A fixed-sized collection that automatically overwrites its oldest entries when it reaches its maximum size. The MongoDB oplog that is used in replication is a capped collection
The fastest queries in a sharded environment are those that mongos will route to a single shard, using the shard key and the cluster meta data from the config server. For queries that don’t include the shard key, mongos must query all shards, wait for their response and then return the result to the application. These “scatter/gather” queries can be long running operations.
The most important consideration when choosing a shard key are:
to ensure that MongoDB will be able to distribute data evenly among shards, and
to scale writes across the cluster, and
to ensure that mongos can isolate most queries to a specific mongod.
Example
The following sequence of commands shards four collections:
sh.shardCollection("records.people", { "zipcode": 1, "name": 1 } ) sh.shardCollection("people.addresses", { "state": 1, "_id": 1 } ) sh.shardCollection("assets.chairs", { "type": 1, "_id": 1 } ) db.alerts.ensureIndex( { _id : "hashed" } ) sh.shardCollection("events.alerts", { "_id": "hashed" } )
In order, these operations shard:
The people collection in the records database using the shard key { "zipcode": 1, "name": 1 }.
This shard key distributes documents by the value of the zipcode field. If a number of documents have the same value for this field, then that chunk will be splitable by the values of the name field.
The addresses collection in the people database using the shard key { "state": 1, "_id": 1 }.
This shard key distributes documents by the value of the state field. If a number of documents have the same value for this field, then that chunk will be splitable by the values of the _id field.
The chairs collection in the assets database using the shard key { "type": 1, "_id": 1 }.
This shard key distributes documents by the value of the type field. If a number of documents have the same value for this field, then that chunk will be splitable by the values of the _id field.
The alerts collection in the events database using the shard key { "_id": "hashed" }.
New in version 2.4.
This shard key distributes documents by a hash of the value of the _id field. MongoDB computes the hash of the _id field for the hashed index, which should provide an even distribution of documents across a cluster.
Two topics to cover for today:
Security management and 2 methods of analyzing database operation Performance
How to enable authentication what are the permissions/roles are available in mongodb
How do you report to 10gen, if encounter security bug.
What are the processes for GDS dba to the issue or question to the 10gen.
As to the database profier and currentop
How to configure the profilier
How to you analyze using profiler and curretop methods
What are the different of profile and currentop
How do you kill a hung process
High level review of available of system/database performance monitoring tools in OS and database command line tools, and GUI applications
- network filter: limiting incoming traffic on a specific port to specific systems, or untrusted hosts
On Linux systems, the iptables interface provides access to the underlying netfilter firewall.
- bind_ip forces the server to only listen for requests on the specifics non-public interfaces (IPs)
for example: bind_ip = 127.0.0.1,10.8.0.10,192.168.4.24
“bind_ip” has three values: 127.0.0.1, the localhost interface; 10.8.0.10, a private IP address typically used for local networks and VPN interfaces; and 192.168.4.24, a private network interface typically used for local networks.
Change default port numbers for mongod and mongos (27017), monog shardsrv (27018) , configsvr (27109), web status page (28017).
20001 20002 20003
rest: (default:disabled) API does not include any support for authentication, even when running with auth enabled
nohttpinterface: (default : false) :set to true to disable HTTP interface, will override the rest
Display user/roles in a database
use demo
show users or db.system.users.find()
db.addUser({user: "demouser", pwd:"demouserpwd",roles:["readWrite"]})
db.addUser({user:"demoadmin",pwd:"demoadminpwd",roles:["userAdmin","readWrite"]})
use foo
db.addUser({user:"demoadmin", userSource:"demo",roles:["userAdmin"]})
db.changeUserPassword(“demouser",“NewPassword")
db.system.users data model:
{ user: "<username>", pwd: "<hash>", roles: [] }
or
{ user: "<username>", userSource: "<database>", roles: [] }
roles holds an array of user roles. The available roles are:
read
readWrite
dbAdmin
userAdmin
clusterAdmin
readAnyDatabase
readWriteAnyDatabase
userAdminAnyDatabase
dbAdminAnyDatabase
db.addUser( { user: "<user>", pwd: "<password>", roles: [<roles>] } )
This operation creates a system.users document with a password using the pwd field
In the following prototype, rather than specify a password directly, you can delegated the credential to another database using the userSource field:
db.addUser( { user: "<user>", userSource: "<database>", roles: [<roles>] } )
New in version 2.4.
This “appadmin” user is authenticated from “appadmindb” database and has the following privileges:
readon the admin database,
userAdmin and readWrite permissions in app1db and app2db databases
use appadmindb
show users
db.addUser( { user:"appadmin", pwd:"D2xzigasAb", roles: [ "userAdmin" ,"dbAdmin"]})
show users
use admin
db.addUser(
{
user: "appadmin",
userSource: "appadmindb",
roles: [ "read"],
otherDBRoles: {
app1db: [ "userAdmin","readWrite" ],
app2db: [ "userAdmin","readWrite" ]
}
}
)
show users
New in version 2.4.
This “appadmin” user is authenticated from “appadmindb” database and has the following privileges:
readon the admin database,
userAdmin and readWrite permissions in app1db and app2db databases
use appadmindb
show users
db.addUser( { user:"appadmin", pwd:"D2xzigasAb", roles: [ "userAdmin" ,"dbAdmin"]})
show users
use admin
db.addUser(
{
user: "appadmin",
userSource: "appadmindb",
roles: [ "read"],
otherDBRoles: {
app1db: [ "userAdmin","readWrite" ],
app2db: [ "userAdmin","readWrite" ]
}
}
)
show users
New in version 2.4.
This “appadmin” user is authenticated from “appadmindb” database and has the following privileges:
readon the admin database,
userAdmin and readWrite permissions in app1db and app2db databases
use appadmindb
show users
db.addUser( { user:"appadmin", pwd:"D2xzigasAb", roles: [ "userAdmin" ,"dbAdmin"]})
show users
use admin
db.addUser(
{
user: "appadmin",
userSource: "appadmindb",
roles: [ "read"],
otherDBRoles: {
app1db: [ "userAdmin","readWrite" ],
app2db: [ "userAdmin","readWrite" ]
}
}
)
show users
Information to Provide
All vulnerability reports should contain as much information as possible so 10gen can move quickly to resolve the issue. In particular, please include the following:
The name of the product.
Common Vulnerability information, if applicable, including:
CVSS (Common Vulnerability Scoring System) Score.
CVE (Common Vulnerability and Exposures) Identifier.
Contact information, including an email address and/or phone number, if applicable.
Profiling level – -1: no change, 0: off, 1: slow operation (100 milsecs by default), 2: all database operations (debugging)
Enable profile in the instance level : mongod --profile=1 --slowms=15
Example of setting profile for slow operation by threshold with 20 millsecs.
db.setProfilingLevel(1,20)
Check profiling level: db.getProfilingLevel() , db.getProfilingStatus()
Check system.profile collection size: db.system.profile.stats() or db.system.namespaces.find()
Enable profile in the instance level : mongod --profile=1 --slowms=15
Example of setting profile for slow operation by threshold with 20 millsecs.
db.setProfilingLevel(1,20)
Check profiling level: db.getProfilingLevel() , db.getProfilingStatus()
Check system.profile collection size: db.system.profile.stats() or db.system.namespaces.find()
Enable profile in the instance level : mongod --profile=1 --slowms=15
Example of setting profile for slow operation by threshold with 20 millsecs.
db.setProfilingLevel(1,20)
Check profiling level: db.getProfilingLevel() , db.getProfilingStatus()
Check system.profile collection size: db.system.profile.stats() or db.system.namespaces.find()
db.system.profile.find({op:”update”}).pretty()
nscanned: The number of documents that MongoDB scans in the index in order to carry out the operation. Consider crate index.
moved: true indicates hat the update operation moved one or more documents to a new location on disk.
nmoved: number of the documents moved on disk by operation.
keyUdates: the number of the index keys the update changed in the operation.
numYield: The number of the operation yielded to allow other operations to complete.
LockStats: The time in microseconds that the operation spent acquiring and holding locks
R - global read lock r - database-specific read lock
W - global write lock w - database-specific write lock
millis: The time in milliseconds for the server to perform the operation. (not include the network time nor time to acquire the lock)
db.currentOp() method returns a document (record) that reports in-progress operation for the database instance.
db.currentOp(true) : returns a more verbose output,including idle connections and system operatons
JavaScript operations for the mongo shell filter the output of specific types of operations
currentOp.op A string that identifies the type of operation. The possible values are:
Insert , query, update, remove, getmore, command
currentOp.lockType : Identifies the type of lock the operation currently holds. The possible values are: read , write
currentOp.msg : Provides a message that describes the status and progress of the operation. In the case of indexing or mapReduce operations, the field reports the completion percentage.
currentOp.killed Returns true if mongod instance is in the process of killing the operation.
numYields is a counter that reports the number of times the operation has yielded to allow other operations to complete.
