Deploy the USM Agent
Deploying the USM Agent is a two-part process:
Generate and download a configuration file from the Confluent Cloud wizard.
Use that file and your own tools — Confluent for Kubernetes or Ansible Playbooks for Confluent Platform — to deploy the agent in your Confluent Platform environment.
Note
No data from your Confluent Platform cluster appears in Confluent Cloud until you successfully deploy the agent in your Confluent Platform environment.
Generate and download the configuration file
Confluent Cloud generates a configuration file containing the secure credentials and endpoint URLs the agent needs to connect from your Confluent Platform environment. Generation provisions resources such as API keys and endpoints, and can take up to 20 minutes. The wizard displays the status.
To generate the configuration file, follow these steps:
On the Deploy USM agent page, click Generate configuration file.
Wait for the status to update to Configuration file ready.
Click Download file and save it to your local machine.
The downloaded file is a JSON file containing credentials and endpoint URLs for the agent. The format of the FRONTDOOR_URL and SCHEMA_REGISTRY_URL fields depends on the type of access point provisioned by Confluent Cloud.
New access points use a new domain format:
{ "ENVIRONMENT_ID": "<environment-id>", "SERVICE_ACCOUNT_API_KEY": "<api-key>", "SERVICE_ACCOUNT_API_SECRET": "<api-secret>", "SCHEMA_REGISTRY_API_KEY": "<sr-api-key>", "SCHEMA_REGISTRY_API_SECRET": "<sr-api-secret>", "FRONTDOOR_URL": "https://api-<accessPointId>.<region>.aws.accesspoint.glb.confluent.cloud:443", "SCHEMA_REGISTRY_URL": "https://<lsrc-id>-<accessPointId>.<region>.aws.accesspoint.glb.confluent.cloud" }
Legacy access points use the private domain format:
{ "ENVIRONMENT_ID": "<environment-id>", "SERVICE_ACCOUNT_API_KEY": "<api-key>", "SERVICE_ACCOUNT_API_SECRET": "<api-secret>", "SCHEMA_REGISTRY_API_KEY": "<sr-api-key>", "SCHEMA_REGISTRY_API_SECRET": "<sr-api-secret>", "FRONTDOOR_URL": "https://api.<region>.aws.private.confluent.cloud", "SCHEMA_REGISTRY_URL": "https://<lsrc-id>.<region>.aws.private.confluent.cloud" }
Ensure that your Route 53 DNS configuration matches the access point type in your configuration file. For details, see Set up DNS resolution.
Deploy the agent in your Confluent Platform environment
After you download the file, use it to deploy the agent in your Confluent Platform environment. This deployment happens outside the Confluent Cloud wizard, using your own tools, such as Confluent for Kubernetes or Ansible Playbooks for Confluent Platform.
Choose the deployment method that matches your environment.
If you use Confluent for Kubernetes, follow the instructions in Confluent for Kubernetes.
If you use Ansible Playbooks for Confluent Platform, follow the instructions in Ansible Playbooks.
After you complete the deployment in your environment, return to the wizard and click Next.