[SERVER-26817] replset member connect to each other through a proxy Created: 28/Oct/16  Updated: 09/Jan/17  Resolved: 06/Jan/17

Status: Closed
Project: Core Server
Component/s: Networking
Affects Version/s: None
Fix Version/s: None

Type: New Feature Priority: Major - P3
Reporter: ma6174 Assignee: Andy Schwerin
Resolution: Duplicate Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Duplicate
duplicates SERVER-1889 Support different networks / nics for... Closed
Sprint: Sharding 2016-11-21, Sharding 2016-12-12, Sharding 2017-01-02
Participants:

 Description   

https://docs.mongodb.com/v3.2/tutorial/deploy-geographically-distributed-replica-set/#connectivity

before deploy geographically distributed replica set, current I need to configure network, sometimes it's too difficult or don't have permission or cannot connect to public network directly. if replset member and client can connect to other repliset member through a proxy (for example a socket proxy or from environment), and the proxy ensure the connection is securely and efficiently, it will be more easier and convenient.



 Comments   
Comment by ma6174 [ 09/Jan/17 ]

I found other way to let server use a proxy, thanks all the same.

Comment by Kelsey Schubert [ 06/Jan/17 ]

Hi ma6174,

Since we haven't heard back from you for some time regarding this feature request, I'm going to close it as a duplicate of SERVER-1889. If this doesn't match your needs please let us know.

Regards,
Thomas

Comment by Kelsey Schubert [ 04/Dec/16 ]

Hi ma6174,

Would you please let us know if the functionality described in SERVER-1889 would work for your use case?

Thanks,
Thomas

Comment by Andy Schwerin [ 07/Nov/16 ]

Would the ability to specify different host names for use by clients and replica set members, as in SERVER-1889, meet your needs?

Comment by ma6174 [ 30/Oct/16 ]

No, still some problem there

1. X and Y should connect to each other, so X and Y should listen on public port may accessed by others. but sockets proxy, just a proxy port is public, may proxy many services include mongo
2. The connection between X and Y is not encrypted, it's not safe, I just want to expose a proxy port to public, connection between proxies are encrypted by my own algorithm.
3. if a client in idc1, but master in idc2, client should connect to idc2 directly, but sometimes it has sama network problem.

if we use a sockers proxy, all client and replica set members connect to proxy directly, and tell proxy which server I should connect to, that's enough. sockets proxy is more general than directly port forward, it will know where the destination address is, is the address in same idc with me, how to connect the destination is fast, and encrypt the tcp connection.

Comment by Andy Schwerin [ 28/Oct/16 ]

This is already be possible. It's how the "mongobridge" tool does network simulation for our tests. As long as every member of the replica set has a unique (hostname, port) pair that other nodes should use to contact it, you can list those in the replica set configuration, and everything should just work.

For example, if you have a 3-node set with hosts named A, B and C, and you have a proxy of some sort that for every member of the replica set and every client maps X->A, Y->B and Z->C, you can configure your replica set with hosts X, Y and Z, and let the proxy forward the traffic to the correct nodes, no problem. Nodes A, B and C aren't aware of their local "host name" in an important way.

Does this make sense, ma6174? I'm inclined to close this "Works as Designed" unless you've got an enhancement to that behavior you have in mind.

Comment by Ramon Fernandez Marina [ 28/Oct/16 ]

Thanks for your new feature suggestion, I'm sending it to the Replication team for consideration.

Generated at Thu Feb 08 04:13:18 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.