Ops Tools
487 results found
-
The Backup Daemon auto downloads all old Mongodb versions
If "Backup Versions Auto Download" is set to true on the Admin > General > Ops Manager Config > MISCELLANEOUS tab, then the backup daemon automatically downloads all older major versions of the software.
In my opinion, it would be better if you could either select the version/s which you want or it only downloaded versions equal to or higher than your current version.
All the old versions take up disk space and can only be deleted if the setting is changed to false.
thanks1 vote -
Mongo Atlas: create backup before updating version
If I upgrade Atlas cluster, Atlas automatically creates a backup with the new version.
I'd rather have a backup of the cluster with original version.
It will allow to restore to the previous version.
Current workaround: create a backup manually before upgrade.1 vote -
encryption at rest
Right now there is only option to encrypt the key used to encrypt the database. There is no way we can choose which encryption technology is being used to encrypting the database and its backups. The default protocol being used by mongodb may not align with the security policy of the company.
1 vote -
1 vote
-
mongoimport should explain why documents fail schema validation
Currently, with mongoimport 100.9 and MongoDB 7.0 with schema validation enabled, mongoimport will only report that a document failed to import due to schema validation. It would be useful if it could explain why it violates the schema (e.g. which fields are missing, which datatypes are incorrect, etc.). This is similar to the feature request for MongoDB Compass2
1 vote -
Operator crashes when it doesn't have permissions to watch a namespace
If one of many namespaces does not set the permissions for the operator to watch the namespace, it throws exceptions and goes to crashLoopBackOff state.
This is clearly a bug. One misconfigured namespace should never be able to take the operator down with it.1 voteThis is expected behavior and common among operators; it can't function and do what's needed if it lacks the permissions needed.
I know we have an open support case around this to try and understand more about your use case, and we're hoping that we'll be able to offer some guidance to avoid this problem and still achieve what you need. It may even be a new use case that we look to support.
-
Allow assigning users to an organization via api by adding a bypass parameter
Via the parameter
bypassInviteForExistingUsersit is possible to a add a user to a project.
It is important to also have this feature for the Organization, so please add a parameterbypassOrgInviteForExistingUseror similar to enable this.
Without it, we can not automate the creation of new environments.1 vote -
Allow configuring external applicationDatabase running on MongoDB Atlas
Allow configuring external applicationDatabase running outside of Kubernetes in the opsManager configuration.
1 vote -
Management capabilities for trusted CA certificates in the Admin UI
Currently it is a manual process per Ops Manager server to add trusted CA certificates to the Java TrustStore. This store is also overwritten on Ops Manager upgrades.
Similar to the S3 block store option to use a specific CA, it would be useful to manage trusted CA certificates for other endpoints such as HTTPS proxies, webhook alerts, and custom download URLs.
1 vote -
Need an alert for KMIP master key rotation
Currently opsmanager has manual rotation of KMIP master keys.
Enhancement required:
Need an alert from project level to rotate keys when nearing the schedule rotation just like SSL expiration alertsNeed for automation of this key rotation would be helpful. If fails, it needs to revert back changes and alert for human intervention.
1 vote -
Allow service spec changes via MongoDBCommunity CR
I aim to include extra sidecar containers, such as a metrics sidecar, allowing me to deploy an external metrics exporter alongside that would be scraped via service. I intend to configure annotations on the service for Prometheus automatic discovery, enabling the scraping of metrics and exposing the exporter container at the service level, similar to the one exposed when prometheus integration is enabled.
Updating the service spec is not currently possible, and as result, a lot of manual steps are required, like creating a custom service for each cluster, which points to the sidecar container with the required annotations in…
1 vote -
disable auth on metrics
Opentelemtry-Collector does not support secrets for ServiceMonitor/PodMonitor resources, which generates authorization issues while trying to scrape the metrics endpoint of MongoDB.
I'm looking for a way to disable the basic_auth on the metrics endpoint of MongoDB, I already tried a lot of ways, including an empty username/password, but nothing worked, any help would be highly appreciated.
1 vote -
Add comprehensive configuration options for persistent volumes
From a project point of view, we need additional configuration options for persistent volumes. For instance, as far as we know, each MongoDB Deployment that uses a persistent volume is configured with Access Mode ReadWriteOnce per default. We need to customise this option for optimal usage. For configuration options would be a plus.
1 vote -
SAML sign either Response or Assertion in Ops Manager
Ops Manager currently requires both the Response and Assertion to be signed for SAML auth. Our IDMS system cannot authenticate via SAML as it can sign either one or the other, not both. We would like a configurable option in Ops Manager SAML auth to enforce signing of Response or Assertion.
1 vote -
mongod startupWarnings
Create an "alert" to send notificactions when a mongod proccess has, for any reason, startup warnings.
e.g.
1)
The configured WiredTiger cache size is more than 80% of available RAM. See http://dochub.mongodb.org/core/faq-memory-diagnostics-wt2)
/sys/kernel/mm/transparent_hugepage/defrag is 'always'.3) Others.
1 vote -
Disable point-in-time restores
It would be nice to have the ability to set the parameter "Allow point-in-time restores going back" to ZERO (disabling PIT restores). This could be useful in situation where a database is producing a lot of oplog and DBA wants to avoid the saturation of oplog-store. In other words: "I want to mantain shapshot backup functionality, but deactivate PIT functionality".
1 vote -
Incremental backup with reduced snapshots size
The actual size of EACH snapshot is equal to datapath filesystem size. Every snapshot is essentially a copy of all db files. This prevents the use of OPS Manager Backup for large databases. It would be desirable to have a "real" incremental backup, based on one "baseline-snapshot" plus "delta-snapshots" of reduced size.
1 vote -
Ops Manager: API endpoint for /databases should not require host
Currently the Ops Manager API to list databases requires a hostname: /groups/{PROJECT-ID}/hosts/{HOST-ID}/databases
It would useful to gather databases on a project or cluster level instead as the databases are the same across replica set members.
1 vote -
reencrypt existing snapshot with new kmip key
Customer may decide to migrate from one KMIP provider to another or from one KMIP server to another. If you need store backups for a long period of time (7 years for compliant reason is not an exception), it becomes difficult to make sure that you can restore snapshots from old keys and all old KMIP servers still up and running.
it turns out that it's not possible to export old keys from one kmip provider and import into another kmip provider due to security reasons.
But at the same time - it looks like much easier to implement option…
1 vote -
Replica Set size Alert
Have an Alert in Ops Manager to notify that a Replica Set is approaching the maximum recommended size (ie: 2TB) and that it should be converted into a Sharded Cluster.
1 vote
- Don't see your idea?