This topic describes how to apply for a public endpoint for a sharded cluster instance when you want to connect to this instance over the Internet.

Background information

The following table describes the connections supported by ApsaraDB for MongoDB.

Endpoint typeDescription
VPC endpoint
  • A virtual private cloud (VPC) is an isolated network that provides higher security and performance than the classic network.
  • By default, ApsaraDB for MongoDB provides VPC endpoints for instances to ensure high security and high performance.
Classic network endpointCloud services on the classic network are not isolated. Unauthorized access can be blocked only by using security groups or whitelists. You can switch the network type to VPC. For more information, see Switch the network type of an ApsaraDB for MongoDB instance from classic network to VPC.
Note The classic network is not supported for DynamoDB-compatible sharded cluster instances.
Public endpoint
  • Your ApsaraDB for MongoDB instance is at risk when you connect to it over the Internet. For this reason, ApsaraDB for MongoDB does not provide public endpoints by default.
  • If you want to connect to an ApsaraDB for MongoDB instance from a device outside Alibaba Cloud (such as an on-premise device), you must apply for a public endpoint.

Procedure

  1. Log on to the ApsaraDB for MongoDB console.
  2. In the upper-left corner of the page, select the resource group and region to which the instance belongs.
  3. In the left-side navigation pane, click Sharded cluster instance.
  4. On the page that appears, find the instance that you want to manage and click its ID.
  5. In the left-side navigation pane, click Database Connections.
  6. In the upper-right corner of the Public Connections section, click Apply for Public Connection String.
    Apply for a public endpoint
  7. In the dialog box that appears, specify Node Type and Node ID, and click OK.
    Select a node type
    ParameterValueDescription
    Node TypeshardA shard. Before you apply for a public endpoint for a shard, you must apply for an internal endpoint for it. For more information, see Apply for an endpoint for a shard or Configserver node.

    If you want to read the oplog data of a shard over the Internet when you perform certain operations such as data synchronization between clusters, you must apply for a public endpoint for the shard.

    csThe config server. Before you apply for a public endpoint for the config server, you must apply for an internal endpoint for it. For more information, see Apply for an endpoint for a shard or Configserver node.

    If you want to read the configuration information of the config server over the Internet when you perform certain operations such as data synchronization between clusters, you must apply for a public endpoint for the config server.

    mongosA mongos. This is the default option because your application is connected to a mongos in most cases.
    Node IDThe ID of the component for which you want to apply for a public endpoint.None
    Note
    • For more information about component types, see Sharded cluster instances.
    • To apply for a public endpoint for other mongos, repeat this step. You can only apply for a new public endpoint after the current one is created.

Results

When the application is complete, the sharded cluster instance generates new endpoints for both the primary and secondary nodes and the corresponding connection string URI. For more information, see Overview of sharded cluster instance connections.

References

What to do next

Before you connect to the sharded cluster instance by using one of the obtained public endpoints, you must add the public IP address of your client to a whitelist of the instance. For more information, see Configure a whitelist for a sharded cluster instance.