vpruthi/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
doc-exports/docs/dds/umn/dds_02_0028.html
Ru, Li Yi cd74617674 dds_umn_20240415 
Reviewed-by: Wagner, Fabian <fabian.wagner@t-systems.com>
Co-authored-by: Ru, Li Yi <liyiru7@huawei.com>
Co-committed-by: Ru, Li Yi <liyiru7@huawei.com>
2024-04-16 08:01:15 +00:00

61 lines
19 KiB
HTML
Raw Blame History

<a name="dds_02_0028"></a><a name="dds_02_0028"></a>
<h1 class="topictitle1">Connecting to a Single Node Instance Over Private Networks</h1>
<div id="body1524559356644"><div class="section" id="dds_02_0028__en-us_topic_0085335422_section46429645141251"><h4 class="sectiontitle">Scenarios</h4><p id="dds_02_0028__p125004821516">This section describes how to connect to a single-node instance using the MongoDB client over private networks.DDS is compatible with MongoDB.</p>
<p id="dds_02_0028__p1432214314142">The MongoDB client can connect to a DB instance with an unencrypted connection or an encrypted connection (SSL). To improve data transmission security, you are advised to connect to DB instances using the SSL connection.</p>
<p id="dds_02_0028__p293321134111"><strong id="dds_02_0028__b26861333143110">Different OS scenarios</strong>: Examples include Linux and Windows clients.</p>
</div>
<div class="section" id="dds_02_0028__section135810251275"><h4 class="sectiontitle">Constraints</h4><p id="dds_02_0028__p181210271492">For details about constraints on connecting to a single node instance, see <a href="dds_01_0022.html">Constraints and Recommendations</a>.</p>
</div>
<div class="section" id="dds_02_0028__en-us_topic_0085335422_section12950115493212"><h4 class="sectiontitle">Prerequisites</h4><ol id="dds_02_0028__ol134821154847"><li id="dds_02_0028__li1258020155214">For details on how to create and log in to an ECS, see "Creating and Logging In to a Windows ECS" or "Creating and Logging In to a Linux ECS" in the <em id="dds_02_0028__i853905914334">Elastic Cloud Server User Guide</em>.</li><li id="dds_02_0028__li155435381355">Install the MongoDB client on the <span id="dds_02_0028__text1888394782319">ECS</span><span id="dds_02_0028__text788320475236"></span>.<p id="dds_02_0028__p15162131654014">For details on how to install a MongoDB client, see <a href="dds_faq_0018.html">How Can I Install a MongoDB Client?</a></p>
</li></ol>
</div>
<div class="section" id="dds_02_0028__section17675112516136"><h4 class="sectiontitle">Connecting to a DB Instance Using the MongoDB Client (SSL)</h4><div class="notice" id="dds_02_0028__note156751999513"><span class="noticetitle"><img src="public_sys-resources/notice_3.0-en-us.png"> </span><div class="noticebody"><p id="dds_02_0028__p43820110157">If you connect to a DB instance using this method, enable the SSL connection. For details, see section <a href="dds_03_0074.html#dds_03_0074__en-us_topic_0049044698_section45421719172826">Enabling SSL</a>.</p>
</div></div>
<ol id="dds_02_0028__ol9332173415137"><li id="dds_02_0028__li102171219141112"><span>On the <strong id="dds_02_0028__b15169284126">Instance Management</strong> page, click the target DB instance.</span></li><li id="dds_02_0028__li115474615474"><span>In the navigation pane on the left, choose <span class="uicontrol" id="dds_02_0028__uicontrol1256710303129"><b>Connections</b></span>.</span></li><li id="dds_02_0028__li6501114181414"><span>In the <strong id="dds_02_0028__b15255232101212">Basic Information</strong> area, click <span><img id="dds_02_0028__image18459281105" src="en-us_image_0000001142773955.png"></span> next to the <strong id="dds_02_0028__b82561832191210">SSL</strong> field.</span><p><div class="note" id="dds_02_0028__note1781903451510"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="dds_02_0028__p436813619153">The certificate can also be downloaded from the Node Information area on the Basic Information page.</p>
</div></div>
</p></li><li id="dds_02_0028__li1433333418132"><span>Upload the root certificate to the <span id="dds_02_0028__text1079814510248">ECS</span><span id="dds_02_0028__text107986511246"></span> to be connected to the DB instance.</span><p><p id="dds_02_0028__p1933617718381">The following describes how to upload the certificate to a Linux and Window ECS:</p>
<ul id="dds_02_0028__ul1977195483815"><li id="dds_02_0028__li87711754113820">In Linux, run the following command:<div class="p" id="dds_02_0028__p333313461319"><a name="dds_02_0028__li87711754113820"></a><a name="li87711754113820"></a><strong id="dds_02_0028__b1733319342138">scp</strong> <em id="dds_02_0028__i3333034161319">&lt;IDENTITY_FILE&gt;</em> <em id="dds_02_0028__i8333173416130">&lt;REMOTE_USER&gt;</em><strong id="dds_02_0028__b93331334191317">@</strong><em id="dds_02_0028__i03331349135">&lt;REMOTE_ADDRESS&gt;</em><strong id="dds_02_0028__b5333103413136">:</strong><em id="dds_02_0028__i1933319340131">&lt;REMOTE_DIR&gt;</em><div class="note" id="dds_02_0028__note9333183415136"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="dds_02_0028__ul633473411138"><li id="dds_02_0028__li15334153461310"><strong id="dds_02_0028__b2448131512264">IDENTITY_FILE</strong> indicates the directory where the root certificate resides. The file access permission is 600.</li><li id="dds_02_0028__li3334734141318"><strong id="dds_02_0028__b174202195509">REMOTE_USER</strong> indicates the <span id="dds_02_0028__text1853161616245">ECS</span><span id="dds_02_0028__text105341615242"></span> OS user.</li><li id="dds_02_0028__li23345341134"><strong id="dds_02_0028__b1966412025013">REMOTE_ADDRESS</strong> indicates the <span id="dds_02_0028__text115042452411">ECS</span><span id="dds_02_0028__text1715013249245"></span> address.</li><li id="dds_02_0028__li13340345135"><strong id="dds_02_0028__b747952118508">REMOTE_DIR</strong> indicates the directory of the <span id="dds_02_0028__text1614253019249">ECS</span><span id="dds_02_0028__text10142163012247"></span> to which the root certificate is uploaded.</li></ul>
</div></div>
</div>
</li></ul>
<ul id="dds_02_0028__ul16741818193920"><li id="dds_02_0028__li067514182397">In Windows, upload the root certificate using the remote connection tool.</li></ul>
</p></li><li id="dds_02_0028__li13341346136"><span>Connect to a <span class="keyword" id="dds_02_0028__keyword35982035017">DDS DB instance</span>.</span><p><ul id="dds_02_0028__ul16334634151317"><li id="dds_02_0028__li5334103421319">Method 1: Using standard parameters<p id="dds_02_0028__p2334734121318"><a name="dds_02_0028__li5334103421319"></a><a name="li5334103421319"></a><strong id="dds_02_0028__b33351034111319">mongo --host</strong> &lt;<em id="dds_02_0028__i93351934161311">DB_HOST</em>&gt; <strong id="dds_02_0028__b6335203491317">--port</strong> &lt;<em id="dds_02_0028__i19335193412136">DB_PORT</em>&gt; <strong id="dds_02_0028__b16335193431315">-u</strong> &lt;<em id="dds_02_0028__i2335153491311">DB_USER</em>&gt; <strong id="dds_02_0028__b33351034111311">-p</strong> <strong id="dds_02_0028__b1733519349132">--authenticationDatabase</strong><strong id="dds_02_0028__b5335183451315"> admin </strong><strong id="dds_02_0028__b333514342138">--ssl --sslCAFile</strong> &lt;<em id="dds_02_0028__i933553419136">FILE_PATH</em>&gt; <strong id="dds_02_0028__b12335173416132">--sslAllowInvalidHostnames</strong></p>
<p id="dds_02_0028__p1133683414132">Enter the database account password when prompted:</p>
<pre class="screen" id="dds_02_0028__screen133619348139">Enter password:</pre>
