Test Connectivity to Confluent Cloud¶
Because brokers in Confluent Cloud do not respond to ping commands, you can use the following options to verify connectivity to a cluster. This is useful for verifying connections in VPC peering, VNet peering, AWS Transit Gateway, and public network deployments.
To verify connectivity to a Confluent Cloud cluster:
- Go to the cluster in the Confluent Cloud Console.
- Click Cluster settings. The Cluster settings page displays.
- Click the General tab and find the URL for Bootstrap server, which is listed in the Identification section.
- Run one of the following commands, substituting
<bootstrap-url>with the bootstrap server URL.
- For public endpoint clusters, run the command from any computer that has internet access.
- For VPC peering, VNet peering, AWS Transit Gateway, AWS PrivateLink, and Azure Private Link, run the command from within the customer VPC or VNet that is connected to the Confluent Cloud cluster.
openssl s_client -connect <host>:<port>
Test connectivity to your cluster by running the
openssl s_client -connect
command, using the URL for the bootstrap server. The bootstrap URL from the Confluent Cloud Console
<host> value and
9092 for the
To run the
openssl s_client -connect command, the
-connect option requires
that you specify the host and the port number. For details, see the openssl documentation
for the -connect option
option in the openssl s_client documentation.
If successful, you will see a
CONNECTED message similar to this:
CONNECTED(00000005) depth=3 O = Digital Signature Trust Co., CN = DST Root CA X3 verify return:1 depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1 verify return:1 depth=1 C = US, O = Let\'s Encrypt, CN = R3 verify return:1 depth=0 CN = *.us-west-2.aws.confluent.cloud verify return:1 ...
If there is a problem reaching the cluster, then the command waits until a timeout
occurs and then prints an error, such as
connect: Operation timed out.
nc -zv <bootstrap-host> 9092 Connection to <bootstrap-url> port 9092 [tcp/XmlIpcRegSvc] succeeded!
If the connection fails, you will see a message similar to this:
connect to <bootstrap-url> port 9092 (tcp) failed: Connection timed out.
telnet <bootstrap-url> 9092
If successful, you will see a message similar to this:
Trying 18.104.22.168... Connected to <bootstrap-url>. Escape character is '^]'. ...