Databases Reference
In-Depth Information
mongostat
Although powerful,
serverStatus
is not exactly a user-friendly mechanism for moni-
toring server health and performance. Fortunately, MongoDB distributions also ship
with
mongostat
, which puts a friendly face on the output of
serverStatus
.
mongostat
prints some of the most important information available from
serverStatus
. It prints a new line every second, which gives a more real-time view to
the static counters we saw previously. The columns printed by
mongostat
have names
like
inserts/s
,
commands/s
,
vsize
, and
% locked
, each of which corresponds exactly to
data available in
serverStatus
.
Third-Party Plug-Ins
Most administrators are probably already using monitoring packages to keep track of
their servers, and the presence of
serverStatus
and the
/_status
URL make it pretty easy
to write a MongoDB plug-in for any such tool. At the time of this writing, MongoDB
plug-ins exist for at least Nagios, Munin, Ganglia, and Cacti. For an up-to-date list of
third-party plug-ins, check out the
MongoDB documentation on monitoring tools
.
Security and Authentication
One of the first priorities for any systems administrator is to ensure their systems are
secure. The best way to handle security with MongoDB is to run it in a trusted envi-
ronment, ensuring that only trusted machines are able to connect to the server. That
said, MongoDB supports per connection authentication, albeit with a pretty coarse-
grained permissions scheme.
Authentication Basics
Each database in a MongoDB instance can have any number of users. When security
is enabled, only authenticated users of a database are able to perform read or write
operations on it. In the context of authentication, MongoDB treats one database as
special:
admin
. A user in the
admin
database can be thought of as a superuser. After
authenticating, admin users are able to read or write from
any
database and are able to
perform certain admin-only commands, like
listDatabases
or
shutdown
.
Before starting the database with security turned on, it's important that at least one
admin user has been added. Let's run through a quick example, starting from a shell
connected to a server without security turned on:
> use admin
switched to db admin
> db.addUser("root", "abcd");
{
"user" : "root",
