我在不同的区域有一个Amazon DocumentDB集群,在私有VPC中,我可以从一个堡垒访问,在那里我可以使用SSH连接。
我正在将数据库服务器隧道连接到我的本地机器,并使用pymongo进行连接。
from sshtunnel import SSHTunnelForwarder
import pymongo, json
def format_db_uri(user,password,host,port,**kwargs):
h1 = f'mongodb://{user}:{password}@{host}:{port}/?'
options = '&'.join(f'{k}={v}' for k,v in kwargs.items())
print(options)
return h1 + options
def connect_mongo_via_bastion(config):
ssh_config = dict(config['bastion'])
mongo_config = dict(config['mongo'])
server = SSHTunnelForwarder(
**ssh_config,
remote_bind_address=(
mongo_config['host'],
mongo_config['port']
)
)
server.start()
# override the server address
mongo_config['host'], mongo_config['port'] = server.local_bind_address
client = pymongo.MongoClient(format_db_uri(**mongo_config))
return client, server字符串
我就这样用
client, bastion = connect_mongo_via_bastion(my_config)
client.list_databases()型
它失败了
ServerSelectionTimeoutError: 0.0.0.0:53374: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: IP address mismatch, certificate is not valid for '0.0.0.0'. (_ssl.c:997), Timeout: 30s, Topology Description: ]>型
在这种情况下,我如何连接?
1条答案
按热度按时间yqkkidmi1#
您需要将
sslAllowInvalidHostnames添加到mongodb uri。在脚本中添加类似mongo_config['sslAllowInvalidHostnames'] = True的内容