- MongoDB Connector for BI Components >
mongosqld
mongosqld
¶
On this page
Description¶
-
mongosqld
¶
Note
The MongoDB Connector for BI and associated utilities are only available with MongoDB Enterprise 3.2 and greater.
mongosqld
accepts incoming requests from a MySQL client, and
proxies those requests to a mongod
or mongos
instance.
Options¶
Core Options¶
-
--help
¶
Returns information on the options and use of mongosqld.
-
--addr
¶
Default: 127.0.0.1:3307
Specifies the host address to listen on.
-
--version
¶
Returns the mongosqld release number.
-
--schemaDirectory
<directoryname>
¶ Specifies the path to a directory containing schema files generated by
mongodrdl
.All files in this directory MUST be schema files, or else
mongosqld
will not start.
-
--mongo-uri
<uri>
¶ Default: mongodb://localhost:27017
Specifies a MongoDB connection string to connect to.
Do not specify a username and password in your connection string. mongosqld will pass authentication credentials from the client to the MongoDB server upon receiving a connection if
--auth
is enabled.To enable TLS/SSL in this connection, use the
--mongo-ssl
option.The
--mongo-uri
option also supports thereadPreference
andreadPreferenceTags
mongosqld connection string URI options. To learn more about connection string URI options, see Read Preference options.
Log Options¶
-
--logPath
<filename>
¶ Default: stderr
Specifies a path to a log file for storing logging output.
-
--verbose
,
-v
¶
Specifies that mongosqld should provide more detailed log output. Include multiple times for more verbosity (e.g.
-vvvvv
).
-
--quiet
¶
Hides all log output.
MongoDB TLS/SSL Options¶
-
--mongo-ssl
¶
Default: False
Instructs mongosqld to use TLS/SSL when connecting to a MongoDB instance.
-
--mongo-sslPEMKeyFile
<filename>
¶ Specifies the
.pem
file containing both the TLS/SSL certificate and key for the MongoDB instance. Specify the file name of the.pem
file using relative or absolute paths.This option is required when using the
--mongo-ssl
option to connect to amongod
ormongos
that hasnet.ssl.CAFile
enabled withoutnet.ssl.allowConnectionsWithoutCertificates
.
-
--mongo-sslPEMKeyPassword
<password>
¶ Specifies the path to a file containing the certificate and private key for connecting to MongoDB.
-
--mongo-sslAllowInvalidCertificates
¶
Permits the MongoDB instance to present an invalid server SSL/TLS certificate. When using the
net.ssl.allowInvalidCertificates
setting, MongoDB logs the use of the invalid certificate as a warning.
-
--mongo-sslCAFile
<filename>
¶ Specifies the MongoDB instance’s
.pem
file containing the root certificate chain from the Certificate Authority. Specify the file name of the.pem
file using relative or absolute paths.Warning
For SSL connections (
--mongo-ssl
) tomongod
andmongos
, if the mongosqld runs without the--mongo-sslCAFile
, mongosqld will not attempt to validate the server certificates. This creates a vulnerability to expiredmongod
andmongos
certificates as well as to foreign processes posing as validmongod
ormongos
instances. Ensure that you always specify the CA file to validate the server certificates in cases where intrusion is a possibility.
-
--mongo-sslFIPSMode
¶
Enable FIPS mode in the installed OpenSSL library.
Client TLS/SSL Options¶
-
--sslPEMKeyFile
<filename>
¶ Specifies the
.pem
file containing both the TLS/SSL certificate and key for MySQL clients. Specify the file name of the.pem
file using relative or absolute paths.
-
--sslPEMKeyPassword
<password>
¶ Specifies the password used to decrypt the private key specified by
--sslPEMKeyFile
.
-
--sslAllowInvalidCertificates
¶
Permits MySQL clients to present invalid client SSL/TLS certificates.
-
--sslCAFile
<filename>
¶ Specifies the MySQL client’s
.pem
file containing the root certificate chain from the Certificate Authority. Specify the file name of the.pem
file using relative or absolute paths.
-
--auth
¶
Require authentication for incoming client requests. Requires
--sslPEMKeyFile
.
Socket Options¶
-
--filePermissions
<mode>
¶ Default: 448
Specify the permissions for the Unix domain socket file.
-
--noUnixSocket
¶
Disable listening on Unix domain sockets.
-
--unixSocketPrefix
<path>
¶ Default: /tmp
Specify an alternative directory for the mongosqld Unix domain socket.
mongosqld will create a socket file called
mysql.sock
underneath this path. If you do not specify--unixSocketPrefix
, the socket will exist at/tmp/mysql.sock
.