[SERVER-32000] Use saslHostName for mongos hostname when specified Created: 16/Nov/17  Updated: 12/Dec/23

Status: Backlog
Project: Core Server
Component/s: Sharding
Affects Version/s: None
Fix Version/s: None

Type: Improvement Priority: Major - P3
Reporter: Stephen Jamieson Assignee: Backlog - Cluster Scalability
Resolution: Unresolved Votes: 0
Labels: LamontN
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Assigned Teams:
Cluster Scalability
Participants:

 Description   

Currently, when a mongos is added to the config server mongos collection, it is added with the hostname().

However it is possible to set a specific saslHostName,

--setParameter saslHostName=myHostName

which will be used for Kerberos authentication.

If the mongos collection is relied upon for discovery in conjunction with Kerberos authentication (and a keytab that only includes the saslHostName), authentication will fail.

This issue affects MongoDB's Monitoring Agents, as the discovered hostnames cannot be used. Kerberos in this case, does not have any knowledge regarding the local hostname, only the saslHostName.

Ideally, the mongos should (optionally?) upsert the saslHostName if specified instead of the hostname().


Generated at Thu Feb 08 04:28:51 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.