{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 我欲成王,谁敢阻挡 的问题《How to setup MongoDB behind Nginx Reverse Proxy》','https://www.manongdao.com/q-1239156.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
Hi guys I am trying to setup Nginx as a reverse proxy for accessing a MongoDB Database. By default Mongo listens to 27017 port. What I want to do, is redirect a hostname for example mongodb.mysite.com through nginx and pass it to mongodb server. In that way from the outside network I will have my known 27017 port closed, and access my db from a hidden url like the example I gave.
So I am trying to setup Nginx with this configuration :
server {
listen 80;
server_name mongo.mysite.com;
gzip off;
location / {
proxy_pass http://127.0.0.1:27017;
proxy_redirect off;
proxy_buffering off;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
}
}
So after having this I try to connect with mongo shell from my cmd with the command mongo mongo.mysite.com:80 and I get back the following error:
2015-08-06T13:44:32.670+0300 I NETWORK recv(): message len 1347703880 is invalid. Min 16 Max: 48000000
2015-08-06T13:44:32.670+0300 I NETWORK DBClientCursor::init call() failed
2015-08-06T13:44:32.674+0300 E QUERY Error: DBClientBase::findN: transport error: mongo.therminate.com:80 ns: admin.$cmd query: { whatsmyuri: 1 }
at connect (src/mongo/shell/mongo.js:181:14)
at (connect):1:6 at src/mongo/shell/mongo.js:181
exception: connect failed
Also in the Nginx access log I get this:
94.66.184.128 - - [06/Aug/2015:10:44:32 +0000] "<\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xD4\x07\x00\x00\x00\x00\x00\x00admin.$cmd\x00\x00\x00\x00\x00\x01\x00\x00\x00\x15\x00\x00\x00\x10whatsmyuri\x00\x01\x00\x00\x00\x00" 400 172 "-" "-"
Has anyone got an idea, what is going wrong here? Thanks!
Adding onto @Néstor's answer, this config should be written to
/etc/nginx.confjust abovehttpsection, like this:You should NEVER write it into a
.conffile and put the file into/etc/nginx/sites-availablefolder. Because any config info in the/etc/nginx/sites-availablefolder belong to thehttpsection.I left this behind, but after some work done, I had to face this problem again and the solution popped in my mind this time!
NGINX is basically an HTTP server, so by setting redirects and proxies the above way, it wraps all communication in HTTP protocol. So the error that is happening, is that while Mongo is expecting Raw TCP traffic, it is getting HTTP traffic.
So the solution to this is to use NGINX's new
stream modulethat is used for handling raw TCP traffic and setup your upstream server to point to mongodb instance.More Info : NGINX stream module
You're right, you need to use NGINX's stream module by adding a stream section to your .conf file:
If you connect to your local instance of mongodb via the usual default ip values it should connect:
mongo 10.8.8.10The issue is with resolving the address via the mongodb shell which is not happening.