My current MongoDB configuration,
options: { config: "/etc/mongod.conf", net: { bindIp: "127.0.0.1,192.168.0.204", port: 27017 }, processManagement: { fork: true, pidFilePath: "/var/run/mongodb/mongod.pid", timeZoneInfo: "/usr/share/zoneinfo" }, storage: { dbPath: "/var/lib/mongo", journal: { enabled: true } }, systemLog: { destination: "file", logAppend: true, path: "/var/log/mongodb/mongod.log" } }
Here's the issue I am having,
2018-02-02T19:16:32.017+0800 E STORAGE [initandlisten] Failed to set up listener: SocketException: Cannot assign requested address
2018-02-02T19:16:32.017+0800 I CONTROL [initandlisten] now exiting
2018-02-02T19:16:32.017+0800 I CONTROL [initandlisten] shutting down with code:48
First solution on *nix:
You could bind_ip = 0.0.0.0 and use a firewall to block all incoming connections to port 27017, unless coming from local ip adress.
Second solution
Restart mongo:
> service mongod restart
Go to to /var/logs/mongodb and give the information from logs.
Let try to test mongo, is it running localy with default options?
> service mongod status
That tells you the status of mongo.
If it disactive, go to logs, in my case it /var/logs/mongodb
get info from log.
Then, lets try to start mongo without remote IP option.
goto /etc/mongod.conf
and set up option only on local ip, bindIp 127.0.0.1
then
service mongod restart
and
service mongod status
Is it running? If everything is fine, You need determine what your's local lan ip addres.
in my case it was command, other commands link
LANG=c ifconfig | grep -B1 "inet addr" |awk '{ if ( $1 == "inet" ) {
print $2 } else if ( $2 == "Link" ) { printf "%s:" ,$1 } }' |awk -F:
'{ print $1 ": " $3 }'
After that add it ip addres to mongo conf with comma separated option.
like:
bindIp 127.0.0.1, 192.168.1.66
than save config and simply restart mongo
service mongod restart
The bind_ip is for “local interface only”, put 192.168.162.129 (Server A private ip) is enough for clients (like Server B) on the same LAN to access.
Use these step it will work:
sudo vim /etc/mongodb.conf
bind_ip = 127.0.0.1, 172.31.29.201
Note that 172.31.29.201 is private IP not public IP. Please use private IP here
sudo service mongodb restart
sudo service mongodb status - To check mongodb services are running or not
Enjoy
Related
Started mongo server using
mongod --port 27018 --dbpath "/usr/local/var/mongodb/data/db0" --replSet rs0 --bind_ip "locahost,0.0.0.0"
And connected to the instance using
mongosh mongodb://127.0.0.1:27018/vndr
Tried to initiate a replica set using rs.initiate()
Then got the error
---
> rs.initiate()
{
"ok" : 0,
"errmsg" : "No host described in new configuration with {version: 1, term: 0} for replica set rs0 maps to this node",
"code" : 93,
"codeName" : "InvalidReplicaSetConfig"
}
On the server log noticed these lines saying ""Nnadozies-MacBook-Pro.local" not known
{"t":{"$date":"2022-08-18T14:52:20.861+01:00"},"s":"W", "c":"NETWORK", "id":21207, "ctx":"conn1","msg":"getaddrinfo() failed","attr":{"host":"Nnadozies-MacBook-Pro.local","error":"nodename nor servname provided, or not known"}}
{"t":{"$date":"2022-08-18T14:52:25.866+01:00"},"s":"I", "c":"NETWORK", "id":4834700, "ctx":"conn1","msg":"isSelf could not connect via connectSocketOnly","attr":{"hostAndPort":"Nnadozies-MacBook-Pro.local:27018","error":{"code":6,"codeName":"HostUnreachable","errmsg":"couldn't connect to server Nnadozies-MacBook-Pro.local:27018, connection attempt failed: HostNotFound: Could not find address for Nnadozies-MacBook-Pro.local:27018: SocketException: Host not found (authoritative)"}}}
{"t":{"$date":"2022-08-18T14:52:25.867+01:00"},"s":"E", "c":"REPL", "id":21425, "ctx":"conn1","msg":"replSetInitiate error while validating config","attr":{"error":{"code":74,"codeName":"NodeNotFound","errmsg":"No host described in new configuration with {version: 1, term: 0} for replica set rs0 maps to this node"},"config":{"_id":"rs0","version":1,"members":[{"_id":0,"host":"Nnadozies-MacBook-Pro.local:27018"}]}}}
Followed response in this similar question and added the line 127.0.0.1 Nnadozies-MacBook-Pro.local to my /etc/hosts file to fix this.
##
# Host Database
#
# localhost is used to configure the loopback interface
# when the system is booting. Do not change this entry.
##
127.0.0.1 localhost
255.255.255.255 broadcasthost
::1 localhost
# Added by Docker Desktop
# To allow the same kube context to work on the host and the container:
127.0.0.1 kubernetes.docker.internal
# End of section
127.0.0.1 figmadaemon.com
127.0.0.1 Nnadozies-MacBook-Pro.local
Posting this because the similar question wasn't really clear on how to solve the problem. I think this makes it clearer that the hostname mongodb was looking at could not be resolved to an IP address because it wasn't in /etc/hosts
Tip on editing /etc/hosts: use sudo permissions for write access
Other than that please I'm curious what other way I can run mongodb instances so they use known hostnames.
I reproduce MongoDB Cluster replica-set and added user like admin with Non-SSL following below link.
Link : https://github.com/arun2pratap/mongodbClusterForWindowsOneClick
Environment :
OS : Windows 2019 server ( set all instance in one windows server)
1 mongos ( port : 26000 )
2 shards ( port : sh01 : 27011 ~ 27013 / sh02 : 27021 ~ 27023 )
1 conf servers ( port : csrs : 26001 ~ 26003 )
After reproduce Cluster with Non-SSL, I tried to upgrade Cluster to use SSL following MongoDB Manual for 4.5 and other links but I couldn't found clear answer or guide.
Below are my refer links.
https://www.mongodb.com/docs/v4.4/tutorial/upgrade-cluster-to-ssl/
https://www.mongodb.com/docs/v4.4/tutorial/deploy-replica-set-with-keyfile-access-control/
https://www.mongodb.com/community/forums/t/cannot-start-mongodb-service-after-configuring-tls/2802
MongoDB Shell connection errors using test self signed certificates
https://www.mongodb.com/community/forums/t/creating-openssl-server-certificates-for-testing-failed/109058
I just configured conf files like sh011.conf following manuals, guides and started. but server seems only started csrs instances. because, I couldn't found other instance's port numbers.
1. sh011.conf
sharding:
clusterRole: shardsvr
replication:
replSetName: sh01
net:
bindIpAll: true
port: 27011
tls:
mode: requireTLS
certificateKeyFile: C:\database\MongoDB\Server\4.4\bin\certifications\test-server1.pem
CAFile: C:\database\MongoDB\Server\4.4\bin\certifications\test-ca.pem
systemLog:
destination: file
path: sh01/sh011/log/sh011.log
logAppend: true
storage:
dbPath: sh01/sh011/db/
2. mongos.conf
sharding:
configDB: csrs/WIN-BKEV4AO0KED:26001,WIN-BKEV4AO0KED:26002,WIN-BKEV4AO0KED:26003
net:
bindIpAll: true
port: 26000
tls:
mode: requireTLS
certificateKeyFile: C:\database\MongoDB\Server\4.4\bin\certifications\test-server1.pem
CAFile: C:\database\MongoDB\Server\4.4\bin\certifications\test-ca.pem
systemLog:
destination: file
path: router/log/mongos.log
logAppend: true
security:
authorization: enabled
clusterAuthMode: x509
3. "netstat -an" output
C:\database\MongoDB\Server\4.4\bin>netstat -an
Active Connections
Proto Local Address Foreign Address State
TCP 0.0.0.0:22 0.0.0.0:0 LISTENING
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
TCP 0.0.0.0:5357 0.0.0.0:0 LISTENING
TCP 0.0.0.0:5432 0.0.0.0:0 LISTENING
TCP 0.0.0.0:5985 0.0.0.0:0 LISTENING
TCP 0.0.0.0:26001 0.0.0.0:0 LISTENING
TCP 0.0.0.0:26002 0.0.0.0:0 LISTENING
TCP 0.0.0.0:26003 0.0.0.0:0 LISTENING
TCP 0.0.0.0:47001 0.0.0.0:0 LISTENING
When I checked log files, each shard nodes occurred SSL error like below
{"t":{"$date":"2022-05-09T14:34:54.933+09:00"},"s":"I", "c":"NETWORK", "id":4712102, "ctx":"ReplicaSetMonitor-TaskExecutor","msg":"Host failed in replica set","attr":{"replicaSet":"csrs","host":"WIN-BKEV4AO0KED:26001","error":{"code":6,"codeName":"HostUnreachable","errmsg":"Error connecting to WIN-BKEV4AO0KED:26001 (192.168.100.202:26001) :: caused by :: SSL peer certificate validation failed: (80096004)The signature of the certificate cannot be verified."},"action":{"dropConnections":true,"requestImmediateCheck":false,"outcome":{"host":":26001","success":false}}}}
{"t":{"$date":"2022-05-09T14:34:55.164+09:00"},"s":"I", "c":"-", "id":4333222, "ctx":"ReplicaSetMonitor-TaskExecutor","msg":"RSM received failed isMaster","attr":{"host":"WIN-BKEV4AO0KED:26003","error":"HostUnreachable: Error connecting to WIN-BKEV4AO0KED:26003 (192.168.100.202:26003) :: caused by :: SSL peer certificate validation failed: (80096004)The signature of the certificate cannot be verified.","replicaSet":"csrs","isMasterReply":"{}"}}
I thought, that issues cause is relate host names so, I configured hosts file.
Then, re-created certification files for CA, Server, Client following manual.
1. openssl-test-server.conf
[ alt_names ]
DNS.1 = WIN-BKEV4AO0KED
IP.1 = 192.168.100.202
[ req_dn ]
countryName = Country Name (2 letter code)
countryName_default = AA
countryName_min = 2
countryName_max = 2
stateOrProvinceName = State or Province Name (full name)
stateOrProvinceName_default = City
stateOrProvinceName_max = 64
localityName = Locality Name (eg, city)
localityName_default = City
localityName_max = 64
organizationName = Organization Name (eg, company)
organizationName_default = DevCompany
organizationName_max = 64
organizationalUnitName = Organizational Unit Name (eg, section)
organizationalUnitName_default = Dev
organizationalUnitName_max = 64
commonName = Common Name (eg, YOUR name)
commonName_default = WIN-BKEV4AO0KED
commonName_max = 64
But, still mongos and other instances are not started.
Finally, I think some configuration is wrong. I want know what I missed or wrong for SSL.
Finally, I found what is cause of issue and How to start MongoDB Cluster with SSL Myself.
1st, Root cause is that I couldn't start MongoDB instances like mongos, mongod with SSL enable and missed some parameters while starting like below :
before start command
$ mongod -f csrs1.conf
modified start command
$ mongod -f csrs1.conf --tlsMode requireTLS --tlsCertificateKeyFile test-server1.pem --tlsCAFile test-ca.pem
Note : I was not set MongoDB as service and just control through prompt
When I generated certification base on default setting and start each MongoDB with new command, that was working fine.
And I tried modify START.bat file for convenience like above new command.
But, that was not working. So, I opened prompt for each nodes and executed start command manually.
I hope this information will help.
I have setup mongodb on a Google cloud compute instance and am trying to connect to it remotely. My mongod.conf file looks like this:
# mongod.conf
# for documentation of all options, see:
# http://docs.mongodb.org/manual/reference/configuration-options/
# Where and how to store data.
storage:
dbPath: /var/lib/mongodb
journal:
enabled: true
# engine:
# mmapv1:
# wiredTiger:
# where to write logging data.
systemLog:
destination: file
logAppend: true
path: /var/log/mongodb/mongod.log
# network interfaces
net:
port: 27017
bindIp: 0.0.0.0
#processManagement:
security:
authorization: 'enabled'
I have setup a firewall rule in my Google Cloud console that tags the instance and opens tcp:27017 for ip ranges 0.0.0.0/0.
Checking on the port 27017 it looks like mongo is listening:
sudo netstat -tulpn | grep 27017
tcp 0 0 0.0.0.0:27017 0.0.0.0:* LISTEN 3781/mongod
Overall it also seems like port 27017 is open:
netstat --listen
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 *:27017 *:* LISTEN
...
On the instance I setup an admin database with admin user:
>use admin
>db.createUser(
{
user: 'admin',
pwd: 'somepass',
roles: [{ role: "userAdminAnyDatabase", db: "admin" }]
}
)
I also setup a user for a test database:
>use test
>db.createUser(
{
user: 'tester',
pwd: 'apassword',
roles: [{ role: "readWrite", db: "test" },
{ role: "read", db: "reporting" }]
}
)
This user works locally:
>use test
>db.auth('tester', 'apassword')
1
However when I try to connect remotely it fails:
$ mongo -u tester -p apassword 12.345.67.890/test
MongoDB shell version v3.4.1
connecting to: mongodb://12.345.67.890/test
2017-11-14T12:47:07.369-0700 W NETWORK [main] Failed to connect to 12.345.67.890:27017 after 5000ms milliseconds, giving up.
2017-11-14T12:47:07.370-0700 E QUERY [main] Error: couldn't connect to server 12.345.67.890:27017, connection attempt failed :
connect#src/mongo/shell/mongo.js:234:13
#(connect):1:6
exception: connect failed
I'm not a networking expert so I've pretty much exhausted my knowledge at this point and don't know how to proceed.
Am I missing something in mongod.conf? Did i setup the firewall incorrectly? Any help is appreciated.
I came up with a solution for this, but I'm unclear why it works and not my original approach.
My instance has http/https enabled. This uses the firewall rules default-allow-http and default-allow-https. These rules enable connections from anywhere (0.0.0.0/0) through tcp ports 80 and 443 respectively. I edited the http rule and added tcp port 27017.
Now I can connect to the server.
As a test, I reset the http rule and added another rule applied to all instances opening up tcp:27017 to 0.0.0.0/0. Essentially everything is the same as the http rule save for the name and the target tags. With this change I cannot connect to the server.
It seems rather strange and it doesn't feel like an intended behavior, unless my understanding of the firewall rules in incomplete.
In the end it looks like either setting up mongo to use one of the http/https ports or adding port 27017 to those rules is the way to go.
Added 3 EC2 instances in in AWS cloud.
Installed 3 MongoDB instances in 3 different instances and all are running fine.
I am adding replication for the same DBs.
below are the steps i followed:
sudo service mongod start --sslPEMKeyFile "/etc/ssl/mongodb.pem" --sslMode "requireSSL" --replSet "myReplSet" ( in all 3 mongo instances)
config = {_id : "myReplSet" , members: [{_id: 0, host:"ip-10-0-0-68:27017"},{_id: 1, host:"ip-10-0-0-247:27017"},{_id: 2, host:"ip-10-0-0-148:27017"}]}
rs.initiate(config)
Error as below:
MongoDB Enterprise > rs.initiate(config)
{
"ok" : 0,
"errmsg" : "This node was not started with the replSet option",
"code" : 76,
"codeName" : "NoReplicationEnabled"
}
EDIT
I added same security groups and Elastic IP for all 3 instances.
All 3 are new DBs.
Now I am getting error as:
{
"ok" : 0,
"errmsg" : "'ip-10-0-0-148:27017' has data already, cannot initiate set.",
"code" : 110,
"codeName" : "CannotInitializeNodeWithData"
}
EDIT-2
Config file for one the servers:
# mongod.conf
# for documentation of all options, see:
# http://docs.mongodb.org/manual/reference/configuration-options/
# where to write logging data.
systemLog:
destination: file
logAppend: true
path: /var/log/mongodb/mongod.log
# Where and how to store data.
storage:
dbPath: /var/lib/mongo
journal:
enabled: true
# engine:
# mmapv1:
# wiredTiger:
# how the process runs
processManagement:
fork: true # fork and run in background
pidFilePath: /var/run/mongodb/mongod.pid # location of pidfile
# network interfaces
net:
