All Products
Search

This Product

    ApsaraDB for MongoDB:Connect to an instance over the Internet from a local client

    Document Center

    ApsaraDB for MongoDB:Connect to an instance over the Internet from a local client

    Last Updated:Apr 08, 2025

    This topic describes how to connect a local client to an ApsaraDB for MongoDB instance over the Internet.

    Prerequisites

    Step 1: Apply for and view a public endpoint

    1. Go to the Replica Set Instances or Sharded Cluster Instances page. In the top navigation bar, select the region in which an instance resides. Then, find the instance and click its instance ID.

    2. In the left-side navigation pane of the instance details page, click Database Connections.

    3. In the upper-right corner of the Public Connections section, click Apply for Public Connection String.

    4. In the Apply for Public Connection String panel, click OK.

    5. After the instance status changes from Establishing Connection to Running, you can view the applied public endpoint.

      Note

      • If the instance is in the Establishing Connection state, it runs as expected.

      • The applied public endpoint is visible only after you configure a whitelist.

      • We recommend that you use a connection string URI to connect to the instance.

    Step 2: Connect to an instance

    This section provides examples on how to use the mongo shell to connect to an instance.

    Run the following command on the local client:

    Connection string URI (recommended)

    Sample command:

    mongo "<Connection string URI>"

    The following table describes the parameter in the preceding command.

    Parameter

    Description

    <Connection string URI>

    The connection string URI of the instance that is displayed in the ApsaraDB for MongoDB console.

    Note

    We recommend that you do not use the root account for database logon. You can use Data Management (DMS) to create a database account and then connect to a database.

    Replace root:**** with the new account password, such as test:PassWord**. Replace /admin with the authentication database, such as /testdb.

    Example:

    mongo "mongodb://test:PassWord**@dds-bp19f409d7512****.mongodb.rds.aliyuncs.com:3717,dds-bp19f409d7512****.mongodb.rds.aliyuncs.com:3717,dds-bp19f409d7512****.mongodb.rds.aliyuncs.com:3717/testdb?replicaSet=mgset-6108****"

    Single-node connection string

    Sample command:

    mongo --host <host> --port <port> -u <username> -p --authenticationDatabase <authenticationDatabase>

    The following table describes parameters in the preceding command.

    Parameter

    Description

    <host> and <port>

    The endpoint and domain name of the node that are displayed in the ApsaraDB for MongoDB console.

    Example: dds-bp19f409d7512****.mongodb.rds.aliyuncs.com:3717.

    <username>

    The name of the database account.

    Note

    We recommend that you do not use the root account for database logon. You can use DMS to create a database account and then connect to a database.

    <authenticationDatabase>

    The name of the authentication database to which the database account belongs.

    Important

    For the authentication to succeed, the specified database account must belong to the specified authentication database.

    Example:

    In this example, the database account is python-test and the authentication database is admin. 

    mongo --host dds-bp19f409d7512****.mongodb.rds.aliyuncs.com --port 3717 -u test -p --authenticationDatabase testdb

    When Enter password: is displayed, enter the password of the database user and press the Enter key.

    FAQ

    Why am I unable to connect to my ApsaraDB for MongoDB instance after I add the public IP address of my local machine to a whitelist of the instance?

    A failed connection may be caused by the incorrect public IP address. You can perform one of the following steps to query the public IP address of your local machine:

    1. Add the IP address 0.0.0.0/0 to a whitelist of the ApsaraDB for MongoDB instance.

      Warning

      If you add 0.0.0.0/0 to the whitelist, all servers are granted access to the ApsaraDB for MongoDB instance. This may raise security risks. Exercise caution when you add 0.0.0.0/0 to a whitelist. If you use the IP address 0.0.0.0/0, remove the IP address from the whitelist at the earliest opportunity to ensure access security.

    2. Use the mongo shell to connect to the ApsaraDB for MongoDB instance.

      If you still cannot connect to the instance after you add the IP address 0.0.0.0/0 to the whitelist, you can use DMS to connect to the instance and check whether the account password and authentication database are correct.

    3. Run the following command to query information about the client to which you use the mongo shell to log on: 

      db.currentOp({"appName" : "MongoDB Shell","active" : true})

      The following figure shows an example.客户端IP查询

      Note

      If you use other methods to log on to the instance, you can run the following command to query information about all clients: 

      db.runCommand({currentOp: 1, "active" : true})

    4. Add the IP address returned by the preceding command to the whitelist and then remove the IP address 0.0.0.0/0 from the whitelist.

    What do I do if I cannot connect to my instance after the public IP address of my local machine changes?

    You can use an SSL-VPN tunnel to connect to the instance on your local machine.

    References