diff --git a/modules/ROOT/content-nav.adoc b/modules/ROOT/content-nav.adoc index adbf02d90..d544d0260 100644 --- a/modules/ROOT/content-nav.adoc +++ b/modules/ROOT/content-nav.adoc @@ -69,8 +69,6 @@ *** xref:kubernetes/operations/scaling.adoc[] *** xref:kubernetes/operations/image-pull-secret.adoc[] *** xref:kubernetes/operations/assign-neo4j-pods.adoc[] -** Deploy a multi-data center Neo4j cluster -*** xref:kubernetes/multi-dc-cluster/aks.adoc[] ** xref:kubernetes/troubleshooting.adoc[] * xref:configuration/index.adoc[] diff --git a/modules/ROOT/images/multi-dc-cc-aks.png b/modules/ROOT/images/multi-dc-cc-aks.png deleted file mode 100644 index 48fad9136..000000000 Binary files a/modules/ROOT/images/multi-dc-cc-aks.png and /dev/null differ diff --git a/modules/ROOT/pages/kubernetes/index.adoc b/modules/ROOT/pages/kubernetes/index.adoc index be0e6a345..56fd8bed2 100644 --- a/modules/ROOT/pages/kubernetes/index.adoc +++ b/modules/ROOT/pages/kubernetes/index.adoc @@ -19,7 +19,6 @@ This chapter describes the following: * xref:kubernetes/accessing-neo4j.adoc[Access a Neo4j DBMS] -- Access a Neo4j DBMS running on Kubernetes. * xref:kubernetes/accessing-cluster.adoc[Access a Neo4j cluster] -- Access a Neo4j cluster running on Kubernetes. * xref:kubernetes/accessing-neo4j-ingress.adoc[Accessing Neo4j using Kubernetes Ingress] -- Access Neo4j using Kubernetes Ingress via Reverse proxy Helm chart. -* xref:kubernetes/multi-dc-cluster/aks.adoc[Deploy a single Neo4j cluster across multiple AKS clusters] -- Deploy a single Neo4j cluster with three primary servers running on three different AKS clusters. * xref:kubernetes/import-data.adoc[Import data] -- Import data into a Neo4j database. * xref:kubernetes/monitoring.adoc[Monitoring] -- Monitor a Neo4j deployment running on Kubernetes. * xref:kubernetes/operations/index.adoc[Operations] -- Perform operations on a Neo4j deployment running on Kubernetes. @@ -33,7 +32,6 @@ This chapter describes the following: ** xref:kubernetes/operations/scaling.adoc[Scale a Neo4j deployment] ** xref:kubernetes/operations/image-pull-secret.adoc[Use custom images from private registries] ** xref:kubernetes/operations/assign-neo4j-pods.adoc[Assign Neo4j pods to specific nodes] -* xref:kubernetes/multi-dc-cluster/aks.adoc[Deploy a single Neo4j cluster across multiple AKS clusters] -- Deploy a single Neo4j cluster with three primary servers running on three different AKS clusters. * xref:kubernetes/troubleshooting.adoc[Troubleshooting] -- Diagnose and troubleshoot a Neo4j deployment running on Kubernetes. diff --git a/modules/ROOT/pages/kubernetes/multi-dc-cluster/aks.adoc b/modules/ROOT/pages/kubernetes/multi-dc-cluster/aks.adoc deleted file mode 100644 index ea9c659ec..000000000 --- a/modules/ROOT/pages/kubernetes/multi-dc-cluster/aks.adoc +++ /dev/null @@ -1,739 +0,0 @@ -:description: This section describes how to deploy a Neo4j cluster with three primary servers running on three different AKS clusters. -[[multi-dc-cluster-aks]] -= Deploy a single Neo4j cluster across AKS clusters - -With the Neo4j Helm charts, you can deploy a Neo4j cluster on multiple AKS clusters using load balancers and Application Gateway. - -The following diagram is a schematic representation of a Neo4j cluster setup on multiple AKS clusters. - -image:multi-dc-cc-aks.png[] - -The diagram shows three Neo4j instances, each running on a different AKS cluster in a different availability zone as part of a single Neo4j cluster. -Each AKS cluster also includes an internal load balancer for each Neo4j instance and a LIST discovery method. -They allow the Neo4j instances to communicate with each other. -The Neo4j cluster can be accessed from outside Kubernetes using an Application Gateway. - -The following steps are an example of how to deploy a Neo4j cluster on a multi-AKS cluster. - -== Create three AKS clusters in three availability zones - -. Install the `az` command-line interface (CLI) (https://docs.microsoft.com/en-us/cli/azure/install-azure-cli). -. Create a resource group to host your virtual network. -This example creates a resource group named `my-RG` in the `eastus` location: -+ -[source, shell] --- -az group create \ - --name my-RG \ - --location eastus --- -+ -.Example output -[source, role=noheader, subs="attributes"] --- -{ - "id": "/subscriptions/5b9ae547-ce82-4834-b276-b72904ceaa84/resourceGroups/my-RG", - "location": "eastus", - "managedBy": null, - "name": "my-RG", - "properties": { - "provisioningState": "Succeeded" - }, - "tags": null, - "type": "Microsoft.Resources/resourceGroups" -} --- -. In this resource group, create an Azure Virtual Network (VNet). -This example creates a virtual network named `my-VNet` with the virtual network's address range `10.30.0.0/16`: -+ -[source, shell] --- -az network vnet create \ - --name my-VNet \ - --resource-group my-RG \ - --address-prefixes 10.30.0.0/16 --- -+ -.Example output -[source, role=noheader, subs="attributes"] --- -{ - "newVNet": { - "addressSpace": { - "addressPrefixes": [ - "10.30.0.0/16" - ] - }, - "bgpCommunities": null, - "ddosProtectionPlan": null, - "dhcpOptions": { - "dnsServers": [] - }, - "enableDdosProtection": false, - "enableVmProtection": null, - "encryption": null, - "etag": "W/\"97953f32-55fe-4821-aedd-ec7a800127e3\"", - "extendedLocation": null, - "flowTimeoutInMinutes": null, - "id": "/subscriptions/5b9ae547-ce82-4834-b276-b72904ceaa84/resourceGroups/my-RG/providers/Microsoft.Network/virtualNetworks/my-VNet", - "ipAllocations": null, - "location": "eastus", - "name": "my-VNet", - "provisioningState": "Succeeded", - "resourceGroup": "my-RG", - "resourceGuid": "4ed2a9f4-580e-4424-800b-1065ed9ad0a2", - "subnets": [], - "tags": { - "Owner Department": "Engineering - Neo4j" - }, - "type": "Microsoft.Network/virtualNetworks", - "virtualNetworkPeerings": [] - } -} --- -. Add four subnets to the virtual network you have created (`my-VNet`). -They will be used by the Azure resources you will deploy on each AKS cluster. -The subnet address range must be unique within the address space for the virtual network. -+ -[source, shell] --- -az network vnet subnet create -g my-RG --vnet-name my-VNet -n subnet1 \ - --address-prefixes 10.30.1.0/24 - -az network vnet subnet create -g my-RG --vnet-name my-VNet -n subnet2 \ - --address-prefixes 10.30.2.0/24 - -az network vnet subnet create -g my-RG --vnet-name my-VNet -n subnet3 \ - --address-prefixes 10.30.3.0/24 - -az network vnet subnet create -g my-RG --vnet-name my-VNet -n subnet4 \ - --address-prefixes 10.30.4.0/24 --- -+ -.Example output -[source, role=noheader, subs="attributes"] --- -{ - "addressPrefix": "10.30.1.0/24", - "addressPrefixes": null, - "applicationGatewayIpConfigurations": null, - "delegations": [], - "etag": "W/\"32bb3a61-c446-4c20-b596-d92b6b9e2e9f\"", - "id": "/subscriptions/5b9ae547-ce82-4834-b276-b72904ceaa84/resourceGroups/my-RG/providers/Microsoft.Network/virtualNetworks/my-VNet/subnets/subnet1", - "ipAllocations": null, - "ipConfigurationProfiles": null, - "ipConfigurations": null, - "name": "subnet1", - "natGateway": null, - "networkSecurityGroup": null, - "privateEndpointNetworkPolicies": "Disabled", - "privateEndpoints": null, - "privateLinkServiceNetworkPolicies": "Enabled", - "provisioningState": "Succeeded", - "purpose": null, - "resourceGroup": "my-RG", - "resourceNavigationLinks": null, - "routeTable": null, - "serviceAssociationLinks": null, - "serviceEndpointPolicies": null, - "serviceEndpoints": null, - "type": "Microsoft.Network/virtualNetworks/subnets" -} -{ - "addressPrefix": "10.30.2.0/24", - "addressPrefixes": null, - "applicationGatewayIpConfigurations": null, - "delegations": [], - "etag": "W/\"8ec29708-e749-4a89-813e-0290c3c9a6f7\"", - "id": "/subscriptions/5b9ae547-ce82-4834-b276-b72904ceaa84/resourceGroups/my-RG/providers/Microsoft.Network/virtualNetworks/my-VNet/subnets/subnet2", - "ipAllocations": null, - "ipConfigurationProfiles": null, - "ipConfigurations": null, - "name": "subnet2", - "natGateway": null, - "networkSecurityGroup": null, - "privateEndpointNetworkPolicies": "Disabled", - "privateEndpoints": null, - "privateLinkServiceNetworkPolicies": "Enabled", - "provisioningState": "Succeeded", - "purpose": null, - "resourceGroup": "my-RG", - "resourceNavigationLinks": null, - "routeTable": null, - "serviceAssociationLinks": null, - "serviceEndpointPolicies": null, - "serviceEndpoints": null, - "type": "Microsoft.Network/virtualNetworks/subnets" -} -{ - "addressPrefix": "10.30.3.0/24", - "addressPrefixes": null, - "applicationGatewayIpConfigurations": null, - "delegations": [], - "etag": "W/\"4b9ba2be-e385-48e7-be24-c52c79769c3a\"", - "id": "/subscriptions/5b9ae547-ce82-4834-b276-b72904ceaa84/resourceGroups/my-RG/providers/Microsoft.Network/virtualNetworks/my-VNet/subnets/subnet3", - "ipAllocations": null, - "ipConfigurationProfiles": null, - "ipConfigurations": null, - "name": "subnet3", - "natGateway": null, - "networkSecurityGroup": null, - "privateEndpointNetworkPolicies": "Disabled", - "privateEndpoints": null, - "privateLinkServiceNetworkPolicies": "Enabled", - "provisioningState": "Succeeded", - "purpose": null, - "resourceGroup": "my-RG", - "resourceNavigationLinks": null, - "routeTable": null, - "serviceAssociationLinks": null, - "serviceEndpointPolicies": null, - "serviceEndpoints": null, - "type": "Microsoft.Network/virtualNetworks/subnets" -} -{ - "addressPrefix": "10.30.4.0/24", - "addressPrefixes": null, - "applicationGatewayIpConfigurations": null, - "delegations": [], - "etag": "W/\"ff08c2d1-2166-4c64-9892-3cac9bc20fd1\"", - "id": "/subscriptions/5b9ae547-ce82-4834-b276-b72904ceaa84/resourceGroups/my-RG/providers/Microsoft.Network/virtualNetworks/my-VNet/subnets/subnet4", - "ipAllocations": null, - "ipConfigurationProfiles": null, - "ipConfigurations": null, - "name": "subnet4", - "natGateway": null, - "networkSecurityGroup": null, - "privateEndpointNetworkPolicies": "Disabled", - "privateEndpoints": null, - "privateLinkServiceNetworkPolicies": "Enabled", - "provisioningState": "Succeeded", - "purpose": null, - "resourceGroup": "my-RG", - "resourceNavigationLinks": null, - "routeTable": null, - "serviceAssociationLinks": null, - "serviceEndpointPolicies": null, - "serviceEndpoints": null, - "type": "Microsoft.Network/virtualNetworks/subnets" -} --- -. Now you are ready to create the AKS clusters. -Get the subscription ID of the subnet1 by either running the following command (it uses the `jq` command) or copying it from the subnet creation output. -+ -[source, shell] --- -az network vnet subnet show -g my-RG --vnet-name my-VNet -n subnet1 --output json | jq .id --- -+ -.Example output -[source, role=noheader, subs="attributes"] --- -"/subscriptions/5b9ae547-ce82-4834-b276-b72904ceaa84/resourceGroups/my-RG/providers/Microsoft.Network/virtualNetworks/my-VNet/subnets/ --- -. Create the first AKS cluster named `my-aks-cluster-a` with 5 nodes in your resource group using the subscription ID. -+ -[source, shell] --- -az aks create --name my-aks-cluster-a --node-count=5 --zones 1 --vnet-subnet-id "/subscriptions/5b9ae547-ce82-4834-b276-b72904ceaa84/resourceGroups/my-RG/providers/Microsoft.Network/virtualNetworks/my-VNet/subnets/subnet1" -g my-RG --- -+ -.Example output -[source, role=noheader, subs="attributes"] --- -Waiting for AAD role to propagate[################################ ] 90.0000% -{ - "aadProfile": null, - "addonProfiles": null, - "agentPoolProfiles": [ - { - "availabilityZones": [ - "1" - ], - "count": 5, - "creationData": null, - "currentOrchestratorVersion": "1.23.8", - "enableAutoScaling": false, - "enableEncryptionAtHost": false, - "enableFips": false, - "enableNodePublicIp": false, - "enableUltraSsd": false, - "gpuInstanceProfile": null, - "hostGroupId": null, - "kubeletConfig": null, - "kubeletDiskType": "OS", - "linuxOsConfig": null, - "maxCount": null, - "maxPods": 110, - "minCount": null, - "mode": "System", - "name": "nodepool1", - "nodeImageVersion": "AKSUbuntu-1804gen2containerd-2022.08.23", - "nodeLabels": null, - "nodePublicIpPrefixId": null, - "nodeTaints": null, - "orchestratorVersion": "1.23.8", - "osDiskSizeGb": 128, - "osDiskType": "Managed", - "osSku": "Ubuntu", - "osType": "Linux", - "podSubnetId": null, - "powerState": { - "code": "Running" - }, - "provisioningState": "Succeeded", - "proximityPlacementGroupId": null, - "scaleDownMode": null, - "scaleSetEvictionPolicy": null, - "scaleSetPriority": null, - "spotMaxPrice": null, - "tags": null, - "type": "VirtualMachineScaleSets", - "upgradeSettings": { - "maxSurge": null - }, - "vmSize": "Standard_DS2_v2", - "vnetSubnetId": "/subscriptions/5b9ae547-ce82-4834-b276-b72904ceaa84/resourceGroups/my-RG/providers/Microsoft.Network/virtualNetworks/my-VNet/subnets/subnet1", - "workloadRuntime": null - } - ], - "apiServerAccessProfile": null, - "autoScalerProfile": null, - "autoUpgradeProfile": null, - "azurePortalFqdn": "my-aks-my-rg-5b9ae5-bd2a82e4.portal.hcp.eastus.azmk8s.io", - "currentKubernetesVersion": "1.23.8", - "disableLocalAccounts": false, - "diskEncryptionSetId": null, - "dnsPrefix": "my-aks-my-RG-5b9ae5", - "enablePodSecurityPolicy": null, - "enableRbac": true, - "extendedLocation": null, - "fqdn": "my-aks-my-rg-5b9ae5-bd2a82e4.hcp.eastus.azmk8s.io", - "fqdnSubdomain": null, - "httpProxyConfig": null, - "id": "/subscriptions/5b9ae547-ce82-4834-b276-b72904ceaa84/resourcegroups/my-RG/providers/Microsoft.ContainerService/managedClusters/my-aks-cluster-a", - "identity": { - "principalId": "16334702-6bbd-44a0-8090-a7739b881974", - "tenantId": "54e85725-ed2a-49a4-a19e-11c8d29f9a0f", - "type": "SystemAssigned", - "userAssignedIdentities": null - }, - "identityProfile": { - "kubeletidentity": { - "clientId": "a445b12d-52d9-4564-b5cf-daa98bf17ab8", - "objectId": "91cc2d37-0407-4916-a4cd-51849fbc6541", - "resourceId": "/subscriptions/5b9ae547-ce82-4834-b276-b72904ceaa84/resourcegroups/MC_my-RG_my-aks-cluster-a_eastus/providers/Microsoft.ManagedIdentity/userAssignedIdentities/my-aks-cluster-a-agentpool" - } - }, - "kubernetesVersion": "1.23.8", - "linuxProfile": { - "adminUsername": "azureuser", - "ssh": { - "publicKeys": [ - { - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDzCbi+J6eJq9RTsCGFFhTk/PQrl8jNzbFYsPZeu4BKvyrRz7JfWRgzGLu6OTJynuUejKy6XlNaqYsEoZMsFdOMMYoK/bVCCUwOaOrpGAqNF9dCKbKkEnA6iv6WgEIfVHGoCtMc3pBRU0R9rfWYpf3h7WT/oShnaLzVhPUG+4Jblx3K2tRsZ5+2AEgQeniXUgtZRvPes8qXfr/OES7M7owI0VuOVgiuJo3//sCvDavGJwSAgUECzcPYOEwBfmTWNleYrluiEWc7Ye5Y+W8j86V4L/vh4LRs14WZ92Jt6K3QhshGSpY0tcLnxg7fskdZDtdcSWIPWpbQLdTxdIETKe66qDiijLXkpw2m3XRe8nTc5ysoXGaKvzASAWyR2FYpYvmaSSGe/65jeQMsDjSsEXnLRoDG2A3aHy5yV44QXSd4N9/+Znmea1WnB+tvOUuAlhIgjWvprRPXyhZHdybuQipXPErfYg4G83HWMwh35D5qBAV3DeZUIYYATFszYdGfp3ghdu1LBVXsgH/sHaMZXp9uy5PAP4jOxfGpho3k+UoQZHK3wwskxhK8/IiWpRPRPWUbfhUOilUdkQup8hyfVfGpW7htW3crFwXFbU1LG5gDNrars0i3OHqT1snFB3R38vxDaXdOZCEVPSQAevOj3Q/WYfO2m5o+gp2sEQtEp4mG+w== my.popova@gmail.com\n" - } - ] - } - }, - "location": "eastus", - "maxAgentPools": 100, - "name": "my-aks-cluster-a", - "networkProfile": { - "dnsServiceIp": "10.0.0.10", - "dockerBridgeCidr": "172.17.0.1/16", - "ipFamilies": [ - "IPv4" - ], - "loadBalancerProfile": { - "allocatedOutboundPorts": null, - "effectiveOutboundIPs": [ - { - "id": "/subscriptions/5b9ae547-ce82-4834-b276-b72904ceaa84/resourceGroups/MC_my-RG_my-aks-cluster-a_eastus/providers/Microsoft.Network/publicIPAddresses/e7480132-3f34-4f2d-bbc3-4e27e23e574c", - "resourceGroup": "MC_my-RG_my-aks-cluster-a_eastus" - } - ], - "enableMultipleStandardLoadBalancers": null, - "idleTimeoutInMinutes": null, - "managedOutboundIPs": { - "count": 1, - "countIpv6": null - }, - "outboundIPs": null, - "outboundIpPrefixes": null - }, - "loadBalancerSku": "Standard", - "natGatewayProfile": null, - "networkMode": null, - "networkPlugin": "kubenet", - "networkPolicy": null, - "outboundType": "loadBalancer", - "podCidr": "10.244.0.0/16", - "podCidrs": [ - "10.244.0.0/16" - ], - "serviceCidr": "10.0.0.0/16", - "serviceCidrs": [ - "10.0.0.0/16" - ] - }, - "nodeResourceGroup": "MC_my-RG_my-aks-cluster-a_eastus", - "podIdentityProfile": null, - "powerState": { - "code": "Running" - }, - "privateFqdn": null, - "privateLinkResources": null, - "provisioningState": "Succeeded", - "publicNetworkAccess": null, - "resourceGroup": "my-RG", - "securityProfile": { - "azureKeyVaultKms": null, - "defender": null - }, - "servicePrincipalProfile": { - "clientId": "msi", - "secret": null - }, - "sku": { - "name": "Basic", - "tier": "Free" - }, - "storageProfile": { - "diskCsiDriver": { - "enabled": true - }, - "fileCsiDriver": { - "enabled": true - }, - "snapshotController": { - "enabled": true - } - }, - "systemData": null, - "tags": { - "Owner Department": "Engineering - Neo4j" - }, - "type": "Microsoft.ContainerService/ManagedClusters", - "windowsProfile": null -} --- -. Repeat the previous two steps to create two more AKS clusters, named `my-aks-cluster-b` and `my-aks-cluster-c`. -. Configure `kubectl` to use your AKS clusters using: -+ -[source, shell] --- -az aks get-credentials --name my-aks-cluster-a --admin -g my-RG -az aks get-credentials --name my-aks-cluster-b --admin -g my-RG -az aks get-credentials --name my-aks-cluster-c --admin -g my-RG --- -+ -.Example output -[source, role=noheader, subs="attributes"] --- -Merged "my-aks-cluster-a-admin" as current context in /Users/myuser/.kube/config -Merged "my-aks-cluster-b-admin" as current context in /Users/myuser/.kube/config -Merged "my-aks-cluster-c-admin" as current context in /Users/myuser/.kube/config --- - -== Configure the load balancer _values.yaml_ file - -You configure the load balancer Helm chart to be used in a multi-zone /region Neo4j cluster scenario. - -In the load balancer _values.yaml_ file, set the parameter `multiCluster: true` and add an annotation, e.g., `service.beta.kubernetes.io/azure-load-balancer-internal: "true"`. - -[NOTE] -==== -In rare cases, where the usual K8S Kubernetes discovery methods do not work in your deployment/environment, you can use the `multiCluster` flag along with the `LIST` discovery method and perform all your network settings manually, as if you were using VMs for example. -You need one load balancer per Neo4j Instance. -==== - -.An example of what to configure in the load balancer YAML file -[source, yaml] --- - neo4j: - name: "neo4j-cluster" - edition: "enterprise" - - # Annotations for the external service - annotations: - service.beta.kubernetes.io/azure-load-balancer-internal: "true" - - #this flag allows you to open internal neo4j ports necessary in multi-zone /region neo4j cluster scenario - multiCluster: true --- - -== Install a load balancer on each AKS cluster - -You install a load balancer on each AKS cluster to be used by the Neo4j instance running there. - -[NOTE] -==== -You must have owner's permissions in the resource group not to face auth issues while deploying the load balancers. -==== - -. Switch to the context of the first cluster `my-aks-cluster-a-admin`. -+ -[source, shell] --- -kubectl config use-context my-aks-cluster-a-admin --- -+ -.Example output -[source, role=noheader, subs="attributes"] --- -Switched to context "my-aks-cluster-a-admin". --- -. Install the load balancer using the YAML file you created. -+ -[source, shell] --- -helm install lb1 neo4j/neo4j-cluster-loadbalancer -f /path/to/lb-values.yaml --- -+ -.Example output -[source, role=noheader, subs="attributes"] --- -NAME: lb1 -LAST DEPLOYED: Thu Sep 8 20:27:45 2022 -NAMESPACE: default -STATUS: deployed -REVISION: 1 -TEST SUITE: None -NOTES: -Thank you for installing neo4j-cluster-loadbalancer. - -Your release "lb1" has been installed in namespace "default". - -To view the status of your Load Balancer service you can use - $ kubectl get service lb-neo4j - -Once your Load Balancer has an External-IP assigned you can connect to your Neo4j cluster using "neo4j://:7687". Try: - - $ cypher-shell -a "neo4j://:7687" - -Graphs are everywhere! --- -. Repeat steps 1 and 2 to create `lb2` for `my-aks-cluster-b-admin` and `lb3` for `my-aks-cluster-c-admin`. - -== Create a _values.yaml_ file for each cluster member - -Create a custom YAML file for each Neo4j cluster member, for example, _core-1.values.yaml_, _core-2.values.yaml_, _core-3.values.yaml_. -Add the address based on the load balancer `EXTERNAL-IP` you created for each member. -For more information on how to create a custom YAML file, see xref:kubernetes/quickstart-cluster/create-value-file.adoc[Create Helm deployment values files]. - -. Get the IPs of the load balancers. -+ -.. Switch to the context of the first AKS cluster `my-aks-cluster-a-admin`. -+ -[source, shell] --- -kubectl config use-context my-aks-cluster-a-admin --- -.. Get the `EXTERNAL-IP`. -Please make a note of it. -+ -[source, shell] --- -kubectl get svc --- -+ -.Example output -[source, role=noheader, subs="attributes"] --- -NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE -kubernetes ClusterIP 10.0.0.1 443/TCP 5h47m -lb-neo4j LoadBalancer 10.0.160.168 20.62.182.59 7474:30430/TCP,7473:30683/TCP,7687:32214/TCP 12m --- -.. Switch to the context of the second AKS cluster `my-aks-cluster-b-admin` and get the `EXTERNAL-IP` of `lb2`. -.. Switch to the context of the third AKS cluster `my-aks-cluster-c-admin` and get the `EXTERNAL-IP` of `lb3`. -. In the _core-1.values.yaml_, add the following settings to the Neo4j configuration: -+ -[source, shell] --- -# Neo4j Configuration (yaml format) -config: - dbms.mode: "CORE" - dbms.config.strict_validation: "false" - causal_clustering.middleware.akka.allow_any_core_to_bootstrap: "true" - causal_clustering.discovery_type: "LIST" - causal_clustering.initial_discovery_members: ":5000,:5000,:5000" - causal_clustering.discovery_advertised_address: ":5000" - causal_clustering.raft_advertised_address: ":7000" - causal_clustering.transaction_advertised_address: ":6000" - dbms.connector.bolt.advertised_address: ":7687" - dbms.routing.advertised_address: ":7688" --- -. In the _core-2.values.yaml_, add the following settings to the Neo4j configuration: -+ -[source, shell] --- -# Neo4j Configuration (yaml format) -config: - dbms.mode: "CORE" - dbms.config.strict_validation: "false" - causal_clustering.middleware.akka.allow_any_core_to_bootstrap: "true" - causal_clustering.discovery_type: "LIST" - causal_clustering.initial_discovery_members: ":5000,:5000,:5000" - causal_clustering.discovery_advertised_address: ":5000" - causal_clustering.raft_advertised_address: ":7000" - causal_clustering.transaction_advertised_address: ":6000" - dbms.connector.bolt.advertised_address: ":7687" - dbms.routing.advertised_address: ":7688" --- -. In the _core-3.values.yaml_, add the following settings to the Neo4j configuration: -+ -[source, shell] --- -# Neo4j Configuration (yaml format) -config: - dbms.mode: "CORE" - dbms.config.strict_validation: "false" - causal_clustering.middleware.akka.allow_any_core_to_bootstrap: "true" - causal_clustering.discovery_type: "LIST" - causal_clustering.initial_discovery_members: ":5000,:5000,:5000" - causal_clustering.discovery_advertised_address: ":5000" - causal_clustering.raft_advertised_address: ":7000" - causal_clustering.transaction_advertised_address: ":6000" - dbms.connector.bolt.advertised_address: ":7687" - dbms.routing.advertised_address: ":7688" --- - -== Deploy the Neo4j cluster - -. Switch the context to `my-aks-cluster-a-admin`. -+ -[source, shell] --- -kubectl config use-context my-aks-cluster-a-admin --- -. Install `core-1` using the _core-1.values.yaml_: -+ -[source, shell] --- -helm install core-1 neo4j/neo4j-cluster-core -f /path/to/core-1.values.yaml --- -+ -.Example output -[source, role=noheader, subs="attributes"] --- -NAME: core-1 -LAST DEPLOYED: Thu Sep 8 21:29:30 2022 -NAMESPACE: default -STATUS: deployed -REVISION: 1 -TEST SUITE: None -NOTES: -Thank you for installing neo4j-cluster-core. - -Your release "core-1" has been installed . - -The neo4j user's password has been set to "my-password". - -This release creates a single Neo4j Core instance. It will not become ready until it is able to form a working Neo4j cluster by joining other Neo4j Core instances. To create a working cluster requires at least 3 Core instances. - -Once you have a working Neo4j cluster you must install at least one Neo4j Service before you can connect applications to Neo4j. Available Neo4j services are: - neo4j-headless-service - for connecting applications running inside Kubernetes to Neo4j - neo4j-loadbalancer - for connecting applications running outside Kubernetes to Neo4j - -Graphs are everywhere! --- -. Switch the context to `my-aks-cluster-b-admin`. -+ -[source, shell] --- -kubectl config use-context my-aks-cluster-b-admin --- -. Install `core-2` using the _core-2.values.yaml_: -+ -[source, shell] --- -helm install core-2 neo4j/neo4j-cluster-core -f /path/to/core-2.values.yaml --- -. Switch the context to `my-aks-cluster-c-admin`. -+ -[source, shell] --- -kubectl config use-context my-aks-cluster-c-admin --- -. Install `core-3` using the _core-3.values.yaml_: -+ -[source, shell] --- -helm install core-3 neo4j/neo4j-cluster-core -f /path/to/core-3.values.yaml --- -. Switch to each context and check that the pod there is `READY` and that they have formed a cluster. -+ -[source, shell] ----- -kubectl get pods ----- -+ -[source, role=noheader] ----- -NAME READY STATUS RESTARTS AGE -core-1-0 1/1 Running 0 4m51s ----- - -== Create an Application Gateway - -You create an Application Gateway to access the Neo4j cluster from outside the AKS clusters. - -. Log in to the https://portal.azure.com/[Azure portal]. -. In the *Search resources* area, look for Application Gateway. + -The Load balancing | Application Gateway window opens. -. Click the *Create* button. -. On the *Basics* tab, configure the following settings: -.. From the *Resource group* dropdown, select `my-RG`. -.. Add a name for your Application gateway in the *Application gateway/name* field. -.. From the *Region* dropdown, select your region. -In this example, it is East US. -.. Disable the autoscaling. -.. From the *Virtual network* dropdown, select `my-VNet`. -.. From the *Subnet* dropdown, select `subnet4 | 10.30.4.0/24`. -.. Click *Next : Frontends >*. -. On the *Frontends* tab, configure the Public IP address: -.. From the *Frontend IP address type*, select *Public*. -.. In *Public IP address*, click *Add new*. -... Add a name for it, for example, `apg-public`. -... Click *OK*. -.. Click *Next : Backends >*. -. On the *Backends* tab, add the EXTERNAL-IPs of the load balancers: -.. Click *Add a backend pool*. -... Add a name for the pool, for example, `neo4j-cluster`. -... In the *Target type* list, add the EXTERNAL-IPs of the load balancers under *Target*. -.. Click *Add*. -.. Click *Next : Configuration >*. -. On the *Configuration* tab, configure the routing rules: -.. Click *Add a routing rule* and configure a routing rule for port `7474`. -... In the *Rule name* field, add a name for your rule, for example, `rule7474`. -... For *Priority*, add `1`. -... On the *Listener* tab, add a name for the *Listener* (e.g., `listener7474`), select *Frontend IP* to be *Public*, and add port `7474`. -... On the *Backend targets* tab, configure the backend target and settings: -.... From the *Target type* dropdown, select the *Backend pool* to be `neo4j-cluster`. -.... For *Backend targets*, click *Add new* and config. -..... In the *Backend settings name*, type `settings7474`. -..... In the *Backend port*, type `7474`. -... Click *Add*. -.. Click *Add a routing rule* and configure a routing rule for port `7687`. -... In the *Rule name* field, add a name for your rule, for example, `rule7687`. -... For *Priority*, add `2`. -... On the *Listener* tab, add a name for the *Listener* (e.g., `listener7687`), select *Frontend IP* to be *Public*, and add port `7687`. -... On the *Backend targets* tab, configure the backend target and settings: -.... From the *Target type* dropdown, select the *Backend pool* to be `neo4j-cluster`. -.... For *Backend targets*, click *Add new* and config. -..... In the *Backend settings name*, type `settings7687`. -..... In the *Backend port*, type `7687`. -... Click *Add*. -.. Click *Next : Tags >*. -.. Click *Next : Review + create >*, review your configurations, and click *Create*. - -== Access the Neo4j cluster - -After the Application Gateway is created and the deployment is complete, you can access the Neo4j cluster via the Neo4j Browser. - -. Copy the *Frontend public IP address* and paste it into a browser. + -. Add port `:7474`. + -Neo4j Browser opens. -. Log in with your credentials (e.g., `neo4j`/`my-password`). -. Verify that the cluster is up and running using the Cypher command `SHOW DATABASES`.