mongorestore and --db

77 views
Skip to first unread message

Jeff Abrahamson

unread,
Oct 10, 2018, 5:30:08 AM10/10/18
to mongodb-user

I have a script whose purpose is to restore a production mongodb snapshot to my staging mongodb instance.  The key line in that script is this:

time mongorestore  --ssl --gzip --drop  --host=my_fqdn --port=27017 --username=my_restore_username --password=my_password --archive="$snapshot_name"

Unfortunately, that loads the database my_prod into the database my_prod.  But I want to drop my_staging and load my_prod as my_staging.  So I thought I needed a --db flag, thus:

time mongorestore  --ssl --gzip --drop --db=my_staging_db --host=my_fqdn --port=27017 --username=my_restore_username --password=my_password --archive="$snapshot_name"

But that causes (I think) my_restore_username to connect against my_staging_db instead of against admin.  (As per my understanding of the docs, I've created my_restore_user on admin rather than against any user database.)  But that just gives me an immediate authentication error:

2018-10-10T04:28:28.418+0000    Failed: error connecting to db server: server returned error on SASL authentication step: Authentication failed.

In the mongod log that looks like this:

2018-10-10T04:57:41.907Z I ACCESS   [conn23] SCRAM-SHA-1 authentication failed for my_restore_user on my_staging_db from client 1.2.3.4:55240 ; UserNotFound: Could not find user my_restore_user@my_staging_db

Fair enough.  But is there a way to say "authenticate against admin, then restore database my_staging_db in place of the existing database my_staging_db"?

Alternatively, I could do a drop/restore as my_prod_db, then drop my_staging_db and rename my_prod_db to be my_staging_db.  I'm concerned that that's fragile in the best of scenarios and certainly unnecessary.

Any pointers?

-- 

Jeff Abrahamson
+33 6 24 40 01 57
+44 7920 594 255

http://p27.eu/jeff/
http://transport-nantes.com/

Kevin Adistambha

unread,
Oct 25, 2018, 1:36:06 AM10/25/18
to mongodb-user

Hi Jeff,

But is there a way to say “authenticate against admin, then restore database my_staging_db in place of the existing database my_staging_db”?

I believe what you’re looking for is the —authenticationDatabase parameter in mongorestore. For example, you could use:

mongorestore --ssl --gzip ... --authenticationDatabase admin

to let mongorestore know that you intend to use admin as your authentication database.

On another note, instead of using the --db parameter, you could also use --nsFrom and --nsTo. The two parameters accept wildcard, so if you want to restore the wholemy_prod database to my_staging, your command line could be:

mongorestore  --ssl --gzip --drop --host=my_fqdn --port=27017 --username=my_restore_username --password=my_password --archive="$snapshot_name" --nsFrom="my_prod.*" --nsTo="my_staging.*" --authenticationDatabase=admin

The parameters --nsFrom and --nsTo should make your intent more explicit. They were added in MongoDB 3.4.

Best regards,
Kevin

Reply all
Reply to author
Forward
0 new messages