Ops Tools
27 results found
-
Automation web UI - Validate the TLS/SSL settings passed in the UI
It is possible to make all agents in a project fail by setting a wrong CA file value.
For example a customer set in the CA file field a directory instead of a file, and it caused Agents to stop reporting to OM.
Eg. the montioring module logged:
{code}
Error starting new module : <Monitoring Module Manager> [15:25:38.817] Error starting Monitoring module : error parsing settings:map[logFile:/var/log/mongodb-mms-automation/monitoring-agent.log maxLogFileDurationHrs:24 maxLogFileSizeBytes:1048576000 maxProcs:0 mmsApiKey:*** mmsBaseUrl:https://api-agents.mongodb.com mmsGroupId:yyyy sslTrustedServerCertificates:/opt/mongodb/db1/pki version:10.19.2.6597]
. Monitoring unable to start. Error: SSL trusted server certificates file/etc/ssl/pki
can not be read. Err: read /etc/ssl/pki: is a directory
{code}Similar errors…
2 votes -
Install Managed MongoDB Processes as Services in Linux
In Windows, managed MongoDB processes are installed as services. In Linux, they are not. It would be great if managed processes were installed as services so that system administrators would have better control over startup and shutdown behavior, among other things.
4 votes -
Automation - Improve import for automation when keyfile doesn't match
Starting with MongoDB 4.2 we are able to rotate the internal authentication keyfiles in a rolling fashion with the procedure described here:
https://docs.mongodb.com/manual/tutorial/rotate-key-sharded-cluster/Currently when you import for automation a cluster that is using a different keyfile than the one in the automation config a bouncerestart is triggered. We can avoid it by doing a rolling rotation of the keyfile.
The old keyfile should be kept and the new one appended to it in a rolling fashion. We may have already this implemented for the "Rotate keyfile" feature present in the Security tab page.
4 votes -
Provide mechanism for internal password rotation of the automation user
Ops Manager automation currently uses an mms-automation user for node management, but the password for that user is set once and stays forever unless it is updated via the Ops Manager API.
This feature would provide a mechanism that allows this password to be re-generated via the UI or an API call and have it automatically updated on the managed mongod instances as well.
11 votes -
Make the option of "security.TransitionToAuth" available through Ops Manager Advanced Configuration Options
Currently the option of "security.TransitionToAuth" is not available in Ops Manager as "transitionToAuth" is automatically added to each node in a rolling fashion by the Automation agent and then ultimately removed when authentication is finally turned on for all nodes.
Allowing this option through Ops Manager will enable the mongod to accept and create authenticated and non-authenticated connections to and from the connected clients. Thus the clients can use this feature to avoid downtime at their end while the connection settings are updated to use the appropriate user to connect to mongod.
5 votes -
Ability to stop/start/restart BI Connector in Ops Manager
Currently, Ops Manager does not support stop/start/restart BI Connector that is managed by Ops Manager Automation. There is only a Terminate option available.
5 votes -
4 votes
- Don't see your idea?