Mongodb – connecting to mongodb on ec2 instance using the private IP address

amazon ec2awsmongodb

Im trying to connect to my MongoDB that is on my EC2 instance. I am able to connect to using the public dns with this statement:

mongoClient = new
MongoClient("ec2-3-92-197-163.compute-1.amazonaws.com", 27021);

but if I tried to replace the "ec2-3-92…." with the private IP address, as such:

mongoClient = new MongoClient("172.31.90.193", 27021);

It gives me the error:

INFO: Exception in monitor thread while connecting to server
172.31.90.193:27021 com.mongodb.MongoSocketOpenException: Exception opening socket at
com.mongodb.internal.connection.SocketStream.open(SocketStream.java:70)
at
com.mongodb.internal.connection.InternalStreamConnection.open(InternalStreamConnection.java:126)
at
com.mongodb.internal.connection.DefaultServerMonitor$ServerMonitorRunnable.run(DefaultServerMonitor.java:117)
at java.base/java.lang.Thread.run(Thread.java:844) Caused by:
java.net.SocketTimeoutException: connect timed out at
java.base/java.net.PlainSocketImpl.socketConnect(Native Method) at
java.base/java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:400)
at
java.base/java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:243)
at
java.base/java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:225)
at
java.base/java.net.SocksSocketImpl.connect(SocksSocketImpl.java:402)
at java.base/java.net.Socket.connect(Socket.java:591) at
com.mongodb.internal.connection.SocketStreamHelper.initialize(SocketStreamHelper.java:64)
at
com.mongodb.internal.connection.SocketStream.initializeSocket(SocketStream.java:79)
at
com.mongodb.internal.connection.SocketStream.open(SocketStream.java:65)
… 3 more

Exception in thread "main" com.mongodb.MongoTimeoutException: Timed
out after 30000 ms while waiting to connect. Client view of cluster
state is {type=UNKNOWN, servers=[{address=172.31.90.193:27021,
type=UNKNOWN, state=CONNECTING,
exception={com.mongodb.MongoSocketOpenException: Exception opening
socket}, caused by {java.net.SocketTimeoutException: connect timed
out}}] at
com.mongodb.internal.connection.BaseCluster.getDescription(BaseCluster.java:182)
at
com.mongodb.internal.connection.SingleServerCluster.getDescription(SingleServerCluster.java:41)
at
com.mongodb.client.internal.MongoClientDelegate.getConnectedClusterDescription(MongoClientDelegate.java:136)
at
com.mongodb.client.internal.MongoClientDelegate.createClientSession(MongoClientDelegate.java:94)
at
com.mongodb.client.internal.MongoClientDelegate$DelegateOperationExecutor.getClientSession(MongoClientDelegate.java:249)
at
com.mongodb.client.internal.MongoClientDelegate$DelegateOperationExecutor.execute(MongoClientDelegate.java:172)
at
com.mongodb.client.internal.MongoIterableImpl.execute(MongoIterableImpl.java:132)
at
com.mongodb.client.internal.MongoIterableImpl.iterator(MongoIterableImpl.java:86)
at
com.mongodb.client.internal.MongoIterableImpl.forEach(MongoIterableImpl.java:110)
at App.main(App.java:46)

Is there something I'm missing that is preventing me from connecting to mongo using the private IP address?

I have set up the inbound rules as such:

and this is what my mongod.conf file looks like:

  # mongod.conf

# for documentation of all options, see:
#   http://docs.mongodb.org/manual/reference/configuration-options/

# where to write logging data. systemLog:   destination: file   logAppend: true   path: /var/log/mongodb/mongod.log

# Where and how to store data. storage:   dbPath: /var/lib/mongo   journal:
    enabled: true
#  engine:
#  mmapv1:
#  wiredTiger:

# how the process runs processManagement:   fork: true  # fork and run in background   pidFilePath: /var/run/mongodb/mongod.pid  # location of pidfile   timeZoneInfo: /usr/share/zoneinfo

# network interfaces net:   port: 27017
#  bindIp: 172.31.90.193  # Enter 0.0.0.0,:: to bind to all IPv4 and IPv6 addresses or, alternatively, use the net.bindIpAll setting.

