I'm using GCP VM to run a MongoDB instance.
It works very well, with authentication turned off, but once I turned it on "enabled" by editing
sudo vi /etc/mongod.conf, and then restart service using sudo service mongod restart.
Once I did this, and try to connect to my DB using my credentials, I've got the following error from mongo:
mongo mongodb://<gcp vm statcic ip>:<mongodb static port>
result in:
connecting to: mongodb://<myservererIP>:<mongodbport>
2020-04-04T19:30:36.644+0200 E QUERY [js] Error: couldn't connect to server
<myservererIP>:<mongodbport>, connection attempt failed: SocketException:
Error connecting to <myservererIP>:<mongodbport> :: caused by :: Connection refused :
connect#src/mongo/shell/mongo.js:257:13
#(connect):1:6
exception: connect failed
My VM IP is Static and account in mongo were created according to mongoDB document, they should be fine, even if they were not, I suppose that I should have an "Authorization required" or something, and not connection refused or Network Unreachable.
I've actually found the problem.
In /etc/mongod.conf , I thought that #security: was here for informative purpose , for file structuring, but you actually have to also uncomment it, along with authentication: enable.
Otherwise, mongod will detect the mongod.conf file as corrupted/bad format, and run without it (probably using a default conf).
I went from:
#security:
authorization: enabled
to
security:
authorization: enabled
Probably a very poor mistake from a begginer, but I'll keep it here, maybe it will help someone.
Related
I created an AWS EC2 (ubuntu-20.04) instance and setup a mongo server as per https://www.mongodb.com/docs/v4.4/tutorial/install-mongodb-on-ubuntu/
(mongo server is running in default port 27017 and not secured by any username/password)
I am able to connect to it from within the VM (after connecting to VM by SSH), by running the terminal command:
mongo
I have configured EC2 instance's Security Group's inbound rule to access port 27017 from my local system's IP.
however when I try to connect to it from my local system's terminal by command:
mongo --host "<public_ip_of_vm>:27017"
Its throwing error:
connecting to:
mongodb://<public_ip_of_vm>:27017/?compressors=disabled&gssapiServiceName=mongodb
Error: couldn't connect to server <public_ip_of_vm>:27017, connection attempt
failed: SocketException: Error connecting to <public_ip_of_vm>:27017 :: caused
by :: Connection refused : connect#src/mongo/shell/mongo.js:374:17
#(connect):2:6 exception: connect failed exiting with code 1
Not sure what's causing this issue, I have checked the ufw rules too.
port 27017 is open.
Did you modify ?
/etc/mongod.conf
Have a look at this tutorial, especially the step 2. Maybe this helps
https://ianlondon.github.io/blog/mongodb-auth/
Connection refused means you probably do not have a firewall problem. Connection timeout indicates a firewall issue.
Since you can connect locally via localhost, the error indicates that the mongo process is only listening on localhost.
Edit the file /etc/mogod.conf. The interesting line is bindIp.
It should look like this for IPv4 only:
bindIp: 0.0.0.0
If you have IPv6 enabled
bindIp: ::,0.0.0.0
Warning: enable authentication first. You might be hacked faster than you might expect.
Every time if my server restarts by mistake or I stopped and then restart I'm not be able to connect to my mongodb. I get this below error and according to this 27017 port is not open but in my security group I opened this port.
MongoDB shell version v5.0.2
connecting to: mongodb://127.0.0.1:27017/?compressors=disabled&gssapiServiceName=mongodb
Error: couldn't connect to server 127.0.0.1:27017, connection attempt failed: SocketException: Error connecting to 127.0.0.1:27017 :: caused by :: Connection refused :
connect#src/mongo/shell/mongo.js:372:17
#(connect):2:6
exception: connect failed
exiting with code 1```
So, I don't know what I'm doing wrong please help me because I'm facing this issue from very long time and to rid of this I've to always setup new mongodb
You need to define the MongoDB as service and set to automatic start.
On Windows add lines similar to
processManagement:
windowsService:
serviceName: mongod
displayName: MongoDB
description: MongoDB Server
to your configuration file (typically mongod.conf or mongod.cfg), if not already existing.
Then the easiest way to install the service is running
mongod.exe --config <your config file> --install
On Linux (Redhat, Centos, etc.) it works like this.
Copy default service file
/usr/lib/systemd/system/mongod.service to /etc/systemd/system/mongod.service
Customize service file /etc/systemd/system/mongod.service, if needed
Enable the service: systemctl enable mongod
Start the service: systemctl start mongod
Unable to connect MongoDB (Version 4.0.5) on EC2 (Windows Server 2018)
I have tried all the options.
1) Modify mongod.cfg with
net:
port: 27017
bindIp: 0.0.0.0
bindIpAll: true
2) start with mongod --bind_all_ip
3) My security group on EC2 has allowed 27017 port inbound for 0.0.0.0/0.
I'm trying to connect through terminal
mongo mongodb://*********.compute.amazonaws.com:27017
However, I get following exception when connecting through mongo shell
mongodb://e*******.compute.amazonaws.com:27017/?
gssapiServiceName=mongodb
2019-01-21T15:51:11.044-0800 E QUERY [js] Error: couldn't connect
to server *****.compute.amazonaws.com:27017, connection attempt
failed: SocketException: Error connecting to
******.compute.amazonaws.com:27017 (54.244.203.203:27017) :: caused by
:: Operation timed out :
connect#src/mongo/shell/mongo.js:328:13
#(connect):1:6
exception: connect failed
What else I need to do?
Also, it seems my mongodb.cfg has no effect on the server. When I start server with above change in cfg file, I get the warning in server console that the server is bound to localhost, regardless. Starting the server with mongod --bind_all_ip gets rid of that warning.
Firewall was the problem. Need to open port 27017 by running WF.msc from run command on Windows. Spent a whole day trying to figuring out all other options. I still don't know how to get the mongod.cfg working for all ip addresses. I need to run mongod with --bind_all_ip option for that.
.> mongo
MongoDB shell version v3.6.5
connecting to: mongodb://127.0.0.1:27017
2018-06-26T17:37:13.313+0530 I NETWORK [thread1] Socket recv() An established connection was aborted by the software in your host machine. 127.0.0.1:27017
2018-06-26T17:37:13.313+0530 I NETWORK [thread1] SocketException: remote: (NONE):0 error: SocketException socket exception [RECV_ERROR] server [127.0.0.1:27017]
2018-06-26T17:37:13.313+0530 E QUERY [thread1] Error: network error while attempting to run command 'isMaster' on host '127.0.0.1:27017' :
connect#src/mongo/shell/mongo.js:251:13
#(connect):1:6
exception: connect failed
This problem can happen when trying to connect to a database which requires SSL.
This error is usually caused by attempting to connect without SSL to a MongoDB server that requires it. Use the following command to connect:
mongo --ssl --username "$USERNAME" --password "$PASSWORD" --host "$HOST" --port "$PORT"
See Mongod logs to find the root cause. For me it was leaking connections from one of the clients, this is what I found in logs:
NETWORK [listener] connection refused because too many open connections:
(SSL causing the issue)
You can connect with it using this command :
mongo --host 127.0.0.1:27017 --tls --username fake --password fakepassword --authenticationDatabase admin --sslAllowInvalidHostnames
Disables the validation of the hostnames in TLS/SSL certificates.
Allows mongo to connect to MongoDB instances even if the hostname in
their certificates do not match the specified hostname.
Deprecated since version 4.2: Use --tlsAllowInvalidHostnames instead.
WARNING :
Although available, avoid using the --sslAllowInvalidCertificates
option if possible. If the use of --sslAllowInvalidCertificates is
necessary, only use the option on systems where intrusion is not
possible.
If mongosh (and other MongoDB Tools) runs with the
--sslAllowInvalidCertificates option, mongosh (and other MongoDB Tools) will not attempt to validate the server certificates. This
creates a vulnerability to expired mongod and mongos certificates as
well as to foreign processes posing as valid mongod or mongos
instances. If you only need to disable the validation of the hostname
in the TLS/SSL certificates, see --sslAllowInvalidHostnames.
See MongoDB official Doc
just go simply on task manager and click on service
see given image below to copy the link on the URL
find MongoDB and click on open Service.
see given image below to copy the link on the url
then again find MongoDB and start stopped DB to running mode just click on green point button and you MongoDB is again started connecting.
[see given image below to copy the link on the url]
In my case , I was running several applications on other ports. The above solutions did not worked well for me .
Finally I closed all the tabs of code editor and web-app , and restarted it . Now it works fine .
Well! You can just restart the system, that will also work with least hassle.
As stated, this can happen because the server requires TLS in the connection. You will see the reason in server logs.
For someone who ends here without knowing how to fix it (like me) it's worth noting how to connect to those servers:
In command line you can use the --tls option (https://docs.mongodb.com/manual/tutorial/configure-ssl-clients/)
mongo --tls [other params and/or connection string]
If using a connection string alone, you can add tls=true param:
mongo://[user]:[pass]#[host]/[db]?tls=true[&others]
I was getting error in the mongod logs that read
WiredTiger metadata corruption detected
To fix the error I did the following:
As per suggestion here I ran command mongod --dbpath /data/db --repair.
The logs from command above complained that my version of mongod was too recent (I was on 4.2.x) and I had to try on mongod 4.2 or earlier.
Downgraded to mongod 4.2
Ran command mongod --dbpath /data/db --repair again, and this fixed issue.
I do run mongod inside Docker, so I had to take an extra step to find out path of the mongo DB file, docker inspect <id of mongod container>, and grab the path from the HostConfig.Binds[0] property of the resulting JSON, and stick that in the --dbpath option of the repair command mongod --dbpath /data/db --repair
In my case it is net.maxIncomingConnections: 10 in the config file and MongoDB Compass.
All available connection slots the server has, are consumed by other clients and that causes new connection requests to just drop.
I was not aware that Compass would open so many connections. When I closed it, my problem was solved.
The default connection limit is 65536 as stated in config options
I don't know why this happens but sometimes my mongo instance fails to start properly. Just shutting it down and restarting it worked for me.
I have a server on Digital Ocean running a MongoDB instance, if I ssh into the server, I can connect to the Mongo Shell with no problem. When I try to connect on my own machine, with PyMongo, it also connects with no problem.
The problem is when I try to connect from my machine via Mongo Shell, then I get
MongoDB shell version v3.6.3
connecting to: mongodb://<server_ip>:4131/?replicaSet=mongodb%3A
2018-06-26T11:50:05.799-0300 E QUERY [thread1] Error: '/<server_ip>:4131' in 'mongodb://<server_ip>:4131/?replicaSet=mongodb%3A' appears to be a unix socket, but does not end in '.sock' :
connect#src/mongo/shell/mongo.js:251:13
#(connect):1:6
exception: connect failed
So as some may have noticed, I did change the port to 4131, and yes, I pass this information on my connection string.
I have done a lot of research and already discarded some things:
No, there's no .lock file, and I have made sure to run mongod --repair just to be sure.
My /etc/mongod.conf has external ips enabled, (ie.: bindIp: 0.0.0.0)
Extra information:
There is a /tmp/mongodb-4131.sock file, which should be the socket mongo shell is looking for, right?
I looked up before changing the ports and made sure nothing was using 4131
Firewall is disabled (just to make sure that's not the problem)
Any help is appreciated.