Hacker News new | comments | show | ask | jobs | submit login
MongoDB writes to be safe/verified by default (mongodb.org)
68 points by mrkurt 1582 days ago | hide | past | web | 32 comments | favorite

This seems like a very sane way of handling this particular issue. I know it's cool to hate on MongoDB these days, but I've always liked the way they built their product. Maybe at ridiculous scale it's not as awesome, but it's been pretty decent for me on the small projects I used it on.

Pretty much anything can be made to work for small projects. Even stodgy old SQL projects like Postgres which pay a lot of attention to being correct and doing their damndest to preserve your data.

Gasp ... I'm just about to use "stodgy old PostgreSQL" in a new project. I guess I'm old enough now that perhaps I'm stodgy myself.

I don't think so. I fell in love with PostgreSQL in High School and that love only continues into my 20s.

I think this seems a pretty insane way of doing it; why not change the default behavior instead of making another driver with a separate name as well as keeping the old one too?

This is likely to be super confusing to new users; rumours that it's write safe and all the common examples will be fore the old driver...

IMHO they should have altered the defaults; people who require the extra performance will likely be the ones reading the changelogs / docs / these posts and notice.

> I think this seems a pretty insane way of doing it; why not change the default behavior instead of making another driver with a separate name as well as keeping the old one too?

Because, as they clearly explain in their rationale, that would break compatibility with all of the existing software out there that relies on the current semantics.

Thou Shalt Not Break Working Code is the first rule of building software that other software relies on.

They're deprecating but retaining the old driver to give people a transition period in which to modify their software instead of kicking them in the teeth immediately or forcing them to hold off on upgrading. That's the mature approach to fixing mistakes that people nonetheless built assumptions around.

What does it break? This new default makes it behave as most users of it would have expected it too when writing their code. IMHO the users who require un-safe writes will be the ones to read this kind of news and notice and could alter it, if needed. I don't think this is true vice versa.

One case that could break by this change is if you relied on insert's old default of being a no-op if an object with the same _id already exists. This can be used to efficiently insert a default document without race conditions. Example at https://github.com/RedBeard0531/Mongurl/blob/master/mongurl....

That said, it makes sense for this to be opt-in behavior rather than the default.

If people are relying on the current speed, changing the default to safe would break them.

If it's properly deprecated, the old constructor should cause a compiler warning with a message explaining the issue. This way, old and new users of the new library will get the message, even if the sample uses the old constructor.

At least in languages that support that feature (.NET, Java, C++ with some extensions).

A more aggressive approach, used e.g. in the CLR for really serious problems (like the improper HMAC calculation bug, or background threads not aborting in CLR < 2.0) give you a warning and allow you to switch it off via config, so no code change is required, but everyone gets the "fix".

Yes everyone here hates mongo because that is cool and they are all irrational, not because up until, well ... now, it had been calling itself a 'database' product while specifically defaulting to doing the least possible to make sure your data actually hits the disk. But hey, it looks good in benchmarks, and it is WebScale(tm) and anyone who hates that kind of thing is just an irrational hater.

> it had been calling itself a 'database' product while specifically defaulting to doing the least possible to make sure your data actually hits the disk

Being a database doesn't mean you have to persist on disk. There is nothing wrong with in-memory databases. If you thought they were giving you persistence guarantees, then yeah, you would have a gripe.

In memory databases are explicitly marketed as "in-memory database". Not simply as "database" because that delivers some expectations to people. And those expectations are generally not verified with the dictionary definition of database.

Mongo made it extremely easy for me to create local caches of JSON api data. I didn't want to go through the hassle of mapping postgres schema or dealing with it's hstore data type.

I was then able to write a quick script to copy my mongo database over to elasticsearch. It was a joy.

Sadly it seems that the "ubuntu generation" of people who don't RTFM have won out.

The sheer amount of recent MongoDB hate has been extremely annoying, not to mention the half-assed reasons for justifying it - we've learned a lot of things from running MongoDB at scale, and none of them are what the haters usually whine about.

Glad that you are having success with MongoDB at scale. Have you considered sharing your experiences? Would be really helpful for others to learn from you.

Seconded. I'd love to see a post about your experiences.

Kind of take some offence to you using "ubuntu generation" as a pejorative, but you're right about people hating on MongoDB because it is cool to hate on MongoDB. I'm sure that most people spreading the fud have little to no experience with it.

I think that MongoDB has got a lot of attention because its brand of NoSQL is one of the closest neighbours to RDBMS. I believe a lot of people may have dabbled with mongo and they might have walked away realizing that NoSQL is not 100% sugar plums and lollipops as evangelized. There are trade-offs between different NoSQL databases and RDBMS, and Mongo is no exception. Personally, I really like MongoDB and continue to use it.

Still seems like an awfully long time to switch to proper defaults -- 3 and a half years?

They had to wait until their unsafe benchmarks had killed off the competition.


A good decision. I know backwards compatibility is important, but safe defaults are an important aspect of usability.

Also, it's difficult to change something after defending it for a while. That's a promising sign.

I know that the case is for safe is obvious, and I'm happy about the switch. However, read the manual before getting your CAT6 in a twist. I really want to use Postgres for an upcoming project, so I plan to read everything I can about it. A sane developer tests, reads, tests again, swears a lot, drinks coffee, and reads again. Try to find every damn pitfall you can digest. You will spend an exorbitant amount of time reading, but you'll be better for it.

This is fantastic news!

So for any of us who have been responsible and actually used the fire and forget behavior of the previous driver here is the API call that you can use to revert back


I switched to MongoDB because devnull is webscale. Why take the speed of devnull away from new users?

I think the single biggest mistake they made was calling the option "safe". That is obviously ludicrous! They should have called it exactly what it is - "async".

Don't you mean safe mode is the synchronous version? The original default was asynchronous error checking.

What I mean is that instead of calling it "safe" they should have called it "async". "safe" is the wrong terminology to use.

No. Both the "safe" and "unsafe" versions are asynchronous. The safe version waits for a response from the server before invoking a callback. The unsafe version does not, but that doesn't make it synchronous -- the operation is still potentially executing on the server when the function returns.

This completely misses the point! I am talking about what the API does which is what you are using. Whether it internally makes one over the wire call or 10 is irrelevant. With the parameter set one way, the API does not return until the server has completed the operation, and the other way the operation could still be in progress or could have errored - you have to explicitly ask.

My contention is that "safe" is a bad name for the parameter, and "async" is far better suited as it describes the semantics of the API.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact