我在使用 Virtualbox 运行在 Mac OS X 上的虚拟机中使用 CentOS 7。
不幸的是,我无法从我的 Mac OS 主机连接到虚拟机的数据库。我使用NAT虚拟机的网络,并定义了一条规则,将主机端口 3017 转发到虚拟机的端口 27017,这是 mongod 的默认端口。如下所示VBoxManage showvminfo CentOS | grep 'NIC:
[hostOS]$ VBoxManage showvminfo CentOS | grep 'NIC'
NIC 1: MAC: 080027EF3CC0, Attachment: NAT, Cable connected: on, Trace: off (file: none), Type: 82540EM, Reported speed: 0 Mbps, Boot priority: 0, Promisc Policy: deny, Bandwidth group: none
NIC 1 Settings: MTU: 0, Socket (send: 64, receive: 64), TCP Window (send:64, receive: 64)
NIC 1 Rule(0): name = http, protocol = tcp, host ip = , host port = 3080, guest ip = , guest port = 80
NIC 1 Rule(1): name = mongo, protocol = tcp, host ip = , host port = 3017, guest ip = , guest port = 27017
NIC 1 Rule(2): name = ssh, protocol = tcp, host ip = , host port = 3022, guest ip = , guest port = 22
我在客户系统上使用 CentOS 的防火墙,但将 MongoDB 的默认端口添加27017到public区域定义中,如下所示:
[guestOS]$ firewall-cmd --list-all
public (default, active)
interfaces: enp0s3
sources:
services: dhcpv6-client http https ssh
ports: 27017/tcp
masquerade: no
forward-ports:
icmp-blocks:
rich rules:
此外还SELINUX禁用:
[guestOS]$ sestatus
SELinux status: disabled
因此,我想检查一下从主机到客户虚拟机的端口转发是否按预期工作。使用nc -w 3 -v localhost 3017显示,端口转发应该按预期工作:
[hostOS]$ nc -w 3 -v localhost 3017
found 0 associations
found 1 connections:
1: flags=82<CONNECTED,PREFERRED>
outif lo0
src 127.0.0.1 port 50595
dst 127.0.0.1 port 3017
rank info not available
TCP aux info available
Connection to localhost port 3017 [tcp/event_listener] succeeded!
下一步是确保它mongod确实在虚拟机的操作系统上运行。所以我检查了mongod的状态:
[guestOS]$ systemctl status mongod
● mongod.service - SYSV: Mongo is a scalable, document-oriented database.
Loaded: loaded (/etc/rc.d/init.d/mongod)
Active: active (running) since So 2016-02-21 20:35:31 CET; 4min 12s ago
Docs: man:systemd-sysv-generator(8)
Process: 1167 ExecStart=/etc/rc.d/init.d/mongod start (code=exited, status=0/SUCCESS)
Main PID: 1236 (mongod)
CGroup: /system.slice/mongod.service
└─1236 /usr/bin/mongod -f /etc/mongod.conf
Feb 21 20:35:27 localhost.localdomain systemd[1]: Starting SYSV: Mongo is a scalable, document-oriented database....
Feb 21 20:35:28 localhost.localdomain runuser[1191]: pam_unix(runuser:session): session opened for user mongod by (uid=0)
Feb 21 20:35:31 localhost.localdomain runuser[1191]: pam_unix(runuser:session): session closed for user mongod
Feb 21 20:35:31 localhost.localdomain mongod[1167]: Starting mongod: [ OK ]
Feb 21 20:35:31 localhost.localdomain systemd[1]: Started SYSV: Mongo is a scalable, document-oriented database..
除此之外,我还可以像这样连接到虚拟机内部的数据库:
[guestOS]$ mongo
MongoDB shell version: 3.2.3
connecting to: test
Server has startup warnings:
2016-02-21T20:35:31.414+0100 I CONTROL [initandlisten]
2016-02-21T20:35:31.414+0100 I CONTROL [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/enabled is 'always'.
2016-02-21T20:35:31.414+0100 I CONTROL [initandlisten] ** We suggest setting it to 'never'
2016-02-21T20:35:31.414+0100 I CONTROL [initandlisten]
2016-02-21T20:35:31.414+0100 I CONTROL [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/defrag is 'always'.
2016-02-21T20:35:31.414+0100 I CONTROL [initandlisten] ** We suggest setting it to 'never'
2016-02-21T20:35:31.415+0100 I CONTROL [initandlisten]
2016-02-21T20:35:31.415+0100 I CONTROL [initandlisten] ** WARNING: soft rlimits too low. rlimits set to 4096 processes, 64000 files. Number of processes should be at least 32000 : 0.5 times number of files.
2016-02-21T20:35:31.415+0100 I CONTROL [initandlisten]
但是,我无法从主机操作系统连接到数据库:
[hostOS]$ mongo --port 3017
MongoDB shell version: 3.0.6
connecting to: 127.0.0.1:3017/test
2016-02-21T20:47:38.810+0100 I NETWORK DBClientCursor::init call() failed
2016-02-21T20:47:38.813+0100 E QUERY Error: DBClientBase::findN: transport error: 127.0.0.1:3017 ns: admin.$cmd query: { whatsmyuri: 1 }
at connect (src/mongo/shell/mongo.js:181:14)
at (connect):1:6 at src/mongo/shell/mongo.js:181
exception: connect failed
让我稍微总结一下整个事情:
- 在 Mac OS 上的 VirtualBox 中使用 CentOS 7 作为客户机
NAT作为网络接口使用- 转发主机端口
3017至来宾端口27017正在运行 - 确保
mongod在客户操作系统上运行 SELINUX在 CentOS 中已禁用- 将端口添加
27017到 CentOS 防火墙例外 - 从主机操作系统连接到 monogdb 引发
Error: DBClientBase::findN: transport error: 127.0.0.1:3017 ns: admin.$cmd query: { whatsmyuri: 1 }
我怎样才能解决这个错误?
答案1
在网上搜索出现的错误消息后,我认为这是一个与 SSL/TLS 相关的问题,因为 Mac OS mongo shell 的默认版本不支持 SSL/TLS 连接(但是,自制版本支持)。
因此我尝试建立加密连接,但失败了,并且没有解决问题。
之后,我考虑从外部访问数据库。Virtualbox 会将端口转发到虚拟机,因此传入请求是从虚拟机的网络接口发出的。因此,我将虚拟机的 IP 地址添加到 mongo 配置中允许的 IP 中,/etc/mongod.conf如所述这里:
# Listen to local and LAN interface.
bind_ip = 127.0.0.1,10.0.2.15
最后,这解决了我的连接问题。
答案2
我遇到了类似的问题(Windows 10 主机,Ubuntu 18.04 客户机)。在我的例子中,主机 IP 经常更改,因此将其 IP 添加到 bind_ip 没有帮助。我编辑了 /etc/mongodb.conf 以替换
bind_ip = 127.0.0.1
和
bind_ip_all = true
在我重新启动 mongodb 后,一切都恢复正常。请注意,除非您确切知道自己在做什么,否则从安全角度来看,这不是一个好主意。就我而言,我的所有 mongodb 数据都是一次性测试数据,而且我处于受信任的网络上。YMMV。