google-templatesmongodb

Connect to MongoDB from a different machine or network

IMPORTANT: By default, the database port for the nodes in this solution cannot be accessed over a public IP address. As a result, you will only be able to connect to your database nodes from machines that are running in the same network. For security reasons, we do not recommend making the database port accessible over a public IP address. If you must make it accessible over a public IP address, we recommend restricting access to a trusted list of source IP addresses using firewall rules. Refer to the FAQ for information on opening ports in the server firewall.

Connect from the same network

You can connect to a MongoDB instance in the same network using a command like the one below:

$ mongo admin --username root -p --host SERVER-IP --port 27017

To connect to a replica set (rather than an individual instance), replace the host name with the replica set name and a comma-separated list of member IP addresses, as shown below. Replace the REPLICA-SET-NAME placeholder with the name of the MongoDB replica set. By default, the replica set is named rs0 in the Bitnami Multi-Tier Solution for MongoDB.

$ mongo admin --username root -p --host REPLICA-SET-NAME/SERVER-IP-1:27017,SERVER-IP-2:27017,...

The replica set name can also be obtained from the /opt/bitnami/mongodb/mongodb.conf configuration file.

To connect to the MongoDB console to perform administrative tasks from a different network using the primary host’s public IP address, we recommend creating an SSH tunnel, as described in the FAQ.

To use applications with MongoDB, refer to the instructions for connecting applications to the MongoDB cluster.

Connect from a different network

If you must connect to the database from a machine that it is not running in the same network as the MongoDB cluster, you can follow these approaches (these are shown in order of preference, from the most secure to the least recommended solution):

  • Option 1: Peer both virtual networks to secure the connections between the two instances. Learn how to connect instances in different networks using network peering.
  • Option 2: Create an SSH tunnel to connect the database console to perform administrative tasks using the primary host’s public IP address. Refer to the FAQ for more information on this.

    NOTE: You should only access the primary server using an SSH tunnel if you wish to temporarily connect to, or use, the MongoDB console. This approach is not recommended to permanently connect your application to the MongoDB cluster, as a connectivity failure in the SSH tunnel would affect your application’s functionality.

  • Option 3: Make the server publicly accessible and restrict access to a trusted list of source IP addresses using firewall rules. Refer to the FAQ for information on opening ports in the server firewall.