连接到 AWS DocumentDB 时出现连接错误

Question

getting the following error while connecting to AWS DocumentDB from node.js

connection error: { [MongoNetworkError: connection 1 to docdb-2019-01-28-06-57-37.cluster-cqy6h2ypc0dj.us-east-1.docdb.amazonaws.com:27017 timed out] name: 'MongoNetworkError', errorLabels: [ 'TransientTransactionError' ] }

here is my node.js file

app.js

var mongoose = require('mongoose');
mongoose.connect('mongodb://abhishek:abhishek@docdb-2019-01-28-06-57-37.cluster-cqy6h2ypc0dj.us-east-1.docdb.amazonaws.com:27017/?ssl_ca_certs=rds-combined-ca-bundle.pem&replicaSet=rs0', {
    useNewUrlParser: true
});
var db = mongoose.connection;
db.on('error', console.error.bind(console, 'connection error:'));
db.once('open', function() {
    console.log("connected...");
});

Answer 1

By default aws documentdb is designed to connect only from same VPC. So to connect nodejs application from an ec2 in same vpc. You need to have the pem file as by default SSL is enabled while db instance is created.

step-1 : $ wget https://s3.amazonaws.com/rds-downloads/rds-combined-ca-bundle.pem in required directory

step-2 : Change the mongoose connection with options pointing to pem file

mongoose.connect(database.url, {
    useNewUrlParser: true,
    ssl: true,
    sslValidate: false,
    sslCA: fs.readFileSync('./rds-combined-ca-bundle.pem')})
.then(() => console.log('Connection to DB successful'))
.catch((err) => console.error(err,'Error'));

Here am using mongoose 5.4.0

To connnect from outside the VPC, please try to follow the below doc from aws: https://docs.aws.amazon.com/documentdb/latest/developerguide/connect-from-outside-a-vpc.html

Personally I tried only to connect from VPC and it worked fine.

Update =====:>

To connect from Robo 3T outside VPC please follow the link - AWS DocumentDB with Robo 3T (Robomongo)

Answer 2

to use AWS DocumentDB outside VPC for example your development server EC2 or from the local machine will get a connection error unless you use ssh tunneling or port forwarding

and about tunneling it simple

1. use this command in your local

   ssh -i "ec2Access.pem" -L 27017:sample-cluster.node.us-east-1.docdb.amazonaws.com:27017 ubuntu@EC2-Host -N

2. in application configuration use

   { uri: 'mongodb://:@127.0.0.1:27017/Db', useNewUrlParser: true, useUnifiedTopology:true, directConnection: true }

just make sure you can connect from this tunneling ec2 and database

and if you decide to use port forwarding steps 0- in ec2 security grou[p add inbound role with custom TCP and port 27017 All traffic 1- go to your ec2 instance and install Haproxy

$ sudo apt install haproxy

2- edit Haproxy configuration

$ sudo nano haproxy.cfg

3- in end off file add

listen mongo
bind 0.0.0.0:27017
timeout connect 10s
timeout client 1m
timeout server 1m
mode TCP
server AWSmongo <database-host-url>:27017

4- now restart HaProxy

$ sudo service HaPoxy restart

5- now you can access your database using

{uri: 'mongodb://<database-user>:<database-pass>@<EC2-IP>:27017/<db>'}