Mongo Shell is a Shell client coming with MongoDB. You can use Mongo Shell to connect database instances, query and update database data, and manage database data. Mongo Shell is a part of the MongoDB client. You must download and install the MongoDB client before using Mongo Shell to connect a database instance.
A DDS instance provides an Intranet IP address by default. If an application is deployed on an elastic cloud server and the elastic cloud server resides in the same region and VPC as the DDS instance, you can use an Intranet to connect the DDS instance to achieve higher transfer rate and higher security.
This topic uses the application scenario deploying on an elastic cloud server as an example to describe how to use Mongo Shell to connect an instance over the Intranet.
There are two methods to connect instances: SSL connection and non-SSL connection. The SSL connection is encrypted and features higher security. To improve data security during network transmission, SSL is recommended.
Before You Begin
Create and log in to the elastic cloud server.
Install the MongoDB client on the elastic cloud server. To ensure successful authentication, the version of the MongoDB client must be consistent with that of the target instance.
Configure security group rules to ensure network interconnectivity between the elastic cloud server and the DDS instance.
Non-SSL Connection
Go to DDS > Management Console.
On the Instance Management page, select the specified target instance and click the instance name. The Basic Information page is displayed.
Disable SSL in the instance information.
Connect the elastic cloud server.
Connect the database instance in the same directory as Mongo.
Method 1: Intranet highly available connection (recommended)
Command format:
./mongo <Intranet highly available connection address>
Intranet highly available connection address: you can get the address from Basic Information > Database Connection.
Example of connection:
./mongo "mongodb://root:password@192.168.xx.xx:9030,192.168.xx.xx:9030/admin?authSource=admin"
Parameter | Description |
root | Indicates the database account name. The root account is created by default, or you can also create an account. |
password | Indicates the password of the database account. Replace it with the real password. If the password contains special characters @, ! and %, you must replace them with the corresponding hexadecimal URL codes (ASCII code) "%40", "%21", and "%25" respectively. For example, the password is ****@%!, the corresponding URL code is ****%40%25%21. |
192.168.xx.xx:9030,192.168.xx.xx:9030 | Specifies the IP address and port number of the mongod node of the instance you want to connect. For cluster instances, specify the IP address and port number of the mongos node. The default port number is 8030 for mongod and 9030 for mongos. |
admin | Specifies the admin name. You can set it as needed. |
authSource=admin | The root account authentication database must be "admin", and the root account must be "authSource=admin". The format is fixed and cannot be changed. It can also be the database where the account is created. |
Method 2: Intranet IP address connection
Command format:
./mongo --host <db_host> --port <db_port> -u <db_user> -p --authenticationDatabase admin
Example of connection:
./mongo --host 192.168.xx.xx --port 9030 -u root -p --authenticationDatabase admin
Parameter | Description |
db_user | Indicates the database account name. The root account is created by default, or you can also create an account. |
db_host | Specifies the IP address of the mongod node of the instance you want to connect. For cluster instances, specify the IP address of the mongos node. |
db_port | Specifies the port number of the mongod node of the instance you want to connect. For cluster instances, specify the port number of the mongos node. |
--authenticationDatabase admin | The root account authentication database must be "admin", and the root account must be "--authenticationDatabase admin". The format is fixed and cannot be changed. It can also be the database where the account is created. |
Enter the password of the database account when the following message is displayed:
Enter password:
The following message indicates that the connection is successful.
Cluster:
mongos>
Primary and secondary replica sets:
DDS:PRIMARY> DDS:SECONDARY>
SSL
Go to DDS > Management Console.
On the Instance Management page, select the specified target instance and click the instance name. The Basic Information page is displayed.
Enable SSL in the instance information and click to download the certificate.
Connect the elastic cloud server and upload the certificate to the elastic cloud server.
Connect the database instance in the same directory as Mongo.
Method 1: Intranet highly available connection (recommended)
Command format:
./mongo <Intranet highly available connection address> --ssl --sslCAFile <file_path> --sslAllowInvalidHostnames
Intranet highly available connection address: you can get the address from Basic Information > Database Connection.
Example of connection:
./mongo "mongodb://root:password@192.168.xx.xx:9030,192.168.xx.xx:9030/admin?authSource=admin" --ssl --sslCAFile /conf/ca.crt -sslAllowInvalidHostnames
Parameter | Description |
root | Indicates the database account name. The root account is created by default, or you can also create an account. |
password | Indicates the password of the database account. Replace it with the real password. If the password contains special characters @, ! and %, you must replace them with the corresponding hexadecimal URL codes (ASCII code) "%40", "%21", and "%25" respectively. For example, the password is ****@%!, the corresponding URL code is ****%40%25%21. |
192.168.xx.xx:9030,192.168.xx.xx:9030 | Specifies the IP address and port number of the mongod node of the instance you want to connect. For cluster instances, specify the IP address and port number of the mongos node. The default port number is 8030 for mongod and 9030 for mongos. |
admin | Specifies the admin name. You can set it as needed. |
authSource=admin | The root account authentication database must be "admin", and the root account must be "authSource=admin". The format is fixed and cannot be changed. It can also be the database where the account is created. |
file_path | Specifies the path for storing the root certificate. |
--sslAllowInvalidHostnames | The certificate is generated using an internal IP address. You must add "--sslAllowInvalidHostnames" when connecting instances through Intranet SSL. |
Method 2: Intranet IP address connection
Command format:
./mongo --host <db_host> --port <db_port> -u <db_user> -p --authenticationDatabase admin --ssl --sslCAFile <file_path> --sslAllowInvalidHostnames
Example of connection:
./mongo --host 192.168.xx.xx --port 9030 -u root -p --authenticationDatabase admin --ssl --sslCAFile /conf/ca.crt --sslAllowInvalidHostnames
Parameter | Description |
db_user | Indicates the database account name. The root account is created by default, or you can also create an account. |
db_host | Specifies the IP address of the mongod node of the instance you want to connect. For cluster instances, specify the IP address of the mongos node. |
db_port | Specifies the port number of the mongod node of the instance you want to connect. For cluster instances, specify the port number of the mongos node. |
--authenticationDatabase admin | The root account authentication database must be "admin", and the root account must be "--authenticationDatabase admin". The format is fixed and cannot be changed. It can also be the database where the account is created. |
file_path | Specifies the path for storing the root certificate. |
--sslAllowInvalidHostnames | The certificate is generated using an internal IP address. You must add "--sslAllowInvalidHostnames" when connecting instances through Intranet SSL. |
Enter the password of the database account when the following message is displayed:
Enter password:
The following message indicates that the connection is successful.
Cluster:
mongos>
Primary and secondary replica sets:
DDS:PRIMARY> DDS:SECONDARY>