- Tutorials >
- Administration
Administration¶
On this page
Databases¶
The driver provides various helpers on database objects for executing commands, getting collection lists, and administrative tasks.
List Collections¶
To get a list of collections or collection names for a database, use
collections
and collection_names
, respectively.
To execute any command on the database, use the command
method.
Drop Database¶
To drop a database, use the drop
method.
Collections¶
The driver provides some helpers for administrative tasks with collections.
To create a collection with options (such as creating a capped collection),
pass the options when getting the collection from the client, then call
create
.
Drop Collection¶
To drop a collection, call drop
on the collection object.
Changing Read/Write Preferences¶
To change the default read preference or write concern for specific operations,
use the with
method on the collection.
Authentication¶
MongoDB supports a variety of authentication mechanisms.
For more information about configuring your MongoDB server for each of these authentication mechanisms see MongoDB’s online documentation.
Creating a user¶
To create a user in specific database, use the create
method with the
username, password and roles parameters.
See also
Providing credentials¶
If authentication is enabled, provide credentials when creating a new client.
For MongoDB 2.6 and later, :auth_source
defaults to admin,
otherwise the current database is used.
The current database can be changed with the client’s use
method.
A new client can be created with the authentication credentials.
Alternatively, setting the current database and credentials can be done in one step:
MONGODB-CR Mechanism¶
MONGODB-CR was the default authentication mechanism for MongoDB up through version 2.6.
The mechanism can be explicitly set with the credentials:
Client Certificate (x509)¶
Requires MongoDB v2.6 or greater.
The driver presents an X.509 certificate during SSL negotiation. The Client Certificate (x509) mechanism authenticates a username derived from the distinguished subject name of this certificate.
This authentication method requires the use of SSL connections with certificate validation.
For more information about configuring X.509 authentication in MongoDB, see the X.509 tutorial in the MongoDB Manual.
LDAP (SASL PLAIN) mechanism¶
Requires MongoDB Enterprise Edition v2.6 or greater.
MongoDB Enterprise Edition supports the LDAP authentication mechanism which allows you to delegate authentication using a Lightweight Directory Access Protocol LDAP server.
Warning
When using LDAP, passwords are sent to the server in plain text. For this reason, we strongly recommend enabling SSL when using LDAP as your authentication mechanism.
For more information about configuring LDAP authentication in MongoDB, see the SASL/LDAP tutorial in the MongoDB Manual.
Kerberos (GSSAPI) mechanism¶
Requires MongoDB Enterprise Edition v2.4 or greater.
MongoDB Enterprise Edition v2.4+ supports Kerberos authentication.
To use Kerberos in the Ruby driver with JRuby, do the following:
- Specify several system properties so that the underlying GSSAPI Java libraries can acquire a Kerberos ticket. See the MongoDB Java Driver authentication documentation for more information.
- Either provide a password OR set the ‘java.security.auth.login.config’ system property to a config file that references a keytab file.
To use Kerberos in the Ruby driver
with Matz’s Ruby Interpreter (MRI), create a
ticket-granting ticket using kinit
. See
this documentation for more
information.
For more information about deploying MongoDB with Kerberos authentication, see the manual.
Logger¶
You can either use the default global driver logger or set your own. To set your own:
See the Ruby Logger documentation for more information on the default logger API and available levels.
Changing the Logger Level¶
To change the logger level:
For more control, a logger can be passed to a client for per-client control over logging.
Truncation¶
The default logging truncates logs at 250 characters by default. To turn this off pass an option to the client instance.
Monitoring¶
All user-initiated commands that are sent to the server publish events that can be
subscribed to for fine grained information. The monitoring API publishes a guaranteed
start event for each command, then either a succeeded or failed event. A subscriber
must implement 3 methods: started
, succeeded
, and failed
, each which takes
a single parameter for the event. An example is the default logging subscriber included
in the driver:
To register a custom subscriber, you can do so globally for all clients or on a per-client basis:
To turn off monitoring, set the client monitoring option to false
: