Started mongo server using
mongod --port 27018 --dbpath "/usr/local/var/mongodb/data/db0" --replSet rs0 --bind_ip "locahost,0.0.0.0"
And connected to the instance using
mongosh mongodb://127.0.0.1:27018/vndr
Tried to initiate a replica set using rs.initiate()
Then got the error
---
> rs.initiate()
{
"ok" : 0,
"errmsg" : "No host described in new configuration with {version: 1, term: 0} for replica set rs0 maps to this node",
"code" : 93,
"codeName" : "InvalidReplicaSetConfig"
}
On the server log noticed these lines saying ""Nnadozies-MacBook-Pro.local" not known
{"t":{"$date":"2022-08-18T14:52:20.861+01:00"},"s":"W", "c":"NETWORK", "id":21207, "ctx":"conn1","msg":"getaddrinfo() failed","attr":{"host":"Nnadozies-MacBook-Pro.local","error":"nodename nor servname provided, or not known"}}
{"t":{"$date":"2022-08-18T14:52:25.866+01:00"},"s":"I", "c":"NETWORK", "id":4834700, "ctx":"conn1","msg":"isSelf could not connect via connectSocketOnly","attr":{"hostAndPort":"Nnadozies-MacBook-Pro.local:27018","error":{"code":6,"codeName":"HostUnreachable","errmsg":"couldn't connect to server Nnadozies-MacBook-Pro.local:27018, connection attempt failed: HostNotFound: Could not find address for Nnadozies-MacBook-Pro.local:27018: SocketException: Host not found (authoritative)"}}}
{"t":{"$date":"2022-08-18T14:52:25.867+01:00"},"s":"E", "c":"REPL", "id":21425, "ctx":"conn1","msg":"replSetInitiate error while validating config","attr":{"error":{"code":74,"codeName":"NodeNotFound","errmsg":"No host described in new configuration with {version: 1, term: 0} for replica set rs0 maps to this node"},"config":{"_id":"rs0","version":1,"members":[{"_id":0,"host":"Nnadozies-MacBook-Pro.local:27018"}]}}}
Followed response in this similar question and added the line 127.0.0.1 Nnadozies-MacBook-Pro.local to my /etc/hosts file to fix this.
##
# Host Database
#
# localhost is used to configure the loopback interface
# when the system is booting. Do not change this entry.
##
127.0.0.1 localhost
255.255.255.255 broadcasthost
::1 localhost
# Added by Docker Desktop
# To allow the same kube context to work on the host and the container:
127.0.0.1 kubernetes.docker.internal
# End of section
127.0.0.1 figmadaemon.com
127.0.0.1 Nnadozies-MacBook-Pro.local
Posting this because the similar question wasn't really clear on how to solve the problem. I think this makes it clearer that the hostname mongodb was looking at could not be resolved to an IP address because it wasn't in /etc/hosts
Tip on editing /etc/hosts: use sudo permissions for write access
Other than that please I'm curious what other way I can run mongodb instances so they use known hostnames.
Related
Windows version : 10
Mongodb version : 6.0.2
Tools : mongosh
Hello, I am trying to set up mongodb with TLS and accessing the mongodb instance through mongosh using client certificate.
I followed the steps mentionned here : https://www.mongodb.com/docs/manual/core/security-transport-encryption/ to configure the mongod with TLS.
The configuration is successful and I can successfully start mongodb using below command :
mongod --tlsMode requireTLS --tlsCertificateKeyFile C:\OpenSSL\openssl-0.9.8k_X64\bin\test-server1.pem
my mongod.cfg has the below settings for network:
# network interfaces
net:
port: 27017
bindIp: 127.0.0.1
tls:
mode: requireTLS
tlsCertificateKeyFile: C:\OpenSSL\openssl-0.9.8k_X64\bin\test-server1.pem
My issue is when trying to connect through mongosh, I am getting below error:
Connecting to: mongodb://localhost:27017/?directConnection=true&serverSelectionTimeoutMS=2000&tls=true&tlsCertificateKeyFile=C%3A%5COpenSSL%5Copenssl-0.9.8k_X64%5Cbin%5Ctest-client.pem&tlsCAFile=C%3A%5COpenSSL%5Copenssl-0.9.8k_X64%5Cbin%5Ctest-ca.pem&appName=mongosh+1.6.0
MongoServerSelectionError: read ECONNRESET
I used steps on
https://www.mongodb.com/docs/manual/appendix/security/appendixC-openssl-client/#std-label-appendix-client-certificate to generate client certificate above.
Server certificate was generated following these steps :
https://www.mongodb.com/docs/manual/appendix/security/appendixB-openssl-server/#std-label-appendix-server-certificate
The message
MongoServerSelectionError: read ECONNRESET
is not giving any value in understanding the error. I understand its an openssl error but why am getting this error is unclear.
Any help will be appreciated.
I had the following error in log.
{"error":{"code":141,"codeName":"SSLHandshakeFailed","errmsg":"SSL handshake received but server is started without SSL}
I started mongodb again with new tls config and now its ok. Thanks –
mongod --tlsMode requireTLS --tlsCertificateKeyFile C:\OpenSSL\openssl-0.9.8k_X64\bin\test-server1.pem
mongosh --tls --host localhost --tlsCertificateKeyFile C:\OpenSSL\openssl-0.9.8k_X64\bin\test-client.pem --tlsCAFile C:\OpenSSL\openssl-0.9.8k_X64\bin\test-ca.pem
We can also store the tls options in the config file
port: 27017
bindIp: 127.0.0.1
tls:
mode: requireTLS
tlsCertificateKeyFile: C:\OpenSSL\openssl-0.9.8k_X64\bin\test-server1.pem
I reproduce MongoDB Cluster replica-set and added user like admin with Non-SSL following below link.
Link : https://github.com/arun2pratap/mongodbClusterForWindowsOneClick
Environment :
OS : Windows 2019 server ( set all instance in one windows server)
1 mongos ( port : 26000 )
2 shards ( port : sh01 : 27011 ~ 27013 / sh02 : 27021 ~ 27023 )
1 conf servers ( port : csrs : 26001 ~ 26003 )
After reproduce Cluster with Non-SSL, I tried to upgrade Cluster to use SSL following MongoDB Manual for 4.5 and other links but I couldn't found clear answer or guide.
Below are my refer links.
https://www.mongodb.com/docs/v4.4/tutorial/upgrade-cluster-to-ssl/
https://www.mongodb.com/docs/v4.4/tutorial/deploy-replica-set-with-keyfile-access-control/
https://www.mongodb.com/community/forums/t/cannot-start-mongodb-service-after-configuring-tls/2802
MongoDB Shell connection errors using test self signed certificates
https://www.mongodb.com/community/forums/t/creating-openssl-server-certificates-for-testing-failed/109058
I just configured conf files like sh011.conf following manuals, guides and started. but server seems only started csrs instances. because, I couldn't found other instance's port numbers.
1. sh011.conf
sharding:
clusterRole: shardsvr
replication:
replSetName: sh01
net:
bindIpAll: true
port: 27011
tls:
mode: requireTLS
certificateKeyFile: C:\database\MongoDB\Server\4.4\bin\certifications\test-server1.pem
CAFile: C:\database\MongoDB\Server\4.4\bin\certifications\test-ca.pem
systemLog:
destination: file
path: sh01/sh011/log/sh011.log
logAppend: true
storage:
dbPath: sh01/sh011/db/
2. mongos.conf
sharding:
configDB: csrs/WIN-BKEV4AO0KED:26001,WIN-BKEV4AO0KED:26002,WIN-BKEV4AO0KED:26003
net:
bindIpAll: true
port: 26000
tls:
mode: requireTLS
certificateKeyFile: C:\database\MongoDB\Server\4.4\bin\certifications\test-server1.pem
CAFile: C:\database\MongoDB\Server\4.4\bin\certifications\test-ca.pem
systemLog:
destination: file
path: router/log/mongos.log
logAppend: true
security:
authorization: enabled
clusterAuthMode: x509
3. "netstat -an" output
C:\database\MongoDB\Server\4.4\bin>netstat -an
Active Connections
Proto Local Address Foreign Address State
TCP 0.0.0.0:22 0.0.0.0:0 LISTENING
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
TCP 0.0.0.0:5357 0.0.0.0:0 LISTENING
TCP 0.0.0.0:5432 0.0.0.0:0 LISTENING
TCP 0.0.0.0:5985 0.0.0.0:0 LISTENING
TCP 0.0.0.0:26001 0.0.0.0:0 LISTENING
TCP 0.0.0.0:26002 0.0.0.0:0 LISTENING
TCP 0.0.0.0:26003 0.0.0.0:0 LISTENING
TCP 0.0.0.0:47001 0.0.0.0:0 LISTENING
When I checked log files, each shard nodes occurred SSL error like below
{"t":{"$date":"2022-05-09T14:34:54.933+09:00"},"s":"I", "c":"NETWORK", "id":4712102, "ctx":"ReplicaSetMonitor-TaskExecutor","msg":"Host failed in replica set","attr":{"replicaSet":"csrs","host":"WIN-BKEV4AO0KED:26001","error":{"code":6,"codeName":"HostUnreachable","errmsg":"Error connecting to WIN-BKEV4AO0KED:26001 (192.168.100.202:26001) :: caused by :: SSL peer certificate validation failed: (80096004)The signature of the certificate cannot be verified."},"action":{"dropConnections":true,"requestImmediateCheck":false,"outcome":{"host":":26001","success":false}}}}
{"t":{"$date":"2022-05-09T14:34:55.164+09:00"},"s":"I", "c":"-", "id":4333222, "ctx":"ReplicaSetMonitor-TaskExecutor","msg":"RSM received failed isMaster","attr":{"host":"WIN-BKEV4AO0KED:26003","error":"HostUnreachable: Error connecting to WIN-BKEV4AO0KED:26003 (192.168.100.202:26003) :: caused by :: SSL peer certificate validation failed: (80096004)The signature of the certificate cannot be verified.","replicaSet":"csrs","isMasterReply":"{}"}}
I thought, that issues cause is relate host names so, I configured hosts file.
Then, re-created certification files for CA, Server, Client following manual.
1. openssl-test-server.conf
[ alt_names ]
DNS.1 = WIN-BKEV4AO0KED
IP.1 = 192.168.100.202
[ req_dn ]
countryName = Country Name (2 letter code)
countryName_default = AA
countryName_min = 2
countryName_max = 2
stateOrProvinceName = State or Province Name (full name)
stateOrProvinceName_default = City
stateOrProvinceName_max = 64
localityName = Locality Name (eg, city)
localityName_default = City
localityName_max = 64
organizationName = Organization Name (eg, company)
organizationName_default = DevCompany
organizationName_max = 64
organizationalUnitName = Organizational Unit Name (eg, section)
organizationalUnitName_default = Dev
organizationalUnitName_max = 64
commonName = Common Name (eg, YOUR name)
commonName_default = WIN-BKEV4AO0KED
commonName_max = 64
But, still mongos and other instances are not started.
Finally, I think some configuration is wrong. I want know what I missed or wrong for SSL.
Finally, I found what is cause of issue and How to start MongoDB Cluster with SSL Myself.
1st, Root cause is that I couldn't start MongoDB instances like mongos, mongod with SSL enable and missed some parameters while starting like below :
before start command
$ mongod -f csrs1.conf
modified start command
$ mongod -f csrs1.conf --tlsMode requireTLS --tlsCertificateKeyFile test-server1.pem --tlsCAFile test-ca.pem
Note : I was not set MongoDB as service and just control through prompt
When I generated certification base on default setting and start each MongoDB with new command, that was working fine.
And I tried modify START.bat file for convenience like above new command.
But, that was not working. So, I opened prompt for each nodes and executed start command manually.
I hope this information will help.
I have setup mongodb on a Google cloud compute instance and am trying to connect to it remotely. My mongod.conf file looks like this:
# mongod.conf
# for documentation of all options, see:
# http://docs.mongodb.org/manual/reference/configuration-options/
# Where and how to store data.
storage:
dbPath: /var/lib/mongodb
journal:
enabled: true
# engine:
# mmapv1:
# wiredTiger:
# where to write logging data.
systemLog:
destination: file
logAppend: true
path: /var/log/mongodb/mongod.log
# network interfaces
net:
port: 27017
bindIp: 0.0.0.0
#processManagement:
security:
authorization: 'enabled'
I have setup a firewall rule in my Google Cloud console that tags the instance and opens tcp:27017 for ip ranges 0.0.0.0/0.
Checking on the port 27017 it looks like mongo is listening:
sudo netstat -tulpn | grep 27017
tcp 0 0 0.0.0.0:27017 0.0.0.0:* LISTEN 3781/mongod
Overall it also seems like port 27017 is open:
netstat --listen
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 *:27017 *:* LISTEN
...
On the instance I setup an admin database with admin user:
>use admin
>db.createUser(
{
user: 'admin',
pwd: 'somepass',
roles: [{ role: "userAdminAnyDatabase", db: "admin" }]
}
)
I also setup a user for a test database:
>use test
>db.createUser(
{
user: 'tester',
pwd: 'apassword',
roles: [{ role: "readWrite", db: "test" },
{ role: "read", db: "reporting" }]
}
)
This user works locally:
>use test
>db.auth('tester', 'apassword')
1
However when I try to connect remotely it fails:
$ mongo -u tester -p apassword 12.345.67.890/test
MongoDB shell version v3.4.1
connecting to: mongodb://12.345.67.890/test
2017-11-14T12:47:07.369-0700 W NETWORK [main] Failed to connect to 12.345.67.890:27017 after 5000ms milliseconds, giving up.
2017-11-14T12:47:07.370-0700 E QUERY [main] Error: couldn't connect to server 12.345.67.890:27017, connection attempt failed :
connect#src/mongo/shell/mongo.js:234:13
#(connect):1:6
exception: connect failed
I'm not a networking expert so I've pretty much exhausted my knowledge at this point and don't know how to proceed.
Am I missing something in mongod.conf? Did i setup the firewall incorrectly? Any help is appreciated.
I came up with a solution for this, but I'm unclear why it works and not my original approach.
My instance has http/https enabled. This uses the firewall rules default-allow-http and default-allow-https. These rules enable connections from anywhere (0.0.0.0/0) through tcp ports 80 and 443 respectively. I edited the http rule and added tcp port 27017.
Now I can connect to the server.
As a test, I reset the http rule and added another rule applied to all instances opening up tcp:27017 to 0.0.0.0/0. Essentially everything is the same as the http rule save for the name and the target tags. With this change I cannot connect to the server.
It seems rather strange and it doesn't feel like an intended behavior, unless my understanding of the firewall rules in incomplete.
In the end it looks like either setting up mongo to use one of the http/https ports or adding port 27017 to those rules is the way to go.
I am trying to setup a sharded mongodb cluster using 4 solaris-11 servers which are on the same rack. The following sharded config is being attempted:
Server A : Replica set 1(rs1)
Server B : Replica Set 2(rs2)
Server C : Configuration Server
Server D : Sharding Router
#
On Server A, rs1 has been set up as follows:
mongod --port 27017 --replSet rs1 --dbpath "/mongo/datadb"
Now the rs1 configuration in mongo shell:
config =
{
_id:"rs1",
members:
[
{ _id:0, host:"Server A IP:27017" },
]
}
rs.initiate( config )
rs.conf()
rs.status()
On Server B , rs2 has been similarly configured.
#
On Server C, the config server has been configured as follows:
mongod --configsvr --port 37017 --dbpath "/rpool/mongo/datadb"
#
Now on Server D, I am running mongos using the following :
mongos --port 27017 --configdb rs1/'Server C IP':37017
When I am trying to open mongo Shell on server D to add the shards using the mongos port and connect to mongos, I am unable to do so. The following error is thrown :
**./mongo --port 27017 --host 'Server C '
MongoDB shell version v3.4.1
connecting to: mongodb://'Server C ip':27017/
2017-11-09T11:21:51.666+0000 W NETWORK [main] Failed to connect to :27017, in(checking socket for error after poll), reason: Connection refused
2017-11-09T11:21:51.686+0000 E QUERY [main] Error: couldn't connect to server 'Server C ip':27017, connection attempt failed :
connect#src/mongo/shell/mongo.js:234:13
#(connect):1:6
exception: connect failed**
When I tried to debug, I found the port 27017 on Server C to be in 'BOUND' state:
netstat -an |grep 27017
*.27017 . 0 0 128000 0 BOUND
'Server ip' stream-ord server ip' 0000000000000000 /tmp/mongodb-27017.sock
Shouldn't mongos occupy this port in Listening mode? Can someone help me in solving this?
Is there any issue with the configuration?
Mongo worked fine when i'm using the local machine.But when i add the shard(established on vmware),i can't do insert operation anymore.
error message:
caused by :: Location28563 cannot send batch write operation to server 192.168.153.132:3000 (192.168.153.132)'. (Response was { "err" : "write results unavailable from 192.168.153.132:3000 :: caused by :: Location28563 cannot send batch write operation to server
config server setup command:
mongod --dbpath=config --port 2222 --bind_ip 0.0.0.0
route server setup command:
mongos --port 3333 --configdb=192.168.153.1:2222 --bind_ip 0.0.0.0
shard server setup command:
mongod --dbpath=Shard1 --port 4444 --bind_ip 0.0.0.0
And i'd done addShard command on the route server.