Server installation
Server installation is a two-step process. The first step, as described in the previous section, is to setup a Neo4j DBMS to act as persistence for NOM.
The second step is to download and configure arguments and/or environment variables to the specific environment you want to run NOM in and either install NOM as a service or run it as a console application. Both ways are described below. Running as a service is the recommended way of operating the NOM Server.
Releases of Neo4j enterprise all come bundled with the most current version of NOM at the time of that Neo4j release.
Please note that this does not have to be the most current version of NOM.
You can find NOM as .zip
or .tar.gz
inside your Neo4j folder under /products
.
Alternatively, you can download any version of the NOM Server, including the agent binaries here: Download.
In any case, please extract the content from the downloaded .zip
or .tar.gz
file to whichever directory you want to operate NOM from
(in the following referenced as NOM server-folder).
Prerequisites
-
1 CPU core (2 recommended)
-
2 GB RAM (4 GB recommended)
-
15 GB disk space
-
Windows or Unix-based operating system
-
Java 17 or 21
-
Key pair and certificate (as a PKCS12 file) to be used for TLS protected endpoints (see Self-Signed Certificate Generation for test and demo purposes). If key pair and certificate were generated with OpenSSL, ensure that OpenSSL version 3.x or later was used.
If the certificate is not issued by a public CA, the intermediate certificate or the certificate from CA needs to be added to Java’s trust store using the following command:
|
In case you have multiple versions of Java installed on the machine you will use for the server, you can set |
Pay close attention when entering configuration values that contain special (reserved) characters. Which characters are special (reserved) depends on the operating system and the method of installation. |
Running as a service
Linux (systemd)
Setting arguments in service file
Navigate to the NOM server-folder under etc/
where a neo4j-ops-manager-server.service
file is located.
This file includes a section that needs to be adjusted to your environment (e.g. the Neo4j password you used for setting up the persistence database, the proper path to your ssl key-store file, etc.).
Using environment variables
As an alternative to changing the arguments in the neo4j-ops-manager-server.service
file, you can instead use environment variables to achieve the same result.
The neo4j-ops-manager-server.service
file contains the necessary information for this.
The table here contains environment variables and example values.
Installation
Copy neo4j-ops-manager-server.service
file into the directory /etc/systemd/system
.
Next, execute the following commands to install the NOM Server as a service:
sudo systemctl daemon-reload
sudo systemctl enable neo4j-ops-manager-server
Starting and stopping
Start the NOM Server as a service with the command:
sudo systemctl start neo4j-ops-manager-server
The NOM Server is now ready to use.
To stop the NOM Server, use the command:
sudo systemctl stop neo4j-ops-manager-server
For SELinux The SELinux context of the server binary must be changed so that it can be executed from the service. To permanently change the SELinux context of the file, run the following commands:
<SERVER_PATH> should be replaced with the path to the NOM server-folder. |
Windows
Setting arguments in the service file
Navigate to the NOM server-folder under bin\
, where a server.xml
is located.
This file includes an <arguments>
section that needs to be adjusted to your environment (e.g. the Neo4j password you used for setting up the persistence database, the proper path to your SSL key-store file, etc.).
Using environment variables
As an alternative to changing the arguments in the server.xml
file, you can instead use environment variables to achieve the same result.
The server.xml
file contains the necessary information for this.
The table here contains environment variables and example values.
Running as a console application
Although it is possible to run the NOM Server as a console application, it is not recommended. Best practice is to run the NOM Server as a service, as described in the previous section. |
Unix
Passing arguments on command line
Navigate to the NOM Server folder and execute the following command:
java -jar ./lib/server.jar
--spring.neo4j.uri=neo4j://localhost:7687
--spring.neo4j.authentication.username=neo4j
--spring.neo4j.authentication.password=password
--server.port=8080
--server.ssl.key-store-type=PKCS12
--server.ssl.key-store=file:./certificates/server.pfx
--server.ssl.key-store-password=changeit
--grpc.server.port=9090
--grpc.server.security.key-store-type=PKCS12
--grpc.server.security.key-store=file:./certificates/server.pfx
--grpc.server.security.key-store-password=changeit
Make sure to replace the arguments with values adjusted to your environment (e.g. the Neo4j password you used for setting up the persistence database, the proper path to your ssl key-store file, etc.).
Using environment variables
All the arguments from the command in the last section can also be defined as environment variables as described here.
If you set all the arguments to environment variables, you can shorten the server start command to the following (provided that you have navigated to the NOM Server folder):
java -jar ./lib/server.jar
Windows
Passing arguments on the command line
Navigate to the NOM Server folder and execute the following command:
java -jar .\lib\server.jar
--spring.neo4j.uri=neo4j://localhost:7687
--spring.neo4j.authentication.username=neo4j
--spring.neo4j.authentication.password=password
--server.port=8080
--server.ssl.key-store-type=PKCS12
--server.ssl.key-store=file:.\certificates\server.pfx
--server.ssl.key-store-password=changeit
--grpc.server.port=9090
--grpc.server.security.key-store-type=PKCS12
--grpc.server.security.key-store=file:.\certificates\server.pfx
--grpc.server.security.key-store-password=changeit
Make sure to replace the arguments with values adjusted to your environment (e.g. the Neo4j password you used for setting up the persistence database, the proper path to your ssl key-store file, etc.).
Using environment variables
All the arguments from the command in the last section can also be defined as environment variables as described here.
If you set all the arguments to environment variables, you can shorten the server start command to the following (provided that you have navigated to the NOM Server folder):
java -jar .\lib\server.jar
If the NOM Server is required to support self-registered agents ensure that the configuration property Read more about agent self-registration here. |
Running NOM server behind a proxy
If NOM server is running behind a proxy and is configured to access external web resources, its JVM must be started with appropriate proxy configuration options. This configuration is also required for the auto-refresh of available Neo4j and NOM versions.
To pass proxy configuration options to the NOM server JVM, the environment variable JAVA_OPTS
can be used, as shown in the following example:
JAVA_OPTS=-Dhttp.proxyHost=myproxy.example.com -Dhttp.proxyPort=8080
If running NOM server as a service, the environment variable can be set in the service configuration file.
For details about configuring proxy in Java, see Java documentation.
Server configuration reference
Command line argument | Environment variable name | Description | Example value |
---|---|---|---|
|
|
Neo4j URI for NOM persistence DBMS |
neo4j://localhost:7687 |
|
|
Neo4j user name for NOM persistence DBMS |
neo4j |
|
|
Neo4j password for NOM persistence DBMS |
password |
|
|
The port that the server will listen on for HTTP traffic |
8080 |
|
|
Type of key store used for HTTP traffic |
PKCS12 |
|
|
Location of key store used for HTTP traffic |
|
|
|
Password of key store used for HTTP traffic |
changeit |
|
|
The port that the server will listen on for GRPC traffic |
9090 |
|
|
Type of key store used for GRPC traffic |
PKCS12 |
|
|
Location of key store used for GRPC traffic |
|
|
|
Password of key store used for GRPC traffic |
changeit |
|
|
Random string used for JWT signing (optional) |
please-set-a-random-secret-string-here-for-jwt-signing |
|
|
JWT time to live, configures the session expiration time. For syntax, see Spring documentation (optional) |
1h |
|
|
Set to true to opt out of product analytics being sent to Neo4j (optional) |
false |
|
|
Set to true to opt out of crash analytics being sent to Neo4j (optional) |
false |
|
|
Set to true to opt out of automatic fetching of version information for NOM and Neo4j (optional) |
false |
|
|
File containing list of PEM encoded agent certificates. Required for agent self-registration. (optional) |
|
|
|
If set, logs of NOM server will be written to the file designated by this location. If not set, logs will be written to STDOUT. (optional) |
|
|
|
Root log level. Default is |
|
|
|
Log level of the |
|
Accessing Ops Manager
For details on how to access Ops Manager after installation as described in the sections above, please see Home page.