远程连接mongodb时,27017端口连接不上的解决办法

一、背景描述:

我在linux  RED7上安装了mongodb,并没有修改mongodb的配置文件。然后通过另外一台电脑用pymongo连接mongodb时,报错:timeout。

ping IP 是成功的。 telnet IP 27017 的时候,提示:27017端口连接不上。

二、解决过程:

各种百度,远程连接mongodb失败,网上资料显示原因有两个:

1、mongodb的配置文件中的bind_ip 默认为127.0.0.1,默认只有本机可以连接。  此时,需要将bind_ip配置为0.0.0.0,表示接受任何IP的连接。

2、防火墙阻止了27017端口。

于是,先修改mongodb配置文件,并重启mongod服务。

各种百度关闭防火墙。

-----------但是试了很久很久,仍然telnet时提示:27017端口连接不上。

使用google,发现如下文章:http://shaurong.blogspot.com/2014/07/centos-70-x64.html

解决了我的问题。重点是由于在RED7中,关闭防火墙的命令改为:systemctl stop firewalld

这样后,便可以真正关闭防火墙功能。远程连接mongodb成功!

上述连接:http://shaurong.blogspot.com/2014/07/centos-70-x64.html 内容如下(需翻 墙才可访问,所以就把原文复制过来了。望原作者莫见怪!):

 [研究] CentOS 7.0 x64 的 iptables 與 firewall-cmd 防火牆
[研究] CentOS 7.0 x64 的 iptables 與 firewall-cmd 防火牆

2014-07-25
2014-08-01 修訂

CentOS 7.0 開始,服務的管理使用變成用 systemctl,例如 httpd 的使用可用下面幾種方式

# systemctl status|start|stop|restart|reload httpd
OR
# service httpd status|start|stop|restart|reload
OR
# apachectl configtest| graceful

service httpd 會自動重導指令到 systemctl 命令,問題不大。

但是防火牆就有問題了,因為架網站時本機測試正常,遠端關了防火牆卻仍連不上,所以做了點研究測試。

[[email protected] ~]# yum -y install httpd
[[email protected] ~]# service httpd restart
Redirecting to /bin/systemctl restart  httpd.service
[[email protected] ~]# service httpd status
Redirecting to /bin/systemctl status  httpd.service
httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled)
   Active: active (running) since Fri 2014-07-25 15:54:58 CST; 21s ago
 Main PID: 14250 (httpd)
   Status: "Total requests: 0; Current requests/sec: 0; Current traffic:   0 B/sec"
   CGroup: /system.slice/httpd.service
           ?   ? 14250 /usr/sbin/httpd -DFOREGROUND
           ?   ? 14251 /usr/sbin/httpd -DFOREGROUND
           ?   ? 14252 /usr/sbin/httpd -DFOREGROUND
           ?   ? 14253 /usr/sbin/httpd -DFOREGROUND
           ?   ? 14254 /usr/sbin/httpd -DFOREGROUND
           ?   ? 14255 /usr/sbin/httpd -DFOREGROUND

Jul 25 15:54:58 localhost.localdomain systemd[1]: Starting The Apache HTTP Se...
Jul 25 15:54:58 localhost.localdomain httpd[14250]: AH00558: httpd: Could not...
Jul 25 15:54:58 localhost.localdomain systemd[1]: Started The Apache HTTP Ser...
Hint: Some lines were ellipsized, use -l to show in full.
[[email protected] ~]# ps aux | grep httpd
root     14250  0.0  0.2 209484  4804 ?        Ss   15:54   0:00 /usr/sbin/http  -DFOREGROUND
apache   14251  0.0  0.1 211568  2968 ?        S    15:54   0:00 /usr/sbin/http  -DFOREGROUND
apache   14252  0.0  0.1 211568  2968 ?        S    15:54   0:00 /usr/sbin/http  -DFOREGROUND
apache   14253  0.0  0.1 211568  2968 ?        S    15:54   0:00 /usr/sbin/http  -DFOREGROUND
apache   14254  0.0  0.1 211568  2968 ?        S    15:54   0:00 /usr/sbin/http  -DFOREGROUND
apache   14255  0.0  0.1 211568  2968 ?        S    15:54   0:00 /usr/sbin/http  -DFOREGROUND
root     14276  0.0  0.0 112640   980 pts/1    R+   15:55   0:00 grep --color=auto httpd
[[email protected] ~]#

[[email protected] ~]# service iptables stop
Redirecting to /bin/systemctl stop  iptables.service

(下圖) 本機上測試正常

(下圖) 遠端去連失敗

檢查防火牆狀態,是 inactive 的

[[email protected] ~]# service iptables -L
The service command supports only basic LSB actions (start, stop, restart, try-restart, reload, force-reload, status). For other actions, please try to use systemctl.

