/ SmartOS

Neo4j on SmartOS

If you've never played around with Neo4j before, stop reading this page and download it now, or at least go try out the Neo4j Sandbox.

Yes, I mean right now.

I'll wait.

Neo4j is pretty awesome huh?

What's that? You want to spin up your own SmartOS zone and install it right away?

That's easy, as Neo4j is in pkgsrc! Assuming you're cool with using Neo4j-2.2.2 that is.

This is a quick and dirty guide on manually installing and configuring the latest builds of Neo4j (3.0+) on SmartOS. The intent is to match the quality of installation that you'd get by installing via pkgin: Reasonable paths, SMF support, and an added bonus of a dedicated ZFS dataset to store our database in.

SmartOS Zone Configuration

For the rest of this guide, we'll be using a zone with the following configuration.

{
  "alias": "neo4j",
  "hostname": "neo4j",
  "brand": "joyent",
  "image_uuid": "088b97b0-e1a1-11e5-b895-9baa2086eb33",
  "max_physical_memory": 1024,
  "cpu_cap": 200,
  "quota": 10,
  "delegate_dataset": true,
  "resolvers": [ "8.8.8.8", "8.8.4.4" ],
  "nics": [{
    "nic_tag": "admin",
    "ips": [ "192.168.0.7/24", "addrconf" ],
    "gateway": "192.168.0.1"
  }]
}

Feel free to adjust the values as you see fit for your situation. Once you're done, create the zone and log in.

# vmadm create -f neo4j.json
# zlogin <UUID of zone>

Delegated Dataset

The first thing we're going to do after logging into our new SmartOS Zone is to clean up the default delegated dataset cruft, and then set up a new dataset mounted under /var/db/neo4j.

# UUID=`sysinfo | json UUID`
# zfs set mountpoint=none zones/$UUID/data
# rmdir -p /zones/$UUID
# zfs create -o mountpoint=/var/db/neo4j -o quota=8G zones/$UUID/data/neo4j

Feel free to adjust, or even omit the quota.

Install Java

While the Neo4j 2.2 series needs OpenJDK7, the Neo4j-3.0 series needs OpenJDK8. Let's install that next.

# pkgin in openjdk8

Install Neo4j

The latest community version of Neo4j can be downloaded directly from https://neo4j.com. I recommend downloading and installing the latest version of Neo4j as the software development is quite active.

We can even be fancy and decompress it directly where we need it.

# mkdir /opt/local/neo4j
# cd /opt/local/neo4j
# curl https://neo4j.com/artifact.php?name=neo4j-community-3.0.1-unix.tar.gz | tar zxC . --strip-components=1

Since we're already in this directory, lets clean up text files we don't need and setup our symlinks:

# chown root:root * -R
# rm -r *.txt data/
# mv conf /opt/local/etc/neo4j
# ln -s /opt/local/etc/neo4j conf
# ln -s /var/db/neo4j data

Create our user and group and register as a project.

# groupadd -g 814 neo4j
# useradd -u 814 -g neo4j -d /nonexistent -s /usr/bin/false \
  -c "Neo4j daemon user" neo4j
# projadd -U neo4j -G neo4j -c "Neo4j server" \
  -K "process.max-file-descriptor=(basic,65536,deny)" neo4j
# mkdir certificates
# chown neo4j:neo4j /var/db/neo4j logs run certificates

Configure Neo4j

Neo4j-3.0.x supports three different client connection protocols: HTTP, HTTPS, and BOLT. While HTTP has historically been the preferred (see: only suitable) method for connecting Neo4j to its overlying application layer, the BOLT protocol is a higher performance alternative that's just as capable, assuming that your application has the proper drivers to make use of it. Since BOLT is intended for application layer access, ensure that only your applications can access it. This is best achieved by limiting it's listening interfaces to those in a private network segment, or to localhost.

While I would recommend using HTTPS over HTTP for administrative purposes, I won't recommend using Neo4j to directly provide HTTPS service. Instead use Nginx to provide TLS service, and configure it to forward requests to Neo4j via local HTTP.

Ensure that the following parameters are set in the neo4j.conf file.

/opt/local/etc/neo4j/neo4j.conf

# Bolt connector
dbms.connector.bolt.type=BOLT
dbms.connector.bolt.enabled=true
dbms.connector.bolt.tls_level=OPTIONAL
# To have Bolt accept non-local connections, uncomment this line
#dbms.connector.bolt.address=0.0.0.0:7687

# HTTP Connector
dbms.connector.http.type=HTTP
dbms.connector.http.enabled=true
dbms.connector.http.encryption=NONE
# To have HTTP accept non-local connections, uncomment this line
#dbms.connector.http.address=0.0.0.0:7474

Uncomment the bolt.address and http.address parameters if you understand the ramifications of doing so.

SMF support

The original SMF specification can be converted to work with Neo4j-3.0.x with very little modification:

Download, Import and enable it.

# svccfg import /root/neo4j-smf.xml
# svcadm enable neo4j

Everything should now be up and running. Log in with a web-browser and enjoy.

Conclusion

This was so quick and dirty, I will likely be following this up sometime with an article about creating pkgsrc packages using Neo4j-3.0.x as an example. Until then, enjoy your shiny new and up-to-date graph database.