[SERVER-22039] printShardingSize command fails on not authorized in a sharded cluster with authentication enabled Created: 31/Dec/15 Updated: 03/Apr/23 Resolved: 30/Jan/18 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Sharding |
| Affects Version/s: | 2.6.11, 3.0.6, 3.0.8, 3.4.10, 3.6.2 |
| Fix Version/s: | 3.7.2 |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Idan Sher | Assignee: | Blake Oler |
| Resolution: | Done | Votes: | 1 |
| Labels: | neweng | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Description |
Problem descriptionWhen running the command printShardingSizes, on a sharded cluster with authentication enabled, a "not authorized on <DB> to execute command { dataSize: \"sample.samplecol1\"}..." error will appear.
HypothesisThe command wraps the dataSize command and executes it directly on the primaries of the shards, from the mongos, by connecting through the shell (without authentication). In the snippet of the code wrapped by the printShardingSizes command, the "mydb" variable attempts to connect directly to the primaries of the shards. As the authentication is enabled on the cluster level, the command itself fails on a "not authorized" error.
I have tested this scenario several times, on versions 2.6.11, 3.0.6 and 3.0.8. all with the same results. Workaround
|
| Comments |
| Comment by Githook User [ 30/Jan/18 ] |
|
Author: {'email': 'blake.oler@mongodb.com', 'name': 'Blake Oler', 'username': 'BlakeIsBlake'}Message: |
| Comment by jacky chen [ 30/Jan/18 ] |
|
thanks for your reply. I'm a new man for mongodb. |
| Comment by Kaloian Manassiev [ 24/Jan/18 ] |
|
Indeed the dataSize command is available on mongos, so there is no need to go through the shards and what vick.mena is proposing is correct. Given the simplicity of the fix, I am moving it to 3.7 Desired and will schedule it for the next couple of iterations. |
| Comment by jacky chen [ 15/Dec/17 ] |
|
any correction plan for this issue? |