Next steps¶

After successfully provisioning the Confluent Cloud network on Azure, you can add Dedicated Kafka clusters within your Confluent Cloud network by using the following options:

Confluent Cloud Console: Manage Kafka Clusters on Confluent Cloud
Cluster Management API: Create Kafka clusters