Navigation

Ops Manager Resource Specification

Beta Release of Ops Manager Resource

Don’t use the Ops Manager resource in production environments.

The MongoDB Enterprise Kubernetes Operator creates a containerized Ops Manager deployment from specification files that you write.

After you create or update an Ops Manager resource specification, you direct MongoDB Enterprise Kubernetes Operator to apply this specification to your Kubernetes environment. Kubernetes Operator creates the services and custom Kubernetes resources that Ops Manager requires, then deploys Ops Manager and its backing application database in containers in your Kubernetes environment.

Each Ops Manager resource uses an object specification in YAML to define the characteristics and settings of the deployment.

Example

The following example shows a resource specification for an Ops Manager deployment:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
apiVersion: mongodb.com/v1
kind: MongoDBOpsManager
metadata:
 name: om
spec:
 replicas: 1
 version: 4.2.0
 adminCredentials: ops-manager-admin
 configuration:
  mms.fromEmailAddr: admin@example.com
  mms.security.allowCORS: "false"
 backup:
  enabled: true
  headDB:
   storage: 30G
   labelSelector:
    matchLabels:
     app: my-app
  opLogStores:
   - name: oplog1
     mongodbResourceRef:
      name: my-oplog-db
     mongodbUserRef:
      name: my-oplog-user
  s3Stores:
   - name: s3store1
     mongodbResourceRef:
      name: my-s3-metadata-db
     mongodbUserRef:
      name: my-s3-store-user
     s3SecretRef:
       name: my-s3-credentials
     pathStyleAccessEnabled: true
     s3BucketEndpoint: s3.region.amazonaws.com
     s3BucketName: my-bucket

 applicationDatabase:
   passwordSecretKeyRef:
    name: om-db-user-secret
    key: password
   members: 3
   version: 4.0.7
   persistent: true
   podSpec:
     cpu: 0.25

Required Ops Manager Resource Settings

This section describes settings that you must use for all Ops Manager resources.

apiVersion

Type: string

Required. Version of the MongoDB Kubernetes resource schema.

kind

Type: string

Required. Kind of MongoDB Kubernetes resource to create. Set this to MongoDBOpsManager.

metadata.name

Type: string

Required. Name of the MongoDB Kubernetes resource you are creating.

spec.replicas

Type: number

Required. Number of Ops Manager instances to run in parallel.

The minimum accepted value is 1.

Highly Available Ops Manager Resources

For high availability, set this value to more than 1. Multiple Ops Manager instances can read from the same Application Database, ensuring failover if one instance is unavailable and enabling you to update the Ops Manager resource without downtime.

spec.version

Type: number

Required. Version of Ops Manager that you want to install on this MongoDB Kubernetes resource.

spec.adminCredentials

Type: string

Required. Name of the Kubernetes secret you created for the Ops Manager admin user. When you deploy the Ops Manager resource, Kubernetes Operator creates a user with these credentials.

The admin user is granted the Global Owner role.

spec.applicationDatabase

Type: collection

Required. Ops Manager Application Database resource definition.

The following settings from the replica set resource specification are required:

The following settings from the replica set resource specification are optional:

Do not use the following settings from the replica set resource specification:

Optional Ops Manager Resource Settings

Ops Manager resources can use the following settings:

spec.backup.enabled

Type: boolean

Flag that enables Backup for your Ops Manager resource. When set to false, Backup is disabled.

Default value is true.

spec.backup.headDB

Type: collection

Configuration settings for the head database. Kubernetes Operator creates a Persistent Volume Claim with the specified configuration.

Scalar Data Type Description
labelSelector string Tag used to bind mounted volumes to directories.
storage string

Minimum size of Persistent Volume that should be mounted. This value is expressed as an integer followed by a unit of storage in JEDEC notation.

Default value is 30G.

Example

If the head database requires 60 gigabytes of storage space, set this value to 60G.

storageClass string

Type of storage specified in a Persistent Volume Claim. You may create this storage type as a StorageClass object before using it in this object specification.

Note

Make sure to set the StorageClass reclaimPolicy to Retain. This ensures that data is retained when a Persistent Volume Claim is removed.

spec.backup.opLogStores

Type: collection

Required if you enable Backup.

Array of oplog stores used for Backup. Each item in the array references a MongoDB database resource deployed in the Kubernetes cluster by the Kubernetes Operator.

spec.backup.opLogStores.name

Type: string

Required if you enable Backup.

Name of the oplog store.

Important

Once specified, do not edit the name of the oplog store.

spec.backup.opLogStores.mongodbResourceRef.name

Type: string

Required if you enable Backup.

Name of the MongoDB database resource that you create to store oplog slices. You must deploy this database resource in the same namespace as the Ops Manager resource.

If you enable SCRAM authentication on the oplog database, you must:

  • Specify a MongoDB version earlier than v4.0 in the oplog database resource definition.
  • Create a MongoDB user resource to connect Ops Manager to the oplog database.
  • Specify the name of the user in the Ops Manager resource definition.

If a MongoDB database resource with this name doesn’t exist, the Ops Manager resource enters a Pending state. The Kubernetes Operator retries every 10 seconds until a MongoDB database resource with this name is created.

spec.backup.opLogStores.mongodbUserRef.name

Type: string

Required if ``SCRAM`` authentication is enabled on the oplog store database.

