Navigation

Upgrade from Operator Version 0.9 or Earlier

Warning

Version 0.10 of the MongoDB Enterprise Kubernetes Operator included breaking changes and requires some additional preparation before upgrading. The following procedure outlines the upgrade process for Kubernetes Operator versions 0.9 and earlier. If you are already running version 0.10 or later, see Upgrade from Operator Version 0.10 or Later for upgrade instructions.

Version 0.10 of the Kubernetes Operator consolidated the MongoDbStandalone, MongoDbShardedCluster, and MongoDbReplicaSet CustomResourceDefinitions into a single CustomResourceDefinition called MongoDB.

Important

The following upgrade procedure allows you to keep data stored in persistent volumes from previous deployments that the Kubernetes Operator managed. If you do not wish to retain data from previous deployments and plan on deploying new resources, skip to the Upgrade section.

Prerequisites

  1. If you have not already, run the following command to execute all kubectl commands in the namespace you created:

    kubectl config set-context $(kubectl config current-context) --namespace=<namespace>
    
  2. Verify you have the .yaml configuration file for each MongoDB resource you have deployed.

    Standalone Resources

    If you have standalone resources but do not have the .yaml configuration file for them, run the following command to generate the configuration file:

    kubectl mst <standalone-name> -o yaml > <standalone-conf-name>.yaml
    
    Replica Set Resources

    If you have replica set resources but do not have the .yaml configuration file for them, run the following command to generate the configuration file:

    kubectl get mrs <replicaset-name> -o yaml > <replicaset-conf-name>.yaml
    
    Sharded Cluster Resources

    If you have sharded cluster resources but do not have the .yaml configuration file for them, run the following command to generate the configuration file:

    kubectl get msc <shardedcluster-name> -o yaml > <shardedcluster-conf-name>.yaml
    
  3. Edit each .yaml configuration file match the new CustomResourceDefinition:

    • Change the kind to MongoDB

    • Add the spec.type field and set it to Standalone, ReplicaSet, or ShardedCluster depending on your resource.

      Note

      The Kubernetes Operator does not support changing the type of an existing configuration even though it will accept a valid configuration for a different type.

      For example, if your MongoDB resource is a standalone, you cannot set the value of spec.type to ReplicaSet and set spec.members. If you do, the Kubernetes Operator throws an error and requires you to revert to the previously working configuration.

    After you edit each .yaml file, they should look like the following example:

    ---
    apiVersion: mongodb.com/v1
    kind: MongoDB
    metadata:
      name: <my-standalone>
    spec:
      version: 4.2.2-ent
      opsManager:
        configMapRef:
          name: <configMap.metadata.name>
                # Must match metadata.name in ConfigMap file
      credentials: <mycredentials>
      type: Standalone
      persistent: true
    ...
    
     1
     2
     3
     4
     5
     6
     7
     8
     9
    10
    11
    12
    13
    14
    15
    16
    ---
    apiVersion: mongodb.com/v1
    kind: MongoDB
    metadata:
      name: <my-replica-set>
    spec:
      members: 3
      version: 4.2.2-ent
      opsManager:
        configMapRef:
          name: <configMap.metadata.name>
                # Must match metadata.name in ConfigMap file
      credentials: <mycredentials>
      type: ReplicaSet
      persistent: true
    ...
    
     1
     2
     3
     4
     5
     6
     7
     8
     9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    ---
    apiVersion: mongodb.com/v1
    kind: MongoDB
    metadata:
      name: <my-sharded-cluster>
    spec:
      shardCount: 2
      mongodsPerShardCount: 3
      mongosCount: 2
      configServerCount: 3
      version: 4.2.2-ent
      opsManager:
        configMapRef:
          name: <configMap.metadata.name>
                # Must match metadata.name in ConfigMap file
      credentials: <mycredentials>
      type: ShardedCluster
      persistent: true
    ...
    

    Warning

    If you change the metadata.name field you will lose your resource’s data.

Upgrade the Kubernetes Operator

To upgrade to the latest version of the Kubernetes Operator from version v0.9 or earlier:

The following steps depend on how your environment is configured:

1

Change to the directory in which you cloned the repository.

2

Upgrade the CustomResourceDefinitions for MongoDB deployments using the following kubectl command:

kubectl apply -f crds.yaml
3

You can edit the Operator YAML file to further customize your Operator before upgrading it.

  1. Open your mongodb-enterprise.yaml in your preferred text editor.

  2. You may need to add one or more of the following options:

    Environment Variable When to Use
    OPERATOR_ENV

    Label for the Operator’s deployment environment. The env value affects default timeouts and the format and level of logging.

    If OPERATOR_ENV is Log Level is set to Log Format is set to
    dev debug text
    prod info json

    Accepted values are: dev, prod.