</li><li id="dds_02_0028__li16336143431315">Method 2: Using standard URI format<p id="dds_02_0028__p10336103413131"><a name="dds_02_0028__li16336143431315"></a><a name="li16336143431315"></a><strong id="dds_02_0028__b2336173411318">mongo</strong> <strong id="dds_02_0028__b833693471310">mongodb://rwuser:</strong>&lt;password&gt;<strong id="dds_02_0028__b1336133418138">@</strong><em id="dds_02_0028__i12336163431310">&lt;</em><em id="dds_02_0028__i16336133416138">DB_HOST</em><em id="dds_02_0028__i183363345135">&gt;</em><strong id="dds_02_0028__b1933673416135">:</strong><em id="dds_02_0028__i5336034151317">&lt;</em><em id="dds_02_0028__i133361634171319">DB_PORT</em><em id="dds_02_0028__i83367347138">&gt;</em><strong id="dds_02_0028__b8336934161319">/test?authSource=admin</strong> <strong id="dds_02_0028__b1133653481315">--ssl --sslCAFile</strong> &lt;<em id="dds_02_0028__i18336113491310">FILE_PATH</em>&gt; <strong id="dds_02_0028__b1133613420135">--sslAllowInvalidHostnames</strong></p>
<p id="dds_02_0028__p1416193382811">The connection information can be obtained in the <span class="uicontrol" id="dds_02_0028__uicontrol65901721185511"><b>Address</b></span> column on the <span class="uicontrol" id="dds_02_0028__uicontrol859242117554"><b>Instance Management</b></span> page.</p>
</li></ul>
<div class="note" id="dds_02_0028__note1733615346138"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="dds_02_0028__ul83371634141320"><li id="dds_02_0028__li1433710341139">A single node instance uses the management IP address to generate SSL certificate. <strong id="dds_02_0028__b11237947397">--sslAllowInvalidHostnames</strong> is needed for the SSL connection over private networks.</li><li id="dds_02_0028__li19337193415138"><strong id="dds_02_0028__b56174501216">DB_HOST</strong> indicates the IP address of the remotely connected DB instance. Obtain the value from the <span class="uicontrol" id="dds_02_0028__uicontrol197545151219"><b>Private IP Address</b></span> column in the node list on the <span class="uicontrol" id="dds_02_0028__uicontrol16713452123"><b>Connections</b></span> page.</li><li id="dds_02_0028__li1933793411132"><strong id="dds_02_0028__b13405171813136">DB_PORT</strong> indicates the port number. Obtain the value from <span class="uicontrol" id="dds_02_0028__uicontrol1440620180133"><b>Database Port</b></span> in the <span class="uicontrol" id="dds_02_0028__uicontrol240641815139"><b>Basic Information</b></span> area on the <strong id="dds_02_0028__b114078184135">Connections</strong> page.</li><li id="dds_02_0028__li1580548181613"><strong id="dds_02_0028__b122771121719">DB_HOST</strong> and <strong id="dds_02_0028__b4971121661715">DB_PORT</strong> can also be obtained from the Node Information area on the Basic Information page.</li><li id="dds_02_0028__li13338153441318"><strong id="dds_02_0028__en-us_topic_0085335422_en-us_topic_0031147618_b84235270617104">DB_USER</strong> indicates the database account name. The default value is <strong id="dds_02_0028__en-us_topic_0085335422_b84235270619744">rwuser</strong>.</li><li id="dds_02_0028__li104164519302"><strong id="dds_02_0028__b14184563014"><em id="dds_02_0028__i194174593017">&lt;password&gt;</em></strong> indicates the password of the database account. If the password contains at signs (@),exclamation marks (!), or percent signs (%), replace them with hexadecimal URL codes %40, %21, and %25 respectively.</li><li id="dds_02_0028__li122761750202211">If user inputs this command then the password will be stored in logfiles and can be found in linux history, and in process list. So please note that plaintext passwords are risky.</li><li id="dds_02_0028__li1733810349130"><strong id="dds_02_0028__b1035019117512">FILE_PATH</strong> indicates the path where the root certificate is stored.</li></ul>
</div></div>
<ul id="dds_02_0028__ul233816341135"><li id="dds_02_0028__li6338113411137">Connect to the DB instance using standard parameters. The following is an example command:<p id="dds_02_0028__p153386346132"><a name="dds_02_0028__li6338113411137"></a><a name="li6338113411137"></a><strong id="dds_02_0028__b133384348133">mongo --host 192.168.1.6 --port 8635 -u rwuser -p --authenticationDatabase admin --ssl --sslCAFile /tmp/ca.crt</strong> <strong id="dds_02_0028__b103381234111314">--sslAllowInvalidHostnames</strong></p>
