Ops Tools
462 results found
-
Lock enableLocalConfigurationServer setting on OPS Manager side
To harden security for mongodb deployment managed by OPS Manager, we can use setting enableLocalConfigurationServer = true so automation-mongod.conf won't have any passwords for ssl certs and agent will retrieve them from OPS Manager.
to disable this feature and to read all passwords for ssl certs (and hence get access to mongodb data) it's enough to comment out this parameter an restart automation service (or wait until host will be restarted).
Linux root user can modify any file on mongodb host including this file and can restart any services, so it's impossible to protect getting all passwords and mongod.conf from…
1 vote -
The Ops Manager UI provide an option to trigger election (stepDown)
Have the option to perform primary stepDown from Ops Manager UI to trigger election
4 votes -
Authentication support for OpenID connect (OIDC)
I would like to connect to MongoDB as part of a Terraform IaC project from bitbucket pipelines. Currently this is possible only through API keys.
It would be great if there was support for OIDC as it provides rotated keys and solid support of various pipelines (GitHub actions, Bitbucket pipelines, ...). Also with OIDC the client is not exposed to any credentials, so this would allow for a "zero-trust" approach when it comes to IaC (Infrastructure as Code).
1 vote -
I found what I believe to be an error in the following document
I found what I believe to be an error in the following document.
https://www.mongodb.com/docs/ops-manager/current/tutorial/install-simple-test-deployment/In the section "5. Create the Ops Manager Application Database directory," it instructs to execute the following command
sudo chown -R mongod:mongod /dataIn my environment, the mongod user does not exist and I get an error, but looking at the passwd file, the mongodb user and mongodb group seem to exist. The version is 11.7.
I think the correct command is as follows
sudo chown -R mongodb:mongodb /data1 vote -
Allow create/delete/update custom database role in MongoDB CLI for Ops Manager
In Altas CLI, the command customDbRoles can be used for create/delete/update custom database role.
Would it implement in MongoDB CLI for Ops Manger?6 votes -
Operating System distribution and version of a host in OPS Manager API
Hi,
would be useful having the operating system distribution and version of a host for our automation scripts.
This info is not available in any OPS Manager API request, as the case 01119828.
My suggestion is add this info at "Get Host by ID" https://www.mongodb.com/docs/ops-manager/current/reference/api/hosts/get-one-host-by-id/
Best regards,
Danilo1 vote -
Ability to mark a deployment as an INELIGIBLE restore target
Restoring to a cluster is one of the few destructive actions that Ops Manager takes and it's terrifying to see our main production cluster listed as a possible restore target!
I would love to be able to toggle a setting on this cluster to indicate that it is NOT available as a restore target.
This could be similar to the AWS "DisableApiTermination" feature that prevents instance termination.
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingDisableAPITermination1 vote -
Multi Region S3 BlockStore
On an S3 Blockstore, right now we are able to stick to only one region backup because S3 do not support versioning & Replication. For an high availability systems a backup also needs to be in multiple regions.
If we could add the following that will be good.
1. Configure Multiple backups in a project because S3 snapshot store can be only used in one region.5 votes -
Restore indexes using mongoimport - metadata.json
When importing an archive from s3 we are given compressed gz files for the JSON data and a metadata.json file which has index info, however there is no efficient way to restore these indexes as mongoimport doesn't support creating indexes. Indexes need to be created manually. When needing to restore multiple collections this can take a very long time.
It would be great if mongoimport could use this file to create indexes after an import (like mongorestore).9 votes -
Ops Manager Load Balancer
In the same way we can connect to a replica set via a connection string containing the 3 hostnames of the members (in a 3 member replica set) which indicates some load balancing built in, it would be good to allow automation agent's mmsBaseUrl parameter to accept 3 Ops Manager web app hostnames if Ops Manager was running in 3 nodes on top of a 3 member replica set OM Application DB. With this, if one of the 3 Ops Manager web apps fails, the agent's connection to OM will be uninterrupted. Currently we will have to configure our own…
2 votes -
Deploy Changes without restarting mongod/mongos instance immediately.
Whenever we want to make changes, eg. set a new parameter or add new parameter in configuration (advance configuration options), after we save changes, review and deploy, automation immediately starts applying that change and does a rolling restart.
We need flexibility in restart, means one should have an option to perform immediate rolling restart or defer it to later time. We may apply multiple changes at different times and set one preferred window to restart instance instead of doing multiple restarts.16 votes -
Add recommended ulimit settings to the systemctl service definition
The Ops Manager documentation recommends higher than default ulimit settings, so why not include these in the systemctl service definition?
2 votes -
Export Cloud Backup to AWS S3 as CPS
Currently, the Atlas provides possibility to configure an automated export cloud backups to an AWS S3. It uploads the contents of your database to S3 as gzip files with documents in extended JSON format within. It is possible to restore from these files using mongoimport tool.
However, for some our use cases we would like to have backups exported to our AWS S3 as CPS (cloud provider snapshots) - actually a snapshot of the database directory at the filesystem level - in order to be able to restore very fast (the import via mongoimport and re-building of indexes can take…
3 votes -
There have been at least a few issues on Kubernetes Community Operator related to PVC expansion, yet this is not documented anywhere.
There have been at least a few issues on Kubernetes Community Operator related to PVC expansion, yet this is not documented anywhere.
Looking at closed issues, one may get an idea that this operation is impossible, but with the latest CSI it should be - it requires some handcrafting. On the other side Enterprise operator has this covered here - https://www.mongodb.com/docs/kubernetes-operator/stable/tutorial/resize-pv-storage/. I suggest writing similar how-to for the Community operator.
My currently tested workflow for volume expansion is similar to this explained on the page above, but as for my knowledge Community operator doesn't allow this operation - as…1 votePlanned - no fixed date but likely complete within Q2.
-
Ability to start the bi connector using a .drdl file in Ops Manager
Ability to start the bi connector using a .drdl file in Ops Manager. Currently only possible with en premise bi connector deployment(mongosqld).
1 vote -
Add possibility to configure the process hostnames for the automation config map
In order to use external certificates could it be possible to configure the process hostnames in automation config map
1 vote -
TLS secret key config
Add option to configure the secret keys for the server and CA certificate and replace the default ones tls.crt, tls.key and ca.crt
1 vote -
Send Alerts When Network Access is Updated
Create an alert when IP Addresses are added or removed from a cluster network access whitelist.
1 vote -
4 votes
-
Add "Cluster Tier" and Provisioned "IOPS" as options in MongoDB Metrics Charts in Atlas
If these charts were available, it would enable to the user to visualize the Tier and IOPS of the cluster during specific time ranges, and compare to other metrics such as CPU, iowait, etc.
In my team's experience, we use Atlas auto-scaling to allow a cluster to scale up/down based on load, but when looking at Metrics it is not clear which Tier the cluster was in (e.g. "M30") when evaluating other metrics like CPU utilization. We are able to manually track Cluster Tier by viewing the Project Activity Feed, but if this data was integrated into Metrics it would…
1 vote
- Don't see your idea?