    Default value is: prod.

    You can set the following pair of values:

    spec.template.spec.containers.name.env.name: OPERATOR_ENV
    spec.template.spec.containers.name.env.value: prod
    

    Example

    spec:
      template:
        spec:
          serviceAccountName: mongodb-enterprise-operator
          containers:
          - name: mongodb-enterprise-operator
            image: <operatorVersionUrl>
            imagePullPolicy: <policyChoice>
            env:
            - name: OPERATOR_ENV
              value: prod
    
    WATCH_NAMESPACE

    Namespace that the Operator watches for MongoDB Kubernetes resource changes. If this namespace differs from the default, ensure that the Operator’s ServiceAccount can access that different namespace.

    * means all namespaces and requires the ClusterRole assigned to the mongodb-enterprise-operator ServiceAccount which is the ServiceAccount used to run the Kubernetes Operator.

    Default value is: <metadata.namespace>.

    Important

    To watch Ops Manager and MongoDB Kubernetes resources in a different namespace to which you deploy the Kubernetes Operator, see Kubernetes Operator Deployment Scopes for values you must use and additional steps you might have to perform.

    You can set the following pair of values:

    spec.template.spec.containers.name.env.name: WATCH_NAMESPACE
    spec.template.spec.containers.name.env.value: "<testNamespace>"
    

    Example

    spec:
      template:
        spec:
          serviceAccountName: mongodb-enterprise-operator
          containers:
          - name: mongodb-enterprise-operator
            image: <operatorVersionUrl>
            imagePullPolicy: <policyChoice>
            env:
            - name: WATCH_NAMESPACE
              value: "<testNamespace>"
    
    MONGODB_ENTERPRISE_DATABASE_IMAGE

    URL of the MongoDB Enterprise Database image the Kubernetes Operator deploys.

    Default value is quay.io/mongodb/mongodb-enterprise-database.

    spec.template.spec.containers.name.env.name:
    MONGODB_ENTERPRISE_DATABASE_IMAGE
    spec.template.spec.containers.name.env.value:
    quay.io/mongodb/mongodb-enterprise-database
    

    Example

     1
     2
     3
     4
     5
     6
     7
     8
     9
    10
    11
    12
    13
    spec:
      template:
        spec:
          serviceAccountName: mongodb-enterprise-operator
          containers:
          - name: mongodb-enterprise-operator
            image: <operatorVersionUrl>
            imagePullPolicy: <policyChoice>
            env:
            - name: MONGODB_ENTERPRISE_DATABASE_IMAGE
              value: quay.io/mongodb/mongodb-enterprise-database
            - name: IMAGE_PULL_POLICY
              value: Always
    
    IMAGE_PULL_POLICY

    Pull policy for the MongoDB Enterprise database image the Kubernetes Operator deploys.

    Accepted values are Always, IfNotPresent, Never.

    Default value is Always.

    spec.template.spec.containers.name.env.name:
    IMAGE_PULL_POLICY
    spec.template.spec.containers.name.env.value:
    <policy>
    

    Example

     1
     2
     3
     4
     5
     6
     7
     8
     9
    10
    11
    12
    13
    spec:
      template:
        spec:
          serviceAccountName: mongodb-enterprise-operator
          containers:
          - name: mongodb-enterprise-operator
            image: <operatorVersionUrl>
            imagePullPolicy: <policyChoice>
            env:
            - name: MONGODB_ENTERPRISE_DATABASE_IMAGE
              value: quay.io/mongodb/mongodb-enterprise-database
            - name: IMAGE_PULL_POLICY
              value: Always
    
    OPS_MANAGER_IMAGE_REPOSITORY

    URL of the repository from which the image for an Ops Manager resource is downloaded.

    Default value is quay.io/mongodb/mongodb-enterprise-ops-manager.

    spec.template.spec.containers.name.env.name:
    OPS_MANAGER_IMAGE_REPOSITORY
    spec.template.spec.containers.name.env.value:
    quay.io/mongodb/mongodb-enterprise-ops-manager
    

    Example

     1
     2
     3
     4
     5
     6
     7
     8
     9
    10
    11
    12
    13
    spec:
      template:
        spec:
          serviceAccountName: mongodb-enterprise-operator
          containers:
          - name: mongodb-enterprise-operator
            image: <operatorVersionUrl>
            imagePullPolicy: <policyChoice>
            env:
            - name: OPS_MANAGER_IMAGE_REPOSITORY
              value: quay.io/mongodb/mongodb-enterprise-ops-manager
            - name: OPS_MANAGER_IMAGE_PULL_POLICY
              value: Always
    
    OPS_MANAGER_IMAGE_PULL_POLICY

    Pull policy for the Ops Manager images the Kubernetes Operator deploys.