#security:

#operationProfiling:

replication:   replSetName: Midterm sharding:   clusterRole: configsvr
## Enterprise-Only Options

#auditLog:

#snmp:

Note: I have not set any permission or add credentials in my admin db's collection.

Best Answer

Since you are trying to connect to the MongoDB in EC2 instance from your local machine, the connection should be made via the public network (Internet).

If it is a public network you should use either Public IP or Elastic IP for the connection.

You cannot use Private IP to connect to MongoDB running in AWS EC2 via the public network.

Related Solutions

Mongodb user for ubuntu EC2 instance

The reason for the difference is that the articles describe two different versions of Linux. For the install MongoDB on Ubuntu tutorial you are talking about Ubuntu. If you are following the install MongoDB on Amazon EC2 tutorial then you are talking about Amazon Linux.

Ubuntu uses deb/apt based packages (which gets you the mongodb user) and Amazon Linux uses rpm/yum based packages (which gets you the mongod user). You are using Ubuntu according to your question, hence the relevant user for you is "mongodb".

I would point out though, that this likely has nothing to do with the issue you are having with the service status or shutting it down. That's more likely some sort of problem with the wrong PID being referenced by upstart, or possibly an issue with MongoDB starting in the first place (check your logs).

I would recommend:

Stop MongoDB manually (log in with the mongo shell and issue the shutdown command)
Start the service again, with sudo service start mongodb
Verify that it started correctly (logs, login with the mongoshell again)
Re-check with sudo service mongodb status

Mysql – Connecting to a new RDS instance from an EC2 instance

Check my server logs in MySQL Workbrench or Command-line Could not acquire management access for administration.

Right, you can't do that with workbench and RDS because that requires shell access, which RDS does not allow. The logs are accessible through the console and API.

Remove rdsadmin or Revert the asingeded roles and privileges

Right, you can't do that, because rdsadmin is the account that the RDS infrastructure uses to manage your instance. You don't control it.

Grant DBA/MaintenenaceAdmin/ProcessAdmin or Replication Admin to WPuser Error changing account WPuser@%: Access denied for user 'WPuser'@'%' (using password: YES)

The problem here is threefold.

The "roles" in workbench were a ridiculous idea on the part of Oracle because they do not correspond to real structures on MySQL... They're just fancy packaging for permission presets and you'd be better served to ignore that functionality and understand how the permissions actually work.

The DBA role doesn't work on RDS because that includes the SUPER privilege, which RDS does not provide, so that one wouldn't work anyway, even if you hadn't made the final error:

You appear to be trying to give "WPUser" permissions... while you're logged in as "WPUser." You can't grant permissions to yourself. You also can't grant permissions you don't hold. If WPUser is the master user for your RDS instance, it already has all the permissions it can have... though you shouldn't use your master user for your application's access to the database.

I added the Elastic/Private and even Public IP address for the EC2 instance to the VPC security group

That isn't likely the problem, here. If the security group isn't right, you'll fail to connect, after a lengthy timeout, and the error code will not be "access denied."

Also potentially incorrect, depending on what you are using as 'ENDPOINT':

GRANT ... ON WIKIdb.* to 'WIKIuser'@'ENDPOINT';

If 'ENDPOINT' is the RDS endpoint, this is incorrect. You can never connect to RDS from the RDS endpoint, or even from 'localhost'.

The final argument there needs to be the IP address of the server where the wiki code is running, or a wildcard for the netblock, like '172.31.%'.

Best Answer

Related Solutions

Mongodb user for ubuntu EC2 instance

Mysql – Connecting to a new RDS instance from an EC2 instance

Related Question