r***@youplant.eu
2018-12-03 10:06:40 UTC
Hi all! Iâve got some trouble adding a datasource to charts (0.10.0).
The database Iâm trying to add is a replicaset with SSL connection
encryption. It also uses x509 for cluster auth mode (but this should be
irrelevant here?)
The certificates used with the mongodb replicaset have been issued by a
internal ca.
Iâm providing the caâs public certificate to mongo charts under
/mongodb-charts/volumes/db-certs/
The connection string Iâm using is something like
âmongodb://username:***@mongodb-host1:27017/admin?replicaSet=rs-name&ssl=trueâ
I can resolve the dns name and also ping mongodb-host1 from the docker
container where charts is running.
Whenever I try to add a new datasource and hit the Connect button, charts
ist trying to connect for some seconds and then comes back with the error
message âerror connecting to MongoDB: error connecting to MongoDB service
cluster: server selection timeoutâ.
on the mongodb server side there is not much in the logs. I can tell there
are connection tries by log entries like:
2018-11-30T14:17:49.649+0000 I NETWORK [listener] connection accepted from
10.42.65.36:35436 #55128 (11 connections now open)
2018-11-30T14:17:49.650+0000 I NETWORK [conn55128] end connection 10.42.
65.36:35436 (10 connections now open)
2018-11-30T14:17:49.652+0000 I NETWORK [listener] connection accepted from
10.42.65.36:35438 #55129 (11 connections now open)
2018-11-30T14:17:49.653+0000 I NETWORK [conn55129] end connection 10.42.
65.36:35438 (10 connections now open)
2018-11-30T14:17:50.150+0000 I NETWORK [listener] connection accepted from
10.42.65.36:35442 #55130 (11 connections now open)
This is basically where Iâm stuck for now - its not working but Iâve got no
ârealâ error message, pinpointing me to the problem.
Is it really enough to just copy the caâs certificate to the db-certs
folder? (Iâve also tried to issue a new client certificate for charts and
put the new cert, the key and ca cert into one .pem file).
What am I missing?
Any Ideas?
--
You received this message because you are subscribed to the Google Groups "mongodb-user"
group.
For other MongoDB technical support options, see: https://docs.mongodb.com/manual/support/
---
You received this message because you are subscribed to the Google Groups "mongodb-user" group.
To unsubscribe from this group and stop receiving emails from it, send an email to mongodb-user+***@googlegroups.com.
To post to this group, send email to mongodb-***@googlegroups.com.
Visit this group at https://groups.google.com/group/mongodb-user.
To view this discussion on the web visit https://groups.google.com/d/msgid/mongodb-user/dbf52d19-aee8-4b1a-a80e-874206ae3822%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
The database Iâm trying to add is a replicaset with SSL connection
encryption. It also uses x509 for cluster auth mode (but this should be
irrelevant here?)
The certificates used with the mongodb replicaset have been issued by a
internal ca.
Iâm providing the caâs public certificate to mongo charts under
/mongodb-charts/volumes/db-certs/
The connection string Iâm using is something like
âmongodb://username:***@mongodb-host1:27017/admin?replicaSet=rs-name&ssl=trueâ
I can resolve the dns name and also ping mongodb-host1 from the docker
container where charts is running.
Whenever I try to add a new datasource and hit the Connect button, charts
ist trying to connect for some seconds and then comes back with the error
message âerror connecting to MongoDB: error connecting to MongoDB service
cluster: server selection timeoutâ.
on the mongodb server side there is not much in the logs. I can tell there
are connection tries by log entries like:
2018-11-30T14:17:49.649+0000 I NETWORK [listener] connection accepted from
10.42.65.36:35436 #55128 (11 connections now open)
2018-11-30T14:17:49.650+0000 I NETWORK [conn55128] end connection 10.42.
65.36:35436 (10 connections now open)
2018-11-30T14:17:49.652+0000 I NETWORK [listener] connection accepted from
10.42.65.36:35438 #55129 (11 connections now open)
2018-11-30T14:17:49.653+0000 I NETWORK [conn55129] end connection 10.42.
65.36:35438 (10 connections now open)
2018-11-30T14:17:50.150+0000 I NETWORK [listener] connection accepted from
10.42.65.36:35442 #55130 (11 connections now open)
This is basically where Iâm stuck for now - its not working but Iâve got no
ârealâ error message, pinpointing me to the problem.
Is it really enough to just copy the caâs certificate to the db-certs
folder? (Iâve also tried to issue a new client certificate for charts and
put the new cert, the key and ca cert into one .pem file).
What am I missing?
Any Ideas?
--
You received this message because you are subscribed to the Google Groups "mongodb-user"
group.
For other MongoDB technical support options, see: https://docs.mongodb.com/manual/support/
---
You received this message because you are subscribed to the Google Groups "mongodb-user" group.
To unsubscribe from this group and stop receiving emails from it, send an email to mongodb-user+***@googlegroups.com.
To post to this group, send email to mongodb-***@googlegroups.com.
Visit this group at https://groups.google.com/group/mongodb-user.
To view this discussion on the web visit https://groups.google.com/d/msgid/mongodb-user/dbf52d19-aee8-4b1a-a80e-874206ae3822%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.