[[email protected] ~]# service iptables status
Redirecting to /bin/systemctl status  iptables.service
iptables.service - IPv4 firewall with iptables
   Loaded: loaded (/usr/lib/systemd/system/iptables.service; disabled)
   Active: inactive (dead)

Jul 25 15:56:53 localhost.localdomain systemd[1]: Stopped IPv4 firewall with ...
Hint: Some lines were ellipsized, use -l to show in full.

列出防火牆  rules,居然仍有

[[email protected] ~]# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere
INPUT_direct  all  --  anywhere             anywhere
INPUT_ZONES_SOURCE  all  --  anywhere             anywhere
INPUT_ZONES  all  --  anywhere             anywhere
ACCEPT     icmp --  anywhere             anywhere
REJECT     all  --  anywhere             anywhere             reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere
FORWARD_direct  all  --  anywhere             anywhere
FORWARD_IN_ZONES_SOURCE  all  --  anywhere             anywhere
FORWARD_IN_ZONES  all  --  anywhere             anywhere
FORWARD_OUT_ZONES_SOURCE  all  --  anywhere             anywhere
FORWARD_OUT_ZONES  all  --  anywhere             anywhere
ACCEPT     icmp --  anywhere             anywhere
REJECT     all  --  anywhere             anywhere             reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
OUTPUT_direct  all  --  anywhere             anywhere

Chain FORWARD_IN_ZONES (1 references)
target     prot opt source               destination
FWDI_public  all  --  anywhere             anywhere            [goto]
FWDI_public  all  --  anywhere             anywhere            [goto]

Chain FORWARD_IN_ZONES_SOURCE (1 references)
target     prot opt source               destination

Chain FORWARD_OUT_ZONES (1 references)
target     prot opt source               destination
FWDO_public  all  --  anywhere             anywhere            [goto]
FWDO_public  all  --  anywhere             anywhere            [goto]

Chain FORWARD_OUT_ZONES_SOURCE (1 references)
target     prot opt source               destination

Chain FORWARD_direct (1 references)
target     prot opt source               destination

Chain FWDI_public (2 references)
target     prot opt source               destination
FWDI_public_log  all  --  anywhere             anywhere
FWDI_public_deny  all  --  anywhere             anywhere
FWDI_public_allow  all  --  anywhere             anywhere

Chain FWDI_public_allow (1 references)
target     prot opt source               destination

Chain FWDI_public_deny (1 references)
target     prot opt source               destination

Chain FWDI_public_log (1 references)
target     prot opt source               destination

Chain FWDO_public (2 references)
target     prot opt source               destination
FWDO_public_log  all  --  anywhere             anywhere
FWDO_public_deny  all  --  anywhere             anywhere
FWDO_public_allow  all  --  anywhere             anywhere

Chain FWDO_public_allow (1 references)
target     prot opt source               destination

Chain FWDO_public_deny (1 references)
target     prot opt source               destination

Chain FWDO_public_log (1 references)
target     prot opt source               destination

Chain INPUT_ZONES (1 references)
target     prot opt source               destination
IN_public  all  --  anywhere             anywhere            [goto]
IN_public  all  --  anywhere             anywhere            [goto]

Chain INPUT_ZONES_SOURCE (1 references)
target     prot opt source               destination

Chain INPUT_direct (1 references)
target     prot opt source               destination

Chain IN_public (2 references)
target     prot opt source               destination
IN_public_log  all  --  anywhere             anywhere
IN_public_deny  all  --  anywhere             anywhere
IN_public_allow  all  --  anywhere             anywhere

Chain IN_public_allow (1 references)
target     prot opt source               destination
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ssh ctstate NEW

Chain IN_public_deny (1 references)
target     prot opt source               destination

Chain IN_public_log (1 references)
target     prot opt source               destination

Chain OUTPUT_direct (1 references)
target     prot opt source               destination
[[email protected] ~]#

經過研究發現,應該要改用 firewall-cmd 命令

要暫時開放 http port,可執行
# firewall-cmd --add-service=http

要永久開放 http port,可執行
# firewall-cmd --permanent --add-service=http
# systemctl restart firewalld

要停掉
[[email protected] ~]# systemctl stop firewalld

下面確認一下,真的停掉了

[[email protected] ~]# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
[[email protected] ~]#

(下圖) 再從遠端連上網站看看,成功了

也就是 service iptables stop 無法停掉防火牆了 ( 看下面訊息該有支援,Bug 嗎 ?)

[[email protected] ~]# service iptables
The service command supports only basic LSB actions (start, stop, restart, try-restart, reload, force-reload, status). For other actions, please try to use systemctl.

設定 httpd 隨作業系統啟動
systemctl enable  httpd

其他常用 firewall-cmd 命令

# firewall-cmd --state
# firewall-cmd --list-all
# firewall-cmd --list-interfaces
# firewall-cmd --get-service
# firewall-cmd --query-service service_name
# firewall-cmd --add-port=8080/tcp

(完)

相關

[研究] CentOS 7.0 x64 的網站架設與防火牆
http://shaurong.blogspot.tw/2014/07/centos-linux-701406.html

Installing LAMP (Linux, Apache, MariaDB, PHP/PhpMyAdmin) in RHEL/CentOS 7.0
http://www.tecmint.com/install-lamp-in-centos-7/

点击查看文章内容

三、RED7中通过yum安装mongodb的官方步骤:

http://docs.mongodb.org/master/tutorial/install-mongodb-on-red-hat/?_ga=1.11182708.1945386581.1439519252

四、关于RED 7中关闭防火墙命令的描述如下:

http://linux.it.net.cn/CentOS/fast/2014/1102/7635.html

时间: 2024-09-29 00:10:15

远程连接mongodb时,27017端口连接不上的解决办法的相关文章

使用maven时出现Failure to transfer 异常的解决办法

> 使用maven时出现Failure to transfer 错误的解决方法 在eclipse里使用maven,连接nexus私服. 添加依赖之后,总是报添加的依赖jar文件找不到,但是在nexus的库里面能找到这个依赖的jar文件,但是在本地的maven库里面找不到,于是我将本地库里面这个依赖对应的文件夹删掉,然后在eclipse里面执行update dependencies.成功解决问题! 右键单击项目->maven->update dependencies. 引起的原因是由于本地

Xamarin开发Android时Visual Studio 2012没有智能提示解决办法

Most of the people who work with Xamarin’s Mono for Android in Visual Studio 2012 face a bug where Intellisense doesn’t work for AXML in source view. One of the fix which worked for me is mentioned below. Launch Visual Studio 2012 Open a solution wit

Nodejs发送Post请求时出现socket hang up错误的解决办法

参考nodejs官网发送http post请求的方法,实现了一个模拟post提交的功能.实际使用时报socket hang up错误. 后来发现是请求头设置的问题,发送选项中需要加上headers字段信息(这个估计也和对方的服务器有关,对于不完成的post请求头,可能被丢弃了). 完整的代码如下(遇到类型问题的同学可以做个参考): var querystring = require('querystring') , http = require('http'); var data = query

向SDE图层中添加大量数据时,出现ORA-00604以及ORA-01000的解决办法

转自原文 向SDE图层中添加大量数据时,出现ORA-00604以及ORA-01000的解决办法 写了一个小程序,从一个列表中读取坐标串,每个坐标串生成一个IPolygon,然后将这些Polygon添加到一个SDE图层中, 向SDE中添加要素的初始代码类似下面: IWorkspaceEdit workspaceEdit = (IWorkspaceEdit)workspace; workspaceEdit.StartEditing(true); workspaceEdit.StartEditOper

通过ajax访问Tomcat服务器web service接口时出现No 'Access-Control-Allow-Origin' header问题的解决办法

问题描述 通过ajax访问Web服务器(Tomcat7.0.42)中的json web service接口的时候,报以下跨域问题: XMLHttpRequest cannot load http://localhost:8080/get-employees-by-name/name/admin. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhos

CentOS yum时出现“Could not retrieve mirrorlist ”的解决办法——resolv.conf的配置

原因:没有配置resolv.conf 解决方法: 到/etc目录下配置resolv.conf加入nameserver IP,如: nameserver 8.8.8.8 nameserver 8.8.4.4 search localdomain 保存再次运行上面命令就可以. 关键一点  serach那一行要在nameserver的后面 CentOS yum时出现"Could not retrieve mirrorlist "的解决办法--resolv.conf的配置,布布扣,bubuko

FW 执行Git命令时出现各种 SSL certificate problem 的解决办法

比如我在windows下用Git clone gitURL 就提示  SSL certificate problem: self signed certificate 这种问题,在windows下出现得频率高些.我估计主要是git本身就是基于linux开发的,在windows上,容易缺失一些环境. 参考了一些文章,解决方法其实就是“直接不管ssl证书的事儿”-_-||| 方法如下: 1.创建临时环境变量: windows上命令行输入: [plain] view plain copy set GI

installshield制作的安装包卸载时提示重启动的原因以及解决办法

原文:installshield制作的安装包卸载时提示重启动的原因以及解决办法 有时候卸载installshield制作的安装包程序,卸载完会提示是否重启电脑以完成所有卸载,产生这个提示的常见原因有如下几种:1. 卸载时,程序正处于运行状态2. 卸载时,程序文件夹处于打开状态3. 卸载时,有文件被别的进程调用,或者在进程中,常见情况如dll在进程中 一般来说解决办法是针对第三种情况的,解决办法是卸载时强制杀进程,比如在OnMaintUIBefore或者OnUninstall里写上强制杀进程的代码

查看443端口被占用无法启动解决办法

443端口被占用无法启动解决办法 2012-11-15 15:01 2483人阅读 评论(0) 收藏 举报 netstat -ano|findstr "443"         //搜索443端口占用情况,并找到进程IDTCP 0.0.0.0:443 0.0.0.0:0 LISTENING 720            //找到PID为720UDP 0.0.0.0:59443 *:* 7584-----------------------------------------------