Ops Tools
441 results found
-
Lock enableLocalConfigurationServer setting on OPS Manager side
To harden security for mongodb deployment managed by OPS Manager, we can use setting enableLocalConfigurationServer = true so automation-mongod.conf won't have any passwords for ssl certs and agent will retrieve them from OPS Manager.
to disable this feature and to read all passwords for ssl certs (and hence get access to mongodb data) it's enough to comment out this parameter an restart automation service (or wait until host will be restarted).
Linux root user can modify any file on mongodb host including this file and can restart any services, so it's impossible to protect getting all passwords and mongod.conf from…
1 vote -
Authentication support for OpenID connect (OIDC)
I would like to connect to MongoDB as part of a Terraform IaC project from bitbucket pipelines. Currently this is possible only through API keys.
It would be great if there was support for OIDC as it provides rotated keys and solid support of various pipelines (GitHub actions, Bitbucket pipelines, ...). Also with OIDC the client is not exposed to any credentials, so this would allow for a "zero-trust" approach when it comes to IaC (Infrastructure as Code).
1 vote -
I found what I believe to be an error in the following document
I found what I believe to be an error in the following document.
https://www.mongodb.com/docs/ops-manager/current/tutorial/install-simple-test-deployment/In the section "5. Create the Ops Manager Application Database directory," it instructs to execute the following command
sudo chown -R mongod:mongod /dataIn my environment, the mongod user does not exist and I get an error, but looking at the passwd file, the mongodb user and mongodb group seem to exist. The version is 11.7.
I think the correct command is as follows
sudo chown -R mongodb:mongodb /data1 vote -
Operating System distribution and version of a host in OPS Manager API
Hi,
would be useful having the operating system distribution and version of a host for our automation scripts.
This info is not available in any OPS Manager API request, as the case 01119828.
My suggestion is add this info at "Get Host by ID" https://www.mongodb.com/docs/ops-manager/current/reference/api/hosts/get-one-host-by-id/
Best regards,
Danilo1 vote -
Ability to mark a deployment as an INELIGIBLE restore target
Restoring to a cluster is one of the few destructive actions that Ops Manager takes and it's terrifying to see our main production cluster listed as a possible restore target!
I would love to be able to toggle a setting on this cluster to indicate that it is NOT available as a restore target.
This could be similar to the AWS "DisableApiTermination" feature that prevents instance termination.
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingDisableAPITermination1 vote -
Add flexibility to disable and enable specific fetures of managing mongodb instance in OPS Manager (like user Sync)
Currently , Mongodb admin can not select to disable or enable feature after put mongodb manageed under OPS Manager. like security control .
Normally , Security control is not mongodb or Ops manager admin's responsibility , which is managed by a enterprice access control team.
1 , In opsmanager , there is not role for security control, like useradmin in mongodb.
2 , When ACCESS control team create role in mongodb. Ops Manager sycn it back.
3 , Opsmanager admin have to be engaged to work with ACCESS control team to complete the task.It is kind of not least…
1 vote -
There have been at least a few issues on Kubernetes Community Operator related to PVC expansion, yet this is not documented anywhere.
There have been at least a few issues on Kubernetes Community Operator related to PVC expansion, yet this is not documented anywhere.
Looking at closed issues, one may get an idea that this operation is impossible, but with the latest CSI it should be - it requires some handcrafting. On the other side Enterprise operator has this covered here - https://www.mongodb.com/docs/kubernetes-operator/stable/tutorial/resize-pv-storage/. I suggest writing similar how-to for the Community operator.
My currently tested workflow for volume expansion is similar to this explained on the page above, but as for my knowledge Community operator doesn't allow this operation - as…1 votePlanned - no fixed date but likely complete within Q2.
-
Ability to start the bi connector using a .drdl file in Ops Manager
Ability to start the bi connector using a .drdl file in Ops Manager. Currently only possible with en premise bi connector deployment(mongosqld).
1 vote -
Add possibility to configure the process hostnames for the automation config map
In order to use external certificates could it be possible to configure the process hostnames in automation config map
1 vote -
TLS secret key config
Add option to configure the secret keys for the server and CA certificate and replace the default ones tls.crt, tls.key and ca.crt
1 vote -
Send Alerts When Network Access is Updated
Create an alert when IP Addresses are added or removed from a cluster network access whitelist.
1 vote -
Add "Cluster Tier" and Provisioned "IOPS" as options in MongoDB Metrics Charts in Atlas
If these charts were available, it would enable to the user to visualize the Tier and IOPS of the cluster during specific time ranges, and compare to other metrics such as CPU, iowait, etc.
In my team's experience, we use Atlas auto-scaling to allow a cluster to scale up/down based on load, but when looking at Metrics it is not clear which Tier the cluster was in (e.g. "M30") when evaluating other metrics like CPU utilization. We are able to manually track Cluster Tier by viewing the Project Activity Feed, but if this data was integrated into Metrics it would…
1 vote -
Add Ops Manager alert on tlsX509ExpirationWarningThresholdDays client
Ops Manager alert, for messages posted through 'tlsX509ExpirationWarningThresholdDays' parameter to warn for client certs expiry
1 vote -
Disk metric - log drive
The ops manager is not capturing the log drive disk related metrics when the log path is different from data path. This is an important metric to monitor for anyone to consider OM as the monitoring tool.
1 vote -
add logical name to disk in metrics
when we look at hardware metric in replicaset, OPS Manager displays and groups disk stats based on internal disk name on each node. if for some reason we have disks discovered in different order on OS level, disk names will be different and it's become very messy and difficult to compare disk stats between different nodes.
Suggestion is to add ability to give disk logical name so OPS Manager will display disks for data and disks for logs in a nice way. if new disk is replaced or added - default name can be displayed so administrator will be able…
1 vote -
Add milliseconds to Ops Manager access logs
The current logback-access.xml file only logs with second grainularity, which isn't great when trying to correlate HTTP events with other log events.
I propose changing this line:
<pattern>%h %l %u [%t] "%X{requestUrl}" %s %b "%i{Referer}" "%i{User-Agent}"
To this:
<pattern>%h %l %u [%date{"dd/MMM/yyyy:HH:mm:ss.SSS Z"}] "%X{requestUrl}" %s %b "%i{Referer}" "%i{User-Agent}"
1 vote -
Allow setting the backup PreferredMember via the API for sharded clusters
It's currently only possible to set a backup PreferredMember via the API for a standalone replicaset, but it's not possible to set the PreferredMember for shards of a sharded cluster.
You can do this via the Web UI, but that's incredibly tedious if you have many shards and it would also be valuable to be able to change the PreferredMember in automation scripts.
1 vote -
MONGOCLI add command to shutdown and startup the standalone instance
in this moment there is no way to shutdown or startup a standalone instance because the mongocli works with cluster only
1 vote -
Examples for installing operator declaratively on argocd
Hey there,
Would it be possible to add some examples when it comes to deploying the community operator with argocd?
Thanks
1 vote -
1 vote
- Don't see your idea?