dropConnections

  • dropConnections

New in version 4.2.

The dropConnections command drops themongod/mongos instance’s outgoingconnections to the specified hosts. The dropConnectionsmust be run against the admin database.

The command has following syntax:

  1. db.adminCommand({
  2.   dropConnections: 1,
  3.   hostAndPort : [ "host1:port1", "host2:port2", ... ]
  4. })

The command requires the following field:

FieldTypeDescriptionhostAndPortarrayEach array element represents the hostname andport of a remote machine.

Access Control

If the deployment enforcesauthentication/authorization,the dropConnections command requires thedropConnections action on thecluster resource.

Create a user-defined role in the admindatabase where the privilege array includes the following document:

  1. { "resource" : { "cluster" : true } }, "actions" : [ "dropConnections" ] }
  • Use db.createUser() to create a user on the admindatabase with the custom role.

or

For example, the following operation creates auser-defined role on the admin database with the privilegesto support dropConnections:

  1. db.getSiblingDB("admin").createRole(
  2.   {
  3.     "role" : "dropConnectionsRole",
  4.     "privileges" : [
  5.       {
  6.         "resource" : { "cluster" : true },
  7.         "actions" : [ "dropConnections" ]
  8.       }
  9.     ],
  10.     "roles" : []
  11.   }
  12. )

Assign the custom role to a user on the admin database:

  1. db.getSiblingDB("admin").createUser(
  2.   {
  3.     "user" : "dropConnectionsUser",
  4.     "pwd" : "replaceThisWithASecurePassword",
  5.     "roles" : [ "dropConnectionsRole" ]
  6.   }
  7. )

The created user can execute dropConnections.

For more examples of user creation, see Add Users.For a tutorial on adding privileges to an existing database user, seeModify Access for an Existing User.

Behavior

dropConnections silently ignores hostAndPort elementsthat do not include both the hostname and port of the remote machine.

Example

Consider a replica set with a recently removed member atoldhost.example.com:27017. Running the followingdropConnections command against each activereplica set member ensures there are no remaining outgoing connectionsto oldhost.example.com:27017:

  1. db.adminCommand(
  2.   {
  3.     "dropConnections" : 1,
  4.     "hostAndPort" : [
  5.       "oldhost.example.com:27017"
  6.     ]
  7.   }
  8. )

The command returns output similar to the following:

  1. {
  2.  "ok" : 1,
  3.  "$clusterTime" : {
  4.    "clusterTime" : Timestamp(1551375968, 1),
  5.    "signature" : {
  6.      "hash" : BinData(0,"AAAAAAAAAAAAAAAAAAAAAAAAAAA="),
  7.      "keyId" : NumberLong(0)
  8.    }
  9.  },
  10.  "operationTime" : Timestamp(1551375968, 1)
  11. }

You can confirm the status of the connection pool for themongod or mongos using theconnPoolStats command.