Helm Charts

Prerequisites

  • helm command line tool.

  • kubectl command line tool.

  • Access to a Kubernetes enviroment (cloud, on-prem, or local with a LoadBalancer resource implementation).

NOM server Helm Chart

  • Download the NOM server Helm Chart from Neo4j Download Center.

  • Following is a basic configuration for NOM server Helm Chart provided as a values.yaml file

config:
  grpc:
    advertisedHost: <service endpoint to GRPC for agents to connect>

secrets:
  storage:
    uri: "<NOM persistence URI>"
    username: "<NOM persistence user name>"
    password: "<NOM persistence password>"
  jwt:
    token: "<jwt secret as specified in server installation>"
  tls:
    password: "<PKCS12 certificate file password for server TLS config>"

service:
  http:
    ipAddress: "<Provisioned LoadBalancer service IP address for HTTP connections>"
  grpc:
    ipAddress: "<Provisioned LoadBalancer service IP address for GRPC connections>"
  • Run the following command to install the NOM server to your Kubernetes cluster

helm install -f values.yaml --set secrets.tls.pkcs12CertFileContent=$(cat server.pfx | base64) <Helm release name> /path/to/neo4j-ops-manager-server-<VERSION>.tgz
  • If agents are self-registered, set the additional trusted agent certificates on the server before deploying the agents

helm install -f values.yaml --set secrets.tls.pkcs12CertFileContent=$(cat server.pfx | base64) --set secrets.mTLS.agentCerts=$(cat localhost.pem | base64) <Helm release name> /path/to/neo4j-ops-manager-server-<VERSION>.tgz
  • If the command doesn’t report any error, check if the NOM server pod and services are running with kubectl command.

  • Default values.yaml is given below for more customization options:

values.yaml
# Default values for neo4j-ops-manager-server.
config:
  logFileName: "app.log"
  logLevel: info
  maxHeapSize: 8g
  jwtTTL: 2h
  grpc:
    advertisedHost:

secrets:
  storage:
    uri: ""
    username: ""
    password: ""
  jwt:
    token: ""
  tls:
    password: ""
    pkcs12CertFileContent: ""
  mTLS:
    # string content of PEM encoded list of certificates appended into a .pem file
    # used for agent self-registration
    agentCerts: ""

service:
  http:
    ipAddress: ""
  grpc:
    ipAddress: ""
    port: 9090

image:
  name: neo4j/neo4j-ops-manager-server
  pullPolicy: Always

hpa:
  spec:
    targetCPUUtilizationPercentage: 70

nameOverride:

resources:
  limits:
    cpu: "2"
    memory: "8G"
  requests:
    cpu: "0.2"
    memory: "4G"

nodeSelector: {}

tolerations: []

affinity: {}