Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-11980

Improve user cache invalidation enforcement on mongos

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Major - P3
    • Resolution: Fixed
    • 2.5.4
    • 2.6.10, 2.7.1
    • Security, Sharding
    • Fully Compatible

    Description

      When updating user/roles info on a mongod/mongos the in-memory role graph and user cache is updated instantly in the standard case.

      In the case of multiple mongos's there is a 10 min interval in between the mongos pings to the config servers for new user and role data. This means that there is a potential 10 min delay in communicating information about for instance a revoked user across the cluster. This interval can be configured to be lower with the risk of introducing network noise and repeated cache invalidation.

      This can be resolved by implementing a piggyback of the ordinary ping done by mongos to the config servers every 30 seconds.

      An additional improvement would be to not invalidate the cache in its entirety but only update the parts that has been changed.

      Attachments

        Issue Links

          Activity

            People

              spencer@mongodb.com Spencer Brody (Inactive)
              andreas.nilsson Andreas Nilsson
              Votes:
              1 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: