dropConnections (original) (raw)
dropConnections
The dropConnections command drops themongod / mongos instance's outgoing connections to the specified hosts. The dropConnectionsmust be run against the admin database.
This command is available in deployments hosted in the following environments:
- MongoDB Enterprise: The subscription-based, self-managed version of MongoDB
- MongoDB Community: The source-available, free-to-use, and self-managed version of MongoDB
The command has following syntax:
db.adminCommand(
{
dropConnections: 1,
hostAndPort : [ "host1:port1", "host2:port2", ... ],
comment: <any>
}
)
The command requires the following field:
| Field | Type | Description |
|---|---|---|
| hostAndPort | array | Each array element represents the hostname and port of a remote machine. |
| comment | any | Optional. A user-provided comment to attach to this command. Once set, this comment appears alongside records of this command in the following locations:mongod log messages, in theattr.command.cursor.comment field.Database profiler output, in the command.comment field.currentOp output, in the command.comment field.A comment can be any valid BSON type(string, integer, object, array, etc). |
If the deployment enforcesauthentication/authorization, the dropConnections command requires thedropConnections action on thecluster resource.
Create a user-defined role in the admindatabase where the privilege array includes the following document:
{ "resource" : { "cluster" : true } }, "actions" : [ "dropConnections" ] }
- Use db.createUser() to create a user on the
admindatabase with the custom role.
or - Use db.grantRolesToUser() to grant the role to an existing user on the
admindatabase.
For example, the following operation creates a user-defined role on the admin database with the privileges to support dropConnections:
db.getSiblingDB("admin").createRole(
{
"role" : "dropConnectionsRole",
"privileges" : [
{
"resource" : { "cluster" : true },
"actions" : [ "dropConnections" ]
}
],
"roles" : []
}
)
Assign the custom role to a user on the admin database:
db.getSiblingDB("admin").createUser(
{
"user" : "dropConnectionsUser",
"pwd" : "replaceThisWithASecurePassword",
"roles" : [ "dropConnectionsRole" ]
}
)
The created user can execute dropConnections.
For more examples of user creation, see Create a User on Self-Managed Deployments. For a tutorial on adding privileges to an existing database user, seeModify Access for an Existing User.
dropConnections silently ignores hostAndPort elements that do not include both the hostname and port of the remote machine.
Consider a replica set with a recently removed member atoldhost.example.com:27017. Running the followingdropConnections command against each active replica set member ensures there are no remaining outgoing connections to oldhost.example.com:27017:
db.adminCommand(
{
"dropConnections" : 1,
"hostAndPort" : [
"oldhost.example.com:27017"
]
}
)
The command returns output similar to the following:
{
"ok" : 1,
"$clusterTime" : {
"clusterTime" : Timestamp(1551375968, 1),
"signature" : {
"hash" : BinData(0,"AAAAAAAAAAAAAAAAAAAAAAAAAAA="),
"keyId" : NumberLong(0)
}
},
"operationTime" : Timestamp(1551375968, 1)
}
You can confirm the status of the connection pool for themongod or mongos using theconnPoolStats command.