Connection refused to Compute console due to mongodb issue
3127
Created On 12/14/22 12:55 PM - Last Modified 09/26/24 18:24 PM
Question
How to solve DB error preventing defender start
mongo.go:744 Failed to connect to mongo: server selection error: server selection timeout, current topology: { Type: Single, Servers: [{ Addr: 127.0.0.1:27017, Type: Unknown, Last error: connection() error occurred during connection handshake: dial tcp 127.0.0.1:27017Environment
- Prisma Cloud compute
- Defender data volume hosed on NFS volume
Answer
- First we check that orchestrator and container runtime version are aligned with system requirements
-
kubectl get nodes -o wide
- Get the defender logs
kubectl logs <defender pod name> -n twistlock
and we will see error as follows- mongo.go:744 Failed to connect to mongo: server selection error: server selection timeout, current topology: { Type: Single, Servers: [{ Addr: 127.0.0.1:27017, Type: Unknown, Last error: connection() error occurred during connection handshake: dial tcp 127.0.0.1:27017
- At this point check on which volume type the defender data folder is mounted on.
-
kubectl get deployment <Prisma Cloud deployment name > -o yaml -n twistlock
output:
-
- Since storageClassName disclosed it's nfs volume at this point I asked the customer to add our recommended NFS flags to their /etc/fstab as documented here
- As documented in mongodb add the following flags to /etc/fstab on the host where the mongodb is running:
-
bg hard nolock noatime nointr
-
Additional Information
Prisma Cloud Compute resource:
https://docs.paloaltonetworks.com/prisma/prisma-cloud/22-12/prisma-cloud-compute-edition-admin/deployment_patterns/performance_planning#:~:text=allocated%20to%20Console.-,Storage,-Using%20a%20network
MongoDB official documentation:
https://www.mongodb.com/docs/v4.2/administration/production-notes/#remote-filesystems-nfs:~:text=Remote%20Filesystems%20(NFS)%C2%B6