Ops Tools
429 results found
-
Do not download EOL releases
Currently our Ops Mgrs keep re-downloading EOL releases of mongodb, e.g. mongodb-linux-x8664-2.6.12, mongodb-linux-x8664-3.0.15, etc. Ops Manager should automatically exclude EOL releases - they are taking up unnecessary disk space.
11 votes -
Send `Monitoring is down` and `Backup is down` alerts for each MongoDB Agent (Monitoring/Backup Module) and include hostname information in
What is the problem that needs to be solved?
Monitoring is downandBackup is downalerts needs to be sent for each individual MongoDB Agent (Monitoring/Backup Module) which become down,Monitoring is downandBackup is downalerts should include hostname information in them.Why is it a problem? (the pain) Customer can't easily identify which MongoDB Agent (Monitoring/Backup Module) become down without hostname information available in the alert (in multi-project environment this becomes operational pain for the customer).
11 votes -
Add Ops Manager's Org ID/Name into all SNMP Alert Traps
What is the problem that needs to be solved? Ops Manager's Org ID/Name is not included into any of SNMP Alert Traps sent from Ops Manager's Application Server.
Why is it a problem? (the pain) Operator who watch Monitoring System (the one that receive SNMP Alert Traps from Ops Manager) needs to see Ops Manager's Organization ID/Name in order to quickly understand to where that Ops Manager's Alert is related to. Monitoring System (the one that receive SNMP Alert Traps from Ops Manager) needs to do additional work for each SNMP Alert Trap received (via
GET /groups/{PROJECT-ID}/GET /orgs/{ORG-ID}…11 votes -
Allow assignment of Backup Resources before starting Backup Job
For very large clusters, ideally backup resources should be assignable before the backup begins. For each shard and config server, assignment of the following would assist in scaling Ops Manager backups.
- Snapshot Store
- Oplog Store
- Backup Daemon (if using FCV <= 4.0)
Starting the backup could trigger an email to the Backup Administrator who could then assign these resources on the Admin page.
11 votes -
Change namespace option on mongomirror
I was wondering why you can migrate data but you actually (as far I as saw) cannot change the database name during the process of migration (not using mongod/mongorestore unix/win commands but Atlas directly).
From the technical support:
"This is because Live Migration using mongomirror as an underlying process, which in this case tails the oplog and recreates the data exactly as is. This tool is typically used to minimize downtime, especially in production environments, for users who are migrating their data as is while writes are still occurring on the source instance. "
However, as I responded:
"Ok thanks…
11 votes -
Provide mechanism for internal password rotation of the automation user
Ops Manager automation currently uses an mms-automation user for node management, but the password for that user is set once and stays forever unless it is updated via the Ops Manager API.
This feature would provide a mechanism that allows this password to be re-generated via the UI or an API call and have it automatically updated on the managed mongod instances as well.
11 votes -
MongoDB Agent (Automation Module): don't attempt to auth with `net.tls.clusterFile` / `net.tls.certificateKeyFile` and use Agent X.509 cert
Problem Statement,
What is the problem? MongoDB Agent (Automation Module) attempts to auth withnet.tls.clusterFile/net.tls.certificateKeyFileX.509 certificate first, pretending it is a Replica Set member.Why is this a problem? MongoDB Server process logs are flooded by unnecessary noise from such MongoDB Agent (Automation Module) auth attempts pretending it is Replica Set member. MongoDB Server will always log Replica Set member auth certificate usage outside of internal MongoDB Server client (https://github.com/mongodb/mongo/blob/6212e50e73dd032b448a514fe6893c6490a28a9f/src/mongo/db/commands/authentication_commands.cpp#L294-L300),
Example,
{"t":{"$date":"2021-05-10T11:08:03.110+0000"},"s":"W", "c":"ACCESS", "id":20430, "ctx":"conn116","msg":"Client isn't a mongod or mongos, but is connecting with a certificate with cluster membership"}Proposal,
* Don't attempt to auth…9 votes -
Add memory monitoring metrics
Atlas -> please make buffers, cached, and MEM shared available under system memory metrics on Atlas for end users so we can calculate the criteria for auto scaling .
Currently only Mongodb support can see these three metrics
9 votes -
SAML support in Ops Manager API
SAML is available as an authentication mechanism and we're currently using it with keycloack (centralized identity provider).
It works well with Ops Manager but there seems to be no support whatsoever in Ops Manager 4.4 API to programmatically add / update / delete SAML groups on Organizations or Projects.
The official API documentation doesn't even recognize that SAML is available.
Mongo support has confirmed that and it's a target feature in their internal backlog.
This idea will hopefully speed up things.9 votes -
Ops Manager API - System Alerts
The ops manager api documentation specifies endpoints for polling group alerts and global alerts but is missing system alerts. We should be able to poll for system alerts via the ops manager api as well.
9 votes -
Allow the Kubernetes Operator to delete a project
Currently it is not possible to delete a project via kubectl command.
As the Kubernetes Operator allows one to create a project (configmap) and deploy a replica set, we would expect it to also allow the deletion of a project so that we can fully automate the solution.
9 votesWhile deletion of a deployment is possible via Kubernetes, deleting a MongoDB resource doesn’t remove it from the Ops Manager UI. You must remove the resource from Ops Manager manually. To learn more, see Remove a Process from Monitoring.
Deleting a MongoDB resource for which you enabled backup doesn’t delete the resource’s snapshots. You must delete snapshots in Ops Manager.
Work is planned to remove Ops Manager as a prerequisite (though it's use will still be optional and supported) and as part of that we hope to address this deletion aspect.
-
Encrypt Password LDAP Query User
The LDAP Query user's password appears in plain text in mongod.config file. The ability to mask its password in automation config file using credentialstool would mitigate a security risk.
9 votes -
Configure MongoDB Automation Agent collecting stats on some collection to not trigger alerts
We just had a support case about some alerts being raised on our cluster because the MongoDB Automation Agent collecting stats on some collection doing queries without index triggers "Scanned Objects / Returned" ratio has went over 1000.
It would be really nice to at least not raise alerts when it's the mongodb automation agent that triggered it. Were monitoring our alerts a lot and these are false positive we can't do anything about it seems other than create all the indexes it needs, which might change over time. We have no guarantee of which index it needs.
Another alternative…
9 votes -
Add Timezone support to Ops Manager Application logs
All of our hosts are in the same TZ. We would like to be able to set the Ops Manager related logs timestamps to our local TZ.
9 votes -
Introduce Helm Chart for MongoDB, MongoDBUser and secrets
Provide a helm chart that deploys MongoDB, MongoDBUser, secrets and all other resources needed.
The goal is to simplify the deployment of a MongoDB instance and everything that comes with it down to a helm one-liner.
9 votesWe have an example of a HELM chart that can deploy all resources.
We will be working on adding more refined charts
https://github.com/mongodb/mongodb-enterprise-kubernetes/tree/master/helm_chart -
Allow multiple authentication sources simultaneously
Currently Ops Manager authentication supports either the Application Database, LDAP, or SAML, but these methods cannot be combined. Ideally we would like to move to LDAP, but we are stuck with the local authentication method as we depend on a local admin user which is used when first deploying and configuring the Ops Manager ecosystem. We also do not want to depend solely on the availability of the LDAP servers regarding an admin user. The MongoDB cluster deployments do support multiple authentication methods at the same time (we have local admin and monitoring accounts while users are authenticating via LDAP),…
8 votes -
Disable Query Targeting: Scanned Objects / Returned alerts on specific, recurring aggregations.
We run routine, recurring aggregation pipelines (essentially, summing up the values of different categories of transactions) on a 5-minute interval. These aggregation pipelines scan for all objects that match a certain type, then sum the cumulative value of certain values of those objects based on category. This means that we regularly have queries that scan >500,000 objects and consolidate them down to ~12 or so objects that are returned.
In this specific case, I'm alright with the scan/return ratio being very high, and I don't want to be spammed with alerts every five minutes. However, I don't want to disable…
8 votes -
Ops Manager API call for Host Mappings
This feature request is for a new Group/Project API call for the management of the host mappings created in Ops Manager from monitoring information. Whether it be an endpoint for "Reset Duplicates" or full featured create/delete of individual host mappings, both will alleviate issues where overlapping mappings affect monitoring in Ops Manager.
Note: The issue of overlapping mappings may occur when a mongod process has moved/changed IP addresses multiple times. With enough cycling (as seen in Kubernetes clusters with frequent pod restarts), eventually a previously mapped IP address may now be associated with a different mongod process.
8 votes -
Ops Manager Prometheus metrics
MongoDB Ops Manager would need to expose endpoints for Prometheus for MongoDB Clusters. There are a number of metrics that popular MongoDB Exporters do not provide, for example:
1. Enterprise Backup status
2. Replication Alarms
3. Agent statuses
4. A number of Cluster statuses
etcThere is no way to get this data into Prometheus at the moment
8 votes -
Sharded Cluster Snapshot Restores - Throttling and Src/Dst Mapping
When restoring a sharded cluster snapshot, provide a means of mapping the source shard replica set names to the target shard replica set names. This will allow users to predictably restore large/small shards to the appropriate target hosts.
Currently, this can be done for sharded clusters with fewer than 10 shards by naming the shards in a predicable shard## pattern. However, greater than ~10 shards leads to an alphabetical => alphanumeric restore plan (e.g. shardA10 restores to shardB2).
Restoring large sharded clusters can also overwhelm networks where MongoDB Agents are downloading snapshots from Ops Manager(s) at the same time. Please…
8 votes
- Don't see your idea?