Typically, operations yield when they need access to data that MongoDB has not yet fully read into memory. This allows other operations that have data in
memory to complete quickly while MongoDB reads in data for the yielding operation.
http://g9t3418.houston.hp.com:21001/
Mongo OS tools provide High level operation overview
mongotop : total/read/wirte per collection per second; --locks per db by db locks instead of top command
mongostat : similar to iostat,vmstat; quick overview of the mongoDB instance.
insert/query/update/delete, index miss% (% rate of the index isn’t in the memory)
db.stats()
{
"db" : "test",
"collections" : 4,
"objects" : 1000010,
"avgObjSize" : 20.00048399516005,
"dataSize" : 20000684,
"storageSize" : 43188224,
"numExtents" : 13,
"indexes" : 3,
"indexSize" : 27937392,
"fileSize" : 251658240,
"nsSizeMB" : 16,
"dataFileVersion" : {
"major" : 4,
"minor" : 5
},
"ok" : 1
}
db.users.stats() { "ns" : "app.users", // namespace "count" : 9, // number of documents "size" : 432, // collection size in bytes "avgObjSize" : 48, // average object size in bytes "storageSize" : 3840, // (pre)allocated space for the collection "numExtents" : 1, // number of extents (contiguously allocated chunks of datafile space) "nindexes" : 2, // number of indexes "lastExtentSize" : 3840, // size of the most recently created extent "paddingFactor" : 1, // padding can speed up updates if documents grow "flags" : 1, "totalIndexSize" : 16384, // total index size in bytes "indexSizes" : { // size of specific indexes in bytes "_id_" : 8192, "username" : 8192 }, "ok" : 1 }
cb.serverStatus() : version, mongo instance process id, uptime, total memory/connections/size/locks,etc
rs.status : wrapper of replSetGetStatus
sh.status() : db.printShardingStatus()
Mongo OS tools provide High level operation overview
mongotop : total/read/wirte per collection per second; --locks per db by db locks instead of top command
mongostat : similar to iostat,vmstat; quick overview of the mongoDB instance.
insert/query/update/delete, index miss% (% rate of the index isn’t in the memory)
db.stats()
{
"db" : "test",
"collections" : 4,
"objects" : 1000010,
"avgObjSize" : 20.00048399516005,
"dataSize" : 20000684,
"storageSize" : 43188224,
"numExtents" : 13,
"indexes" : 3,
"indexSize" : 27937392,
"fileSize" : 251658240,
"nsSizeMB" : 16,
"dataFileVersion" : {
"major" : 4,
"minor" : 5
},
"ok" : 1
}
db.users.stats() { "ns" : "app.users", // namespace "count" : 9, // number of documents "size" : 432, // collection size in bytes "avgObjSize" : 48, // average object size in bytes "storageSize" : 3840, // (pre)allocated space for the collection "numExtents" : 1, // number of extents (contiguously allocated chunks of datafile space) "nindexes" : 2, // number of indexes "lastExtentSize" : 3840, // size of the most recently created extent "paddingFactor" : 1, // padding can speed up updates if documents grow "flags" : 1, "totalIndexSize" : 16384, // total index size in bytes "indexSizes" : { // size of specific indexes in bytes "_id_" : 8192, "username" : 8192 }, "ok" : 1 }
cb.serverStatus() : version, mongo instance process id, uptime, total memory/connections/size/locks,etc
rs.status : wrapper of replSetGetStatus
sh.status() : db.printShardingStatus()
mongotop : total/read/wirte per collection per second; --locks per db by db locks instead of top command
mongostat : similar to vmstat; quick overview of the mongoDB instance.
insert/query/update/delete, index miss%
db.stats()
{
"db" : "test",
"collections" : 4,
"objects" : 1000010,
"avgObjSize" : 20.00048399516005,
"dataSize" : 20000684,
"storageSize" : 43188224,
"numExtents" : 13,
"indexes" : 3,
"indexSize" : 27937392,
"fileSize" : 251658240,
"nsSizeMB" : 16,
"dataFileVersion" : {
"major" : 4,
"minor" : 5
},
"ok" : 1
}
db.users.stats() { "ns" : "app.users", // namespace "count" : 9, // number of documents "size" : 432, // collection size in bytes "avgObjSize" : 48, // average object size in bytes "storageSize" : 3840, // (pre)allocated space for the collection "numExtents" : 1, // number of extents (contiguously allocated chunks of datafile space) "nindexes" : 2, // number of indexes "lastExtentSize" : 3840, // size of the most recently created extent "paddingFactor" : 1, // padding can speed up updates if documents grow "flags" : 1, "totalIndexSize" : 16384, // total index size in bytes "indexSizes" : { // size of specific indexes in bytes "_id_" : 8192, "username" : 8192 }, "ok" : 1 }
cb.serverStatus() : version, mongo instance process id, uptime, total memory/connections/size/locks,etc
rs.status : wrapper of replSetGetStatus
sh.status() : db.printShardingStatus()