折腾:
期间,去修改mongod的配置文件,给bindIp中添加上,自己的IP:
去加上IP限制:
<code>vi /etc/mongod.conf </code>
# network interfaces
net:
port: 12345
bindIp: 127.0.0.1,112.4.64.141 # Listen to specific IP
希望实现只有这些特定的IP,才能访问mongod服务,而其他IP禁止访问。
还是失败,去看log是:
<code>2018-04-10T14:08:18.139+0800 I CONTROL [initandlisten] options: { config: "/etc/mongod.conf", net: { bindIp: "127.0.0.1,112.4.64.141", port: 12345 }, processManagement: { fork: true, pidFilePath: "/var/run/mongodb/mongod.pid" }, security: { authorization: "enabled" }, storage: { dbPath: "/var/lib/mongo", journal: { enabled: true } }, systemLog: { destination: "file", logAppend: true, path: "/var/log/mongodb/mongod.log" } }
2018-04-10T14:08:18.160+0800 E NETWORK [initandlisten] listen(): bind() failed errno:99 Cannot assign requested address for socket: 112.4.64.141:12345
2018-04-10T14:08:18.160+0800 E STORAGE [initandlisten] Failed to set up sockets during startup.
2018-04-10T14:08:18.160+0800 I CONTROL [initandlisten] dbexit: rc: 48
</code>突然想到,难道是:
此处的bindIp,指的是:
mongod这个mongo的服务端,绑定的IP?
而不是我以为的,用来限制client的哪些IP去访问的?
因为:
此处竟然会去尝试去bind:
112.4.64.141:12345
即:
112.4.64.141的12345端口
-》很明显,此处的IP是我自己的远程的Mac本地的IP,而不是mongo服务器所在的IP
—〉更没有什么12345端口供其bind绑定
而对应的去尝试绑定:
127.0.0.1:12345
则是没有问题的
-》因为本身127.0.0.1就是此处的mongo的服务器
mongo initandlisten listen bind failed errno 99 Cannot assign requested address for socket
MongoDB – bind() failed errno:99 Cannot assign requested address for socket – Mkyong.com
“As guido said, the bind_ip is for the mongo server’s own IP address.”
果然是这个意思。
详见一些帖子:
和:
MongoDB – Allow remote access – Mkyong.com
的解释。
而想要实现限制特定IP才能访问的话,只能用:
CentOS等Linux系统内的防火墙
而对于此处特殊的,阿里云ECS的服务器的话,可以用阿里云的安全组,具体设置办法,详见: