Connect MongoDB via SSH Tunnel
To connect your MongoDB database to Commerce Intelligence via an SSH tunnel, you must do a few things:
Retrieving the Commerce Intelligence public key
The public key
is used to authorize the Commerce Intelligence Linux
user. The next section walks you through creating the user and import the keys.
- Go to Data > Connections and click Add New Data Source.
- Click the MONGODB icon.
- After the MongoDB credentials page opens, change the
Encrypted
toggle toYes
. This displays the SSH setup form. - The
public key
is located underneath this form.
Leave this page open throughout the tutorial - you will need it in the next section and at the end.
If you are a bit lost, here is how to navigate through Commerce Intelligence to retrieve the key:
Allow access to the Commerce Intelligence IP address
For the connection to be successful, you must configure your firewall to allow access from your IP addresses. They are 54.88.76.97
and 34.250.211.151
, but it is also on the MongoDB credentials page:
Creating a Linux
user for Commerce Intelligence
sshd_config
file associated with the server is not set to the default option, only certain users have server access - this prevents a successful connection to Commerce Intelligence. In these cases, it is necessary to run a command like AllowUsers
to allow the rjmetric
user access to the server.This can be a production or secondary machine, as long as it contains real-time (or frequently updated) data. You may restrict this user any way you like as long as it retains the right to connect to the MongoDB server.
To add the new user, run the following commands as root on your Linux
server:
adduser rjmetric -p
mkdir /home/rjmetric
mkdir /home/rjmetric/.ssh
Remember the public key
you retrieved in the first section? To ensure that the user has access to the database, you need to import the key into authorized_keys
. Copy the entire key into the authorized_keys
file as follows:
touch /home/rjmetric/.ssh/authorized_keys
"< PASTE KEY HERE >" >> /home/rjmetric/.ssh/authorized_keys
To finish creating the user, alter the permissions on the /home/rjmetric directory to allow access via SSH:
chown -R rjmetric:rjmetric /home/rjmetric
chmod -R 700 /home/rjmetric/.ssh
Creating an Commerce Intelligence MongoDB user
MongoDB servers have two run modes - one with the “auth” option (mongod -- auth)
and one without, which is the default. The steps for creating a MongoDB user varies depending on what mode your server is using. Bee sure to verify the mode before continuing.
If your server uses the Auth
Option:
When connecting to multiple databases, you can add the user by logging into MongoDB as an admin user and running the following commands.
listDatabases.
This command grants the Commerce Intelligence user access to all databases
:
use admin
db.createUser('rjmetric', '< secure password here >', true)
Use this command to grant the Commerce Intelligence user access to a single database
:
use < database name >
db.createUser('rjmetric', '< secure password here >', true)
This prints a response that looks like this:
{
"id": ObjectId("< some object id here >"),
"user": "rjmetric",
"readOnly": true,
"pwd": "< some hash here >"
}
If your server uses the default option
If your server does not use auth
mode, your MongoDB server is accessible even without a username and password. However, you should ensure the mongodb.conf
file (/etc/mongodb.conf)
has the following lines - if not, restart your server after you add them.
bind_ip = 127.0.0.1
noauth = true
To bind your MongoDB server to a different address, adjust the database hostname in the next step accordingly.
Entering the connection and user info into Commerce Intelligence
To wrap things up, you need to enter the connection and user info into Commerce Intelligence. Did you leave the MongoDB credentials page open? If not, go to Data > Connections and click Add New Data Source, then the MongoDB icon. Do not forget to change the Encrypted
toggle to Yes
.
Enter the following info into this page, starting with the Database Connection
section:
Host
:127.0.0.1
Username
: The Commerce Intelligence MongoDB username (should berjmetric
)Password
: The Commerce Intelligence MongoDB passwordPort
: MongoDB’s port on your server (27017
by default)Database Name
(Optional): If you only allowed access to one database, specify the name of that database here.
Under the SSH Connection
section:
Remote Address
: The IP address or hostname of the server you will SSH intoUsername
: The Commerce Intelligence Linux (SSH) username (should be rjmetric)SSH Port
: The SSH port on your server (22 by default)
When you are finished, click Save Test to complete the setup.