dropConnections
Definition
dropConnections
The
dropConnections
command drops themongod
/mongos
instance's outgoing connections to the specified hosts. ThedropConnections
must be run against theadmin
database.
Syntax
The command has following syntax:
db.adminCommand( { dropConnections: 1, hostAndPort : [ "host1:port1", "host2:port2", ... ], comment: <any> } )
Command Fields
The command requires the following field:
Field | Type | Description |
---|---|---|
hostAndPort | array | Each array element represents the hostname and
port of a remote machine. |
comment | any | Optional. A user-provided comment to attach to this command. Once set, this comment appears alongside records of this command in the following locations:
A comment can be any valid BSON type (string, integer, object, array, etc). |
Access Control
If the deployment enforces
authentication/authorization,
the dropConnections
command requires the
dropConnections
action on the
cluster resource.
Create a user-defined role in the admin
database where the privilege
array includes the following document:
{ "resource" : { "cluster" : true } }, "actions" : [ "dropConnections" ] }
Use
db.createUser()
to create a user on theadmin
database with the custom role.or
Use
db.grantRolesToUser()
to grant the role to an existing user on theadmin
database.
For example, the following operation creates a
user-defined role on the admin
database with the privileges
to support dropConnections
:
db.getSiblingDB("admin").createRole( { "role" : "dropConnectionsRole", "privileges" : [ { "resource" : { "cluster" : true }, "actions" : [ "dropConnections" ] } ], "roles" : [] } )
Assign the custom role to a user on the admin
database:
db.getSiblingDB("admin").createUser( { "user" : "dropConnectionsUser", "pwd" : "replaceThisWithASecurePassword", "roles" : [ "dropConnectionsRole" ] } )
The created user can execute dropConnections
.
For more examples of user creation, see Create a User on Self-Managed Deployments. For a tutorial on adding privileges to an existing database user, see Modify Access for an Existing User.
Behavior
dropConnections
silently ignores hostAndPort
elements
that do not include both the hostname and port of the remote machine.
Example
Consider a replica set with a recently removed member at
oldhost.example.com:27017
. Running the following
dropConnections
command against each active
replica set member ensures there are no remaining outgoing connections
to oldhost.example.com:27017
:
db.adminCommand( { "dropConnections" : 1, "hostAndPort" : [ "oldhost.example.com:27017" ] } )
The command returns output similar to the following:
{ "ok" : 1, "$clusterTime" : { "clusterTime" : Timestamp(1551375968, 1), "signature" : { "hash" : BinData(0,"AAAAAAAAAAAAAAAAAAAAAAAAAAA="), "keyId" : NumberLong(0) } }, "operationTime" : Timestamp(1551375968, 1) }
You can confirm the status of the connection pool for the
mongod
or mongos
using the
connPoolStats
command.