= Network Dependency Graph :neo4j-version: 2.0.0-RC1 :author: Kenny Bastani :twitter: @kennybastani :tags: domain:networks, use-case:network-dependencies This interactive Neo4j tutorial covers a scenario in Network and Data Center Management for ACME. ACME is a fictional company with a large network infrastructure that includes a CRM application, ERP application, and a Data Warehousing solution. ACME has a series of public facing websites that they need to be up and running in order to conduct their business and support their customers. ''' *Table of Contents* * *Data Model* ** <> * *Cypher Script* ** <> * *Visualization* ** <> * *Find Network Inventory* ** <> * *Find Direct Dependencies* ** <> ** <> ** <> * *Find Crticial System Dependencies* ** <> ** <> ** <> ''' === ACME's Network Dependency Graph image::http://raw.github.com/neo4j-contrib/gists/master/other/images/datacenter-management-1.PNG[Network Dependency Graph] === Database Setup Below you will find the full Cypher script for creating ACME's Network Dependency Graph in Neo4j. This simple script is the full setup of the data set that we will later perform analysis on. //setup [source,cypher] ---- // Create CRM CREATE (crm1:Application { ip:'10.10.32.1', host:'CRM-APPLICATION', type: 'APPLICATION', system: 'CRM' }) // Create ERP CREATE (erp1:Application { ip:'10.10.33.1', host:'ERP-APPLICATION', type: 'APPLICATION', system: 'ERP' }) // Create Data Warehouse CREATE (datawarehouse1:Application { ip:'10.10.34.1', host:'DATA-WAREHOUSE', type: 'DATABASE', system: 'DW' }) // Create Public Website 1 CREATE (Internet1:Internet { ip:'10.10.35.1', host:'global.acme.com', type: "APPLICATION", system: "INTERNET" }) // Create Public Website 2 CREATE (Internet2:Internet { ip:'10.10.35.2', host:'support.acme.com', type: "APPLICATION", system: "INTERNET" }) // Create Public Website 3 CREATE (Internet3:Internet { ip:'10.10.35.3', host:'shop.acme.com', type: "APPLICATION", system: "INTERNET" }) // Create Public Website 4 CREATE (Internet4:Internet { ip:'10.10.35.4', host:'training.acme.com', type: "APPLICATION", system: "INTERNET" }) // Create Public Website 5 CREATE (Internet5:Internet { ip:'10.10.35.1', host:'partners.acme.com', type: "APPLICATION", system: "INTERNET" }) // Create Internal Website 1 CREATE (Intranet1:Intranet { ip:'10.10.35.2', host:'events.acme.net', type: "APPLICATION", system: "INTRANET" }) // Create Internal Website 2 CREATE (Intranet2:Intranet { ip:'10.10.35.3', host:'intranet.acme.net', type: "APPLICATION", system: "INTRANET" }) // Create Internal Website 3 CREATE (Intranet3:Intranet { ip:'10.10.35.4', host:'humanresources.acme.net', type: "APPLICATION", system: "INTRANET" }) // Create Webserver VM 1 CREATE (webservervm1:VirtualMachine { ip:'10.10.35.5', host:'WEBSERVER-1', type: "WEB SERVER", system: "VIRTUAL MACHINE" }) // Create Webserver VM 2 CREATE (webservervm2:VirtualMachine { ip:'10.10.35.6', host:'WEBSERVER-2', type: "WEB SERVER", system: "VIRTUAL MACHINE" }) // Create Database VM 1 CREATE (customerdatabase1:VirtualMachine { ip:'10.10.35.7', host:'CUSTOMER-DB-1', type: "DATABASE SERVER", system: "VIRTUAL MACHINE" }) // Create Database VM 2 CREATE (customerdatabase2:VirtualMachine { ip:'10.10.35.8', host:'CUSTOMER-DB-2', type: "DATABASE SERVER", system: "VIRTUAL MACHINE" }) // Create Database VM 3 CREATE (databasevm3:VirtualMachine { ip:'10.10.35.9', host:'ERP-DB', type: "DATABASE SERVER", system: "VIRTUAL MACHINE" }) // Create Database VM 4 CREATE (dwdatabase:VirtualMachine { ip:'10.10.35.10', host:'DW-DATABASE', type: "DATABASE SERVER", system: "VIRTUAL MACHINE" }) // Create Hardware 1 CREATE (hardware1:Hardware { ip:'10.10.35.11', host:'HARDWARE-SERVER-1', type: "HARDWARE SERVER", system: "PHYSICAL INFRASTRUCTURE" }) // Create Hardware 2 CREATE (hardware2:Hardware { ip:'10.10.35.12', host:'HARDWARE-SERVER-2', type: "HARDWARE SERVER", system: "PHYSICAL INFRASTRUCTURE" }) // Create Hardware 3 CREATE (hardware3:Hardware { ip:'10.10.35.13', host:'HARDWARE-SERVER-3', type: "HARDWARE SERVER", system: "PHYSICAL INFRASTRUCTURE" }) // Create SAN 1 CREATE (san1:Hardware { ip:'10.10.35.14', host:'SAN', type: "STORAGE AREA NETWORK", system: "PHYSICAL INFRASTRUCTURE" }) // Connect CRM to Database VM 1 CREATE (crm1)-[:DEPENDS_ON]->(customerdatabase1) // Connect Public Websites 1-3 to Database VM 1 CREATE (Internet1)-[:DEPENDS_ON]->(customerdatabase1), (Internet2)-[:DEPENDS_ON]->(customerdatabase1), (Internet3)-[:DEPENDS_ON]->(customerdatabase1) // Connect Database VM 1 to Hardware 1 CREATE (customerdatabase1)-[:DEPENDS_ON]->(hardware1) // Connect Hardware 1 to SAN 1 CREATE (hardware1)-[:DEPENDS_ON]->(san1) // Connect Public Websites 1-3 to Webserver VM 1 CREATE (webservervm1)<-[:DEPENDS_ON]-(Internet1), (webservervm1)<-[:DEPENDS_ON]-(Internet2), (webservervm1)<-[:DEPENDS_ON]-(Internet3) // Connect Internal Websites 1-3 to Webserver VM 1 CREATE (webservervm1)<-[:DEPENDS_ON]-(Intranet1), (webservervm1)<-[:DEPENDS_ON]-(Intranet2), (webservervm1)<-[:DEPENDS_ON]-(Intranet3) // Connect Webserver VM 1 to Hardware 2 CREATE (webservervm1)-[:DEPENDS_ON]->(hardware2) // Connect Hardware 2 to SAN 1 CREATE (hardware2)-[:DEPENDS_ON]->(san1) // Connect Webserver VM 2 to Hardware 2 CREATE (webservervm2)-[:DEPENDS_ON]->(hardware2) // Connect Public Websites 4-6 to Webserver VM 2 CREATE (webservervm2)<-[:DEPENDS_ON]-(Internet4), (webservervm2)<-[:DEPENDS_ON]-(Internet5) // Connect Database VM 2 to Hardware 2 CREATE (hardware2)<-[:DEPENDS_ON]-(customerdatabase2) // Connect Public Websites 4-5 to Database VM 2 CREATE (Internet4)-[:DEPENDS_ON]->(customerdatabase2), (Internet5)-[:DEPENDS_ON]->(customerdatabase2) // Connect Hardware 3 to SAN 1 CREATE (hardware3)-[:DEPENDS_ON]->(san1) // Connect Database VM 3 to Hardware 3 CREATE (hardware3)<-[:DEPENDS_ON]-(databasevm3) // Connect ERP 1 to Database VM 3 CREATE (erp1)-[:DEPENDS_ON]->(databasevm3) // Connect Database VM 4 to Hardware 3 CREATE (hardware3)<-[:DEPENDS_ON]-(dwdatabase) // Connect Data Warehouse 1 to Database VM 4 CREATE (datawarehouse1)-[:DEPENDS_ON]->(dwdatabase) RETURN * ---- ''' === Interactive Graph Visualization //graph ''' === ACME's Network Inventory The query below generates a data table that gives a quick overview of ACME's network infrastructure. [source,cypher] ---- MATCH (n) RETURN labels(n)[0] as type, count(*) as count, collect(n.host) as names ---- //table ''' === Find direct dependencies of all public websites The query below queries the data model to find all business web applications that are on the public facing internet for ACME. [source,cypher] ---- MATCH (website)-[:DEPENDS_ON]->(downstream) WHERE website.system = "INTERNET" RETURN website.host as Host, collect(downstream.host) as Dependencies ORDER BY Host ---- //table ''' === Find direct dependencies of all internal websites The query below queries the data model to find all business websites that are on the private intranet for ACME. [source,cypher] ---- MATCH (website)-[:DEPENDS_ON]->(downstream) WHERE website.system = "INTRANET" RETURN website.host as Host, collect(downstream.host) as Dependencies ORDER BY Host ---- //table ''' === Find the most depended-upon component The query below finds the most heavily relied upon component within ACME's network infrastructure. As expected, the most depended upon component is the SAN (Storage Area Network). [source,cypher] ---- MATCH (n)<-[:DEPENDS_ON*]-(dependent) RETURN n.host as Host, count(DISTINCT dependent) AS Dependents ORDER BY Dependents DESC LIMIT 1 ---- //table ''' === Find dependency chain for business critical components: CRM The query below finds the path of dependent components from left to right for ACME's CRM application. If ACME's CRM (Customer Relationship Management) application goes down it will cause significant impacts to its business. If any one of the components to the right of the CRM hostname fails, the CRM application will fail. [source,cypher] ---- MATCH (dependency)<-[:DEPENDS_ON*]-(dependent) WITH dependency, count(DISTINCT dependent) AS Dependents ORDER BY Dependents DESC LIMIT 1 WITH dependency MATCH p=(resource)-[:DEPENDS_ON*]->(dependency) WHERE resource.system = "CRM" RETURN "[" + head(nodes(p)).host + "]" + reduce(s = "", n in tail(nodes(p)) | s + " -> " + "[" + n.host + "]") as Chain ---- //table ''' === Find dependency chain for business critical components: ERP The query below finds the path of dependent components from left to right for ACME's ERP (Enterprise Resource Planning) application. The ERP application represents an array of business resources dedicated to supporting ongoing business activities at ACME, including finance and supply chain management. If ACME's ERP application goes down it will cause significant impacts to its business. If any one of the components to the right of the ERP hostname fails, then the ERP application will fail. This failure will cause revenue impacts since ACME's business relies on this system to conduct business. [source,cypher] ---- MATCH (dependency)<-[:DEPENDS_ON*]-(dependent) WITH dependency, count(DISTINCT dependent) AS Dependents ORDER BY Dependents DESC LIMIT 1 WITH dependency MATCH p=(resource)-[:DEPENDS_ON*]->(dependency) WHERE resource.system = "ERP" RETURN "[" + head(nodes(p)).host + "]" + reduce(s = "", n in tail(nodes(p)) | s + " -> " + "[" + n.host + "]") as Chain ---- //table ''' === Find dependency chain for business critical components: Data Warehouse The query below finds the path of dependent components from left to right for ACME's DW (Data Warehouse) application. The DW application represents an array of business intelligence resources dedicated to supporting time-sensitive analytical processes at ACME. If ACME's DW application goes down it will cause significant impacts to the business operations at ACME on the technical side. If any one of the components to the right of the DW hostname fails, then the DW application will fail. This failure will cause public facing websites like the eCommerce application to not reflect the latest available data from ACME's ERP application. [source,cypher] ---- MATCH (dependency)<-[:DEPENDS_ON*]-(dependent) WITH dependency, count(DISTINCT dependent) AS Dependents ORDER BY Dependents DESC LIMIT 1 WITH dependency MATCH p=(resource)-[:DEPENDS_ON*]->(dependency) WHERE resource.system = "DW" RETURN "[" + head(nodes(p)).host + "]" + reduce(s = "", n in tail(nodes(p)) | s + " -> " + "[" + n.host + "]") as Chain ---- //table === Find the impact of the removal of a network component : Hardware Server The query below finds the applications depending on ACME's HARDWARE-SERVER-3. In case a network administrator wants to plan an intervention on the server, he has to know what will be the applications impacted. This way he can warn the applications users. [source,cypher] ---- MATCH (application:Application)-[:DEPENDS_ON*]->(server) WHERE server.host = "HARDWARE-SERVER-3" RETURN application.type as Type, application.host as Host ---- //table