Due to security policies, I have a cluster of JanusGraph servers (running in an internal Kubernetes network) that can be accessed by external Gremlin clients via the below network route:
clients --> global load balancer (URL-based) --> third-party firewall --> internal load balancer --> graph servers
The endpoint exposed by the global load balancer is something like e.g. https://myhost.com/mypath1/mypath2/
This approach works fine for HTTP(S) based requests, as I am able to receive a response from the gremlin server when firing a curl command to the above global load balancer endpoint.
However, I have 2 other gremlin client usage patterns:
- using
gremlin.shconsole - using
gremlin-pythonclient (or more generally, WebSocket clients)
Hence my questions are:
In the
remote.yamlfile used bygremlin.shclient, how do I specify the global load balancer endpoint in thehostsandportparameters?- I have tried a few combinations (e.g.
hosts= ['myhost.com']/['myhost.com/mypath1/mypath2'],port= 8182/443) but they all don't work
- I have tried a few combinations (e.g.
In
gremlin-pythonclient, I am using a WebSocket-based connection. How do I specify the websocket connection string with the above endpoint?- I have tried various connection strings (e.g.
ws(s)://myhost.com/mypath1/mypath2/gremlin) but they don't work too
- I have tried various connection strings (e.g.
For
hostsyou should just supply the host name (no path) and for port, it should just be 443 assuming that is the port you've exposed on your load balancer. Of course you also need to enable SSL - as an example note the settings provided in the packagedremote-secure.yamlfile and see additional configuration options inhttps://tinkerpop.apache.org/docs/current/reference/#_configuration.As for your custom path of
mypath1/mypath2/gremlin, that is not configurable at this time. It expects that path to be/gremlin. I've created TINKERPOP-2379 in response.I would expect this to work for Python:
wss://myhost.com:443/mypath1/mypath2/gremlin