How to connect to MongoDB EC2 instance

Question

we have an EC2 MongoDB 2.4 instance from Amazon MarketPlace. when i try to access it from my computer using the mongo command like so:

mongo xx-xx-xx-xx-xx.compute-1.amazonaws.com

i get the following error

Error: couldn't connect to server xx-xx-xx-xx-xx.compute-1.amazonaws.com:27017 at src/mongo/shell/mongo.js:147
exception: connect failed

i can connect to the remote instance using ssh so it is reachable.
the port is the default port 27017.
mongod is running and working on the remote instance.

any suggestions on how to fix this?

Port 27017 is not open for remote connections? Check your firewall — Sergio Tulentsev, Nov 24 '13 at 14:42
[Try this resource](https://www.digitalocean.com/community/tutorials/how-to-configure-remote-access-for-mongodb-on-ubuntu-20-04#:~:text=To%20allow%20remote%20connections%2C%20you,MongoDB%20server%20from%20remote%20machines.) I got resolved my issues using this. — Bharath Pabba, Apr 16 '21 at 09:13

Jundiaius · Answer 1 · 2018-08-22T08:28:58.480

23

As frisky said, you have to open the port 27017 at the EC2 Security Group Console. (To know more about how to do that: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/authorizing-access-to-an-instance.html)

But you also need to change the bind_ip variable at the /etc/mongodb.conf file. You need to comment the line or assign the ip that will be able to connect the DB to it.

edited Aug 22 '18 at 08:28

answered Mar 15 '16 at 10:54

Jundiaius

6,214
3
30
43

2

saved my day! This tip for bindIp (which is locked to localhost by default) was crucial – Kirill Slatin Oct 28 '16 at 14:32
mongodb.conf tip worked for me like charm. Saved my time and nerves. – Azee May 11 '17 at 13:42
1

also .. dont forget to restart your mongod instance for the /etc/mongod.conf to take effect – Amarsh Sep 29 '18 at 10:24
We can change bindIp to 0.0.0.0 for connecting from all hosts. Be careful in this because anyone can connect to your DB if they know your server's IP. This can be done only on the dev server. Please don't do this on production server. – Pulkit Aggarwal Jan 30 '20 at 14:49

score 13 · Answer 2 · answered Feb 17 '19 at 14:08

13

The following two steps enabled the remote connection for me:

1. Opening the inbound rould for my VPC at port 27017 VPC -> Security -> Security Groups -> choose your instance's TCP roule -> click "Edit Rules" -> add a rule with Type: "Custom TCP Rule", Protocol: TCP, Port Range: 27017, Source: Custom 0.0.0.0/0 -> save
1. SSH into your instance -> sudo vi /etc/mongod.conf -> set bindIp: 0.0.0.0 -> save -> sudo service mongod restart

After that you will be able to connect into you remote mongo instance with mongo --host YOUR_INSTANCE_IP

answered Feb 17 '19 at 14:08

Stas Ezersky

343
2
10

2

Thanks man, while everyone was saying just comment the bindip (not worked for me) but after setting it to 0.0.0.0 it worked like a charm. – Rajkumar Bansal Oct 19 '19 at 09:43
2

DONOT do this without enabling `security` or you will be opening up your databases to the internet. – saurabh Aug 24 '20 at 18:52
Thanks, brother save my day – Nisal Edu Feb 22 '21 at 13:23

score 7 · Answer 3 · answered Nov 25 '13 at 08:48

7

Since mongod is running and working on the remote instance, you can access your MongoDB content via

mongo xx-xx-xx-xx-xx.compute-1.amazonaws.com or mongo machine_elastic_IP

Before that you need to open Inbound port for that machine.By-default port 27017 is closed for external world.

For more info refer : http://docs.aws.amazon.com/gettingstarted/latest/wah/getting-started-security-group.html

answered Nov 25 '13 at 08:48

deepakmodak

1,329
13
16

2

Hi, I did exactly same as you suggested. I changed the security group of an existing instance by adding an inboud rue as follows...Type, Protocol, Port Range, Source as Custom TCP Rule, TCP, 27017, 0.0.0.0/0. But still iam unable to access it from outside. Any suggestions. – Sridhar Gudimela Feb 13 '16 at 19:39
frisky my mongo db instance does not have any public ip or elastic ip how to connect to that ? – user1735921 Aug 22 '16 at 16:37

score 5 · Answer 4 · answered Nov 26 '13 at 07:42

5

Amazon created mongo security group without 27017 open. opening port 27017 to my pc fixed the issue.

answered Nov 26 '13 at 07:42

user2708100

361
1
2
11

2

DON'T do this on a production server!! There is a good reason that this port is not in the security group. Opening the port is a major security risk and there is absolutely no reason for it (not even in non-production mode). Use a ssh tunnel or the mongo client via ssh directly on the remote! – ohcibi Jan 24 '17 at 18:05
if it's locked on a IP (as in the answer) it's safe to use to config the db – maborg Apr 18 '17 at 09:25

score 3 · Answer 5 · answered Nov 24 '13 at 16:59

Try to access xx-xx-xx-xx-xx.compute-1.amazonaws.com:27017 from browser, if it works then ssh into the instance.

Stop the mongodb server
Remove the file /var/lib/mongodb/mongod.lock

start the mongodb server again, and check if typing mongo takes into a mongo shell or gives any error.

If the error is present, exit from the instance and again ssh to check for $mongo, if it opens a mongo shell. Try a reboot after this changes if the error still exists after the above changes.

The only concern here is, before accessing it from any application. Mongodb should work independently in the terminal.

score 0 · Answer 6 · answered Jan 25 '17 at 00:56

EC2 controls access using security group, so make sure that box accessing mongo db host is in the security group allowed to access this box and port is enabled for the same security group.

Another problem can be iptables. Check sudo service iptables status on the mongodb box and see what are the rules there.

Make sure there you enable appropriate ports as per security requirement of the box.

How to connect to MongoDB EC2 instance

6 Answers6

Linked