Ops Tools
448 results found
-
Apply Project Maintenance Windows to Global Alerts
Apply Project Maintenance Windows to Global Alerts
Make the existing Project-level maintenance windows also silence Global alerts associated with the Project.
We have many projects that share the Global Alerts and do not want to turn off all global alerts as we still need that alerting for the projects that are not being worked on.
In combination with the existing API for Project Maintenance Windows, this really allows full control.
13 votes -
Send `Monitoring is down` and `Backup is down` alerts for each MongoDB Agent (Monitoring/Backup Module) and include hostname information in
What is the problem that needs to be solved?
Monitoring is downandBackup is downalerts needs to be sent for each individual MongoDB Agent (Monitoring/Backup Module) which become down,Monitoring is downandBackup is downalerts should include hostname information in them.Why is it a problem? (the pain) Customer can't easily identify which MongoDB Agent (Monitoring/Backup Module) become down without hostname information available in the alert (in multi-project environment this becomes operational pain for the customer).
12 votes -
Allow assignment of Backup Resources before starting Backup Job
For very large clusters, ideally backup resources should be assignable before the backup begins. For each shard and config server, assignment of the following would assist in scaling Ops Manager backups.
- Snapshot Store
- Oplog Store
- Backup Daemon (if using FCV <= 4.0)
Starting the backup could trigger an email to the Backup Administrator who could then assign these resources on the Admin page.
12 votes -
Support Arbiters with MongoDB Kubernetes Operator
Support arbiters with MongoDB Kubernetes Operator so that Replicasets should be deployed in PSA configuration.
12 votes -
Add Ops Manager's Org ID/Name into all SNMP Alert Traps
What is the problem that needs to be solved? Ops Manager's Org ID/Name is not included into any of SNMP Alert Traps sent from Ops Manager's Application Server.
Why is it a problem? (the pain) Operator who watch Monitoring System (the one that receive SNMP Alert Traps from Ops Manager) needs to see Ops Manager's Organization ID/Name in order to quickly understand to where that Ops Manager's Alert is related to. Monitoring System (the one that receive SNMP Alert Traps from Ops Manager) needs to do additional work for each SNMP Alert Trap received (via
GET /groups/{PROJECT-ID}/GET /orgs/{ORG-ID}…11 votes -
Provide mechanism for internal password rotation of the automation user
Ops Manager automation currently uses an mms-automation user for node management, but the password for that user is set once and stays forever unless it is updated via the Ops Manager API.
This feature would provide a mechanism that allows this password to be re-generated via the UI or an API call and have it automatically updated on the managed mongod instances as well.
11 votes -
Make snapshot retention policy more customisable
Make the retention policy of Ops Manager snapshots customisable so we can choose custom values (like 21) to be more flexible with the settings.
11 votes -
Create an option to turn ON/OFF daily snapshots schedule from "Ops Manager- Continuous Backup - Edit snapshot schedule"
Currently, we have the option to take daily snapshots at different intervals (6 hrs, 8 hrs, 12, hrs, 24 hrs) but we do not have an option to not configure daily snapshots. While daily snapshots are considered essential, we have almost 200 replica sets of different DB sizes and the daily snapshots, tend interfere with itself due to large DB size and not completing itself in good time for the next day's daily snapshot to run. So if we turn off the daily snapshot or tune the frequency of the daily snapshots on select large replica sets, we will avoid…
10 votes -
MongoDB Agent (Automation Module): don't attempt to auth with `net.tls.clusterFile` / `net.tls.certificateKeyFile` and use Agent X.509 cert
Problem Statement,
What is the problem? MongoDB Agent (Automation Module) attempts to auth withnet.tls.clusterFile/net.tls.certificateKeyFileX.509 certificate first, pretending it is a Replica Set member.Why is this a problem? MongoDB Server process logs are flooded by unnecessary noise from such MongoDB Agent (Automation Module) auth attempts pretending it is Replica Set member. MongoDB Server will always log Replica Set member auth certificate usage outside of internal MongoDB Server client (https://github.com/mongodb/mongo/blob/6212e50e73dd032b448a514fe6893c6490a28a9f/src/mongo/db/commands/authentication_commands.cpp#L294-L300),
Example,
{"t":{"$date":"2021-05-10T11:08:03.110+0000"},"s":"W", "c":"ACCESS", "id":20430, "ctx":"conn116","msg":"Client isn't a mongod or mongos, but is connecting with a certificate with cluster membership"}Proposal,
* Don't attempt to auth…10 votes -
SAML support in Ops Manager API
SAML is available as an authentication mechanism and we're currently using it with keycloack (centralized identity provider).
It works well with Ops Manager but there seems to be no support whatsoever in Ops Manager 4.4 API to programmatically add / update / delete SAML groups on Organizations or Projects.
The official API documentation doesn't even recognize that SAML is available.
Mongo support has confirmed that and it's a target feature in their internal backlog.
This idea will hopefully speed up things.10 votes -
Ops Manager API - System Alerts
The ops manager api documentation specifies endpoints for polling group alerts and global alerts but is missing system alerts. We should be able to poll for system alerts via the ops manager api as well.
10 votes -
Allow the Kubernetes Operator to delete a project
Currently it is not possible to delete a project via kubectl command.
As the Kubernetes Operator allows one to create a project (configmap) and deploy a replica set, we would expect it to also allow the deletion of a project so that we can fully automate the solution.
10 votesWhile deletion of a deployment is possible via Kubernetes, deleting a MongoDB resource doesn’t remove it from the Ops Manager UI. You must remove the resource from Ops Manager manually. To learn more, see Remove a Process from Monitoring.
Deleting a MongoDB resource for which you enabled backup doesn’t delete the resource’s snapshots. You must delete snapshots in Ops Manager.
Work is planned to remove Ops Manager as a prerequisite (though it's use will still be optional and supported) and as part of that we hope to address this deletion aspect.
-
Add Timezone support to Ops Manager Application logs
All of our hosts are in the same TZ. We would like to be able to set the Ops Manager related logs timestamps to our local TZ.
10 votes -
Improve Enterprise Kubernetes Operator PVC expansion
The enterprise operator should be capable of performing all the steps necessary to increase the PVC after the end-user has adjusted the storage values within the MongoDB custom resource.
Reference:
https://www.mongodb.com/docs/kubernetes-operator/stable/tutorial/resize-pv-storage/Why is the Operator incapable of doing the steps starting from step 3 by itself if I simply do step 5?
So what we think should be the case:
We update the database resource with a new storage value.
Then should perform the following steps:
- Patch each persistence volume which can be found in the sts / pod spec.
- Remove the sts with --orphan because the name should be…
9 votes -
Allow multiple authentication sources simultaneously
Currently Ops Manager authentication supports either the Application Database, LDAP, or SAML, but these methods cannot be combined. Ideally we would like to move to LDAP, but we are stuck with the local authentication method as we depend on a local admin user which is used when first deploying and configuring the Ops Manager ecosystem. We also do not want to depend solely on the availability of the LDAP servers regarding an admin user. The MongoDB cluster deployments do support multiple authentication methods at the same time (we have local admin and monitoring accounts while users are authenticating via LDAP),…
9 votes -
Add memory monitoring metrics
Atlas -> please make buffers, cached, and MEM shared available under system memory metrics on Atlas for end users so we can calculate the criteria for auto scaling .
Currently only Mongodb support can see these three metrics
9 votes -
Disable Query Targeting: Scanned Objects / Returned alerts on specific, recurring aggregations.
We run routine, recurring aggregation pipelines (essentially, summing up the values of different categories of transactions) on a 5-minute interval. These aggregation pipelines scan for all objects that match a certain type, then sum the cumulative value of certain values of those objects based on category. This means that we regularly have queries that scan >500,000 objects and consolidate them down to ~12 or so objects that are returned.
In this specific case, I'm alright with the scan/return ratio being very high, and I don't want to be spammed with alerts every five minutes. However, I don't want to disable…
9 votes -
Support Azure blob storage with Ops Manager Backups
Hello,
This is a request for Ops Manager to support Azure blob storage as a snapshot store. Currently the following snapshot store options are supported: blockstore, AWS S3 bucket, File System Store.
While it may be possible to use an S3 API to communicate between Ops Manager and Azure blob storage, thereby storing Ops Manager backups in Azure, this workaround is not officially supported by MongoDB and is thus risky to implement.
9 votes -
Ops Manager Prometheus metrics
MongoDB Ops Manager would need to expose endpoints for Prometheus for MongoDB Clusters. There are a number of metrics that popular MongoDB Exporters do not provide, for example:
1. Enterprise Backup status
2. Replication Alarms
3. Agent statuses
4. A number of Cluster statuses
etcThere is no way to get this data into Prometheus at the moment
9 votes -
Encrypt Password LDAP Query User
The LDAP Query user's password appears in plain text in mongod.config file. The ability to mask its password in automation config file using credentialstool would mitigate a security risk.
9 votes
- Don't see your idea?