Ops Tools
481 results found
-
Encryption at REST, KMIP alternative
Hi,
Currently, for a production Setup of MongoDB EA and Ops Manager, only option to enable Encryption at REST that would cover both the Replica Set and Backups in Ops Manager, is to use 3rd party application that has KMIP engine, which by itself usually is locked behind additional costs with enterprise licensing.
I would like to suggest, that MongoDB could develop either an alternative feature for Encryption at REST which would enable anyone who has MongoDB Enterprise advanced license to have fully functional Encryption at REST for a production environment or A full KMS solution to leverage KMIP capabilities…
6 votes -
Authentication mode MONGODB-OIDC
Support for authentication: MONGODB-OIDC
security:
authentication:
enabled: true
modes:
- "MONGODB-OIDC"currently we get the following error wir kuberntes operator 1.26.0, OpsManager 7.0.7 and RS 7.0.11:
Unsupported value: "MONGODB-OIDC"13 votesWork for OIDC support for Database users has started, and is expected to release around May 2025.
-
Option to select the S3 Storage Class for snapshots and oplog slices
Ops Manager currently uses S3 Standard storage for all snapshot storage and oplog storage and the storage class is not configurable.
AWS has storage classes that are specifically designed for backups (lower storage costs, but higher retrieval costs) like GlacierInstantRetrieval.
We could significantly reduce costs if we could select the Storage Class that Ops Manager would use when uploading data to S3.
NOTES
It is possible to create lifecycle rules in S3 to transition the objects from Standard Storage to another Storage Class, but this transition itself incurs a cost for the objects/bytes that are transitioned. This may reduce costs…
3 votes -
atlas online archive inside ops manger on-premise
develop "atlas online archive" inside ops manger on-premise
1 vote -
If vaultSecretBackend is enabled, allow specifying the kv mount
When enabling
vaultSecretBackend, there is no option to specify the path/name of the kv engine to use within the specified vault namespace (it is hardcoded tosecret).For example: https://github.com/mongodb/mongodb-kubernetes/blob/master/pkg/vault/vault.go#L291
It would be great if we could configure this in the secret-config.yml (https://github.com/mongodb/mongodb-kubernetes/blob/master/helm_chart/templates/secret-config.yaml) in a similar way to how the base paths for the various secrets are configured (e.g.
OPERATOR_SECRET_BASE_PATH)1 vote -
Add CRD for Trigger Functions.
We would like to create a Scheduled Trigger Function for a federated database instance, and currently the Operator does not support this resouce. Do you have any future plans to support Trigger Functions with the Atlas Kubernetes Operator? Or is there any alternate solution that you would recommend?
1 vote -
Prevent aggregation queries from appearing as poorly targeted queries
When looking at query targeting aggregate group queries can show up incorrectly as poorly targeted. For example if I select all documents with a given client id and group them by null and sum a field (eg revenue) then if there are 1,000,000 documents that get summed up to return 1 agregate document then it considers the query targeting to be 1,000,000 because it scanned 1,000,000 documents and returned one. This is highly misleading however since the query used an index to find the exact 1,000,000 documents needed and then used every single one of those documents to generate the…
1 vote -
Allow alerts based on CPU iowait in OPS manager
Currently, there is no way to set alerts on CPU iowait in OPS Manager. When there's disk latency, cpu iowait usually shows an immediate and consistent spike. Alerting on cpu iowait can enable customers to promptly review and address disk latency.
1 vote -
Opsmanager API: Include Backup Id in List Restore Jobs Response that restore was triggered for
Hello,
there is already a snapshot id included in the list restore jobs response, BUT the problem arises with sharded instances: If you restore a sharded instance to a specific backup, multiple restore jobs are created (one for config server, one for each shard). Thus, the snapshot id in the list restore jobs response refers to the backup of the single component (either config server or shard) and not to the overall backup of the entire sharded instance the restore was initiated for.
Hence, you cannot map those restore jobs to the backup the restore was triggered for, which makes…
4 votes -
Add imagePullPolicy to the CRD
I want to set imagePullPolicy for every container created with the Mongo DB Commnunity Operator.
1 vote -
Add Ops Manager UI breadcrumbs to help with user navigation
Breadcrumbs show the user where they are in the Ops Manager's (webpage) hierarchy.
https://www.smashingmagazine.com/2009/03/breadcrumbs-in-web-design-examples-and-best-practices/
1 vote -
Surface Important Project Level Alerts Globally
It is easy to miss global alerts if you are just using the Ops Manager UI and not seeing the emails, or if there is an email delivery issue. In fact, alerts like "Snapshots are behind", which may be days or weeks behind, are not surfaced anywhere in the UI unless you go and dig for them. I suggest adding a count in the top nav bar for critical alerts, or even all alerts.
1 vote -
Allow SSL Cert Rotation Without Restarting The Agent
It would be great if the agent could be sent a signal to pickup a new cert, or detect the cert changed via file watchers, instead of having to restart it.
1 vote -
Separeted mongod and mongodb agent in Kubernetes Operator container
Now both mongod and agent Ops Manager are running in the mongodb-enterprise-database container. Sometimes it becomes necessary to restart the agent separately from the mongodb instance. Now this is impossible to do because systemd does not work in containers
1 voteWe have plans to have the two run separately! Though no firm timeline yet, we're hoping this year.
Right now we have two architectures. The default is a single container that pulls the binaries for the agent and MongoDB server (mongod) from Ops Manager/Cloud Manager. The other is in Private Preview (potential for breaking changes still) and is known as our Static Architecture.
Neither actually runs each in their own containers, and we're hoping to alter the static architecture to make that the case before we release it fully and make it the default.
Aside from restarting one and not the other, this would offer a more intuitive setup when configuring and troubleshooting, and align to a very future proof definition of what "static" means - where security tools are converging on blocking any significant changes to a container between the image and runtime.
-
deployment metadata resync
Ops Manager needs a way to resync deployments' metadata from the console (or command line, or API), rather than direct undocumented CURD operations in AppDB.
My reason for this suggestion:
See Case: 01438273. One of my deployments had duplicate entries for all 3 nodes. We suspect that happened because we were initially using short name hostnames in the deployment's replica set definition and later changed that to FQDN hostnames. The original entries should have been removed from the AppDB collection, but instead they remained there indicating version 4.0.26, while new ones were created, which were then successively updated as the…1 vote -
Alert for even number of voting members of a Replica Set
Alert for even number of voting members of a Replica Set
6 votes -
we have an ask to use 4 in snapshotIntervalHours
For the api - https://www.mongodb.com/docs/ops-manager/current/reference/api/backup/update-one-snapshot-schedule-by-cluster-id/ we have an ask to use 4 in snapshotIntervalHours. Right now its not supported. Supported ones are - 6, 8, 12, or 24.
Please check and let us know if its possible to add 4 as well to the snapshotIntervalHours
1 vote -
adding comments directly during the Review and Deploy process in mongo
Ops Manager currently does not support adding comments directly during the Review and Deploy process.It is essential to add comments in production environments related deployments to keep track of artifacts (such as incident number or change number) to figure out why the change has been deployed.
Kindly consider adding comments section in review and deployment workflow in ops manager to make ops manager deployments much clear and to have substantial information pon why that deployment is done.
1 vote -
For Mongosync add ability to select write concern.
For Mongosync add ability to select write concern. Especially something along the "all" nodes would be important. Also "custom" one like MultipleDC etc.
1 vote -
Automatically move HEADS in case of backup daemon problem
In configuration with multiply daemons in case of daemon problem (down) switch to another one automatically with restart backup upon need.
1 vote
- Don't see your idea?