Ops Tools
-
14 votes
Operator v 1.7.0 will have a full LDAP support
-
Support Any MongoDB configuration option in MongoDB Custom Resource
Support all MongoDB configurations in Kubernetes CRD so that it is possible to deploy a fine-tuned cluster with Kubernetes resources
11 votes -
Do not delete backups of deleted deployments
Backups normaly protect from accidental deletion of a database. In a devOps environment it can happen that a MDB resource gets deleted by a Kubernetes deployment. At the moment, Ops Manager then deactivates the backup and deletes all snapshots. We would like to have the snapshots stored as long as their retention limit tells or at least until the project itself is deleted in Ops Manager.
So that, if a developer detects the mistake and re-deploys the MDB resource(s), someone or even himself can restore the database(s) from the backups.
7 votesWe do not delete Ops Manager project when Backup is present.
This has been addressed -
Automation Agent Client Certification Validation
Many customers require that the MMS automation agent has a valid x509 for TLS communications with Ops Manager. With the Kubernetes Operator this is not currently possible so these customers cannot use the Operator to deploy MongoDB instances within their environments.
This feature would improve the security of communications between agents and the Ops Manager and meet the security requirements of many of our customers who cannot move to services like Atlas.
7 votesnew spec option spec.agent.startupOptions is available. it can be used to configure client Certificates.
-
Enhance security by leveraging PodSecurityPolicies
PodSecurityPolicies are a way to enhance security in a k8s cluster.
Currently the Kubernetes Operator and the Helm Chart does not offer a way to integrate PSPs. If an administrator wants to enforce PSPs for the cluster where the MongoDB Kubernetes Operator is deployed, he would need to do this manually which leads to additional manual steps (e.g. editing the Operator role to allow "use" "psp").
Please introduce a way to secure the MongoDB Management (Ops Manager, Operator) and Workload (MongoDB custom resources) with PSPs in the Kubernetes Operator / Helm ecosystem.
4 votes -
Use the TLS options instead of the SSL options in Automation Config of MongoDB v4.2
As the SSL Options are deprecated since MongoDB v4.2 but Ops Manager Automation still utilizes
SSL
options in the automation configuration for MongoDB v4.2. It will be best that Ops Manager v4.2+ will utilize TLS options in the Automation Config of their managed MongoDB v4.2 deployments.4 votesFully converted to TLS in OM 4.4.
-
Ops Manager should support SCRAM-SHA-256 authentication mechanism when connecting to Backing Databases
Currently, Ops Manager does not provide support to SCRAM-SHA-256 authentication mechanism when connecting to the Backing Database.
This is because the version of MongoDB Java Driver which is in use by Ops Manager 4.2.0 is 3.6.4.
SCRAM-SHA-256 is supported by the Java Driver from the version 3.8.4 votes -
Add K8S namespace as a tag in Ops Manager project
Add K8S namespace as a tag in Ops Manager project so it is easier to identify what project belongs in what namespace
3 votes -
Release K8S Ops Manager image when Ops Manager release is out
Currently there is a time lag between the Ops Manager version releases and the availability of K8S images to be used with the MongoDB Kubernetes Operator.
It would be nice if they are released at the same time.
2 votesWe now update Ops Manager images on the same day with Ops manager releases.
-
Prevent users from importing a replica set or shard with the same name as other pre-existing replica sets/shards
When a user imports a cluster into a project with the same name, it causes issues like breaking backups of pre-existing clusters.
Checking the replica set name against the names of other replica set names will prevent having to terminate backups and remove and re-import clusters, starting over.
2 votes -
Allow to configure options for automation agent logs
Currently there is no way in Kubernetes operator to configure how long automation/backup/monitoring agent logs should be stored. they can easily occupy all space in pod.
2 votes -
OpsManager in Kubernetes Deployment
Deploy MongoDB Ops Manager in Kubernetes with Operator that will allow MongoDB Clusters to be run and managed from Kubernetes platform entirely
2 votes -
Add new SCRAM Authz to MongoDBUser CR
Support SCRAM authentication for MongoDB Users
2 votes -
OpsManager Pod should not have credentials in environment variables but store and retrieve from a k8s secret
OpsManager database password is exposed as environment variable.
OMPROPmongo_mongoUri holds credentials of the OpsManager Database.
OpsManager Pod should not have credentials in environment variables but store and retrieve from a k8s secret.
1 voteWe moved all passwords to a secret
-
Allow to configure MongoDB pods service user
Currently in MongoDB Kubernetes Operator 1.4.2 the pods are run under a specific service user named "mongodb-enterprise-database-pods".
It would be nice to be able to specify a custom service user name to be able to comply to specific enterprise user definition rules.
1 vote -
Allow custom Annotations on MongoDB CR
Allow custom Annotations on MongoDB CR so it would be easier to label multiple clusters
1 vote -
Release operator images based on UBI
Support UBI as a base image for OpenShift deployemnts
1 vote -
Add Taints and Tolerations to K8S Operator pod spec
Add capability to add Taints and Tolerations to K8S Operator pod spec for different types of pods
0 votesOperator can not accept full PodSpecTemplate. Taints could be configured using normal K8S functions
- Don't see your idea?