Access the Neo4j cluster from outside Kubernetes
By default, server-side routing is used for accessing a Neo4j cluster from outside Kubernetes.
Access the Neo4j cluster using a load balancer and Cypher Shell
A LoadBalancer service is created to access a Neo4j cluster from outside Kubernetes.
-
Check that the LoadBalancer service is available using the
neo4j.name
used for installation:export NEO4J_NAME=my-cluster kubectl get service ${NEO4J_NAME}-lb-neo4j
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE my-cluster-lb-neo4j LoadBalancer 10.28.12.119 82.21.42.42 7474:32169/TCP,7473:32145/TCP,7687:32624/TCP 2m1s
-
Use
kubectl describe service
to see the service details:kubectl describe service ${NEO4J_NAME}-lb-neo4j
Name: my-cluster-lb-neo4j Namespace: neo4j Labels: app=my-cluster app.kubernetes.io/managed-by=Helm helm.neo4j.com/neo4j.name=my-cluster helm.neo4j.com/service=neo4j Annotations: cloud.google.com/neg: {"ingress":true} meta.helm.sh/release-name: server-1 meta.helm.sh/release-namespace: neo4j Selector: app=my-cluster,helm.neo4j.com/clustering=true,helm.neo4j.com/neo4j.loadbalancer=include Type: LoadBalancer IP Family Policy: SingleStack IP Families: IPv4 IP: 10.28.12.119 IPs: 10.28.12.119 LoadBalancer Ingress: 82.21.42.42 Port: http 7474/TCP TargetPort: 7474/TCP NodePort: http 32169/TCP Endpoints: 10.24.0.131:7474,10.24.1.3:7474,10.24.1.67:7474 Port: https 7473/TCP TargetPort: 7473/TCP NodePort: https 32145/TCP Endpoints: 10.24.0.131:7473,10.24.1.3:7473,10.24.1.67:7473 Port: tcp-bolt 7687/TCP TargetPort: 7687/TCP NodePort: tcp-bolt 32624/TCP Endpoints: 10.24.0.131:7687,10.24.1.3:7687,10.24.1.67:7687 Session Affinity: None External Traffic Policy: Local HealthCheck NodePort: 30621 Events: Type Reason Age From Message ---- ------ ---- ---- ------- Normal EnsuringLoadBalancer 3m11s service-controller Ensuring load balancer Normal EnsuredLoadBalancer 2m36s service-controller Ensured load balancer
The load-balancer service can send requests to all cluster servers.
-
Run
cypher-shell
from the local machine and connect to theLoadBalancer Ingress
address, in the example82.21.42.42
:./cypher-shell -a neo4j://82.21.42.42 -u neo4j -p my-password
If you don't see a command prompt, try pressing enter. Connected to Neo4j using Bolt protocol version 5 at neo4j://82.21.42.42:7687 as user neo4j. Type :help for a list of available commands or :exit to exit the shell. Note that Cypher queries must end with a semicolon.
-
Run the Cypher command
SHOW DATABASES
to verify that all cluster members are online:SHOW DATABASES;
+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | name | type | aliases | access | address | role | writer | requestedStatus | currentStatus | statusMessage | default | home | constituents | +--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | "neo4j" | "standard" | [] | "read-write" | "server-3.neo4j.svc.cluster.local:7687" | "primary" | TRUE | "online" | "online" | "" | TRUE | TRUE | [] | | "neo4j" | "standard" | [] | "read-write" | "server-2.neo4j.svc.cluster.local:7687" | "primary" | FALSE | "online" | "online" | "" | TRUE | TRUE | [] | | "neo4j" | "standard" | [] | "read-write" | "server-1.neo4j.svc.cluster.local:7687" | "primary" | FALSE | "online" | "online" | "" | TRUE | TRUE | [] | | "system" | "system" | [] | "read-write" | "server-3.neo4j.svc.cluster.local:7687" | "primary" | FALSE | "online" | "online" | "" | FALSE | FALSE | [] | | "system" | "system" | [] | "read-write" | "server-2.neo4j.svc.cluster.local:7687" | "primary" | FALSE | "online" | "online" | "" | FALSE | FALSE | [] | | "system" | "system" | [] | "read-write" | "server-1.neo4j.svc.cluster.local:7687" | "primary" | TRUE | "online" | "online" | "" | FALSE | FALSE | [] | +--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ 6 rows ready to start consuming query after 110 ms, results consumed after another 109 ms
-
Run the Cypher command
SHOW SERVERS
to verify that all cluster members are enabled:SHOW SERVERS;
+----------------------------------------------------------------------------------------------------------------------------------+ | name | address | state | health | hosting | +----------------------------------------------------------------------------------------------------------------------------------+ | "ad5c3cf1-541a-44f8-a19b-28bc36030914" | "server-3.neo4j.svc.cluster.local:7687" | "Enabled" | "Available" | ["system", "neo4j"] | | "cbdebc59-64c2-4542-a041-24a1f051e64f" | "server-1.neo4j.svc.cluster.local:7687" | "Enabled" | "Available" | ["system", "neo4j"] | | "f37e98a7-15ec-4dc4-a6bf-df9e418a7488" | "server-2.neo4j.svc.cluster.local:7687" | "Enabled" | "Available" | ["system", "neo4j"] | +----------------------------------------------------------------------------------------------------------------------------------+ 3 rows ready to start consuming query after 27 ms, results consumed after another 363 ms
You can see that the nodes are advertising their internal addresses, but since you connected without using internal addresses, you use server-side routing.
Access the Neo4j cluster using a load balancer and Neo4j Browser
-
Open a web browser and point it to the
LoadBalancer Ingress
address and port7474
, in this example, http://82.21.42.42:7474/browser. -
Once connected, verify that all databases are up and running using
:sysinfo
in the Browser Editor::sysinfo