Skip to content

Ops Tools

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback

444 results found

  1. Enable external-dns integration via per-service annotations on each generated service

    Currently the MongoDB Kubernetes Operator allows specification of annotations on services created by the operator, but only annotations with the same value across all services. The external-dns operator can create DNS names based on annotations on services. In order to support external-dns integration the MongoDB Kubernetes Operator would need to allow one to specify specific annotations for each generated service.

    Current spec for external access services:
    externalAccess:
    externalService:
    annotations:
    # Same annotations will be applied on all services

    You could consider a placeholder/substitution scheme like:
    externalAccess:
    externalService:
    annotations:
    external-dns.alpha.kubernetes.io/hostname: mydb-db-<instance number>.mydns.com

    Or some other way of assigning a per-service annotation…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  2. Set log file permissions using Ops Manager

    Currently there is no way to set the log file permissions from Ops Manager and the default value is 600. Our organization uses Splunk and with the current settings the Splunk user is not able to read the log files. Config file options such as processUmask and honorSystemUmask can be used to change the log file permissions, but they will also change other files such as journal files, wiredtiger files, etc. The only option we have is to add the Splunk user to our role group in Unix, but this causes a security issue.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Ops Manager  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  3. Allow drag-and-drop of metric graphs from different replica set members

    Our use case is we have a replica set, but the east nodes and west nodes are on disk mounts with different names, so they won't appear on the same line in the Metrics tab. We should be able to drag and drop on a replica set member level, not just the metrics level. This allows more customization of metric graph layout.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  4. OPS Manager should call updateUser to change password to trace it in DB Audit.

    If you enable auditing in database, you can't trace change password actions. The reason is OPS Manager updates system.user collection record directly. as a result, this action is not traceble in audit if parameter auditAuthorizationSuccess is not enabled.

    But enabling this parameter cause performance degradation as all DML/DDL will be sent through audit layer.

    Dropping user at the same time happening as expected and traceable in audit files.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Ops Manager  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  5. Agent authentication to opsmanager using x509 credentials

    Similar to how Opsmanger can use x509 to manage deployments, it should be possible to configure the agents to use x509 credentials to communicate with Opsmanager. This will allow for a more consistent security posture across the whole mongodb/opsmanager stack. It would also simplify security procedures such as credential rotation by unifying the authentication mechanism.

    This will be an alternative to the existing API Key approach https://www.mongodb.com/docs/ops-manager/current/tutorial/manage-agent-api-key/index.html

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Ops Manager  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  6. Use Custom S3 buckets for backup storage on cloud manager

    Requesting new functionality to be able to use a custom S3 bucket to store backups taken from cloud manager.

    6 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  7. Providing a grafana dashboard for an on-premise cluster

    It would be interesting to provide a grafana dashboard when integrating with prometheus.

    The documentation is indeed very limited concerning metrics when you're on a mongoDB on premise cluster.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  8. Ability to remove parameter tlsCertificateKeyFilePassword from Advanced configuration

    Currently the behavior around this parameter is tricky -once you added this parameter to advanced config - you can't remove it. if you try to remove it - OPS Manager simply ignores this action and when you run "Review and Deploy" - it displays nothing but still let you deploy this "nothing". similar if you want to set the value of this parameter to empty string from something - OPS Manager ignores it and deploy empty list of actions.

    the workaround is to remove both tlsCertificateKeyFile and tlsCertificateKeyFilePassword in advanced config, but don't deploy it. then add back tlsCertificateKeyFile parameter…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Ops Manager  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  9. add clusterId to json output of "cluster list", "cluster describe" commands

    currently there is no straightforward way to get clusterId using mongocli. we can get clusterId if we use text format with "cluster list", but not with json.

    and with json format we have to use "process list" command, filter out only one process amongst multiple within cluster and filter out clusterId.

    it would be useful to add clusterId field into json when we get cluster description from list/describe commands also.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  10. add text option to --output modifier

    currently there is no way to format output of command in text format. the only option is to set this format as default in config file and not use --output modifier in specific command. if you rare use text output, you will have to insert --output json in every other commands.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  11. Send activity feed event by email similar to Alerts

    We need to be informed and or react on some activity feed events. So we want to either be able to configure alert on specific activity type and/or be able to push activity feeds somewhere similar to alerts. then we would be able to configure actions based on activity type.

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Ops Manager  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  12. When changing snapshot retention, prompt user to apply new policy to existing snapshots

    Currently when you change the snapshot schedule, the changes only apply to NEW snapshots.

    Please allow the user the option to apply the new policy automatically to all existing snapshots. Or at the very least, notify them of them of snapshots that exist which do not meet the current policy!


    Let me provide an example of the problem. If you have a retention policy of 10 days and on DAY1 you change it to 30 days, your retention will look like this:

    DAY1 - 10 snapshots
    DAY2 - 10 snapshots
    ...
    DAY10 - 10 snapshots
    DAY11 - 11 snapshots
    DAY12…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Ops Manager  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  13. Documentation: API equivalents for each action on OpsManager

    In the documentation, for each action on OpsManager it should be explained how to achieve the same result using the OpsManager API (or an equivalent mongocli command, if it exists).
    For example, in the pages describing how to configure Backup stores in the OpsManager UI, it should also be explained which APIs to use (admin/backup).

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Automation  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  14. Lock enableLocalConfigurationServer setting on OPS Manager side

    To harden security for mongodb deployment managed by OPS Manager, we can use setting enableLocalConfigurationServer = true so automation-mongod.conf won't have any passwords for ssl certs and agent will retrieve them from OPS Manager.

    to disable this feature and to read all passwords for ssl certs (and hence get access to mongodb data) it's enough to comment out this parameter an restart automation service (or wait until host will be restarted).

    Linux root user can modify any file on mongodb host including this file and can restart any services, so it's impossible to protect getting all passwords and mongod.conf from…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Ops Manager  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  15. custom defined roles In OPS Manager

    We need a custom defined role to perform specific functions in the OPS Manager.

    For Example --> We need a custom defined role which can perform subset of functions from Project Automation Admin Role + Project Read Only Role + rs.stepDown() functionality

    Project Automation Admin Role:

    View deployments.
    Provision machines.
    Edit configuration files.
    Download the MongoDB Agent.
    + Project Read Only role.

    Project Read Only Role:

    Activity
    Operational data
    Ops Manager Users
    Ops Manager User roles.

    ** This feature becomes very useful to contain the access of certain privileges and to have the flexibility tailormade privileges instead of giving the…

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Ops Manager  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  16. Use different method for Slack notifications

    At the moment in integration manager for Slack there is only option to use obsolete webhook method which allows sending notification to single Slack channel configured for this webhook. There is (not that) new API method https://api.slack.com/methods/chat.postMessage which allows sending notification to multiple channels. This is extremely useful if you for example want to differentiate alerts based on its kind or severity. There is also option to use Webhook method in MongoDB but it doesn't support Slack. So please either add support for new API method or make Webhook method supporting Slack so at least two Slack channels will be…

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  17. Authentication support for OpenID connect (OIDC)

    I would like to connect to MongoDB as part of a Terraform IaC project from bitbucket pipelines. Currently this is possible only through API keys.

    It would be great if there was support for OIDC as it provides rotated keys and solid support of various pipelines (GitHub actions, Bitbucket pipelines, ...). Also with OIDC the client is not exposed to any credentials, so this would allow for a "zero-trust" approach when it comes to IaC (Infrastructure as Code).

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Automation  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  18. I found what I believe to be an error in the following document

    I found what I believe to be an error in the following document.
    https://www.mongodb.com/docs/ops-manager/current/tutorial/install-simple-test-deployment/

    In the section "5. Create the Ops Manager Application Database directory," it instructs to execute the following command
    sudo chown -R mongod:mongod /data

    In my environment, the mongod user does not exist and I get an error, but looking at the passwd file, the mongodb user and mongodb group seem to exist. The version is 11.7.

    I think the correct command is as follows
    sudo chown -R mongodb:mongodb /data

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Ops Manager  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  19. Operating System distribution and version of a host in OPS Manager API

    Hi,
    would be useful having the operating system distribution and version of a host for our automation scripts.
    This info is not available in any OPS Manager API request, as the case 01119828.
    My suggestion is add this info at "Get Host by ID" https://www.mongodb.com/docs/ops-manager/current/reference/api/hosts/get-one-host-by-id/
    Best regards,
    Danilo

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Ops Manager  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  20. Ability to mark a deployment as an INELIGIBLE restore target

    Restoring to a cluster is one of the few destructive actions that Ops Manager takes and it's terrifying to see our main production cluster listed as a possible restore target!

    I would love to be able to toggle a setting on this cluster to indicate that it is NOT available as a restore target.

    This could be similar to the AWS "DisableApiTermination" feature that prevents instance termination.
    https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingDisableAPITermination

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Ops Manager  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  • Don't see your idea?

Feedback and Knowledge Base