![]() ![]() You are free to kill the now-not-required-anymore process running in background. It will show you if there is the 27017 port opened and the commands SSH running on your environment. As a good tip to manage it, I like to use: $ sudo netstat -nltp|grep 27017 & ps -ef|grep ssh Tunnel through SSH or SSL to encrypt your connection Beekeeper Studio will save your connection password and encrypt it. It is a tunnel from your local machine direct to the database server through the bridge-bastion-host. This is useful if ssh is going to ask for passwords or passphrases, but the user wants it in the background. Just don't use & but use instead the option -f:-f Requests ssh to go to background just before command execution. ![]() In fact it will still be there until you end it. The first command didn't have time to establish a tunnel when the second command was run, thus giving a 'Connection refused'. This allows you to stay on the same CLI instead of opening a new window to work on your Mongo Shell)Īfter local forwarding your port as above, all you need is properly connect into your DocumentDB using localhost (127.0.0.1) instead the DocumentDB endpoint itself, as below: $ mongosh 127.0.0.1:27017 -tlsAllowInvalidHostnames -tls -tlsCAFile ~/.ssh/rds-combined-ca-bundle.pem -username docdbuser -password docdbuserpasswdĪfter finishing your work, you may wonder what happened with your background SSH command. Configure the SSH client with user authentication and server details. pem file with the private key used to authenticate. Parse the private key to create an SSH signer. The following command forwards your local 27017 port to the DocumentDB server (running on port 27017 as well): $ ssh -i ~/.ssh/bastion-host.pem -L 27017::27017 -Nf The SetupTunnel method sets up the SSH tunnel by performing the following steps: Read the private key file for SSH authentication. So, let's start! All you need is love (and some simple commands) The best way is to specify the instance in the login name, e.g. I'm assuming you are using a Linux or Mac environment, and for obvious reasons, all the IPs and Endpoints have been hidden. Indeed, this guide applies to you if you have ever wondered how tools like DBeaver works behind the scenes when you are using the 'SSH Tunnel' option. The DocumentDB is an AWS Database Service compatible with MongoDB, so this guide still applies to you if you are using MongoDB in an IaaS, for instance. This is important to know if you think the DocumentDB specifically doesn't accept connection directly from a public endpoint, such as your laptop or local development machine (the DocumentDB is a VPC-only open PaaS), so you must use a Bastion Host sharing the same VPC if you want to connect on your brand new NoSQL Database Cluster. In this guide I'll show you how to connect to an AWS DocumentDB through a SSH Tunnel via CLI (Command Line Interface). As new technologies emerge and new tools are part of our daily lives, we are more and more tied to instruments and less and less to instrumentation.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |