Mongoose attempting to connect to instance instead of just cluster endpoint

Question

We have our documentdb instance in a private VPC so use a bastion with port forwarding. I have the cluster endpoint setup in my SSH config and am able to connect via mongo shell:

```
$ mongo --ssl --host localhost:27018 --sslCAFile rds-combined-ca-bundle.pem --sslAllowInvalidHostnames
MongoDB shell version v3.6.3
connecting to: mongodb://localhost:27018/
2020-07-15T16:14:11.063-0400 D NETWORK  [thread1] creating new connection to:localhost:27018
2020-07-15T16:14:11.266-0400 W NETWORK  [thread1] The server certificate does not match the host name. Hostname: localhost does not match SAN(s): 
2020-07-15T16:14:11.266-0400 D NETWORK  [thread1] connected to server localhost:27018 (127.0.0.1)
2020-07-15T16:14:11.296-0400 D NETWORK  [thread1] connected connection!
MongoDB server version: 3.6.0
rs0:PRIMARY>
```

But when I try connecting via mongoose programmatically it attempts to connect to the instance directly instead of just the cluster endpoint.  
  
With useUnifiedTopology enabled:

```
const connOpts = {
    replicaSet: 'rs0',
    readPreference: 'secondaryPreferred',
    loggerLevel: 'debug'
    ha: false,
    connectWithNoPrimary: true,
    useNewUrlParser: true,
    useUnifiedTopology: true
}
mongoose.createConnection('mongodb://localhost:27018/mydb', connOpts)

MongooseServerSelectionError: connection timed out
  reason: TopologyDescription {
    type: 'ReplicaSetNoPrimary',
    setName: 'rs0',
    maxSetVersion: null,
    maxElectionId: null,
    servers: Map {
      'mydocdb-inst-1.[id redacted].[region redacted].docdb.amazonaws.com:27017' => [ServerDescription]
    },
    stale: false,
    compatible: true,
    compatibilityError: null,
    logicalSessionTimeoutMinutes: null,
    heartbeatFrequencyMS: 10000,
    localThresholdMS: 15,
    commonWireVersion: 6
  }
```

With useUnifiedTopology disabled:

```
const connOpts = {
    replicaSet: 'rs0',
    readPreference: 'secondaryPreferred',
    loggerLevel: 'debug'
    ha: false,
    connectWithNoPrimary: true,
    useNewUrlParser: true,
    useUnifiedTopology: false
}
mongoose.createConnection('mongodb://localhost:27018/mydb', connOpts)

At the end of the debug output:
[INFO-Server:9749] 1595262374081 server mydocdb-inst-1.[id redacted].[region redacted].docdb.amazonaws.com:27017 fired event error out with message {"name":"MongoNetworkError"} {
  type: 'info',
  message: 'server mydocdb-inst-1.[id redacted].[region redacted].docdb.amazonaws.com:27017 fired event error out with message {"name":"MongoNetworkError"}',
  className: 'Server',
  pid: 9749,
  date: 1595262374081
}
```

Is this due to some change in later versions of mongoose or the mongodb driver that aren't backwards compatible with mongodb 3.6.x / documentdb? Anyone on a specific version of mongoose and have it working without needing to connect directly to the instances?  
  
Thanks

Answer

Finally figured it out -- thankfully user error and not an issue with any library. After switching to not set the replicaSet when connecting through tunnel, my TLS settings weren't getting set.

```
mongoose.createConnection('mongodb://localhost:27018', {
  dbName: 'myDB',
  retryWrites: false,
  useFindAndModify: false,
  useNewUrlParser: true,
  useUnifiedTopology: true,
  //replicaSet: 'rs0',
  //readPreference: 'secondaryPreferred',
  auth: {
    user: '...',
    password: '...'
  },
  tls: true
  tlsCAFile: '/path/to/rds-combined-ca-bundle.pem',
  tlsAllowInvalidHostNames: true
})
```

Answer

I noticed the line below from https://docs.aws.amazon.com/documentdb/latest/developerguide/connect-from-outside-a-vpc.html and updated my connection to not set the replicaSet and readPreference and I still have the same issue.

```
When using an SSH tunnel, we recommend that you connect to your cluster using the cluster endpoint and do not attempt to connect in replica set mode (i.e., specifying replicaSet=rs0 in your connection string) as it will result in an error. 
```

I also updated my forwarding to connect to the instance instead of the endpoint without any luck.  
  
Edited by: tnataws on Jul 20, 2020 7:33 PM

Answer

BTW I'm using mongoose 5.9.22 which is compatible with mongodb 3.6 and works against a local instance of mongodb installed. https://mongoosejs.com/docs/compatibility.html

Mongoose attempting to connect to instance instead of just cluster endpoint

관련 콘텐츠