[SERVER-31199] If security.authorization is enabled mongos launched three process Created: 21/Sep/17  Updated: 27/Oct/23  Resolved: 22/Sep/17

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: 3.2.16, 3.4.0
Fix Version/s: None

Type: Bug Priority: Major - P3
Reporter: EVGENIY CHISTYAKOV Assignee: Mark Agarunov
Resolution: Works as Designed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Attachments: File mongodb_log.tar.gz    
Operating System: ALL
Participants:

 Description   

/etc/mongod.conf

systemLog:
  destination: file
  logAppend: true
  path: /var/log/mongodb/mongod.log
storage:
  dbPath: /var/lib/mongo
  journal:
    enabled: true
processManagement:
  fork: true  # fork and run in background
  pidFilePath: /var/run/mongodb/mongod.pid  # location of pidfile
net:
  port: 27018
  bindIp: 127.0.0.1  # Listen to local interface only, comment to listen on all interfaces.
security:
  authorization: enabled

/etc/mongos.conf

systemLog:
  destination: file
  logAppend: true
  path: /var/log/mongodb/mongod.log
processManagement:
  fork: true  # fork and run in background
  pidFilePath: /var/run/mongodb/mongod.pid  # location of pidfile
net:
  port: 27017
  bindIp: 127.0.0.1  # Listen to local interface only, comment to listen on all interfaces.
sharding:
  configDB: rs0/192.168.56.101:27019

mongod launched via systemd: systemctl start mongod
mongos launched via shell: mongos -f /etc/mongos.conf

ps auxf

root     11295  0.0  0.2 105480  3976 ?        Ss   16:46   0:00 /usr/sbin/sshd -D
root      6694  0.0  0.2 147840  5304 ?        Ss   16:50   0:00  \_ sshd: root@pts/1
root      6697  0.0  0.1 115380  2096 pts/1    Ss   16:50   0:00  |   \_ -bash
root      6867  0.0  0.4 173908  8504 pts/1    S+   17:32   0:00  |       \_ mongos -f /etc/mongos.conf
root      6868  0.0  0.1 173908  3652 ?        Ss   17:32   0:00  |           \_ mongos -f /etc/mongos.conf
root      6869  0.0  0.4 248692  8012 ?        Sl   17:32   0:00  |               \_ mongos -f /etc/mongos.conf



 Comments   
Comment by EVGENIY CHISTYAKOV [ 26/Sep/17 ]

Hello Mark,

Thank you for the answer.
I found the following messages in log file: "The server certificate does not match the host name. Hostname: 192.168.56.102 does
not match CN: vboxcentos2". Option allowInvalidHostnames solved my problem.

Comment by Mark Agarunov [ 22/Sep/17 ]

Hello ch1s7ya,

Thank you for providing this data. Looking over this, the behavior you are seeing seems to be caused by the lack of internal authentication between mongos and mongod. When using authorization on a sharded cluster internal authentication authentication is required between all members of the cluster. The internal authentication can be set up with keyFiles or x.509 certificates but must be configured if using authorization on a sharded cluster.

Thanks,
Mark

Comment by EVGENIY CHISTYAKOV [ 22/Sep/17 ]

Logs in the attachment
mongodb_log.tar.gz

Comment by Mark Agarunov [ 21/Sep/17 ]

Hello ch1s7ya,

Thank you for the report. To get a better idea of what may be happening to cause this behavior, could you please provide the complete logs from all affected mongos and mongod nodes?

Thanks,
Mark

Comment by EVGENIY CHISTYAKOV [ 21/Sep/17 ]

When I try to start mongo i get next error:

MongoDB shell version: 3.2.16
connecting to: test
2017-09-21T17:42:57.997+0300 W NETWORK [thread1] Failed to connect to 127.0.0.1:27017, in(checking socket for error after poll), reason: errno:111 Connection refused
2017-09-21T17:42:57.997+0300 E QUERY [thread1] Error: couldn't connect to server 127.0.0.1:27017, connection attempt failed :
connect@src/mongo/shell/mongo.js:229:14
@(connect):1:6

exception: connect failed

Generated at Thu Feb 08 04:26:17 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.