Categories:
Purge expired Aura users
Guidelines for the elimination of expired Aura users, in order to minimize the number of documents in aura-users database. This will make data migration lighter.
Prerequirements
-
This step must be executed if the number of documents in the aura-users database is too large and there are a lot of expired users, i.e., users that accessed more than 6 months ago and did not come back to Aura for a time.
-
It must be executed on a weekly or monthly basis to avoid long executions. The frequency will depend on the amount of data in your database and how long it takes to remove the expired data.
-
A valid kubeconfig for the environment must be available
-
A valid token to be able to pull images from aura docker registry:
auraregistry.azurecr.iomust be available -
Get the variables to access the database:
# substitute {{aura-environment with the environment you're configuring }} export AURA_ENVIRONMENT={{aura-environment}} $ kubectl -n $AURA_ENVIRONMENT get cm authentication-api -o json | jq -r ".data.AURA_MONGODB_URI" {{mongo_uri}} $ kubectl -n $AURA_ENVIRONMENT get cm authentication-api -o json | jq -r ".data.AURA_MONGODB_USERNAME" {{mongo_user}} $ kubectl -n $AURA_ENVIRONMENT get secret authentication-api -o json | jq -r ".data.AURA_MONGODB_PASSWORD|@base64d" {{mongo_pass}} $ kubectl -n $AURA_ENVIRONMENT get cm authentication-api -o json | jq -r ".data.AURA_MONGODB_USER_DB" {{mongo_users_db}}
Process for expired users elimination
Access MongoDB console
This access depends on the deployment configuration:
-
If the environment database runs in an on-premise MongoDB server, set up the corresponding port-forward to the primary node of the replicaset:
# Review carefully the mongodb pod you're connecting to, it MUST be the primary of the replica set # Review your local port carefully, to set a free one $ kubeclt -n aura-system port-forward mongodb-0 27017:27017 # Set the proper mongo_uri to access via the port-forwarded connection $ mongo_uri=mongodb://localhost:27017 -
If the environment database runs in Atlas, just connect to the
{{mongo_uri}}, read from the environment configuration.
In the end, just open the MongoDB console:
$ mongo -u {{mongo_user}} -p {{mongo_pass}} {{mongo_uri}}
> use {{mongo_users_db}}
Check the number of expired users
-
Check how many users are expired in the database (Older than 180 days or without
lastAccessfield)> db.users.find({ "$or": [ { "lastAccess": { "$exists": false }},{ "lastAccess": { "$lt": new Date(ISODate().getTime() - 1000 * 86400 * 180)} } ]}).count()
⚠️ If Movistar Plus is a valid channel in your deployment, then its users must not be considered in the query, because they are created from a backend and are assumed to be created beforehand.
> db.users.find({ "$and": [ { "$or": [ { "lastAccess": { "$exists": false }},{ "lastAccess": { "$lt": new Date(ISODate().getTime() - 1000 * 86400 * 180)} } ]}, { "channelId": { "$ne": "60f0ffda-e58a-4a96-aad9-d42be70b7b42" }} ]}).count()
Execute database-cleaner tool
The script iterates over all the users in the database, deleting those whose lastAccess is older than 180 days or without lastAccess field (meaning that they come from an old version of Aura where this field does not exist).
It will create some output files with the deleted users that can be used with mongoimport command to restore the deleted users, if needed. The output files with the deleted users will be split in files of 500Mb size each.
If the environment uses MongoDB on premise: Use with port-forwarding to the primary node of the cluster in the same host where the command is running:
# complete the {{mongodb_uri}} with the user and password of the database. You should obtain something like:
# mongodb_full_uri = mongodb://{{mongo_user}}:{{mongo_pass}}@{{mongodb_hosts_path}}
$ docker run -it --net=host -e MONGODB_USERS_DATABASE={{mongo_users_db}} -e MONGODB_URI={{mongodb_full_uri}} -v $(pwd)/output:/opt/cleaner/output auraregistry.azurecr.io/aura-tools/database-cleaner