无法在本地使用 NodeJS 连接到 AWS DocumentDB
[英]Cannot connect to AWS DocumentDB using NodeJS locally
问题描述
I followed the instructions here to set up an SSH tunnel to connect externally: https://docs.aws.amazon.com/documentdb/latest/developerguide/connect-from-outside-a-vpc.html
我按照此处的说明设置了 SSH 隧道以进行外部连接: https://docs.aws.amazon.com/documentdb/latest/developerguide/connect-from-outside-a-vpc.ZFC35FDC70D52C69D253A268
Once I have the tunnel established I CAN connect using the GUI client Robomongo and "Studio 3T".建立隧道后,我可以使用 GUI 客户端 Robomongo 和“Studio 3T”进行连接。 So that verifies that the ec2 machine does have access and my SSH tunnel is working.这样就可以验证 ec2 机器确实可以访问并且我的 SSH 隧道正在工作。
But despite that, NodeJS is not happy with the connection.但尽管如此,NodeJS 对这种连接并不满意。 I am getting one of 2 errors depending on my config.根据我的配置,我收到 2 个错误之一。
config 1:配置1:
const url = 'mongodb://root:some-password@localhost:27017?ssl=true&replicaSet=rs0&readPreference=secondaryPreferred';
const ca = [fs.readFileSync('./rds-combined-ca-bundle.pem')];
const options = {
sslValidate: false, // you will see why in the next config
sslCA: ca,
useNewUrlParser: true,
useUnifiedTopology: true,
};
const client = new MongoClient(url, options);
After several seconds I get:几秒钟后,我得到:
(node:7640) UnhandledPromiseRejectionWarning: MongoServerSelectionError: connect ENETUNREACH 172.31.26.210:27017
at Timeout._onTimeout (/Volumes/foo/source/node_modules/mongodb/lib/core/sdam/topology.js:430:30)
at listOnTimeout (internal/timers.js:549:17)
at processTimers (internal/timers.js:492:7)
config 2:配置2:
const url = 'mongodb://root:some-password@localhost:27017?ssl=true&replicaSet=rs0&readPreference=secondaryPreferred';
const ca = [fs.readFileSync('./rds-combined-ca-bundle.pem')];
const options = {
sslValidate: true, // now this is true
sslCA: ca,
useNewUrlParser: true,
useUnifiedTopology: true,
};
const client = new MongoClient(url, options);
After several seconds I get:几秒钟后,我得到:
(node:7682) UnhandledPromiseRejectionWarning: MongoServerSelectionError: Hostname/IP does not match certificate's altnames: Host: localhost. is not in the cert's altnames: DNS:docdb-2020-07-14-23-38-05.cluster-cpapk5zw6fa0.us-west-2.docdb.amazonaws.com, DNS:docdb-2020-07-14-23-38-05.cluster-ro-cpapk5zw6fa0.us-west-2.docdb.amazonaws.com, DNS:docdb-2020-07-14-23-38-05.cpapk5zw6fa0.us-west-2.docdb.amazonaws.com
at Timeout._onTimeout (/Volumes/foo/source/node_modules/mongodb/lib/core/sdam/topology.js:430:30)
at listOnTimeout (internal/timers.js:549:17)
at processTimers (internal/timers.js:492:7)
1 个解决方案
解决方案1
3 已采纳 2020-07-15 02:06:23
You cannot connect to a replica set deployment through a tunnel, since the driver will (try to re) connect to the hostnames specified in replica set configuration as soon as it receives a response from any of the replica set members.您无法通过隧道连接到副本集部署,因为一旦收到任何副本集成员的响应,驱动程序就会(尝试重新)连接到副本集配置中指定的主机名。
You can connect through a tunnel in single topology.您可以通过单一拓扑中的隧道进行连接。 Remove replicaSet URI option from your URI.从您的 URI 中删除replicaSet URI 选项。 Naturally this only gives you a connection to the specified node, you don't get automatic failover etc.自然,这只会给您一个到指定节点的连接,您不会获得自动故障转移等。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.