MongoDB Enterprise Kubernetes Operator
OTHER License
Bot releases are visible (Hide)
Published by mms-build-account over 2 years ago
spec.security.tls.enabled
and spec.security.tls.secretRef.prefix
fields are now deprecated and will be removed in a future release. To enable TLS it is now sufficient to set the spec.security.certsSecretPrefix
field.spec.backup.queryableBackupSecretRef
. The secrets referenced by this field contains the certificates used to enable Queryable Backups feature.spec.security.tls.ca
and spec.security.tls.secretRef
.spec.applicationDatabase.automationConfig.processes[n].disabled
field, this enables backing up the AppDB.spec.security.tls.enabled
, spec.security.tls.secretRef.prefix
, spec.applicationDatabase.security.tls.enabled
and spec.applicationDatabase.security.tls.prefix
fields are now deprecated and will be removed in a future release. To enable TLS it is now sufficient to set the spec.security.certsSecretPrefix
and/or spec.applicationDatabase.security.certsSecretPrefix
field.All the images can be found in:
https://quay.io/repository/mongodb (ubuntu-based)
https://connect.redhat.com/ (rhel-based)
Published by rodrigovalin almost 3 years ago
spec.backup.autoTerminateOnDeletion
. AutoTerminateOnDeletion indicates if the Operator should stop and terminate the Backup before the cleanup, when the MongoDB Resource is deleted.spec.backup.s3OpLogStores
field.All the images can be found in:
https://quay.io/repository/mongodb (ubuntu-based)
https://connect.redhat.com/ (rhel-based)
Published by mms-build-account almost 3 years ago
publicKey
and privateKey
. These should be preferred to the existent user
and publicApiKey
when using Programmatic API Keys in Ops Manager.operator.watchNamespace
to a comma-separated list of Namespaces.Deprecation Notice
The usage of generic secrets, manually created by concatenating certificate and private key, is now deprecated.
spec.project
has been removed from MongoDB spec, this field has been deprecated since operator version 1.3.0
. Make sure to specify the project configmap name under spec.opsManager.configMapRef.name
or spec.cloudManager.configMapRef.name
before upgrading the operator.spec.security.certsSecretPrefix
. This string is now used to determine the name of the secrets containing various TLS certificates:
<spec.security.certsSecretPrefix>-<resource-name>-cert
spec.security.tls.secretRef.name
or spec.security.tls.secretRef.prefix
are specified, these will take precedence over the new field<resource-name>-cert
spec.security.certsSecretPrefix
is specified, the secret name is<spec.security.certsSecretPrefix>-<resource-name>-agent-certs
spec.authentication.agents.clientCertificateSecretRef
is specified, this will take precedence over the new fieldagent-certs
spec.security.certsSecretPrefix
is specified, the secret name is <spec.security.certsSecretPrefix>-<resource-name>-clusterfile
<resource-name>-clusterfile
spec.backup.fileSystemStores
in OM CR. The FS however needs to be manually configured.spec.backup.externalServiceEnabled
to false
in OM CR. By default, the operator would create the LoadBalancer type service object.spec.security.certSecretPrefix
. This is string is now used to determine the name of the secret containing the TLS certificate for OpsManager.
spec.security.tls.secretRef.Name
is specified, it will take the precedence
spec.security.certSecretPrefix
is specified, the secret name will be <spec.security.certSecretPrefix>-<om-resource-name>-cert
spec.project
has been removed from User spec, this field has been deprecated since operator version 1.3.0
. Make sure to specify the MongoDB resource name under spec.MongoDBResourceRef.name
before upgrading the operator.Sample policies are now available in opa_examples directory
Published by chatton over 3 years ago
net.ssl.mode
and not net.tls.mode
in the spec.additionalMongodConfig
field.spec.exposedExternally
is set to false
after being set to true
, the Operator will now delete the corresponding servicespec.externalConnectivity
is unset after being set, the Operator will now delete the corresponding servicespec.backup.members
field. The value defaults to 1 if not set.Ops Manager versions 4.4.13, 4.4.14, 4.4.15 and 4.2.25 are now supported
Ops Manager version 5.0.0 is now supported
Ubuntu based operator images are now based on Ubuntu 20.04 instead of Ubuntu 16.04
Ubuntu based database images starting from 2.0.1 will be based on Ubuntu 18.04 instead of Ubuntu 16.04
NOTE: MongoDB 4.0.0 does not support Ubuntu 18.04 - If you want to use MongoDB 4.0.0, stay on previously released images
