Before coming to question, here is brief about what I am trying to achieve:

We have more than 1000 Neo4J databases. End-user can demand a particular database instance. So we run that particular Neo4J instance as docker container and make it available to the user.

Question :

For handling on-demand running instance of Neo4J database, We have kubernetes cluster setup and we dynamically create deployment, service and ingress objects for that Neo4J database.

As an output user receives two urls : one for http and one for bolt.

We have nginx setup as Ingress Controller in Kubernetes cluster. Nginx allows http and websocket traffic. Bolt protocol should work on websocket

Problem is, we are not able to connect to Neo4J database using boltbecause ingress is not able to redirect request from bolt url to pod running.

Let me know if this is correct way of doing this.

Here is ingress, service and deployment objects' yaml :

Ingress.yaml :

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: neo-sandbox
  annotations:
    kubernetes.io/ingress.class: private
    nginx.ingress.kubernetes.io/rewrite-target: "/"
    nginx.ingress.kubernetes.io/ssl-redirect: "false"
    nginx.org/websocket-services: "neo-sandbox-bolt"
spec:
  rules:
  - host: sandbox.neo.com
    http:
      paths:
      - path: "/22220"
        backend:
          serviceName: neo-sandbox-http
          servicePort: 22220
      - path: "/22221"
        backend:
          serviceName: neo-sandbox-bolt
          servicePort: 22221 

Http_Service.yaml :

apiVersion: v1
kind: Service
metadata:
  labels:
    app: neo-sandbox-http
  name: neo-sandbox-http
spec:
  type: NodePort
  selector:
    app: neo-sandbox
  ports:
  - name: frontend-http-port
    port: 22220
    protocol: TCP
    targetPort: 22220

Bolt_Service.yaml :

apiVersion: v1
kind: Service
metadata:
  labels:
    app: neo-sandbox-bolt
  name: neo-sandbox-bolt
spec:
  type: NodePort
  selector:
    app: neo-sandbox
  ports:
  - name: frontend-bolt-port
    port: 22221
    protocol: TCP
    targetPort: 22221

Deployment.yaml:

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  labels:
    app: neo-sandbox
    version: latest
  name: neo-sandbox
spec:
  replicas: 1
  selector:
    matchLabels:
      app: neo-sandbox
      version: latest
  template:
    metadata:
      labels:
        app: neo-sandbox
        version: latest
    spec:
      containers:
      - env:
        - name: NEO4J_dbms_memory_pagecache_size
          value: 1G
        - name: NEO4J_dbms_memory_heap_maxSize
          value: 3G
        image: <neo4j-docker-image>
        imagePullPolicy: IfNotPresent
        name: neodb
        ports:
        - containerPort: 7474
          protocol: TCP
        - containerPort: 7687
          protocol: TCP
        resources:
          limits:
            cpu: "2"
            memory: 5Gi
          requests:
            cpu: 200m
            memory: 1Gi
      - env:
        - name: FRONTEND_HTTP_PORT
          value: "22220"
        - name: FRONTEND_BOLT_PORT
          value: "22221"
        image: <ha-proxy-docker-image>
        name: proxy
        ports:
        - containerPort: 22220
          protocol: TCP
        - containerPort: 22221
          protocol: TCP
        resources:
          limits:
            cpu: 500m
            memory: 2Gi
          requests:
            cpu: 50m
            memory: 1Gi

Please note that :

1) kubernetes pod runs two containers. One container runs standard docker image from Neo4j and one container runs HA proxy image which performs port redirection (redirects traffic from 22220 to 7474 and 22221 to 7687).

2) I am able to access bolt service within cluster. So problem is at ingress level.

Here are URLs that user receives :

for HTTP -> sandbox.neo.com/22220

for BOLT -> sandbox.neo.com/22221

3) Nginx config options can be browsed here

4) Nginx Websocket example is here