Seen here:
Mongo Orchestration tries to start a sharded cluster of replica sets with SSL and auth. According to the log file in mongo-agxOY7/mongod.log, the replica on port 27219 seems to reject connection attempts from the other replicas:
2018-08-01T22:36:37.579+0000 I NETWORK [listener] connection accepted from 127.0.0.1:56037 #12 (3 connections now open) 2018-08-01T22:36:37.584+0000 W NETWORK [conn12] SSL peer certificate validation failed: unsupported certificate purpose 2018-08-01T22:36:37.584+0000 I NETWORK [conn12] end connection 127.0.0.1:56037 (2 connections now open)
The replica seems to accept connections from Mongo Orchestration itself, which uses PyMongo to connect.
Later, it logs errors like:
2018-08-01T22:40:39.605+0000 I NETWORK [listener] connection accepted from 127.0.0.1:57142 #75 (6 connections now open)
2018-08-01T22:40:39.609+0000 W NETWORK [conn75] SSL peer certificate validation failed: unsupported certificate purpose
2018-08-01T22:40:39.609+0000 I NETWORK [conn75] received client metadata from 127.0.0.1:57142 conn75: { driver: { name: "MongoDB Internal Client", version: "4.1.1-175-g075d7fe" }, os: { type: "Linux", name: "Ubuntu", architecture: "x86_64", version: "14.04" } }
2018-08-01T22:40:39.610+0000 I ACCESS [conn75] SASL SCRAM-SHA-1 authentication failed for __system on local from client 127.0.0.1:57142 ; AuthenticationFailed: It is not possible to authenticate as the __system user on servers started without a --keyFile parameter
2018-08-01T22:40:39.610+0000 I NETWORK [conn75] end connection 127.0.0.1:57142 (5 connections now open)
I don't know whether the SSL error is the root cause, or a symptom, or doesn't matter. The AuthenticationFailed error seems crucial.
The other replicas log similarly. mongos logs:
2018-08-01T22:37:04.241+0000 I NETWORK [ReplicaSetMonitor-TaskExecutor] can't authenticate to localhost:27218 as internal user, error: Authentication failed.
- is caused by
-
SERVER-36459 --keyFile now required to start shard servers with TLS and auth
-
- Closed
-
-
-
- Closed
-