1

I have been trying to setup neo4j server in ubuntu (installed in Amazon AWS EC2) which I need to access from remote machine. I followed the Neo4j Doc and this: stackoverflow question , but found that I couldnt access it from my Office Network. So I decided to set up Nginx as proxy. I followed multiple links :-

  1. Dzone article
  2. Stackoverflow Question

With these I could hit the Neo4j server ,but couldnt connect to it's DB. Here is the Browser Snapshot when remotely accessing the Neo4j server installed in Ec2 behind Nginx proxy Can someone help me out if I am missing something here? What should I do to access the DB?

Update: As @FrobberOfBits mentioned, I updated my Neo4j Configuration as follows:

Network Connector Configuration of Neo4j

But still when I navigate to the Neo4j Browser , I get this:

Neo4j browser snapshot

What should I give in host ? I tried giving bolt://ec2-XXXXX.compute-1.amazonaws.com:7687 . It didnt work :(

Abhinaba Chakraborty
  • 21
  • 6

2 Answers2

1

I just got neo4j to work a few moments ago. for aws ec2 I had to change 2 things:

  1. AWS security groups for the instance

    allow TCP access from anywhere to 7474 and 7687 (just replace the default http port in this aws guide with the neo4j port ) 7474 is for the http request to neo4j and the 7687 was for the bolt.

  2. edit the configurations in the /etc/neo4j/neo4j.conf file

    This config file editing was so confusing. I went through these comments:

    I editted the following:

    • dbms.connectors.default_listen_address=0.0.0.0
    • dbms.connectors.default_advertised_address=<elastic ip> - i just mapped an elastic ip and used it
    • I then set the remaining ports by uncommenting and adding 0.0.0.0 just to be sure (I think the key was using the advertised address)
      • dbms.connector.bolt.enabled=true
      • dbms.connector.bolt.listen_address=0.0.0.0:7687
      • dbms.connector.http.enabled=true
      • dbms.connector.http.listen_address=0.0.0.0:7474
      • dbms.connector.https.enabled=true
      • dbms.connector.https.listen_address=0.0.0.0:7473 The confusing part is the listen_address and advertised_address. my understanding is the latter is used by the neo4j web application javascript to know where to connect and the first one is like setting 0.0.0.0 for mysql to listen as a remote service.

Also I am not sure why you needed nginx; on my end i was just trying to setup neo4j in an aws ec2 instance. Here are some of the neo4j links that helped me setup

Best Regards,

Stevenson Lee

stevenson lee
  • 111
  • 2
  • 9
0

A common problem people run into in cloud setups is the dbms.connectors.default_advertised_address setting. This is the address that the database uses to advertise itself to clients, including to the browser.

In your screenshot the "host" field is blanked out, but it should be filled with something. If that something is 10...* address, then that's the problem; the database is advertising itself with a non-routable address.

You should ensure that default_advertised_address is an externally valid IP address, and that it is used in the host field on browser.

FrobberOfBits
  • 17,634
  • 4
  • 52
  • 86
  • Hi Frobber. I get what you are saying. But normally if neo4j is properly setup i.e if the bolt connection with database is successful, then that Host field wont show up in browser. – Abhinaba Chakraborty Jun 23 '18 at 07:15
  • Talking about the Network connector configuration of Neo4j : 1) Firstly it is mentioned: # With default configuration Neo4j only accepts local connections. # To accept non-local connections, uncomment this line: #dbms.connectors.default_listen_address=0.0.0.0 ..... So I uncommented it . – Abhinaba Chakraborty Jun 23 '18 at 07:27
  • 2) Next, as you said, it is written: # The address at which this server can be reached by its clients. This may be the server's IP address or DNS name, or # it may be the address of a reverse proxy which sits in front of the server. This setting may be overridden for # individual connectors below. #dbms.connectors.default_advertised_address=localhost ..... Here I guess I need to set it to the nginx proxy IP or DNS? And I guess it should be same as the public DNS of EC2 where I installed both neo4j and nginx (I didnt uncomment it during my setup, so please help me here what to do..) – Abhinaba Chakraborty Jun 23 '18 at 07:28
  • 3) Lastly there are bunch of bolt,http and https configurations: # Bolt connector dbms.connector.bolt.enabled=true #dbms.connector.bolt.tls_level=OPTIONAL #dbms.connector.bolt.listen_address=:7687 # HTTP Connector. There must be exactly one HTTP connector. dbms.connector.http.enabled=true #dbms.connector.http.listen_address=:7474 # HTTPS Connector. There can be zero or one HTTPS connectors. dbms.connector.https.enabled=true #dbms.connector.https.listen_address=:7473 – Abhinaba Chakraborty Jun 23 '18 at 07:28
  • I had uncommented the dbms.connector.bolt.listen_address to :17687 and dbms.connector.http.listen_address to :17474 as given here [Dzone Link](https://dzone.com/articles/using-nginx-to-proxy-a-neo4j-instance) . Accordingly I set those configuration in nginx. But those dont seem to work :( – Abhinaba Chakraborty Jun 23 '18 at 07:29
  • @Tarun Lalwani Can you please help – Abhinaba Chakraborty Jun 23 '18 at 08:58
  • If you configure default_listen_address=0.0.0.0 the VM will bind to whatever LOCAL address you have. You should check what that is. That is very likely an internal address which isn't accessible by the internet. For example, if your neo4j is inside of a VPC and this is why you are using a reverse proxy, then it's guaranteed to be a private address – FrobberOfBits Jun 23 '18 at 13:43
  • Please check your neo4j logs and verify what your advertised address was. – FrobberOfBits Jun 23 '18 at 13:44
  • The 0.0.0.0 is the configuration, not the advertised address. – FrobberOfBits Jun 23 '18 at 13:44
  • There are 2 configuration params - default_listen_address and default_advertised_address ([Neo4j doc](https://neo4j.com/docs/operations-manual/current/configuration/connectors/)). If I set the default listen address to the Public IP of the EC2 instance, and restart Neo4j service and hit the URL remotely, it shows 502 bad gateway. If I set the default advertised address to Public DNS of EC2 , the Neo4j browser home pages shows up but it says cannot connect to DB and it asks for host (If you see my screenshot above) – Abhinaba Chakraborty Jun 25 '18 at 10:19
  • I don't see any working solution for this anywhere around the internet. Here is the Neo4j Network Config. Please suggest what param should be changed . dbms.connectors.default_listen_address=0.0.0.0 dbms.connectors.default_advertised_address=ec2-xx-xx-xx-xx.compute-1.amazonaws.com dbms.connector.bolt.enabled=true dbms.connector.bolt.listen_address=:17687 dbms.connector.bolt.advertised_address=:7687 dbms.connector.http.enabled=true dbms.connector.http.listen_address=:17474 dbms.connector.https.enabled=true – Abhinaba Chakraborty Jun 25 '18 at 10:23
  • HTTP and bolt in Nginx Config : (a) For the HTTP part, I added the following inside the server section of /etc/nginx/sites-available/default this snippet: location /neo4j/ { proxy_pass http://localhost:17474/; } (b) For the bolt protocol, I amended to /etc/nginx/nginx.conf this snippet: stream { server { listen 7687; proxy_pass localhost:17687; } } – Abhinaba Chakraborty Jun 25 '18 at 10:24
  • I personally feel that I am missing something here in the configs. I dont have any experience using Nginx , so I am clueless here. Please go through this [Neo4j doc link](https://neo4j.com/docs/operations-manual/current/configuration/connectors/) and the [Nginx config link](https://dzone.com/articles/using-nginx-to-proxy-a-neo4j-instance). I am certain this guy who has written the Dzone article has not mentioned everything – Abhinaba Chakraborty Jun 25 '18 at 10:35
  • Paging @stefan-armbruster the author of that dzone article, who may be able to help – FrobberOfBits Jun 25 '18 at 17:30