</li><li id="dds_02_0028__li1433815346138">Connect to the DB instance using standard URI format. The following is an example command:<p id="dds_02_0028__p23391634101316"><a name="dds_02_0028__li1433815346138"></a><a name="li1433815346138"></a><strong id="dds_02_0028__b183396347139">mongo</strong> <strong id="dds_02_0028__b1333919341135">mongodb://rwuser:&lt;password&gt;@</strong><strong id="dds_02_0028__b1339734181317">192.168.1.6</strong><strong id="dds_02_0028__b16339183461310">:</strong><strong id="dds_02_0028__b333943431312">8635</strong><strong id="dds_02_0028__b6339103413136">/test?authSource=admin</strong><strong id="dds_02_0028__b1333903415130"> -</strong><strong id="dds_02_0028__b63391534181317">-ssl --sslCAFile</strong> <strong id="dds_02_0028__b9339113451319">/tmp/ca.crt</strong> <strong id="dds_02_0028__b033973410135">--sslAllowInvalidHostnames</strong></p>
</li></ul>
</p></li><li id="dds_02_0028__li833993451320"><span>Check the connection result. If the following information is displayed, the connection is successful.</span><p><pre class="screen" id="dds_02_0028__screen143397345133">replica:PRIMARY&gt;</pre>
</p></li></ol>
</div>
<div class="section" id="dds_02_0028__en-us_topic_0085335422_sfc3bfb212a8440799f49320d91fc096c"><h4 class="sectiontitle">Connecting to a DB Instance Using the MongoDB Client (Non-SSL)</h4><div class="notice" id="dds_02_0028__en-us_topic_0085335422_note45712120182235"><span class="noticetitle"><img src="public_sys-resources/notice_3.0-en-us.png"> </span><div class="noticebody"><p id="dds_02_0028__p8755899182235">If you connect to a DB instance using this method, disable the SSL connection. For details, see section <a href="dds_03_0074.html#dds_03_0074__section4225593518277">Disabling SSL</a>.</p>
</div></div>
<ol id="dds_02_0028__en-us_topic_0085335422_o12386b3d9147482881ddfdfd9a3f787c"><li id="dds_02_0028__en-us_topic_0085335422_lf50bb4c0b07747cfac89f74cc2b28b4a"><span>Connect to a <span class="keyword" id="dds_02_0028__keyword929914461813">DDS DB instance</span>.</span><p><ul id="dds_02_0028__ul7567173152111"><li id="dds_02_0028__li856712311210">Method 1: Using standard parameters<p id="dds_02_0028__p1546173416213"><a name="dds_02_0028__li856712311210"></a><a name="li856712311210"></a><strong id="dds_02_0028__b1567143119217">mongo --host</strong> &lt;<em id="dds_02_0028__i456717314219">DB_HOST</em>&gt; <strong id="dds_02_0028__b256763113211">--port</strong> &lt;<em id="dds_02_0028__i3567631142114">DB_PORT</em>&gt; <strong id="dds_02_0028__b16567731192119">-u</strong> &lt;<em id="dds_02_0028__i65672318217">DB_USER</em>&gt; <strong id="dds_02_0028__b637789133717">-p</strong> <strong id="dds_02_0028__b1156711315219">--authenticationDatabase</strong> <strong id="dds_02_0028__b2033119156376">admin</strong></p>
<p id="dds_02_0028__p3759945202019">Enter the database account password when prompted:</p>
<pre class="screen" id="dds_02_0028__screen6759145122016">Enter password:</pre>
</li><li id="dds_02_0028__li956719313217">Method 2: Using standard URI format<p id="dds_02_0028__p18264365212"><a name="dds_02_0028__li956719313217"></a><a name="li956719313217"></a><strong id="dds_02_0028__b1851992173718"><strong id="dds_02_0028__b2051972173710">mongo</strong></strong> <strong id="dds_02_0028__b165200219378">mongodb://rwuser:</strong>&lt;password&gt;<strong id="dds_02_0028__b1692415451252">@</strong><em id="dds_02_0028__i15671331162116">&lt;</em><em id="dds_02_0028__i956773112112">DB_HOST</em><em id="dds_02_0028__i20567173113218">&gt;</em><strong id="dds_02_0028__b656763118210">:</strong><em id="dds_02_0028__i9567143122110">&lt;</em><em id="dds_02_0028__i1156723132117">DB_PORT</em><em id="dds_02_0028__i75674315214">&gt;</em><strong id="dds_02_0028__b4981817583">/test?authSource=admin</strong></p>
<p id="dds_02_0028__p318624972916">The connection information can be obtained in the <span class="uicontrol" id="dds_02_0028__uicontrol437183035518"><b>Address</b></span> column on the <span class="uicontrol" id="dds_02_0028__uicontrol1938830195512"><b>Instance Management</b></span> page.</p>
</li></ul>
<div class="note" id="dds_02_0028__note839816116261"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="dds_02_0028__ul83946567225"><li id="dds_02_0028__li146091023142317"><strong id="dds_02_0028__b195163306137">DB_HOST</strong> indicates the IP address of the remotely connected DB instance. Obtain the value from the <span class="uicontrol" id="dds_02_0028__uicontrol151693031314"><b>Private IP Address</b></span> column in the node list on the <span class="uicontrol" id="dds_02_0028__uicontrol1551715302131"><b>Connections</b></span> page.</li><li id="dds_02_0028__li2508131610233"><strong id="dds_02_0028__b4286842101312">DB_PORT</strong> indicates the port number. Obtain the value from <span class="uicontrol" id="dds_02_0028__uicontrol14288204216135"><b>Database Port</b></span> in the <span class="uicontrol" id="dds_02_0028__uicontrol528944221312"><b>Basic Information</b></span> area on the <strong id="dds_02_0028__b12891425133">Connections</strong> page.</li><li id="dds_02_0028__li1048914566199"><strong id="dds_02_0028__b9532115751917">DB_HOST</strong> and <strong id="dds_02_0028__b353255771914">DB_PORT</strong> can also be obtained from the Node Information area on the Basic Information page.</li><li id="dds_02_0028__li2512016202314"><strong id="dds_02_0028__b487053851718">DB_USER</strong> indicates the database account name. The default value is <strong id="dds_02_0028__b10870173819178">rwuser</strong>.</li><li id="dds_02_0028__li203011059313"><strong id="dds_02_0028__b0301145143113"><em id="dds_02_0028__i730113583115">&lt;password&gt;</em></strong> indicates the password of the database account. If the password contains at signs (@),exclamation marks (!), or percent signs (%), replace them with hexadecimal URL codes %40, %21, and %25 respectively.</li><li id="dds_02_0028__li205880623112">If user inputs this command then the password will be stored in logfiles and can be found in linux history, and in process list. So please note that plaintext passwords are risky.</li></ul>
</div></div>
<ul id="dds_02_0028__ul106082418273"><li id="dds_02_0028__li45912247273">Connect to the DB instance using standard parameters. The following is an example command:<p id="dds_02_0028__p1138102682712"><a name="dds_02_0028__li45912247273"></a><a name="li45912247273"></a><strong id="dds_02_0028__b85912412716">mongo --host 192.168.1.6 --port 8635 -u rwuser -p --authenticationDatabase admin</strong></p>
</li><li id="dds_02_0028__li35911241274">Connect to the DB instance using standard URI format. The following is an example command:<p id="dds_02_0028__p43699277273"><a name="dds_02_0028__li35911241274"></a><a name="li35911241274"></a><strong id="dds_02_0028__b6128732153717"><strong id="dds_02_0028__b1112863218378">mongo</strong></strong> <strong id="dds_02_0028__b012812320375">mongodb://rwuser:&lt;password&gt;@</strong><strong id="dds_02_0028__b145952420279">192.168.1.6:8635</strong><strong id="dds_02_0028__b95942410270">/test?authSource=admin</strong></p>
</li></ul>
</p></li><li id="dds_02_0028__en-us_topic_0085335422_li2356085813016"><span>Check the connection result. If the following information is displayed, the connection is successful.</span><p><pre class="screen" id="dds_02_0028__en-us_topic_0085335422_screen141854665519">replica:PRIMARY&gt;</pre>
</p></li></ol>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="dds_02_0074.html">Connecting to a Single-Node Instance Over Private Networks</a></div>
</div>
</div>
View Git Blame Copy Permalink