0

Just tried below mentioned code to check my Amazon Neptune service, it's throwing this error:

ClientConnectorError: Cannot connect to host <host>:8182 ssl:default [Connect call failed ('<ip-address>', 8182)]

from __future__  import print_function  # Python 2/3 compatibility

from gremlin_python import statics
from gremlin_python.structure.graph import Graph
from gremlin_python.process.graph_traversal import __
from gremlin_python.process.strategies import *
from gremlin_python.driver.driver_remote_connection import DriverRemoteConnection

graph = Graph()
remoteConn = DriverRemoteConnection('wss://<host>','g')

g = graph.traversal().withRemote(remoteConn)

print(g.V().limit(2).toList())
remoteConn.close()

Does anybody know the solution? Thanks

Kelvin Lawrence
  • 14,674
  • 2
  • 16
  • 38
Lakshminarayanan
  • 320
  • 4
  • 18

3 Answers3

0

<host> is a placeholder that you need to replace with the name of the host that runs Gremlin Server. If your python client runs on the same host, you can replace <host> by localhost.

Also note that you can only use url's starting with wss:// if secure socket layer is configured on Gremlin Server, otherwise use a url starting with ws://.

HadoopMarc
  • 1,356
  • 3
  • 11
  • 1
    Just a comment that if the poster is using Amazon Neptune, as tagged, SSL/TLS is always enabled so `wss://` will be required. – Kelvin Lawrence Jan 04 '23 at 20:19
0

Remember when you connect locally you should jump into a bastion host, and change Neptune DNS locally to point locally eg.

127.0.0.1 neptune.dns.aws.com

Then you can call the curl command to get Neptune's response when you are hooked on the AWS network.

curl -X POST --data-binary 'query=select ?s ?p ?o where {?s ?p ?o} limit 10' http://neptune-dns.neptune.amazonaws.com:8182/sparql
ParisNakitaKejser
  • 12,112
  • 9
  • 46
  • 66
0

hope you have solved this already yourself. But what the AWS docs say you need this Type of string: remoteConn = DriverRemoteConnection('wss://"your cluster endpoint":8182/gremlin','g')

Then presuming that you have a service connected to the same VPC or in a VPC that can communicate with the VPC of the Neptune DB. The service you want to connect to the Neptune_DB need to be able to access the Security group of the Neptune DB E.G add a Inbound rules to the security group of the Neptune_DB to allow all traffic, or at minimum TCP(as wss:// uses TCP), from the security group of the service.

JonTheBaboon
  • 31
  • 5
  • One additional note. Neptune today runs in a VPC and does not expose a public endpoint. You cannot expose the endpoint by modifying just the security group. You still need a way to connect to the VPC. That could be as simple as running the code from an EC2 instance or Lambda function in the same VPC. In the EC2 case opening port 8182 is sufficient. If connecting from outside the VPC additional mechanisms need to be in place which could include: ALB/NLB, VPC Peering, Direct Connect, SSH tunnel (not recommended for more than dev/test), API Gateway/Lambda - and many more. – Kelvin Lawrence Feb 24 '23 at 15:05
  • Yes, sorry. This solution presumed that you have a service connected to the same VPC or in a VPC that can communicate with the VPC of the Neptune DB. – JonTheBaboon Feb 27 '23 at 08:52