Forward to Virtual Cluster: Forward via SNI routing - Policy

Forward via SNI routing

Use SNI routing to forward messages from a Kafka client to a virtual cluster.

Example hostnames generated with this configuration:

bootstrap.my-virtual-cluster.example.mycompany.com
broker-1.my-virtual-cluster.example.mycompany.com

Set up the policy

curl -X POST https://{region}.api.konghq.com/v1/event-gateways/{eventGatewayId}/listeners/{eventGatewayListenerId}/policies \
    --header "accept: application/json" \
    --header "Content-Type: application/json" \
    --header "Authorization: Bearer $KONNECT_TOKEN" \
    --data '
    {
      "name": "forward",
      "type": "forward_to_virtual_cluster",
      "config": {
        "type": "sni",
        "sni_suffix": ".example.mycompany.com",
        "advertised_port": 19095,
        "broker_host_format": {
          "type": "per_cluster_suffix"
        }
      }
    }
    '

Copied!

Make sure to replace the following placeholders with your own values:

region: Geographic region where your Kong Konnect is hosted and operates.
KONNECT_TOKEN: Your Personal Access Token (PAT) associated with your Konnect account.
virtualClusterId: The id of the Virtual Cluster.
eventGatewayId: The id of the Event Gateway.
eventGatewayListenerId: The id of the Event Gateway Listener.

See the Konnect Event Gateway API reference to learn about region-specific URLs and personal access tokens.

Prerequisite: Configure your Personal Access Token

terraform {
  required_providers {
    konnect-beta = {
      source  = "kong/konnect-beta"
    }
  }
}

provider "konnect-beta" {
  personal_access_token = "$KONNECT_TOKEN"
  server_url            = "https://us.api.konghq.com/"
}

Copied!

resource "konnect_event_gateway_listener_policy_forward_to_virtual_cluster" "my_listener_policy_forward_to_virtual_cluster" {
  provider = konnect-beta
  type = "forward_to_virtual_cluster"
  config = {
    type = "sni"
    sni_suffix = ".example.mycompany.com"
    advertised_port = 19095

    broker_host_format = {
      type = "per_cluster_suffix"
    }
  }


  event_gateway_listener_id = konnect_event_gateway_listener.my_listener.id

  gateway_id = konnect_event_gateway.my_event_gateway.id
}

Copied!

The following example creates a new forward_to_virtual_cluster policy.

Add this snippet to an event_gateways resource in your declarative configuration file, and then manage it with kongctl:

event_gateway_policy.yaml

Copied!

event_gateways:
  - ref: eventGatewayName
    name: eventGatewayName
    listeners:
    - ref: listenerName
      name: listenerName
      policies:
      - ref: forward
        type: forward_to_virtual_cluster
        forward_to_virtual_cluster:
          name: forward
          config:
            type: sni
            sni_suffix: ".example.mycompany.com"
            advertised_port: 19095
            broker_host_format:
              type: per_cluster_suffix

Make sure to replace the following placeholders with your own values:

eventGatewayName: The name of your Event Gateway.
listenerName: The name of the Listener.

Forward to Virtual Cluster

Forward via SNI routing

Set up the policy

Help us make these docs great!

Still need help?