Ops Tools

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Dashboard in ops manager

    Can we have add dashboard feature in ops mgr which can give consolidated metrics of all RS.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Ops Manager  ·  Flag idea as inappropriate…  ·  Admin →
  2. Trigger replica set alerts for hidden secondaries

    We need to ability to trigger replica set alerts when a secondary that is hidden goes down.

    In this example an environment has 4 members, with one of them "hidden". We would like to be alerted even when the "hidden" secondary goes down.

    Currently alerts are only working for non-hidden members.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Ops Manager  ·  Flag idea as inappropriate…  ·  Admin →
  3. Allow multiple authentication sources simultaneously

    Currently Ops Manager authentication supports either the Application Database, LDAP, or SAML, but these methods cannot be combined. Ideally we would like to move to LDAP, but we are stuck with the local authentication method as we depend on a local admin user which is used when first deploying and configuring the Ops Manager ecosystem. We also do not want to depend solely on the availability of the LDAP servers regarding an admin user. The MongoDB cluster deployments do support multiple authentication methods at the same time (we have local admin and monitoring accounts while users are authenticating via LDAP),…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Ops Manager  ·  Flag idea as inappropriate…  ·  Admin →
  4. Ops Manager: more precise firewall configuration documentation

    Currently, it is not clear from the documentation what are the source hosts for each port to open. The diagram fills in a bit this imprecision, but it is not formal enough. Also, some ports need to be open only if certain features are needed (eg. download link for snapshots).

    This makes firewall configuration imprecise and experimental (or not as secure as it could be).

    Suggestion: each table of the the Ops Manager firewall configuration webpage should document those columns:
    - source component: client component(s)
    - target component: server component(s)
    - protocol: tcp/udp
    - port
    - feature: to specify if…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Ops Manager  ·  Flag idea as inappropriate…  ·  Admin →
  5. Support Service Binding Specification for Kubernetes

    Service Binding Specification for Kubernetes standardizes exposing backing service secrets to applications. The spec is available here: https://github.com/k8s-service-bindings/spec
    This blog post would be helpful: https://muthukadan.net/kubernetes/binding/support-service-binding-specification-for-kubernetes/

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Kubernetes Operator  ·  Flag idea as inappropriate…  ·  Admin →
  6. Display the feature compatibility version (FCV) in Cloud Manager/Ops Manager UI

    The FCV could be different than the MongoDB version. Also, sometime the FCV on different shards/CSRS in a sharded cluster might be different (e.g. FCV is upgraded on the shards, but for some reason FCV is not upgraded on the CSRS), and this could cause issues.

    It would be nice if FCV is displayed next to the MongoDB version information. So that we can spot out the discrepancy quickly.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cloud Manager  ·  Flag idea as inappropriate…  ·  Admin →
  7. Kubernetes Operator - Enable S3 Oplog store

    Currently, only Replica Sets are the only to deploy an Oplog Store with the Kubernetes Operator.
    This causes issues related to sizing for Ops Manager deployments managing a big number of projects.
    Enabling S3 Oplog Store would help a lot.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Kubernetes Operator  ·  Flag idea as inappropriate…  ·  Admin →
  8. Allow Ops Manager Data Explorer to read from Secondary nodes

    Ops Manager should allow Data Explorer to be configured with a Read Preferences and maxTimeMS options. Not having these options allows this tool to potentially trigger un-optimized queries to only hit primary nodes, which for high load production environments may cause un-expected problems.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Ops Manager  ·  Flag idea as inappropriate…  ·  Admin →
  9. Add filters to Global alert screen in Ops Manager

    Add a filter for Global alert Configuration Page. It would be nice to have the ability to search for the specific alert to see if you have it configured and for which environments.

    A filter similar to what is seen on the "Open Alert" view would be sufficient.

    Since we are managing upwards of 50 deployments via Global Alerts this would be a useful feature.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Ops Manager  ·  Flag idea as inappropriate…  ·  Admin →
  10. Enable S3 Snapshot Storage via Kubernetes Operator with IAM role

    Configuring an S3 Snapshot Storage with IAM roles is only possible via Ops Manager UI or API.

    It would be great to be able to do this configuration via the MongoDB Kubernetes Operator.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Kubernetes Operator  ·  Flag idea as inappropriate…  ·  Admin →
  11. Allow Ops manager to downgrade FCV

    Ops Manager UI (4.0 -4.4) does not allow downgrading of Feature Compatibility Version (FCV), once the FVC has been upgraded to a higher version. Ops Manager automatically
    removes the lower version from the supported FCVs once upgrade completes. But the cluster deployment allows downgrading one level using shell commands. This limitation makes it difficult when planning an upgrade as regression process are more difficult.
    We are in the process of upgrading the environment from 4.0 to 4.4 (which requires an intermediate upgrade to 4.2.). So the downgrade process is so difficult with Ops Manager UI.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Ops Manager  ·  Flag idea as inappropriate…  ·  Admin →
  12. mongocli - allow to enable/disable agent modules

    As of mongocli version 1.17.0 there is no way to enable monitoring and backup modules for a cloud manager or ops manager project.

