In AWS I created a documentdb cluster. I am using the same java program as here with just necessary changes for connection string. here I am not able to connect. Here is the error message:
Feb 06, 2021 9:56:36 PM com.mongodb.diagnostics.logging.JULLogger log
INFO: Cluster created with settings {hosts=[price-manager-prod-new-docdb-clsuter.cluster-
cduzobvhwuhh.us-east-1.docdb.amazonaws.com:27017], mode=MULTIPLE, requiredClusterType=REPLICA_SET,
serverSelectionTimeout='30000 ms', maxWaitQueueSize=500, requiredReplicaSetName='rs0'}
Feb 06, 2021 9:56:36 PM com.mongodb.diagnostics.logging.JULLogger log
INFO: Adding discovered server price-manager-prod-new-docdb-clsuter.cluster-cduzobvhwuhh.us-east-
1.docdb.amazonaws.com:27017 to client view of cluster
Feb 06, 2021 9:56:36 PM com.mongodb.diagnostics.logging.JULLogger log
INFO: No server chosen by com.mongodb.client.internal.MongoClientDelegate$1@5890e879 from cluster
description ClusterDescription{type=REPLICA_SET, connectionMode=MULTIPLE, serverDescriptions=
[ServerDescription{address=price-manager-prod-new-docdb-clsuter.cluster-cduzobvhwuhh.us-east-
1.docdb.amazonaws.com:27017, type=UNKNOWN, state=CONNECTING}]}. Waiting for 30000 ms before timing
out
Feb 06, 2021 9:56:56 PM com.mongodb.diagnostics.logging.JULLogger log
INFO: Exception in monitor thread while connecting to server price-manager-prod-new-docdb-
clsuter.cluster-cduzobvhwuhh.us-east-1.docdb.amazonaws.com:27017
com.mongodb.MongoSocketOpenException: Exception opening socket
at com.mongodb.internal.connection.SocketStream.open(SocketStream.java:70)
at com.mongodb.internal.connection.InternalStreamConnection.open(InternalStreamConnection.java:128)
at com.mongodb.internal.connection.DefaultServerMonitor$ServerMonitorRunnable.run(DefaultServerMonitor.java:117)
Amazon asked to use following connection string. mongodb://docdbnewbie:@price-manager-prod-new-docdb-clsuter.cluster-cduzobvhwuhh.us-east-1.docdb.amazonaws.com:27017/?ssl=true&ssl_ca_certs=rds-combined-ca-bundle.pem&replicaSet=rs0&readPreference=secondaryPreferred&retryWrites=false
In the program, in the connection string I have not used ssl_ca_certs=rds-combined-ca-bundle.pem. The pem file I imported to the keystore. When creating the cluster it asked for a master username & password. I just used docdbnewbie as username & some made-up password.Do I have to create a user beforehand and gave it relevant policy beforehand?
Update: I have been able to establish connectivity between java client & AWS hosted documentdb. But my java program is also in a EC2 - used cloud9. If anybody can throw light on if such connectivity can be establish when the client is outside of VPC that will be of great help.
If you look at the shared documentation, under section Connecting to an Amazon DocumentDB Cluster from Outside an Amazon VPC, it clearly says that you need to setup an SSH tunnel via an EC2 instance running inside the DocumentDB's VPC. Precisely,
To create an SSH tunnel, you need an Amazon EC2 instance running in the same Amazon VPC as your Amazon DocumentDB cluster. You can either use an existing EC2 instance in the same VPC as your cluster or create one.
The guide shows that you forward 27017 (default port for mongodb) using the following command.
ssh -i "ec2Access.pem" -L 27017:sample-cluster.node.us-east-1.docdb.amazonaws.com:27017 ubuntu@ec2-34-229-221-164.compute-1.amazonaws.com -N
Once you have the tunnelling setup, you'll use localhost:27017 as your DocumentDB's endpoint instead of the custom DNS name price-manager-prod-new-docdb-clsuter.cluster-cduzobvhwuhh.us-east-1.docdb.amazonaws.com:27017. This DNS name is not publicly available and is resolvable only from within your VPC. This is the reason why, the same program is working when it is running on an EC2 inside the VPC.
If you don't want to use localhost, there should be a way to configure the desired endpoint in the SSH tunnelling command, you can look into it.