Ops Tools
236 results found
-
job scheduling from Ops Manager
Please provide job scheduling from Ops Manager, should be able to run Database jobs and non database jobs, shows history of jobs, options to purge job history.
2 votes -
Provide a feature to monitor the Alert payload being sent out from Ops Manager to the configured Webhook endpoint and etc.
What is the problem that needs to be solved?
Provide a feature to monitor the Alerts payload being sent out from Ops Manager to the configured Webhook endpoint and other AlertsServices endpoint.Why is it a problem? (the pain)
Currently, Ops Manager does not log the successful/failed payload of the Alerts being sent out to the configured Webhook endpoint. It is difficult to diagnose the problem with the configured Alert Services.2 votes -
Create localhost exception for POST /unauth/users API call
The purpose of this request is for Ops Manager to implement a "localhost exception" for the API call POST /unauth/users so it can only be executed under two conditions:
1. No other users exists in the setup.
1. Ops Manager runs in "invitation only" mode.
1. Ops Manager has not been configured for LDAP.
1. The API call can only originate from an IP or alias that belongs to one of the Ops Manager Application server.2 votes -
MongoDB Agent alters the root $PATH variable
The MongoDB Agent installation via RPM adds the /var/lib/mongodb-mms-automation/bin to root's $PATH by placing the mongodb-mms-automation-agent.sh script under the /etc/profile.d:
$ pwd
/etc/profile.d
$ sudo cat mongodb-mms-automation-agent.sh
export PATH=/var/lib/mongodb-mms-automation/bin:${PATH}This breaks my customers security standards.
Moving the script does not appear to affect the functionality of the MongoDB Agent and updating the agent via the OM UI does not add back the script.
We would like the ability to either select the contents of the MongoDB Agent rpm or be asked during the rpm installation whether or not to install the mongodb-mms-automation-agent.sh script.
2 votes -
Allow configuring custom builds at the organisation or global level (Admin panel)
It must be done at the project level at the moment, generating an operational costs for those environments with a large number of projects.
2 votes -
Provide safety mechanism for limiting MongoDB versions amongst different projects
Restrict the user depending on the type of project: dev, prod, etc to select a specific set of MongoDB Server versions that can be deployed.
Prior to 4.2 this was accomplished with version manager.
2 votes -
Ops Mgr "Insufficient oplog size" is confusing and prevents backups
When using Ops Manager UI (I've not checked the API) to declare a MongoDB cluster to be backed up, Ops Manager tries to be a good citizen and check to see if the clusters oplogs are large enough, based on their recent usage to hold at least 3 hours worth of data based on the last 24 hours of usage patterns. if the check fails, the user is prevented from enabling backup and is shown the warning:
"Insufficient oplog size: The oplog window must be at least 3 hours over the last 24 hours for all members of replica set…
2 votes -
Allow to configure separate SNMP v2C community for SNMP v2C Heartbeat Traps and SNMP v2C Alert Traps
What is the problem that needs to be solved? Allow to configure separate SNMP v2C community for SNMP v2C Heartbeat Traps and SNMP v2C Alert Traps.
Why is it a problem? (the pain) As of now (2020-03-24) there's no way to configure separate SNMP v2C community for SNMP v2C Heartbeat Traps and SNMP v2C Alert Traps (
snmp.community
controls both, Heartbeat and Alert Traps sent from Ops Manager's Application Server), some SNMP Monitoring Teams require different SNMP v2C communities for different set of SNMP v2C Traps (to separate Heartbeat Traps and Alert Traps).2 votes -
Group Host Mapping IPs to be added by default to Programmatic API Keys IP Whitelisting
As part of the Programmatic API Keys introduced in MongoDB Ops Manager 4.2, it would be good to have the IPs listed in the Host Mappings of a Project Deployment to be added as default whitelisted IPs when setting up a Programmatic API Key for same Project.
2 votes -
Currently the OM App server has the secrets to connect to S3. This is a security issue for many organizations.Can a secure vault be used t
Currently the OM App server has the secrets to connect to S3. This is a security issue for many organizations.Can a secure vault be used to store the secret?
1 vote -
Allow OPS Manager to export as CSV or JSON All projects page information
All projects page in MongoOPS shows cluster name, data size, version, nodes, backup, SSL, Auth, Alerts.
Add export as CSV or JSON All projects page information.
Current MongoDB Usage report doesn't fit due:
1. It doesn't report backup, encryption information
2. Cluster name could be not right if the cluster was unmanaged and added back to OPS manager as managed. (Cluster_0 bogus names)1 vote -
The Backup Daemon auto downloads all old Mongodb versions
If "Backup Versions Auto Download" is set to true on the Admin > General > Ops Manager Config > MISCELLANEOUS tab, then the backup daemon automatically downloads all older major versions of the software.
In my opinion, it would be better if you could either select the version/s which you want or it only downloaded versions equal to or higher than your current version.
All the old versions take up disk space and can only be deleted if the setting is changed to false.
thanks1 vote -
Allow assigning users to an organization via api by adding a bypass parameter
Via the parameter
bypassInviteForExistingUsers
it is possible to a add a user to a project.
It is important to also have this feature for the Organization, so please add a parameterbypassOrgInviteForExistingUser
or similar to enable this.
Without it, we can not automate the creation of new environments.1 vote -
Management capabilities for trusted CA certificates in the Admin UI
Currently it is a manual process per Ops Manager server to add trusted CA certificates to the Java TrustStore. This store is also overwritten on Ops Manager upgrades.
Similar to the S3 block store option to use a specific CA, it would be useful to manage trusted CA certificates for other endpoints such as HTTPS proxies, webhook alerts, and custom download URLs.
1 vote -
Need an alert for KMIP master key rotation
Currently opsmanager has manual rotation of KMIP master keys.
Enhancement required:
Need an alert from project level to rotate keys when nearing the schedule rotation just like SSL expiration alertsNeed for automation of this key rotation would be helpful. If fails, it needs to revert back changes and alert for human intervention.
1 vote -
SAML sign either Response or Assertion in Ops Manager
Ops Manager currently requires both the Response and Assertion to be signed for SAML auth. Our IDMS system cannot authenticate via SAML as it can sign either one or the other, not both. We would like a configurable option in Ops Manager SAML auth to enforce signing of Response or Assertion.
1 vote -
Ops Manager: API endpoint for /databases should not require host
Currently the Ops Manager API to list databases requires a hostname: /groups/{PROJECT-ID}/hosts/{HOST-ID}/databases
It would useful to gather databases on a project or cluster level instead as the databases are the same across replica set members.
1 vote -
Add a cross reference of all projects and roles to user profile
I must click on projects to display all the projects in my list, click the Users link for a project, then search for my ID to see the roles assigned to my ID.
My idea is to consolidate this information and display it under my user profile similar to the Organization page. 3 clicks display my roles for each project on a single page.
1 vote -
Set log file permissions using Ops Manager
Currently there is no way to set the log file permissions from Ops Manager and the default value is 600. Our organization uses Splunk and with the current settings the Splunk user is not able to read the log files. Config file options such as processUmask and honorSystemUmask can be used to change the log file permissions, but they will also change other files such as journal files, wiredtiger files, etc. The only option we have is to add the Splunk user to our role group in Unix, but this causes a security issue.
1 vote -
Agent authentication to opsmanager using x509 credentials
Similar to how Opsmanger can use x509 to manage deployments, it should be possible to configure the agents to use x509 credentials to communicate with Opsmanager. This will allow for a more consistent security posture across the whole mongodb/opsmanager stack. It would also simplify security procedures such as credential rotation by unifying the authentication mechanism.
This will be an alternative to the existing API Key approach https://www.mongodb.com/docs/ops-manager/current/tutorial/manage-agent-api-key/index.html
1 vote
- Don't see your idea?