Ubuntu based Ops Manager images after 4.4.13 will be based on Ubuntu 20.04 instead of Ubuntu 16.04
Newly released ubi images for Operator, Ops Manager and Database will be based un ubi-minimal instead of ubi
Published by bznein over 3 years ago
LivenessProbe
that could cause the database Pods to be restarted in the middle of a restore operation from Backup.mongodb
, mongodb-agent
, mongodb-agent-monitoring
) and it does not bundle anymore a MongoDB versionspec.applicationDatabase.version
is no longer optional.spec.applicationDatabase.persistent
does not exist anymore, the Operator will now always use persistent volumes for the AppDB.mongodb-agent 10.29.0.6830-1:
mongodb-enterprise-appdb-database
mongodb-enterprise-init-appdb 1.0.7
mongodb-enterprise-init-database 1.0.3
Published by rodrigovalin over 3 years ago
Changes
v1beta1
to v1
version. This should not have any impact on Kubernetes clusters 1.16 and up. The CRDs won't be installable in clusters with versions older than 1.16.Bug fixes
spec.backup.mode=disabled
fail.automation.versions.download.baseUrl
has been set, the property automation.versions.download.baseUrl.allowOnlyAvailableBuilds
false
. This has been fixed in Ops Manager version 4.4.11.Published by chatton over 3 years ago
Published by irajdeep almost 4 years ago
delete service
permission from operator role.spec.security.authentication.roles
by removing the privileges
array would cause the resource to enter a bad statemongodb-enterprise-appdb:10.2.15.5958-1_4.2.11-ent
was released. The image needs4.2.11-ent
instead of 4.2.2-ent
.spec.applicationDatabase.version
is omitted the Operator will use 4.2.11-ent
as a default MongoDB.Published by chatton almost 4 years ago
spec.backup.enabled
to true
. Note: You must have an Ops Manager resource already configured with backup. See the docs for more information.matchLabels
attribute,Service
to allow for Queryable Backups feature to work.Published by antonlisovenko almost 4 years ago
MongoDBOpsManager
resource gets to Failing
state when both external connectivity and backups are enabledUbuntu 16.04: quay.io/mongodb/mongodb-enterprise-operator:1.8.2
UBI8: quay.io/mongodb/mongodb-enterprise-operator-ubi:1.8.2
Published by rodrigovalin almost 4 years ago
Note: quay.io/mongodb/mongodb-enterprise-init-ops-manager:1.0.2 will support new release versions.
A list of the packages installed, and any security vulnerabilities detected in our build process, are outlined here
For the MongoDB Enterprise Operator
https://quay.io/repository/mongodb/mongodb-enterprise-operator?tab=tags
And for the MongoDB Enterprise Database
https://quay.io/repository/mongodb/mongodb-enterprise-database?tab=tags
Published by chatton about 4 years ago
INIT_DATABASE_IMAGE_REPOSITORY
environment variable must be configured in the operator deployment, and the new init container must exist inside this repository.spec.security.authentication.requireClientTLSAuthentication
spec.security.authentication.agents.clientCertificateSecretRef
A list of the packages installed, and any security vulnerabilities detected in our build process, are outlined here
For the MongoDB Enterprise Operator
https://quay.io/repository/mongodb/mongodb-enterprise-operator?tab=tags
And for the MongoDB Enterprise Database
https://quay.io/repository/mongodb/mongodb-enterprise-database?tab=tags
Published by LouisPlisso about 4 years ago
Published by LouisPlisso about 4 years ago
The 1.7.x releases will be the last versions to support OpenShift 3.11. Please, make sure to stay with the 1.7.x release series in order to support OpenShift 3.11. Planned EOL for 1.7.x is July 2021.
New Features:
samples/mongodb/authentication/ldap
directory for examples on how to enable LDAP for your Replica Set and Sharded Clusters.Bug fixes:
Known Issues:
Published by rodrigovalin about 4 years ago
quay.io/mongodb/mongodb-enterprise-operator:1.6.1
quay.io/mongodb/mongodb-enterprise-operator-ubi:1.6.1
quay.io/mongodb/mongodb-enterprise-database:1.6.1
quay.io/mongodb/mongodb-enterprise-database-ubi:1.6.1
quay.io/mongodb/mongodb-enterprise-ops-manager:4.4.0
quay.io/mongodb/mongodb-enterprise-ops-manager-ubi:4.4.0
quay.io/mongodb/mongodb-enterprise-init-appdb:1.0.2
quay.io/mongodb/mongodb-enterprise-init-appdb-ubi:1.0.2
Published by LouisPlisso over 4 years ago
Published by rodrigovalin over 4 years ago
public/samples/mongodb/mongodb-options
and in the MongoDB documentation.Published by LouisPlisso over 4 years ago
Published by rodrigovalin over 4 years ago
Published by rodrigovalin over 4 years ago