我得到这个错误时,试图启动mongocrypt上heroku
/app/.heroku/python/lib/python3.10/site-packages/pymongo/daemon.py:140: RuntimeWarning: Failed to start mongocryptd: is it on your $PATH?
[<ServerDescription ('localhost', 27020) server_type: Unknown, rtt: None, error=AutoReconnect('localhost:27020: [Errno 111] Connection refused')>]> 2023-01-16T22:18:00.486207+00:00 app[web.1]:下面是Heroku上的完整堆栈跟踪。我正在Heroku上运行一个使用Mongodb字段级加密的应用程序。我不知道如何解决这个问题,我四处寻找,但没有找到构建包或任何东西。有什么想法吗?
2023-01-16T22:17:39.839953+00:00 app[web.1]: /app/.heroku/python/lib/python3.10/site-packages/pymongo/daemon.py:140: RuntimeWarning: Failed to start mongocryptd: is it on your $PATH?
2023-01-16T22:17:39.839965+00:00 app[web.1]: Original exception: [Errno 2] No such file or directory: 'mongocryptd'
2023-01-16T22:17:39.839966+00:00 app[web.1]: _silence_resource_warning(_spawn(sys.argv[1:]))
2023-01-16T22:17:49.911328+00:00 app[web.1]: /app/.heroku/python/lib/python3.10/site-packages/pymongo/daemon.py:140: RuntimeWarning: Failed to start mongocryptd: is it on your $PATH?
2023-01-16T22:17:49.911355+00:00 app[web.1]: Original exception: [Errno 2] No such file or directory: 'mongocryptd'
2023-01-16T22:17:49.911356+00:00 app[web.1]: _silence_resource_warning(_spawn(sys.argv[1:]))
2023-01-16T22:18:00.485457+00:00 app[web.1]: 10.1.25.54 - - [16/Jan/2023 22:18:00] "POST /login HTTP/1.1" 500 -
2023-01-16T22:18:00.485520+00:00 app[web.1]: INFO:10.1.25.54 - - [16/Jan/2023 22:18:00] "[35m[1mPOST /login HTTP/1.1[0m" 500 -
2023-01-16T22:18:00.486181+00:00 app[web.1]: Traceback (most recent call last):
2023-01-16T22:18:00.486182+00:00 app[web.1]: File "/app/.heroku/python/lib/python3.10/site-packages/pymongo/encryption.py", line 196, in mark_command
2023-01-16T22:18:00.486182+00:00 app[web.1]: res = self.mongocryptd_client[database].command(
2023-01-16T22:18:00.486182+00:00 app[web.1]: File "/app/.heroku/python/lib/python3.10/site-packages/pymongo/_csot.py", line 105, in csot_wrapper
2023-01-16T22:18:00.486183+00:00 app[web.1]: return func(self, *args, **kwargs)
2023-01-16T22:18:00.486183+00:00 app[web.1]: File "/app/.heroku/python/lib/python3.10/site-packages/pymongo/database.py", line 805, in command
2023-01-16T22:18:00.486185+00:00 app[web.1]: with self.__client._socket_for_reads(read_preference, session) as (
2023-01-16T22:18:00.486202+00:00 app[web.1]: File "/app/.heroku/python/lib/python3.10/site-packages/pymongo/mongo_client.py", line 1296, in _socket_for_reads
2023-01-16T22:18:00.486202+00:00 app[web.1]: server = self._select_server(read_preference, session)
2023-01-16T22:18:00.486202+00:00 app[web.1]: File "/app/.heroku/python/lib/python3.10/site-packages/pymongo/mongo_client.py", line 1257, in _select_server
2023-01-16T22:18:00.486203+00:00 app[web.1]: server = topology.select_server(server_selector)
2023-01-16T22:18:00.486203+00:00 app[web.1]: File "/app/.heroku/python/lib/python3.10/site-packages/pymongo/topology.py", line 272, in select_server
2023-01-16T22:18:00.486203+00:00 app[web.1]: server = self._select_server(selector, server_selection_timeout, address)
2023-01-16T22:18:00.486204+00:00 app[web.1]: File "/app/.heroku/python/lib/python3.10/site-packages/pymongo/topology.py", line 261, in _select_server
2023-01-16T22:18:00.486204+00:00 app[web.1]: servers = self.select_servers(selector, server_selection_timeout, address)
2023-01-16T22:18:00.486204+00:00 app[web.1]: File "/app/.heroku/python/lib/python3.10/site-packages/pymongo/topology.py", line 223, in select_servers
2023-01-16T22:18:00.486205+00:00 app[web.1]: server_descriptions = self._select_servers_loop(selector, server_timeout, address)
2023-01-16T22:18:00.486205+00:00 app[web.1]: File "/app/.heroku/python/lib/python3.10/site-packages/pymongo/topology.py", line 238, in _select_servers_loop
2023-01-16T22:18:00.486205+00:00 app[web.1]: raise ServerSelectionTimeoutError(
2023-01-16T22:18:00.486206+00:00 app[web.1]: pymongo.errors.ServerSelectionTimeoutError: localhost:27020: [Errno 111] Connection refused, Timeout: 10.0s, Topology Description: <TopologyDescription id: 63c5cd032fd6f21815da4267, topology_type: Unknown, servers: [<ServerDescription ('localhost', 27020) server_type: Unknown, rtt: None, error=AutoReconnect('localhost:27020: [Errno 111] Connection refused')>]>
2023-01-16T22:18:00.486207+00:00 app[web.1]:@kevinAlbs下面的评论很有帮助,因为我看到设置bypass_auto_encryption=True,起初似乎是为了解决mongocrypt的问题。我在创建MongoClient时在fle_opts中设置了这个,但是通过传递auto encryption只是意味着我无法加密任何数据,即使加密的数据可以检索?
with MongoClient(os.environ.get("MONGO_URI"), auto_encryption_opts=fle_opts) as client:则这些选项为:
fle_opts = AutoEncryptionOpts(
kms_providers , keyStore, bypass_auto_encryption=True
)您可以设置大量选项:
class AutoEncryptionOpts(object):
"""Options to configure automatic client-side field level encryption."""
def __init__(
self,
kms_providers: Mapping[str, Any],
key_vault_namespace: str,
key_vault_client: Optional["MongoClient"] = None,
schema_map: Optional[Mapping[str, Any]] = None,
bypass_auto_encryption: bool = False,
mongocryptd_uri: str = "mongodb://localhost:27020",
mongocryptd_bypass_spawn: bool = False,
mongocryptd_spawn_path: str = "mongocryptd",
mongocryptd_spawn_args: Optional[List[str]] = None,
kms_tls_options: Optional[Mapping[str, Any]] = None,
crypt_shared_lib_path: Optional[str] = None,
crypt_shared_lib_required: bool = False,
bypass_query_analysis: bool = False,
encrypted_fields_map: Optional[Mapping] = None,
) -> None:也许将mongocryptd_uri设置为不同的地址可以解决这个问题?
我真的是在摸黑问有没有人能帮上忙?
1条答案
按热度按时间mec1mxoz1#
kevinAlbs上面的评论对我查看设置很有帮助
跳过自动加密=真
一开始它似乎绕过了mongocrypt的问题。我在创建MongoClient时在fle_opts中设置了这个,但是通过传递auto encryption只意味着我无法加密任何数据,即使加密的数据可以检索?
进一步了解自动加密...
自动加密是透明地加密数据的过程。另一种方法是使用显式加密。但它需要手动加密每个值。显式加密显示了一个示例。
当我试图修改mongocrypt_uri指向atlas时,它没有工作,因为mongocryptd应该和应用程序运行在同一台机器上,它绑定到localhost。
如果需要自动加密,则需要mongocryptd。mongocryptd二进制文件需要在同一台机器上。mongocryptd可以从“Archive”下载网站下载:MongoDB Enterprise Downloads | MongoDB.
我相信如果你不打算使用自动加密,那么你需要绕过mongocryptd(这可能是heroku上唯一的选项,因为它可能不支持Mongocryptd),并使用显式加密,如下所述:
https://www.mongodb.com/docs/manual/core/csfle/fundamentals/manual-encryption/#std-label-csfle-fundamentals-manual-encryption-automatic-decryption