Harold Spencer Jr of Eucalyptus, technology partner of Neo Technology, walks through deploying a Neo4j High Available Cluster


In order to use this Ansible playbook on AWS/Eucalyptus, the following is needed:

Before deploying the cluster, a security group needs to be created that the cluster will use.  The security group must allow the following:

  • port 22 (SSH)
  • all instances part of the security group allowed to community with each other (ports 0 - 65535)

To create the security group and authorize the ports, make sure the user’s access key, secret access key, and EC2 URL are noted, and do the following:

    1. Create the security group
      ec2-create-group --aws-access-key <EC2_ACCESS_KEY> 
      --aws-secret-key <EC2_SECRET_KEY> 
      --url <EC2_URL> -g neo4j-cluster -d "Neo4j HA Cluster"
    2. Authorize port for SSH in neo4j-cluster security group
      --aws-access-key <EC2_ACCESS_KEY> 
      --aws-secret-key <EC2_SECRET_KEY> 
      --url <EC2_URL> -P tcp -p 22 -s neo4j-cluster 
    3. Authorize all port communication between cluster members
      –aws-access-key <EC2_ACCESS_KEY> –aws-secret-key <EC2_SECRET_KEY>
      –url <EC2_URL> -P tcp -o neo4j-cluster -p -1 neo4j-cluster

After completing these steps, use


to view the security group:

ec2-describe-group –aws-access-key <EC2_ACCESS_KEY>
–aws-secret-key <EC2_SECRET_KEY> –url <EC2_URL> neo4j-cluster

GROUP sg-1cbc5777 986451091583 neo4j-cluster Neo4j HA Cluster
PERMISSION 986451091583 neo4j-cluster ALLOWS tcp 0 65535 FROM
USER 986451091583 NAME neo4j-cluster ID sg-1cbc5777 ingress
PERMISSION 986451091583 neo4j-cluster
ALLOWS tcp 22 22 FROM CIDR ingress

Read the full article.