Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-45717

Allow changes to security.clusterIpSourceWhitelist without a rolling restart

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major - P3
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 5.2.0
    • Component/s: None
    • Labels:
      None
    • Backwards Compatibility:
      Fully Compatible
    • Sprint:
      Security 2020-02-10, Security 2021-10-04, Security 2021-10-18, Security 2021-11-01, Security 2021-11-15

      Description

      Suppose you have an environment in which the members of your MongoDB replica set have IP addresses that do not fit in a tight CIDR range. In this case, you will need to list each IP address individually in the security.clusterIpSourceWhitelist configuration.

      This also means that when you add a new node, you must first restart every other node so that the other nodes pick up the new value for security.clusterIpSourceWhitelist and allow connections from the new node. This in turn implies that adding a new node will also trigger an election. Some customers wish to minimize elections.

      https://docs.mongodb.com/manual/reference/configuration-options/#security.clusterIpSourceWhitelist

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              sergey.galtsev Sergey Galtsev
              Reporter:
              cailin.nelson Cailin Nelson
              Participants:
              Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: