Mongo Connection To Private EC2 Instance Failed

Question

I have two instances in AWS on separate subnets in same VPC. One of them is private while other is public. I have my node application setup in public instance. The private instance is accessible from public instance only as they are in same VPC. I tried to connect to mongodb of private instance from public instance using the following command:

sudo ./mongo <private ip>:27017 -u <username> -p <password> --authenticationDatabase myDatabase

Below is my mongodb configuration:

fork = true
bind_ip = 0.0.0.0
port = 27017
quiet = true
dbpath = /var/lib/mongodb
logpath = /var/log/mongodb/mongo.log
logappend = true
journal = true

But this command timeouts after some time and gives error as below:

2016-01-18T12:17:57.513+0000 E QUERY    [thread1] Error: couldn't connect to server <my private ip>:27017, connection attempt failed :
connect@src/mongo/shell/mongo.js:226:14
@(connect):1:6

exception: connect failed

I want to use this mongo connection from the node js application in the public instance. What can be the reason the instance is not able to connect from the public instance?

Answer 1

The Security Group of the MongoDB instance(s) needs to allow inbound port 27017 from the Security Group of the Node.js instance(s).

You can also allow this communication from Node.js to MongoDB using the IP addresses of the source Node.js instance(s), but it's much better to simply allow ingress from their security group. That helps when Auto Scaling adds new instances, for example, or if your Node.js servers are terminated and then restarted with new IP addresses.