Compute
Elastic Cloud Server
Huawei Cloud Flexus
Bare Metal Server
Auto Scaling
Image Management Service
Dedicated Host
FunctionGraph
Cloud Phone Host
Huawei Cloud EulerOS
Networking
Virtual Private Cloud
Elastic IP
Elastic Load Balance
NAT Gateway
Direct Connect
Virtual Private Network
VPC Endpoint
Cloud Connect
Enterprise Router
Enterprise Switch
Global Accelerator
Management & Governance
Cloud Eye
Identity and Access Management
Cloud Trace Service
Resource Formation Service
Tag Management Service
Log Tank Service
Config
OneAccess
Resource Access Manager
Simple Message Notification
Application Performance Management
Application Operations Management
Organizations
Optimization Advisor
IAM Identity Center
Cloud Operations Center
Resource Governance Center
Migration
Server Migration Service
Object Storage Migration Service
Cloud Data Migration
Migration Center
Cloud Ecosystem
KooGallery
Partner Center
User Support
My Account
Billing Center
Cost Center
Resource Center
Enterprise Management
Service Tickets
HUAWEI CLOUD (International) FAQs
ICP Filing
Support Plans
My Credentials
Customer Operation Capabilities
Partner Support Plans
Professional Services
Analytics
MapReduce Service
Data Lake Insight
CloudTable Service
Cloud Search Service
Data Lake Visualization
Data Ingestion Service
GaussDB(DWS)
DataArts Studio
Data Lake Factory
DataArts Lake Formation
IoT
IoT Device Access
Others
Product Pricing Details
System Permissions
Console Quick Start
Common FAQs
Instructions for Associating with a HUAWEI CLOUD Partner
Message Center
Security & Compliance
Security Technologies and Applications
Web Application Firewall
Host Security Service
Cloud Firewall
SecMaster
Anti-DDoS Service
Data Encryption Workshop
Database Security Service
Cloud Bastion Host
Data Security Center
Cloud Certificate Manager
Edge Security
Situation Awareness
Managed Threat Detection
Blockchain
Blockchain Service
Web3 Node Engine Service
Media Services
Media Processing Center
Video On Demand
Live
SparkRTC
MetaStudio
Storage
Object Storage Service
Elastic Volume Service
Cloud Backup and Recovery
Storage Disaster Recovery Service
Scalable File Service Turbo
Scalable File Service
Volume Backup Service
Cloud Server Backup Service
Data Express Service
Dedicated Distributed Storage Service
Containers
Cloud Container Engine
SoftWare Repository for Container
Application Service Mesh
Ubiquitous Cloud Native Service
Cloud Container Instance
Databases
Relational Database Service
Document Database Service
Data Admin Service
Data Replication Service
GeminiDB
GaussDB
Distributed Database Middleware
Database and Application Migration UGO
TaurusDB
Middleware
Distributed Cache Service
API Gateway
Distributed Message Service for Kafka
Distributed Message Service for RabbitMQ
Distributed Message Service for RocketMQ
Cloud Service Engine
Multi-Site High Availability Service
EventGrid
Dedicated Cloud
Dedicated Computing Cluster
Business Applications
Workspace
ROMA Connect
Message & SMS
Domain Name Service
Edge Data Center Management
Meeting
AI
Face Recognition Service
Graph Engine Service
Content Moderation
Image Recognition
Optical Character Recognition
ModelArts
ImageSearch
Conversational Bot Service
Speech Interaction Service
Huawei HiLens
Video Intelligent Analysis Service
Developer Tools
SDK Developer Guide
API Request Signing Guide
Terraform
Koo Command Line Interface
Content Delivery & Edge Computing
Content Delivery Network
Intelligent EdgeFabric
CloudPond
Intelligent EdgeCloud
Solutions
SAP Cloud
High Performance Computing
Developer Services
ServiceStage
CodeArts
CodeArts PerfTest
CodeArts Req
CodeArts Pipeline
CodeArts Build
CodeArts Deploy
CodeArts Artifact
CodeArts TestPlan
CodeArts Check
CodeArts Repo
Cloud Application Engine
MacroVerse aPaaS
KooMessage
KooPhone
KooDrive
On this page
Help Center/ Document Database Service/ FAQs/ Database Connection/ What Should I Do If I Fail to Connect to a DDS Instance?

What Should I Do If I Fail to Connect to a DDS Instance?

Updated on 2023-02-28 GMT+08:00

Possible Causes

Locate the fault from the following aspects:

  1. Check whether the DB instance is available.

    For example, if the system is faulty, a DB instance is abnormal, or a DB instance or a table is locked.

  2. (Common) Check whether the client connection is correct.
    1. Download the database installation package from the official website. For details, see How Can I Install a MongoDB Client?
    2. Use a MongoDB client 4.0 or later to connect to the DB instance.
    3. If you connect to a DB instance over a private network, ensure that the DB instance and ECS are in the same region and VPC.
    4. If you connect to a DB instance over a public network, bind an EIP to the DB instance and then connect to the DB instance through the EIP.
  3. Check the connection method.

    Run the following commands to enable and disable SSL on the console: Example:

    • Enable SSL: ./mongo --host<DB_HOST>--port<DB_PORT>-u<DB_USER>-p--authenticationDatabaseadmin--ssl --sslCAFile<FILE_PATH> --sslAllowInvalidHostnames
    • Disable SSL: ./mongo --host<DB_HOST>--port<DB_PORT>-u<DB_USER>-p --authenticationDatabase admin
  4. Check whether the parameters in the connection command are correct.

    Check whether the following parameters are configured correctly: connection address, port number, username, password, and connection method.

  5. (Common) Check whether the network connectivity is normal.
    Private network connection
    1. Ensure that the ECS and DDS instance are in the same region and VPC.

      If the ECS and DB instance are in different VPCs, set up a VPC peering connection to enable network communication between the two VPCs.

    2. Check security group rules.
      1. To access a cluster instance in a different security group from the ECS, add an inbound rule for the security group.
    3. On the ECS, check whether the DB instance port can be connected.

    Public network connection

    1. Check security group rules.
      1. To access a cluster instance in a different security group from the ECS, add an inbound rule for the security group.
    2. Check network ACL rules.
    3. Ping the ECS to the DB instance in the same region.

    Cross-CIDR block access (configuring IP address mapping)

    If a client and a replica set instance are deployed in different CIDR blocks and the client is not in 192.168.0.0/16, 172.16.0.0/24, or 10.0.0.0/8, configure Cross-CIDR Access for the instance to communicate with the client.

    1. Ensure that the source ECS can communicate with the instance node. If the network is abnormal, configure the network settings by referring to VPC Peering Connection.
    2. For details about how to configure cross-CIDR block access, see Configuring Cross-CIDR Access.
  6. (Common) Check whether the number of connections to the DB instance reaches the upper limit.

    If there is an excessive number of database connections, applications may fail to be connected.

  7. (Common) Check whether the disk is full.

    If the instance disk usage is too high, the instance status is abnormal and the instance cannot be connected.

  8. Check whether the CPU usage is too high.

    The CPU usage is high or close to 100%. As a result, data read/write processing is slow, connections cannot be obtained, and errors are reported, affecting service running.

  9. View the common connection error messages

    Find corresponding solutions based on connection error messages.

Fault Locating

  1. Check whether the DB instance is available.

    Check method: Check whether the database instance status is Available on the console.

    Possible cause: The DDS system is faulty, the instance status is abnormal, or the instance or table is locked.

    Solution

    • If the DDS instance status is abnormal, contact O&M personnel.
    • If the system is faulty or the instance or table is locked, restart the instance. For details, see Restarting an Instance.
    Figure 1 Checking the instance status
  2. Check whether the client connection is correct.

    You are advised to use a MongoDB client of version 4.0 or later to connect to the instance. For details about how to install a MongoDB client, see How Can I Install a MongoDB Client?

    The following uses connecting to a cluster as an example:

    1. For details about how to connect to a DB instance over a private network, see Connecting to a DB Instance Over Private Networks.
    2. For details about how to connect to a DB instance over a public network, see Connecting to a DB Instance Over Public Networks.
    Table 1 Connection methods

    Method

    Scenario

    Private network

    DDS provides a private IP address by default.

    If your applications are deployed on an ECS that is in the same region and VPC as the DB instance, you are advised to connect to the ECS and DB instance through a private IP address.

    Public network

    If you cannot access the DB instance over a private IP address, you are advised to bind an EIP to the DB instance and then connect to the DB instance through the EIP.

    For EIP pricing details, see EIP billing details.

  3. Check the connection method.
    1. SSL connection is recommended. Enable SSL on the Connections page and upload the certificate to the ECS.
      ./mongo --host<DB_HOST>--port<DB_PORT>-u<DB_USER>-p--authenticationDatabaseadmin--ssl --sslCAFile<FILE_PATH> --sslAllowInvalidHostnames
      Figure 2 Enabling SSL
    2. Unencrypted connection: Disable SSL on the Connections page.

      ./mongo --host<DB_HOST>--port<DB_PORT>-u<DB_USER>-p --authenticationDatabase admin

      Figure 3 Disabling SSL
  4. Check whether the parameters in the connection command are correct.

    Ensure that the connection address, port, username and password are correct, and try to connect to the DB instance again in SSL mode.

    SSL private network connection example:./mongo mongodb://rwuser:<password>@<DB_HOST>:<DB_PORT>,<DB_HOST>:<DB_PORT>/test?authSource=admin --ssl --sslCAFile <FILE_PATH> --sslAllowInvalidHostnames

    • Connection address

      The connection information can be obtained in the Address column on the Instances page.

      Figure 4 Connection address
    • Database port

      On the Private Connection tab of the Connections page, obtain the database port in the Database Port field.

    • Username and password

      If the password of the root administrator is incorrect or you forget the password, reset the administrator password.

    • Certificate

      Obtain the SSL certificate name from the directory where the command is executed.

    SSL public network connection example:./mongo mongodb://rwuser:<password>@<DB_HOST>:<DB_PORT>/test?authSource=admin --ssl --sslCAFile <FILE_PATH> --sslAllowInvalidHostnames

    • Connection address

      Click the instance name. On the Public Connection tab of the Connections page, obtain the public connection address in the Public Network Connection Address field.

    • Database port

      On the Public Connection tab of the Connections page, obtain the database port in the Database Port field.

    • Username and password

      If the password of the root administrator is incorrect or you forget the password, reset the administrator password.

    • Certificate

      Obtain the SSL certificate name from the directory where the command is executed.

  5. Check whether the network connection is normal.
    Private network connection
    1. Check whether the ECS and DDS instance are in the same region and VPC.
      • If the ECS and DB instance are in different regions, they cannot communicate with each other. Select a region near to your service area to reduce network latency and experience faster access.
      • If the ECS and DB instance are in different VPCs, set up a VPC peering connection to enable network communication between the two VPCs.
    2. Check security group rules.

      To access DB instances in a different security group from the ECS, add an inbound rule for the security group.

    3. On the ECS, check whether the DB instance port can be connected.
      telnet <DB instance address> {8635}
      • If the connection is normal, the network is normal.
      • If the connection fails, submit a to customer service for assistance.

    Public network connection

    1. Check security group rules.

      To access DB instances in a different security group from the ECS, add an inbound rule for the security group.

    2. Check network ACL rules.
      1. Go to the Network ACLs.
      2. Check whether the NIC bound to the EIP is in the subnet associated with the network ACL.
      3. Check whether the network ACL is enabled.

        If yes, add an ICMP rule to allow traffic.

      The default network ACL rule denies all inbound and outbound packets. After the network ACL is disabled, the default rule still takes effect.

    3. Ping the ECS to the DB instance in the same region.

      If you cannot ping the EIP on the original ECS, select another ECS in the same region and ping the EIP again. If the ping is successful, the network is normal. If the ping failed, .

    Cross-CIDR block access (configuring IP address mapping)

    If a client and a replica set instance are deployed in different CIDR blocks and the client is not in 192.168.0.0/16, 172.16.0.0/24, or 10.0.0.0/8, configure Cross-CIDR Access for the instance to communicate with the client.

    1. Ensure that the source ECS can communicate with the instance node. If the network is abnormal, configure the network settings by referring to VPC Peering Connection.
    2. For details about how to configure cross-CIDR block access, see Configuring Cross-CIDR Access.
  6. Check whether the number of connections to the DB instance reaches the upper limit.
    1. Check whether the number of connections to the DB instance has reached the upper limit. For details, see How Do I Query and Limit the Number of Connections?

      If the number of instance connections reaches the upper limit, see What Can I Do If the Number of Connections of an Instance Reaches Its Maximum?

    2. Check whether any metrics are abnormal and whether any alarms are generated on the Cloud Eye console. Cloud Eye monitors database metrics, such as the CPU usage, memory usage, storage space usage, and database connections, and allows you to set alarm policies to identify risks in advance if any alarms are generated.
  7. Check whether the disk is full.

    Check method: View the storage space usage on the management console or Cloud Eye.

    • On the management console

      Locate the target instance and click its name to go to the Basic Information page. In the Storage Space area, view the storage space usage.

      Figure 5 Storage space
    • On Cloud Eye

      Locate the target instance and click View Metric in the Operation column. On the displayed page, view the storage space usage.

    Possible cause: When the instance status is Storage full, the instance needs to preserve at least 15% of its capacity to work properly.

    Solution:

    • As your service data grows, the original storage space may be insufficient. You are advised to scale up storage space. For details, see Scaling Up Storage Space.
    • Process expired data files in a timely manner.
    • Check whether any metrics are abnormal and whether any alarms are generated on the Cloud Eye console. Cloud Eye monitors database metrics, such as the CPU usage, memory usage, storage space usage, and database connections, and allows you to set alarm policies to identify risks in advance if any alarms are generated.
  8. Check whether the CPU usage is too high.

    The CPU usage is high or close to 100%. As a result, data read/write processing is slow, connections cannot be obtained, and errors are reported, affecting service running.

    Solution: For details, see What Should I Do If CPU Usage Is Unusually High?

  9. View common connection error messages.
    • Connection failure message: network error while attempting to run command 'isMaster'

      An error is reported when you run the following command to connect to a DDS DB instance:

      ./mongo --host 192.168.168.182 --port 8635 -u rwuser -p xxxxxxxxxx --authenticationDatabase admin

      Figure 6 Connection failed

      For details about how to rectify the fault, see Connection Failure Message: network error while attempting to run command 'isMaster'.

    • Connection failure messages: No route to host and connection attempt failed.

      An error is reported when you run the following command to connect to a DDS DB instance:

      mongo --host 192.168.1.6 --port 8635 -u rwuser -p xxxxxxxxx --authenticationDatabase admin --ssl --sslCAFile /root/ca.crt --sslAllowInvalidHostnames

      Error message:

      MongoDB shell version v3.4.17
      connecting to: mongodb://192.168.1.6:8635/
      2019-09-19T09:38:36.954+0800 W NETWORK  [thread1] Failed to connect to 192.168.1.6:8635, in(checking socket for error after poll), reason: No route to host
      2019-09-19T09:38:36.954+0800 E QUERY    [thread1] Error: couldn't connect to server 192.168.1.6:8635, connection attempt failed :
      connect@src/mongo/shell/mongo.js:240:13
      @(connect):1:6
      exception: connect failed

      For details about how to rectify the fault, see Connection Failure Messages: "No route to host" and "connection attempt failed".

    • Connection failure messages: No route to host and connection attempt failed

      An error is reported when you run the following command to connect to a DDS DB instance:

      mongo --host 192.168.168.116 --port 8635 -u rwuser -p xxxxxxxxx --authenticationDatabase admin --ssl --sslCAFile /root/ca.crt --sslAllowInvalidHostnames

      Error message:

      MongoDB shell version v3.4.17
      connecting to: mongodb://192.168.168.116:8635/
      2019-09-19T09:39:24.306+0800 W NETWORK  [thread1] The server certificate does not match the host name. Hostname: 192.168.168.116 does not match CN: 172.16.2.65
      MongoDB server version: 4.0.3
      WARNING: shell and server versions do not match
      2019-09-19T09:39:24.329+0800 E QUERY    [thread1] Error: Authentication failed. :
      DB.prototype._authOrThrow@src/mongo/shell/db.js:1461:20
      @(auth):6:1
      @(auth):1:2
      exception: login failed

      For details about how to rectify the fault, see Connection Failure Messages: "No route to host" and "connection attempt failed".

    • Connection failure message: couldn't connect to server.

      An error is reported when you run the following command to connect to a DDS DB instance:

      mongo --host 192.168.64.201 --port 8635 -u rwuser -p xxxxxxxxx --authenticationDatabase admin --ssl --sslCAFile /root/ca.crt --sslAllowInvalidHostnames

      Error message:

      MongoDB shell version v3.4.17
      connecting to: mongodb://192.168.64.201:8635/
      2019-09-19T09:45:48.168+0800 W NETWORK  [thread1] Failed to connect to 192.168.64.201:8635 after 5000ms milliseconds, giving up.
      2019-09-19T09:45:48.168+0800 E QUERY    [thread1] Error: couldn't connect to server 192.168.64.201:8635, connection attempt failed :
      connect@src/mongo/shell/mongo.js:240:13
      @(connect):1:6
      exception: connect failed

      For details about how to rectify the fault, see Connection Failure Message: "couldn't connect to server".

    • Connection failure message: cannot list multiple servers in URL without 'replicaSet' option

      An error is reported when you run the following command to connect to a DDS replica set instance:

      ./mongo mongodb://rwuser:xxxxxxxxxxx@192.168.168.116:8635,192.168.200.147:8635/test?authSource=admin&replicaSet=replica

      Error message:

      FailedToParse: Cannot list multiple servers in URL without 'replicaSet' option try 'mongo --help' for more information.

      An error is reported when you run the following command to connect to a DDS DB instance that is compatible with MongoDB 3.4:

      mongo "mongodb://rwuser:xxxxxxxxx@192.168.95.167:8635,192.168.92.43:8635/test?authSource=admin"

      Error message:

      FailedToParse: Cannot list multiple servers in URL without 'replicaSet' option
      try 'mongo --help' for more information.

      For details, see Connection Failure Message: cannot list multiple servers in URL without 'replicaSet' option.

    • Connection failure message: Timeout while receiving message.

      An error is reported when you run the following command to connect to a DDS DB instance through Java driver:

      Error message:

      org.springframework.data.mongodb.UncategorizedMongoDbException: Timeout while receiving message; nested exception is com.mongodb.MongoSocketReadTimeoutException: Timeout while receiving message

      For details about how to rectify the fault, see Connection Failure Message: "Timeout while receiving message".

    • Connection failure messages: exception: login failed and U_STRINGPREP_PROHIBITED_ERROR

      An error is reported when you run the following command to connect to a DDS DB instance:

      ./mongo "mongodb://rwuser:xxxxxx@192.168.0.45:8635,192.168.0.96:8635/test?authSource=admin&replicaSet=replica"

      Error message:

      MongoDB shell version v4.0.3
      connecting to: mongodb://192.168.0.45:8635,192.168.0.96:8635/test?authSource=admin&replicaSet=replica
      2021-11-05T05:52:53.717+0000 I NETWORK  [js] Starting new replica set monitor for replica/192.168.0.45:8635,192.168.0.96:8635
      2021-11-05T05:52:53.718+0000 I NETWORK  [ReplicaSetMonitor-TaskExecutor] Successfully connected to 192.168.0.45:8635 (1 connections now open to 192.168.0.45:8635 with a 5 second timeout)
      2021-11-05T05:52:53.718+0000 I NETWORK  [js] Successfully connected to 192.168.0.96:8635 (1 connections now open to 192.168.0.96:8635 with a 5 second timeout)
      Implicit session: session { "id" : UUID("5945d2a5-8275-4e3c-b06f-632f062a2ead") }
      MongoDB server version: 4.0.3
      2021-11-05T05:52:53.722+0000 I NETWORK  [js] Marking host 192.168.0.96:8635 as failed :: caused by :: Location50692: can't authenticate against replica set node 192.168.0.96:8635 :: caused by :: Error preflighting normalization: U_STRINGPREP_PROHIBITED_ERROR
      2021-11-05T05:52:53.722+0000 I NETWORK  [js] Successfully connected to 192.168.0.45:8635 (1 connections now open to 192.168.0.45:8635 with a 0 second timeout)
      2021-11-05T05:52:53.723+0000 I NETWORK  [js] Marking host 192.168.0.45:8635 as failed :: caused by :: Location50692: can't authenticate against replica set node 192.168.0.45:8635 :: caused by :: Error preflighting normalization: U_STRINGPREP_PROHIBITED_ERROR
      2021-11-05T05:52:53.724+0000 I NETWORK  [js] Marking host 192.168.0.96:8635 as failed :: caused by :: Location50692: can't authenticate against replica set node 192.168.0.96:8635 :: caused by :: Error preflighting normalization: U_STRINGPREP_PROHIBITED_ERROR
      2021-11-05T05:52:53.725+0000 I NETWORK  [js] Marking host 192.168.0.45:8635 as failed :: caused by :: Location50692: can't authenticate against replica set node 192.168.0.45:8635 :: caused by :: Error preflighting normalization: U_STRINGPREP_PROHIBITED_ERROR
      2021-11-05T05:52:53.725+0000 E QUERY    [js] Error: can't authenticate against replica set node 192.168.0.45:8635 :: caused by :: Error preflighting normalization: U_STRINGPREP_PROHIBITED_ERROR :
      DB.prototype._authOrThrow@src/mongo/shell/db.js:1685:20
      @(auth):6:1
      @(auth):1:2
      exception: login failed

      For details about how to rectify the fault, see Connection Failure Messages: exception: login failed and U_STRINGPREP_PROHIBITED_ERROR.

  10. If the problem persists, to contact Huawei Cloud customer service for assistance.

We use cookies to improve our site and your experience. By continuing to browse our site you accept our cookie policy. Find out more

Feedback

Feedback

Feedback

0/500

Selected Content

Submit selected content with the feedback