Ops Tools
441 results found
-
Do not download EOL releases
Currently our Ops Mgrs keep re-downloading EOL releases of mongodb, e.g. mongodb-linux-x8664-2.6.12, mongodb-linux-x8664-3.0.15, etc. Ops Manager should automatically exclude EOL releases - they are taking up unnecessary disk space.
12 votes -
Ops Manager API call for Host Mappings
This feature request is for a new Group/Project API call for the management of the host mappings created in Ops Manager from monitoring information. Whether it be an endpoint for "Reset Duplicates" or full featured create/delete of individual host mappings, both will alleviate issues where overlapping mappings affect monitoring in Ops Manager.
Note: The issue of overlapping mappings may occur when a mongod process has moved/changed IP addresses multiple times. With enough cycling (as seen in Kubernetes clusters with frequent pod restarts), eventually a previously mapped IP address may now be associated with a different mongod process.
12 votes -
Send `Monitoring is down` and `Backup is down` alerts for each MongoDB Agent (Monitoring/Backup Module) and include hostname information in
What is the problem that needs to be solved?
Monitoring is downandBackup is downalerts needs to be sent for each individual MongoDB Agent (Monitoring/Backup Module) which become down,Monitoring is downandBackup is downalerts should include hostname information in them.Why is it a problem? (the pain) Customer can't easily identify which MongoDB Agent (Monitoring/Backup Module) become down without hostname information available in the alert (in multi-project environment this becomes operational pain for the customer).
12 votes -
Allow assignment of Backup Resources before starting Backup Job
For very large clusters, ideally backup resources should be assignable before the backup begins. For each shard and config server, assignment of the following would assist in scaling Ops Manager backups.
- Snapshot Store
- Oplog Store
- Backup Daemon (if using FCV <= 4.0)
Starting the backup could trigger an email to the Backup Administrator who could then assign these resources on the Admin page.
12 votes -
Support Arbiters with MongoDB Kubernetes Operator
Support arbiters with MongoDB Kubernetes Operator so that Replicasets should be deployed in PSA configuration.
12 votes -
Add Ops Manager's Org ID/Name into all SNMP Alert Traps
What is the problem that needs to be solved? Ops Manager's Org ID/Name is not included into any of SNMP Alert Traps sent from Ops Manager's Application Server.
Why is it a problem? (the pain) Operator who watch Monitoring System (the one that receive SNMP Alert Traps from Ops Manager) needs to see Ops Manager's Organization ID/Name in order to quickly understand to where that Ops Manager's Alert is related to. Monitoring System (the one that receive SNMP Alert Traps from Ops Manager) needs to do additional work for each SNMP Alert Trap received (via
GET /groups/{PROJECT-ID}/GET /orgs/{ORG-ID}…11 votes -
Provide mechanism for internal password rotation of the automation user
Ops Manager automation currently uses an mms-automation user for node management, but the password for that user is set once and stays forever unless it is updated via the Ops Manager API.
This feature would provide a mechanism that allows this password to be re-generated via the UI or an API call and have it automatically updated on the managed mongod instances as well.
11 votes -
Create an option to turn ON/OFF daily snapshots schedule from "Ops Manager- Continuous Backup - Edit snapshot schedule"
Currently, we have the option to take daily snapshots at different intervals (6 hrs, 8 hrs, 12, hrs, 24 hrs) but we do not have an option to not configure daily snapshots. While daily snapshots are considered essential, we have almost 200 replica sets of different DB sizes and the daily snapshots, tend interfere with itself due to large DB size and not completing itself in good time for the next day's daily snapshot to run. So if we turn off the daily snapshot or tune the frequency of the daily snapshots on select large replica sets, we will avoid…
10 votes -
SAML support in Ops Manager API
SAML is available as an authentication mechanism and we're currently using it with keycloack (centralized identity provider).
It works well with Ops Manager but there seems to be no support whatsoever in Ops Manager 4.4 API to programmatically add / update / delete SAML groups on Organizations or Projects.
The official API documentation doesn't even recognize that SAML is available.
Mongo support has confirmed that and it's a target feature in their internal backlog.
This idea will hopefully speed up things.10 votes -
Ops Manager API - System Alerts
The ops manager api documentation specifies endpoints for polling group alerts and global alerts but is missing system alerts. We should be able to poll for system alerts via the ops manager api as well.
10 votes -
Allow the Kubernetes Operator to delete a project
Currently it is not possible to delete a project via kubectl command.
As the Kubernetes Operator allows one to create a project (configmap) and deploy a replica set, we would expect it to also allow the deletion of a project so that we can fully automate the solution.
10 votesWhile deletion of a deployment is possible via Kubernetes, deleting a MongoDB resource doesn’t remove it from the Ops Manager UI. You must remove the resource from Ops Manager manually. To learn more, see Remove a Process from Monitoring.
