Ops Tools
469 results found
-
Providing a grafana dashboard for an on-premise cluster
It would be interesting to provide a grafana dashboard when integrating with prometheus.
The documentation is indeed very limited concerning metrics when you're on a mongoDB on premise cluster.
1 vote -
Ability to remove parameter tlsCertificateKeyFilePassword from Advanced configuration
Currently the behavior around this parameter is tricky -once you added this parameter to advanced config - you can't remove it. if you try to remove it - OPS Manager simply ignores this action and when you run "Review and Deploy" - it displays nothing but still let you deploy this "nothing". similar if you want to set the value of this parameter to empty string from something - OPS Manager ignores it and deploy empty list of actions.
the workaround is to remove both tlsCertificateKeyFile and tlsCertificateKeyFilePassword in advanced config, but don't deploy it. then add back tlsCertificateKeyFile parameter…
1 vote -
add clusterId to json output of "cluster list", "cluster describe" commands
currently there is no straightforward way to get clusterId using mongocli. we can get clusterId if we use text format with "cluster list", but not with json.
and with json format we have to use "process list" command, filter out only one process amongst multiple within cluster and filter out clusterId.
it would be useful to add clusterId field into json when we get cluster description from list/describe commands also.
1 vote -
add text option to --output modifier
currently there is no way to format output of command in text format. the only option is to set this format as default in config file and not use --output modifier in specific command. if you rare use text output, you will have to insert --output json in every other commands.
1 vote -
2 votes
-
Ops Manager API should be authenticated via Certificate
Ops Manager API uses HTTP Digest Authentication, this method requires a username and a password which are hashed and provided in the form of registered Ops Manager account, and the password which is a Public API Key associated with that account.
But as part of security feature we should be allowed to use Authentication based on SSL certificates as we are using for Client connection, This will help to secure the self automation process if we are developing any internally.
3 votes -
When changing snapshot retention, prompt user to apply new policy to existing snapshots
Currently when you change the snapshot schedule, the changes only apply to NEW snapshots.
Please allow the user the option to apply the new policy automatically to all existing snapshots. Or at the very least, notify them of them of snapshots that exist which do not meet the current policy!
Let me provide an example of the problem. If you have a retention policy of 10 days and on DAY1 you change it to 30 days, your retention will look like this:
DAY1 - 10 snapshots
DAY2 - 10 snapshots
...
DAY10 - 10 snapshots
DAY11 - 11 snapshots
DAY12…1 vote -
Lock enableLocalConfigurationServer setting on OPS Manager side
To harden security for mongodb deployment managed by OPS Manager, we can use setting enableLocalConfigurationServer = true so automation-mongod.conf won't have any passwords for ssl certs and agent will retrieve them from OPS Manager.
to disable this feature and to read all passwords for ssl certs (and hence get access to mongodb data) it's enough to comment out this parameter an restart automation service (or wait until host will be restarted).
Linux root user can modify any file on mongodb host including this file and can restart any services, so it's impossible to protect getting all passwords and mongod.conf from…
1 vote -
The Ops Manager UI provide an option to trigger election (stepDown)
Have the option to perform primary stepDown from Ops Manager UI to trigger election
4 votes -
Authentication support for OpenID connect (OIDC)
I would like to connect to MongoDB as part of a Terraform IaC project from bitbucket pipelines. Currently this is possible only through API keys.
It would be great if there was support for OIDC as it provides rotated keys and solid support of various pipelines (GitHub actions, Bitbucket pipelines, ...). Also with OIDC the client is not exposed to any credentials, so this would allow for a "zero-trust" approach when it comes to IaC (Infrastructure as Code).
1 vote -
I found what I believe to be an error in the following document
I found what I believe to be an error in the following document.
https://www.mongodb.com/docs/ops-manager/current/tutorial/install-simple-test-deployment/In the section "5. Create the Ops Manager Application Database directory," it instructs to execute the following command
sudo chown -R mongod:mongod /dataIn my environment, the mongod user does not exist and I get an error, but looking at the passwd file, the mongodb user and mongodb group seem to exist. The version is 11.7.
I think the correct command is as follows
sudo chown -R mongodb:mongodb /data1 vote -
Allow create/delete/update custom database role in MongoDB CLI for Ops Manager
In Altas CLI, the command customDbRoles can be used for create/delete/update custom database role.
Would it implement in MongoDB CLI for Ops Manger?6 votes -
Deploy Changes without restarting mongod/mongos instance immediately.
Whenever we want to make changes, eg. set a new parameter or add new parameter in configuration (advance configuration options), after we save changes, review and deploy, automation immediately starts applying that change and does a rolling restart.
We need flexibility in restart, means one should have an option to perform immediate rolling restart or defer it to later time. We may apply multiple changes at different times and set one preferred window to restart instance instead of doing multiple restarts.17 votes -
Operating System distribution and version of a host in OPS Manager API
Hi,
would be useful having the operating system distribution and version of a host for our automation scripts.
This info is not available in any OPS Manager API request, as the case 01119828.
My suggestion is add this info at "Get Host by ID" https://www.mongodb.com/docs/ops-manager/current/reference/api/hosts/get-one-host-by-id/
Best regards,
Danilo1 vote -
Ability to mark a deployment as an INELIGIBLE restore target
Restoring to a cluster is one of the few destructive actions that Ops Manager takes and it's terrifying to see our main production cluster listed as a possible restore target!
I would love to be able to toggle a setting on this cluster to indicate that it is NOT available as a restore target.
This could be similar to the AWS "DisableApiTermination" feature that prevents instance termination.
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingDisableAPITermination1 vote -
Multi Region S3 BlockStore
On an S3 Blockstore, right now we are able to stick to only one region backup because S3 do not support versioning & Replication. For an high availability systems a backup also needs to be in multiple regions.
If we could add the following that will be good.
1. Configure Multiple backups in a project because S3 snapshot store can be only used in one region.5 votes -
Restore indexes using mongoimport - metadata.json
When importing an archive from s3 we are given compressed gz files for the JSON data and a metadata.json file which has index info, however there is no efficient way to restore these indexes as mongoimport doesn't support creating indexes. Indexes need to be created manually. When needing to restore multiple collections this can take a very long time.
It would be great if mongoimport could use this file to create indexes after an import (like mongorestore).9 votes -
Ops Manager Load Balancer
In the same way we can connect to a replica set via a connection string containing the 3 hostnames of the members (in a 3 member replica set) which indicates some load balancing built in, it would be good to allow automation agent's mmsBaseUrl parameter to accept 3 Ops Manager web app hostnames if Ops Manager was running in 3 nodes on top of a 3 member replica set OM Application DB. With this, if one of the 3 Ops Manager web apps fails, the agent's connection to OM will be uninterrupted. Currently we will have to configure our own…
2 votes -
Add recommended ulimit settings to the systemctl service definition
The Ops Manager documentation recommends higher than default ulimit settings, so why not include these in the systemctl service definition?
2 votes -
Export Cloud Backup to AWS S3 as CPS
Currently, the Atlas provides possibility to configure an automated export cloud backups to an AWS S3. It uploads the contents of your database to S3 as gzip files with documents in extended JSON format within. It is possible to restore from these files using mongoimport tool.
However, for some our use cases we would like to have backups exported to our AWS S3 as CPS (cloud provider snapshots) - actually a snapshot of the database directory at the filesystem level - in order to be able to restore very fast (the import via mongoimport and re-building of indexes can take…
3 votes
- Don't see your idea?