    You can only query the agents and the modules enabled.

    This won't allow you to use mongocli to setup a new project from scratch and will require to use the Cloud Manager or Ops Manager API updating the automation config manually for this purpose.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Automation  ·  Flag idea as inappropriate…  ·  Admin →
  13. Automated rotation of the Keyfile

    Hello,

    I have an idea about the Keyfile rotation. So actually you can rotate the Keyfile only through the ops manager manually. But I would recommend to do this automatically with an API. This would help us alot since we have alot of mongoDB instances and this would save alot of time.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Automation  ·  Flag idea as inappropriate…  ·  Admin →
  14. Login Page for Ops Manager

    The login page for Ops Manager 4.4+ shows "Email Address" and "Password". While using other login methods such as LDAP, an email address may not be used.

    It would be more accurate to say username here.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Ops Manager  ·  Flag idea as inappropriate…  ·  Admin →
  15. Terraform module for Ops Manager

    Since Ops Manager APIs seem to be very similar (if not, the same) as Atlas API, and since Atlas Terraform modules seem to run based on Atlas API, it would be very nice to have Terraform modules for Ops Manager.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Ops Manager  ·  Flag idea as inappropriate…  ·  Admin →
  16. Allow Ops Manager to only download specific MongoDB binary packages

    We would like to have an option in the Ops Manager UI to select certain MongoDB versions to be automatically downloaded by Automation in order to avoid downloading all major binaries.

    It is not good to have several MongoDB binaries using disk space and not being used.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Automation  ·  Flag idea as inappropriate…  ·  Admin →
  17. Provide support to update version manifest to Ops Manager that uses local mode

    With Ops Manager Local Mode on Kubernetes, the version manifest is required to be updated manually via UI or API.

    It would be the best practice to support updating version manifest using a command to the Operator or OM Pods.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Kubernetes Operator  ·  Flag idea as inappropriate…  ·  Admin →
  18. Add two more entries to the sample_training.zips collections

    The lab task currently can be solved without paying attention to the difference between the $lt vs $lte and $gt vs $gte operators:

    MongoDB Enterprise atlas-7ooiae-shard-0:PRIMARY> db.zips.find({"pop" : { $gte: 5000,$lte: 1000000}}).count()
    11193
    MongoDB Enterprise atlas-7ooiae-shard-0:PRIMARY> db.zips.find({"pop" : { $gt: 5000,$lt: 1000000}}).count()
    11193

    Adding two more documents (one with 5000 and the other one with 1000000 "pop" value) would draw attention to this difference

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  19. Add ability to have systemLog redirected to stdout (just have to remove systemLog.destination and path)

    To be able to have MongoDB logs redirect to stdout and this having it into GKE CloudLogs, we should NOT configure a systemLog.destination nor a systemLog.path.

    In 0.6.0 release, systemLog.destination and path are hardcoded and cannot be nullable.

    see automationconfigbuilder.go at line 208:

    ...
    process.SetSystemLog(SystemLog{
    Destination: "file",
    Path: path.Join(DefaultAgentLogPath, "/mongodb.log"),
    })
    ...

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Kubernetes Operator  ·  Flag idea as inappropriate…  ·  Admin →
  20. Fine-tune RBAC rules for mongodb.com resources

    Right now, the default RBAC rules for the mongodb-enterprise-operator role/clusterrole are:

    apiGroups:
      - mongodb.com
    resources:
      - mongodb
      - mongodb/finalizers
      - mongodb/status
      - mongodbusers
      - mongodbusers/status
      - opsmanagers
      - opsmanagers/finalizers
      - opsmanagers/status
    verbs:
      - "*"
    

    Available at https://github.com/mongodb/mongodb-enterprise-kubernetes/blob/b4c0a9b167f21114dc276cb163a1b207ae2f9359/helm_chart/templates/operator-roles.yaml#L90

    This doesn't doesn't work well with privilege escalation because it won't work for service accounts that individually mention the allowed verbs.
    For example, my service account has permissions for everything (create, delete, deletecollection, get, list, patch, update, watch), but it fails with (...) is attempting to grant RBAC permissions not currently held because they are not equal to "*".

    The proposed change is…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Kubernetes Operator  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base