Deploy Confluent Private Cloud Gateway

This guide provides the overview for configuring and deploying Confluent Private Cloud Gateway. It includes requirements, supported component compatibility, and other considerations.

Confluent Private Cloud Gateway runs as a stateless service, often as a set of containerized instances within the target environment (for example, Confluent for Kubernetes, VM clusters, or cloud-native platforms).

The general configuration tasks for the following are provided in Configure and Deploy Confluent Private Cloud Gateway:

  • Streaming Domains

  • Routes

  • Admin and Metrics

Separate guides are provided for the security-related configuration tasks. For more information, see Configure Security for Confluent Private Cloud Gateway:

  • Secret Stores

  • SSL

  • Password

  • Authentication Swapping

Confluent Gateway supports deployment on-premises, in private cloud VPCs, or in hybrid environments.

Requirements and considerations

Before you begin, make sure that the following requirements and considerations are satisfied:

  • System requirements

    • CPU and Memory

      • Minimum: 2 vCPUs, 4 GB RAM

      • Recommended: 4 vCPUs, 8 GB RAM

    • Network throughput: 45 MB/sec of sustained workload for a 1 Gigabit Link (1 Gbps)

    • Storage: 10 GB of disk space

  • Docker

    For Docker-based deployments, Docker Desktop or Docker Engine with Compose v2 is installed (Docker Engine 20.x or later is recommended).

  • Network Access

    The Confluent Gateway container must have access to necessary Apache Kafka® clusters. Configure firewall ports for bidirectional traffic as needed.

Supported component compatibility

  • Client library compatibility

    Confluent Gateway 1.0.0 is built on top of Kafka Client 4.0, and it inherits the same Client/Broker Forward Compatibility guarantees as defined in the Kafka 4.0 documentation, enabling seamless interoperability between Kafka clients and brokers across supported version ranges.

    Librdkafka and other third-party clients that implement Kafka protocol versions compatible with 3.x and 4.0 should work through Confluent Gateway based on protocol compatibility. However, these client libraries have not been extensively tested with Confluent Gateway. You are expected to validate compatibility and behavior for your specific client library versions in your environment.

  • Vendor-specific APIs

    Confluent Gateway is designed primarily to govern message flows using standard Kafka APIs. Confluent Gateway does not support proprietary APIs from vendors. For example, Confluent Platform-specific APIs, such as CREATE_CLUSTER_LINKS or LIST_CLUSTER_LINKS, are not supported by Confluent Gateway.

  • Confluent for Kubernetes (CFK) version 3.1.0 and the following images released with the version are supported:

    • confluentinc/confluent-operator:0.1263.8

    • confluentinc/confluent-init-container:3.1.0

    • confluentinc/<CP component images>:8.1.0

    For details on the supported CFK version and image tags, see the 3.1.0 Release Notes section in the Confluent for Kubernetes Release Notes.

This table summarizes the supported releases of the components that Confluent Gateway has dependencies on.

Confluent Gateway Release

1.0.0

Kafka Server Releases

3.x, 4.0

Kafka Client Releases

3.x, 4.0

CFK Release

3.1.0