[SERVER-4992] Disable dropDatabase command on "config" if sharded collections exist with data Created: 16/Feb/12  Updated: 11/Jul/16  Resolved: 01/Jun/12

Status: Closed
Project: Core Server
Component/s: Sharding
Affects Version/s: None
Fix Version/s: 2.0.7, 2.1.2

Type: Improvement Priority: Major - P3
Reporter: Scott Hernandez (Inactive) Assignee: siddharth.singh@10gen.com
Resolution: Done Votes: 0
Labels: dropDatabase, mongos
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
depends on TOOLS-111 mongorestore on a sharded cluster Closed
Related
Backwards Compatibility: Fully Compatible
Participants:

 Description   

Disable (return an error) dropping the config db if the chunks/collections indicate there is sharded data across more than one shard. The command can check the shards to make sure that they actually have data first if needed.



 Comments   
Comment by auto [ 03/Jul/12 ]

Author:

{u'date': u'2012-05-30T07:35:16-07:00', u'name': u'Siddharth Singh', u'email': u'singhsiddharth@gmail.com'}

Message: SERVER-4992 Disable dropDatabase command on config

i) Diallow completely via mongos
ii) And partially if mongod started with --configsvr

Signed-off-by: Eric Milkie <milkie@10gen.com>
Branch: v2.0
https://github.com/mongodb/mongo/commit/e25d6a41652eaebd1395582261e3c83718d10274

Comment by auto [ 30/May/12 ]

Author:

{u'login': u'singhsiddharth', u'name': u'Siddharth Singh', u'email': u'singhsiddharth@gmail.com'}

Message: SERVER-4992 Disable dropDatabase command on config

i) Diallow completely via mongos
ii) And partially if mongod started with --configsvr
Branch: master
https://github.com/mongodb/mongo/commit/eef1039951718a1337967a373d5abecfaff47877

Comment by siddharth.singh@10gen.com [ 05/Mar/12 ]

This broke the dumprestore test (SERVER-5210). mongorestore, before restoring config db, tries to drop it first which this commit wasn't allowing. We should probably have some sought of force flag that would still allow config to be dropped via mongos. What do you think ?

Comment by auto [ 05/Mar/12 ]

Author:

{u'login': u'singhsiddharth', u'name': u'Siddharth Singh', u'email': u'singhsiddharth@gmail.com'}

Message: Revert "SERVER-4992 disabled dropDatabase on "config" via mongos and via mongod, if started with --configsvr"

Broke the dumprestore.js test (SERVER-5210)

This reverts commit 255e03216d3e75814b9f744fd27dccf93ff81611.
Branch: master
https://github.com/mongodb/mongo/commit/3dc9191947727193a423d19b47c56ec4dd31feec

Comment by auto [ 05/Mar/12 ]

Author:

{u'login': u'singhsiddharth', u'name': u'Siddharth Singh', u'email': u'singhsiddharth@gmail.com'}

Message: SERVER-4992 disabled dropDatabase on "config" via mongos and via mongod, if started with --configsvr

i) dropDatabase on "config" should be disallowed on mongos
ii) dropDatabase on "config" should be disallowed if mongodb started with --configsvr
Branch: master
https://github.com/mongodb/mongo/commit/255e03216d3e75814b9f744fd27dccf93ff81611

Comment by siddharth.singh@10gen.com [ 29/Feb/12 ]

Code review url: http://codereview.10gen.com/7480001/

Comment by Eliot Horowitz (Inactive) [ 29/Feb/12 ]

The 2 things we should do are:

  • on mongos, dropDatabase on "config" should be disallowed
  • on mongod, dropDatabase on "config" should be disallowed if started with --configsvr
Comment by siddharth.singh@10gen.com [ 28/Feb/12 ]

As of now I have implemented a very simple name check logic, that is if the name of the db being dropped is 'config' it will return an error. The safe way to implement additional logic of finding out if collection has data and if it is sharded across more than one shard will require grabbing the distributed namespace lock and then iterating over the collections to find those additional details. This potentially could be time consuming plus the added complexity in the code. If our only intention is to avoid accidental config db deletions from mongos or from a configsvr the simple name check logic is enough. Let me know your thoughts on this.

Comment by Eliot Horowitz (Inactive) [ 17/Feb/12 ]

we can disallow completely via mongos and partially if started with --configsvr

Generated at Thu Feb 08 03:07:34 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.