port: 27017
# bindIp: 127.0.0.1,13.58.225.174,13.58.180.226 # Listen to local interface only, comment to listen on all interfaces.
#security:
#operationProfiling:
replication:
replSetName: rs0
The service start command does not accept parameters. So
sudo service mongod start --sslPEMKeyFile "/etc/ssl/mongodb.pem" --sslMode "requireSSL" --replSet "myReplSet"
Is equivalent to
sudo service mongod start
If you want to add those settings to the mongod configuration, you will need to edit /etc/mongod.conf to add them in. Since the names of some options vary between the command line and the configuration file, you should take a look at the Configuration File Options documentation to ensure you use the correct settings.
EDIT
Based on your edits and the error message, it appears the mongod process (ip-10-0-0-148:27017) already has data on it. You cannot add a mongod process that already has data to a replica set. You can, however, initiate the replica set on a mongod process that already has data. You should connect to that mongod process and run the rs.initiate() there. Then you run rs.add() to add the remaining, empty, mongod processes to the replica set.
Note: MongoDB does offer MongoDB Cloud Manager and MongoDB Atlas which can do some or all of this for you. However, they are not free, so its up to you if you want to use them.
This way it works fine.
rs.initialize()
rs.add()
rs.add()
i reffed here:
https://devops.profitbricks.com/tutorials/configure-mongodb-replica-set/
I have 4 instances of mongodb running(replica set) with following mongodb.conf file for each instance:
# mongod.conf
# for documentation of all options, see:
# http://docs.mongodb.org/manual/reference/configuration-options/
# where to write logging data.
systemLog:
destination: file
logAppend: true
path: /root/mongodata/log/mongod.log
# Where and how to store data.
storage:
dbPath: /root/mongodata/db1 # also have db2 and so on for rest of the instances
journal:
enabled: true
# engine:
# mmapv1:
# wiredTiger:
# how the process runs
processManagement:
fork: true # fork and run in background
pidFilePath: /root/mongodata/db1/mongod.pid # location of pidfile, different for 4 instances
# network interfaces
net:
port: 30000 #port different for 4 different instances
bindIp: 12.123.321.432(example ip, same for all 4 .conf files)
# security
security:
KeyFile: /path to my keyfile location
# authorization: enabled
#operationProfiling:
replication:
replSetName: testReplica #have this same for all 4
#sharding:
## Enterprise-Only Options
#auditLog:
#snmp:
I also created a keyfile for internal authentication as follows:
openssl rand -base64 756 > <path-to-keyfile>
chmod 400 <path-to-keyfile>
After all the instances are running I opened mongoShell as follows:
mongo --host 12.123.321.432 --port 30000
I am able to open the shell but when I try to create a user, I get the following exception:
2016-12-22T20:55:38.396-0500 E QUERY [thread1] Error: couldn't add user: not authorized on test to execute command { createUser: "root", pwd: "xxx", roles: [ { role: "root", db: "admin" } ], digestPassword: false, writeConcern: { w: "majority", wtimeout: 30000.0 } } :
_getErrorWithCode#src/mongo/shell/utils.js:23:13
DB.prototype.createUser#src/mongo/shell/db.js:1230:11
#(shell):1:1
I tried switching to admin db but still says unauthorized, I also tried to run rs.initiate() command to define primary and secondary dbs, says unauthorized. I read even if i start the mongod with authentication disabled the internal authentication via keyfile will force the role based authentication. What am I missing here and how would i resolve it? thanks in advance.
The error message shows that you have not privileges to execute the command.
After set keyfile parameter in .conf file, mongo need you login with auth user.
So if you have not root user.
start mongod without auth config (don't set keyfile and disable security.authorization )
create use with root role
db.createUser({user:"root",pwd:"rootpassword",roles:[{role:"root",db:"admin"}]})
if you have root user, you should use db.auth() or login mongo with root privileges, for executing rs.conf() command.
mongo --port portnumber -u root -p --authenticationDatabase admin
or after login with command mongo --port portnumber
db.auth("root", "rootpassword")
ps. KeyFile is for replica set inner communication security.