Name of the MongoDB user resource used to connect to the oplog store database. Deploy this user resource in the same namespace as the Ops Manager resource and with the readWriteAnyDatabase and dbAdminAnyDatabase roles.

spec.backup.s3Stores.name

Type: string

Required if you enable Backup.

Name of the S3 snapshot store.

Important

Once specified, do not edit the name of the S3 snapshot store.

spec.backup.s3Stores.mongodbResourceRef.name

Type: string

Required if you enable Backup.

Name of the MongoDB database resource that you create to store metadata for the S3 snapshot store. You must deploy this database resource in the same namespace as the Ops Manager resource.

If you enable SCRAM authentication on this database, you must:

  • Specify a MongoDB version earlier than v4.0 in the database resource definition.
  • Create a MongoDB user resource to connect Ops Manager to the database.
  • Specify the name of the user in the Ops Manager resource definition.
spec.backup.s3Stores.mongodbUserRef.name

Type: string

Required if SCRAM authentication is enabled on the metadata database of the S3 snapshot store.

Name of the MongoDB user resource used to connect to the metadata database of the S3 snapshot store. Deploy this user resource in the same namespace as the Ops Manager resource and with the readWriteAnyDatabase and dbAdminAnyDatabase roles.

spec.backup.s3Stores.s3SecretRef.name

Type: string

Required if you enable Backup.

Name of the secret that contains the accessKey and secretKey fields. The Backup Daemon Service uses the values of these fields as credentials to access your AWS S3 or S3-compatible bucket. The S3 snapshot store can’t be configured if the secret is missimg either key.

spec.backup.s3Stores.pathStyleAccessEnabled

Type: boolean

Indicates the style of the bucket endpoint URL.

Value Description Example
true Path-style URL s3.amazonaws.com/<bucket>
false Virtual-host-style URL <bucket>.s3.amazonaws.com

Default value is true.

spec.backup.s3Stores.s3BucketEndpoint

Type: string

Required if you enable Backup.

URL of the AWS S3 bucket or S3-compatible bucket that hosts the snapshot store.

spec.backup.s3Stores.s3BucketName

Type: string

Required if you enable Backup.

Name of the AWS S3 bucket or S3-compatible bucket that hosts the snapshot store.

spec.clusterName

Type: string

Kubernetes assigns each pod a FQDN. The Kubernetes Operator calculates the FQDN for each pod using a provided clusterName. Kubernetes does not provide an API to query these hostnames.

spec.configuration

Type: collection

Ops Manager configuration properties. See Ops Manager Configuration Settings for property names and descriptions. Each property takes a value of type string.

spec.externalConnectivity

Type: collection

Configuration object that enables external connectivity to Ops Manager. If provided, the Kubernetes Operator creates a Kubernetes service that allows traffic originating from outside of the Kubernetes cluster to reach the Ops Manager application.

If not provided, the Kubernetes Operator does not create a Kubernetes service. You must create one manually or use a third-party solution that enables you to route external traffic to the Ops Manager application in your Kubernetes cluster.

spec.externalConnectivity.type

Type: string

The Kubernetes service ServiceType that exposes Ops Manager outside of Kubernetes.

Required if spec.externalConnectivity.type is present.

Accepted values are: LoadBalancer and NodePort. LoadBalancer is recommended if your cloud provider supports it. Use NodePort for local deployments.

spec.externalConnectivity.port

Type: integer

If spec.externalConnectivity.type is NodePort, the port on the Kubernetes service from which external traffic is routed to the Ops Manager application.

Note

You must configure your network’s firewall to allow traffic over this port.

If spec.externalConnectivity.type is LoadBalancer, the load balancer resource that your cloud provider creates routes traffic to this port on the Kubernetes service. You don’t need to provide this value. Kubernetes uses an open port within the default range and handles internal traffic routing appropriately.

In both cases, if this value is not provided, the Kubernetes service routes traffic from an available port within the following default range to the Ops Manager application: 30000-32767.

spec.externalConnectivity.loadBalancerIP

Type: string

The IP address the LoadBalancer Kubernetes service uses when the Kubernetes Operator creates it.

This setting can only be used if your cloud provider supports it and spec.externalConnectivity.type is LoadBalancer. To learn more about the Type LoadBalancer, see the Kubernetes documentation.

spec.externalConnectivity.externalTrafficPolicy

Type: string

Routing policy for external traffic to the Ops Manager Kubernetes service. The service routes external traffic to node-local or cluster-wide endpoints depending the value of this setting.

Accepted values are: Cluster and Local. To learn which of values meet your requirements, see Source IPs in Kubernetes in the Kubernetes documentation.

Note

If you select Cluster, the Source-IP of your clients are lost during the network hops that happen at the Kubernetes network boundary.

spec.externalConnectivity.annotations

Type: collection

Key-value pairs that allow you to provide cloud provider-specific configuration settings.

To learn more about Annotations and TLS support on AWS, see the Kubernetes documentation.

spec.applicationDatabase.passwordSecretKeyRef.name

Type: string

Name of the secret that contains the password for the Ops Manager database user mongodb-ops-manager. Ops Manager uses this password to authenticate to the Application Database.

spec.applicationDatabase.passwordSecretKeyRef.key

Type: string

Name of the field in the secret that contains the password for the Ops Manager database user mongodb-ops-manager. Ops Manager uses this password to authenticate to the Application Database.

The default value is password.