0

使用 Mongo Atlas M0 免费层。

我最近实现了 mongo 客户端字段级加密 ( csfle)。实施是成功的,但之后问题就开始了。

作为标准文档,要实现csfle,我们必须在创建新的 mongoClient 实例时提供连接设置。设置包括KMS ProviderKeyVaultNamespaceSchemamap

我想为三个不同的集合实现加密,所以我每次都必须创建新的 mongoclient 实例,因为设置参数不同。

我已经成功实现了这一切,但部署后,我开始收到 mongo 连接错误。

Encryption related exception: A timeout occurred after 10000ms selecting a server using CompositeServerSelector{ Selectors = MongoDB.Driver.MongoClient+AreSessionsSupportedServerSelector, LatencyLimitingServerSelector{ AllowedLatencyRange = 00:00:00.0150000 }, OperationsCountServerSelector }. Client view of cluster state is { ClusterId : "3", Type : "Unknown", State : "Disconnected", Servers : [{ ServerId: "{ ClusterId : 3, EndPoint : "Unspecified/localhost:27020" }", EndPoint: "Unspecified/localhost:27020", ReasonChanged: "Heartbeat", State: "Disconnected", ServerVersion: , TopologyVersion: , Type: "Unknown", HeartbeatException: "MongoDB.Driver.MongoConnectionException: An exception occurred while opening a connection to the server.
 ---> System.Net.Internals.SocketExceptionFactory+ExtendedSocketException (111): Connection refused 127.0.0.1:27020
   at System.Net.Sockets.Socket.EndConnect(IAsyncResult asyncResult)
   at System.Net.Sockets.Socket.<>c.<ConnectAsync>b__274_0(IAsyncResult iar)
--- End of stack trace from previous location where exception was thrown ---
   at MongoDB.Driver.Core.Connections.TcpStreamFactory.ConnectAsync(Socket socket, EndPoint endPoint, CancellationToken cancellationToken)
   at MongoDB.Driver.Core.Connections.TcpStreamFactory.CreateStreamAsync(EndPoint endPoint, CancellationToken cancellationToken)
   at MongoDB.Driver.Core.Connections.BinaryConnection.OpenHelperAsync(CancellationToken cancellationToken)
   --- End of inner exception stack trace ---
   at MongoDB.Driver.Core.Connections.BinaryConnection.OpenHelperAsync(CancellationToken cancellationToken)
   at MongoDB.Driver.Core.Servers.ServerMonitor.InitializeConnectionAsync(CancellationToken cancellationToken)
   at MongoDB.Driver.Core.Servers.ServerMonitor.HeartbeatAsync(CancellationToken cancellationToken)", LastHeartbeatTimestamp: "2021-11-03T08:46:10.0467929Z", LastUpdateTimestamp: "2021-11-03T08:46:10.0467932Z" }] }.., stacktrace:    at MongoDB.Driver.Encryption.AutoEncryptionLibMongoCryptController.EncryptFieldsAsync(String databaseName, Byte[] unencryptedCommandBytes, CancellationToken cancellationToken)
   at MongoDB.Driver.Core.WireProtocol.CommandMessageFieldEncryptor.EncryptFieldsAsync(String databaseName, CommandRequestMessage unencryptedRequestMessage, CancellationToken cancellationToken)
   at MongoDB.Driver.Core.WireProtocol.CommandUsingCommandMessageWireProtocol`1.AutoEncryptFieldsIfNecessaryAsync(CommandRequestMessage unencryptedRequestMessage, IConnection connection, CancellationToken cancellationToken)
   at MongoDB.Driver.Core.WireProtocol.CommandUsingCommandMessageWireProtocol`1.ExecuteAsync(IConnection connection, CancellationToken cancellationToken)
   at MongoDB.Driver.Core.Servers.Server.ServerChannel.ExecuteProtocolAsync[TResult](IWireProtocol`1 protocol, ICoreSession session, CancellationToken cancellationToken)
   at MongoDB.Driver.Core.Operations.RetryableReadOperationExecutor.ExecuteAsync[TResult](IRetryableReadOperation`1 operation, RetryableReadContext context, CancellationToken cancellationToken)
   at MongoDB.Driver.Core.Operations.ReadCommandOperation`1.ExecuteAsync(RetryableReadContext context, CancellationToken cancellationToken)
   at MongoDB.Driver.Core.Operations.FindCommandOperation`1.ExecuteAsync(RetryableReadContext context, CancellationToken cancellationToken)
   at MongoDB.Driver.Core.Operations.FindOperation`1.ExecuteAsync(RetryableReadContext context, CancellationToken cancellationToken)
   at MongoDB.Driver.Core.Operations.FindOperation`1.ExecuteAsync(IReadBinding binding, CancellationToken cancellationToken)
   at MongoDB.Driver.OperationExecutor.ExecuteReadOperationAsync[TResult](IReadBinding binding, IReadOperation`1 operation, CancellationToken cancellationToken)
   at MongoDB.Driver.MongoCollectionImpl`1.ExecuteReadOperationAsync[TResult](IClientSessionHandle session, IReadOperation`1 operation, ReadPreference readPreference, CancellationToken cancellationToken)
   at MongoDB.Driver.MongoCollectionImpl`1.UsingImplicitSessionAsync[TResult](Func`2 funcAsync, CancellationToken cancellationToken)
   at MongoDB.Driver.IAsyncCursorSourceExtensions.ToListAsync[TDocument](IAsyncCursorSource`1 source, CancellationToken cancellationToken)

此外,我已经开始从 mongo atlas 接收有关连接阈值的警报“您收到此警报电子邮件,因为与您的集群的连接已超过 500,并且接近 M0 集群的连接限制”

我的问题是:

  1. 有没有一种方法可以在使用 csfle 时创建 mongoClient 的单例实例?
  2. 有没有办法在我创建 mongoClient 实例后设置连接设置。我试过但看起来它是一个只读属性。

任何帮助将不胜感激。

4

1 回答 1

0

有没有一种方法可以在使用 csfle 时创建 mongoClient 的单例实例?

是的,您只需要在 schemaMap 中指定不同的集合,看看这里的 autoEncryptionSettings 是如何设置(将不同的集合添加到 schemaMap 字典中)

有没有办法在我创建 mongoClient 实例后设置连接设置。我试过但看起来它是一个只读属性。

不,您只能在启动 MongoClient 之前设置设置,之后所有设置都是只读的

“未指定/本地主机:27020”

您遇到的问题与 mongocryptd(不是 mongo 服务器)是 fle 逻辑的内部进程是不负责任的事实有关。我不确定为什么会发生,先尝试更改 schemaMap 看看是否有帮助

于 2021-11-03T14:41:33.660 回答