Listeners

Uses: Event Gateway Konnect API Terraform

What is a listener?

A listener represents hostname-port or IP-port combinations that connect to TCP sockets. Listeners need at least as many ports as backend brokers if you use port mapping in a Forward to Virtual Cluster policy. For SNI routing, you can route all brokers using a listener with only one port. Ports can be expressed as a single port or range. Addresses can be IPv4, IPv6, or hostnames.

A listener can have policies that enforce TLS certificates and perform SNI routing. The listener runs at Layer 4 of the network stack. In Kong Event Gateway, listeners first take in the connection and then route the TCP connection to a virtual cluster based on conditions defined in listener policies.

 
flowchart LR
    
    A[Kafka 
    client]
    B[Listener 
    &#40TCP socket&#41
    + listener policies]
    C@{ shape: processes, label: "Virtual clusters
    + consume, produce, 
    and cluster policies"}
    D[Backend 
    cluster]
    E[Kafka 
    cluster]

    A --> B
    subgraph id1 [Event Gateway]
    B --> C 
    C --> D
    end
    D --> E

    style B stroke:#86e2cc

    style id1 rx:7,ry:7

Listeners can have one or more policies that define how the TCP connection is handled:

TLS Server Policy: Enforces encryption, provides a certificate, and can use SNI to route connections by hostname.
Forward to Virtual Cluster Policy: Routes the connection to a specific virtual cluster. Only one forward policy is allowed per listener.

Set up a listener

curl -X POST https://{region}.api.konghq.com/v1/event-gateways/{eventGatewayId}/listeners \
    --header "accept: application/json" \
    --header "Content-Type: application/json" \
    --header "Authorization: Bearer $KONNECT_TOKEN" \
    --data '
    {
      "name": "listener-localhost",
      "addresses": [
        "0.0.0.0"
      ],
      "ports": [
        19092
      ]
    }
    '

Copied!

Make sure to replace the following placeholders with your own values:

region: Geographic region where your Kong Konnect is hosted and operates.
KONNECT_TOKEN: Your Personal Access Token (PAT) associated with your Konnect account.
virtualClusterId: The id of the Virtual Cluster.
eventGatewayId: The id of the Event Gateway.
eventGatewayListenerId: The id of the Event Gateway Listener.

See the Konnect Event Gateway API reference to learn about region-specific URLs and personal access tokens.

Prerequisite: Configure your Personal Access Token

terraform {
  required_providers {
    konnect-beta = {
      source  = "kong/konnect-beta"
    }
  }
}

provider "konnect-beta" {
  personal_access_token = "$KONNECT_TOKEN"
  server_url            = "https://us.api.konghq.com/"
}

Copied!

resource "konnect_event_gateway_listener" "my_listener" {
  provider = konnect-beta
  addresses = ["0.0.0.0"]
  ports = [19092]



  gateway_id = konnect_event_gateway.my_event_gateway.id
}

Copied!

The following creates a new listener called listener-localhost with basic configuration:

In Konnect, navigate to Event Gateway in the sidebar.
Click an Event Gateway.
Navigate to Listeners in the sidebar.
Click New listener.
In the Name field, enter listener-localhost.
In the Addresses field, enter 0.0.0.0.
In the Ports field, enter 19092.
Click Save and add policy next.
Click Maybe later to create a listener without a policy.

Listeners

What is a listener?

Set up a listener

Schema

Help us make these docs great!

Still need help