sebastiandaschner blog


Deploying a Neo4J cluster on managed Kubernetes (Video)

thursday, june 04, 2020

I’ve created some videos on how to deploy both a Neo4J cluster and standalone instance to a manged Kubernetes cluster. When running a database or any service with persistence concern, we need to take more considerations into account, most importantly how to implement persistent storage as well as automated processes such as backups.

In the following video I’ll explain how to deploy a Neo4J cluster with 3 nodes via the official Helm Chart.

I’ve forked and modified the Helm chart to only use ClusterIP Kubernetes services and pushed the result under this GitHub repository.

When you run the example on a managed Kubernetes environment, such as the IBM Cloud Kubernetes Service, the storage class provider will create the persistent volumes for you, as shown in the video.

 

Try it yourself

To try it out yourself run the following steps. If you need access to a managed Kubernetes environment first, you can follow this guide to get access to an IKS cluster. You will need Helm in version v3.x.

cd /tmp/
git clone https://github.com/sdaschner/neo4j-helm
cd neo4j-helm/

helm template graphdb \
  --set acceptLicenseAgreement=yes \
  --set neo4jPassword=mySecretPassword . \
  > /tmp/neo4j.yaml

kubectl apply -f /tmp/neo4j.yaml

Now Kubernetes will provision the resources including the volume claims and your cloud provider will create the persistent volumes.

kubectl get pvc

NAME                           STATUS   [...]  STORAGECLASS     AGE
datadir-graphdb-neo4j-core-0   Pending         ibmc-file-gold   13s
datadir-graphdb-neo4j-core-1   Pending         ibmc-file-gold   13s
datadir-graphdb-neo4j-core-2   Pending         ibmc-file-gold   13s

After a while your persistent volumes will be provisioned:

kubectl get pvc

NAME                           STATUS   VOLUME               STORAGECLASS     AGE
datadir-graphdb-neo4j-core-0   Bound    pvc-8c0ae307-[...]   ibmc-file-gold   2m24s
datadir-graphdb-neo4j-core-1   Bound    pvc-9a1a6f3c-[...]   ibmc-file-gold   2m24s
datadir-graphdb-neo4j-core-2   Bound    pvc-2f742c13-[...]   ibmc-file-gold   2m24s

Once that is the case, the Neo4J pods provided by the stateful set should be up-and-running:

kubectl get pods

NAME                               READY   STATUS    RESTARTS   AGE
graphdb-neo4j-core-0               1/1     Running   0          4m13s
graphdb-neo4j-core-1               1/1     Running   0          4m13s
graphdb-neo4j-core-2               1/1     Running   0          4m13s

 

Test connection

In order to test the access you can directly connect to Neo4J using the cypher-shell command line, either locally, by port-forwarding the ports 7474, 7687, and 7473 to localhost, or by executing the command directly in the running pod:

kubectl exec -t -i graphdb-neo4j-core-0 /bin/bash
cypher-shell -u neo4j -p mySecretPassword

OR:

kubectl port-forward graphdb-neo4j-core-0 7474:7474 7687:7687 7473:7473

In a new terminal:

cypher-shell -a localhost:7687 -u neo4j -p mySecretPassword

 

Example coffee beans application

In order to test the Quarkus application which I showed in the previous video, run the following:

cd /tmp/
git clone https://github.com/sdaschner/quarkus-playground --branch neo4j
cd quarkus-playground/

Then you can create the example data set using the provided Cypher script:

cat src/test/resources/test-data.cypher | cypher-shell \
  -a localhost:7687 \
  -u neo4j \
  -p mySecretPassword \
  --format verbose

Then we can deploy our coffee example:

kubectl apply -f deployment/

Once the application is up-and-running you can access the endpoint under /beans/ or /beans/special.

In order to access the application you would need to use a Kubernetes ingress, Istio gateway, load balancer, or similar means. For testing purposes, we can also forward the port 8080 of our coffee-shop-XX pod:

kubectl port-forward coffee-shop-XX 8080:8080
curl localhost:8080/beans/ | jq .

 

Update 2020-06-10:

The official Neo4J Helm Chart has been updated to make the service type of the discovery service configurable (not only LoadBalancer).

 

Found the post useful? Subscribe to my newsletter for more free content, tips and tricks on IT & Java:

All opinions are my own and do not reflect those of my employer or colleagues.