Deleting a MongoDB resource for which you enabled backup doesn’t delete the resource’s snapshots. You must delete snapshots in Ops Manager.
Work is planned to remove Ops Manager as a prerequisite (though it's use will still be optional and supported) and as part of that we hope to address this deletion aspect.
-
Add Timezone support to Ops Manager Application logs
All of our hosts are in the same TZ. We would like to be able to set the Ops Manager related logs timestamps to our local TZ.
10 votes -
MongoDB Agent (Automation Module): don't attempt to auth with `net.tls.clusterFile` / `net.tls.certificateKeyFile` and use Agent X.509 cert
Problem Statement,
What is the problem? MongoDB Agent (Automation Module) attempts to auth withnet.tls.clusterFile/net.tls.certificateKeyFileX.509 certificate first, pretending it is a Replica Set member.Why is this a problem? MongoDB Server process logs are flooded by unnecessary noise from such MongoDB Agent (Automation Module) auth attempts pretending it is Replica Set member. MongoDB Server will always log Replica Set member auth certificate usage outside of internal MongoDB Server client (https://github.com/mongodb/mongo/blob/6212e50e73dd032b448a514fe6893c6490a28a9f/src/mongo/db/commands/authentication_commands.cpp#L294-L300),
Example,
{"t":{"$date":"2021-05-10T11:08:03.110+0000"},"s":"W", "c":"ACCESS", "id":20430, "ctx":"conn116","msg":"Client isn't a mongod or mongos, but is connecting with a certificate with cluster membership"}Proposal,
* Don't attempt to auth…9 votes -
Add memory monitoring metrics
Atlas -> please make buffers, cached, and MEM shared available under system memory metrics on Atlas for end users so we can calculate the criteria for auto scaling .
Currently only Mongodb support can see these three metrics
9 votes -
Disable Query Targeting: Scanned Objects / Returned alerts on specific, recurring aggregations.
We run routine, recurring aggregation pipelines (essentially, summing up the values of different categories of transactions) on a 5-minute interval. These aggregation pipelines scan for all objects that match a certain type, then sum the cumulative value of certain values of those objects based on category. This means that we regularly have queries that scan >500,000 objects and consolidate them down to ~12 or so objects that are returned.
In this specific case, I'm alright with the scan/return ratio being very high, and I don't want to be spammed with alerts every five minutes. However, I don't want to disable…
9 votes -
Encrypt Password LDAP Query User
The LDAP Query user's password appears in plain text in mongod.config file. The ability to mask its password in automation config file using credentialstool would mitigate a security risk.
9 votes -
Configure MongoDB Automation Agent collecting stats on some collection to not trigger alerts
We just had a support case about some alerts being raised on our cluster because the MongoDB Automation Agent collecting stats on some collection doing queries without index triggers "Scanned Objects / Returned" ratio has went over 1000.
It would be really nice to at least not raise alerts when it's the mongodb automation agent that triggered it. Were monitoring our alerts a lot and these are false positive we can't do anything about it seems other than create all the indexes it needs, which might change over time. We have no guarantee of which index it needs.
Another alternative…
9 votes -
Introduce Helm Chart for MongoDB, MongoDBUser and secrets
Provide a helm chart that deploys MongoDB, MongoDBUser, secrets and all other resources needed.
The goal is to simplify the deployment of a MongoDB instance and everything that comes with it down to a helm one-liner.
9 votesWe have an example of a HELM chart that can deploy all resources.
We will be working on adding more refined charts
https://github.com/mongodb/mongodb-enterprise-kubernetes/tree/master/helm_chart -
Improve Enterprise Kubernetes Operator PVC expansion
The enterprise operator should be capable of performing all the steps necessary to increase the PVC after the end-user has adjusted the storage values within the MongoDB custom resource.
Reference:
https://www.mongodb.com/docs/kubernetes-operator/stable/tutorial/resize-pv-storage/Why is the Operator incapable of doing the steps starting from step 3 by itself if I simply do step 5?
So what we think should be the case:
We update the database resource with a new storage value.
Then should perform the following steps:
- Patch each persistence volume which can be found in the sts / pod spec.
- Remove the sts with --orphan because the name should be…
8 votes -
Allow multiple authentication sources simultaneously
Currently Ops Manager authentication supports either the Application Database, LDAP, or SAML, but these methods cannot be combined. Ideally we would like to move to LDAP, but we are stuck with the local authentication method as we depend on a local admin user which is used when first deploying and configuring the Ops Manager ecosystem. We also do not want to depend solely on the availability of the LDAP servers regarding an admin user. The MongoDB cluster deployments do support multiple authentication methods at the same time (we have local admin and monitoring accounts while users are authenticating via LDAP),…
8 votes
- Don't see your idea?