3

An AWS Neptune DB cluster can only be created inside a VPC and its endpoints are only accessible within the VPC. I would like to connect to the cluster endpoints via the Gremlin Java driver and to be able to debug locally my code. Is that possible?

Eszter
  • 331
  • 1
  • 3
  • 19

1 Answers1

2

Yes that will work. There are several ways you can connect from a local machine to the Neptune cluster. I often just use an SSH tunnel and then connect to the server using "localhost" from my laptop. That requires an EC2 instance deployed in the VPC of course. Using a load balancer should also work. I have done that myself as well. If you are using IAM Authentication there are a few additional steps that you will need to do to get it working. If you are not using IAM auth then just using the load balancer DNS name when you connect to Neptune should work. Please add a comment to this answer if you need more detailed information and I can update the answer.

For the health check you can use the /status HTTP endpoint.

Here is a link to some instructions on configuring an ALB with Neptune https://github.com/aws-samples/aws-dbs-refarch-graph/tree/master/src/connecting-using-a-load-balancer

Kelvin Lawrence
  • 14,674
  • 2
  • 16
  • 38
  • I would like to avoid having an EC2 instance. Just a load balancer is what I would like to set up. I do have a security group set up, but I must have something missing as my connection times out. So yes, please do elaborate on the settings, I'd really appreciate that. – Eszter Nov 22 '19 at 10:09
  • 1
    I have an ALB listening on HTTP 80 (I know I should use https, but certificates are a problem now, so I'll stick with plain old http for now). The ALB is linked to a target group that has as registered target the IP address of the DB cluster and port 8182. The status shows unhealthy. However, the health status of the DB instance is ok. The VPC of the DB and the ALB is the same, the security group of the DB has a custom inbound TCP rule on port 8182 for the security group of the ALB. What am I missing? – Eszter Nov 22 '19 at 10:18
  • I am editing the answer with a link to some step by step instructions. – Kelvin Lawrence Nov 25 '19 at 20:23
  • Hey @Eszter did you ever figure this out? The "step by step" instructions Kelvin linked to did not go over the specifics. I have the same issue in that my target shows as unhealthy. – CrizR Nov 22 '21 at 16:56
  • 1
    How are you configuring the load balancer health check @ChrisRisley? One common way is to use the HTTPS /status endpoint on port 8182. It will return an HTTP 200 if all goes well. – Kelvin Lawrence Nov 22 '21 at 20:42
  • 1
    Hey Kelvin, that indeed was the problem. I had left it on port 80 when it should have been 8182. Thanks – CrizR Nov 22 '21 at 22:08
  • Although I am encountering some other issues: https://stackoverflow.com/questions/70074141/properly-setting-up-a-network-load-balancer-in-front-of-a-neptune-cluster – CrizR Nov 23 '21 at 00:53