    Accepted values are: Always, IfNotPresent, Never.

    Default value is Always.

    spec.template.spec.containers.name.env.name:
    OPS_MANAGER_IMAGE_PULL_POLICY
    spec.template.spec.containers.name.env.value:
    <policy>
    

    Example

     1
     2
     3
     4
     5
     6
     7
     8
     9
    10
    11
    12
    13
    spec:
      template:
        spec:
          serviceAccountName: mongodb-enterprise-operator
          containers:
          - name: mongodb-enterprise-operator
            image: <operatorVersionUrl>
            imagePullPolicy: <policyChoice>
            env:
            - name: OPS_MANAGER_IMAGE_REPOSITORY
              value: quay.io/mongodb/mongodb-enterprise-ops-manager
            - name: OPS_MANAGER_IMAGE_PULL_POLICY
              value: Always
    
    INIT_OPS_MANAGER_IMAGE_REPOSITORY

    URL of the repository from which the initContainer image that contains Ops Manager start-up scripts and the readiness probe is downloaded.

    Default value is quay.io/mongodb/mongodb-enterprise-ops-manager-init.

    spec.template.spec.containers.name.env.name:
    INIT_OPS_MANAGER_IMAGE_REPOSITORY
    spec.template.spec.containers.name.env.value:
    quay.io/mongodb/mongodb-enterprise-ops-manager-init
    

    Example

     1
     2
     3
     4
     5
     6
     7
     8
     9
    10
    11
    spec:
      template:
        spec:
          serviceAccountName: mongodb-enterprise-operator
          containers:
          - name: mongodb-enterprise-operator
            image: <operatorVersionUrl>
            imagePullPolicy: <policyChoice>
            env:
            - name: INIT_OPS_MANAGER_IMAGE_REPOSITORY
              value: quay.io/mongodb/mongodb-enterprise-ops-manager-init
    
    INIT_OPS_MANAGER_VERSION

    Version of the initContainer image that contains Ops Manager start-up scripts and the readiness probe.

    Default value is latest.

    spec.template.spec.containers.name.env.name:
    INIT_OPS_MANAGER_VERSION
    spec.template.spec.containers.name.env.value:
    latest
    

    Example

     1
     2
     3
     4
     5
     6
     7
     8
     9
    10
    11
    spec:
      template:
        spec:
          serviceAccountName: mongodb-enterprise-operator
          containers:
          - name: mongodb-enterprise-operator
            image: <operatorVersionUrl>
            imagePullPolicy: <policyChoice>
            env:
            - name: INIT_APPDB_VERSION
              value: latest
    
    APPDB_IMAGE_REPOSITORY

    URL of the repository from which the Application Database image is downloaded.

    Default value is quay.io/mongodb/mongodb-enterprise-appdb.

    spec.template.spec.containers.name.env.name:
    APPDB_IMAGE_REPOSITORY
    spec.template.spec.containers.name.env.value:
    quay.io/mongodb/mongodb-enterprise-appdb
    

    Example

     1
     2
     3
     4
     5
     6
     7
     8
     9
    10
    11
    spec:
      template:
        spec:
          serviceAccountName: mongodb-enterprise-operator
          containers:
          - name: mongodb-enterprise-operator
            image: <operatorVersionUrl>
            imagePullPolicy: <policyChoice>
            env:
            - name: APPDB_IMAGE_REPOSITORY
              value: quay.io/mongodb/mongodb-enterprise-appdb
    
    INIT_APPDB_IMAGE_REPOSITORY

    URL of the repository from which the initContainer image that contains Application Database start-up scripts and the readiness probe is downloaded.

    Default value is quay.io/mongodb/mongodb-enterprise-appdb-init.

    spec.template.spec.containers.name.env.name:
    INIT_APPDB_IMAGE_REPOSITORY
    spec.template.spec.containers.name.env.value:
    quay.io/mongodb/mongodb-enterprise-init-appdb
    

    Example

     1
     2
     3
     4
     5
     6
     7
     8
     9
    10
    11
    spec:
      template:
        spec:
          serviceAccountName: mongodb-enterprise-operator
          containers:
          - name: mongodb-enterprise-operator
            image: <operatorVersionUrl>
            imagePullPolicy: <policyChoice>
            env:
            - name: INIT_APPDB_IMAGE_REPOSITORY
              value: quay.io/mongodb/mongodb-enterprise-init-appdb
    
    INIT_APPDB_VERSION

    Version of the initContainer image that contains Ops Manager start-up scripts and the readiness probe.

    Default value is latest.

    spec.template.spec.containers.name.env.name:
    INIT_APPDB_VERSION
    spec.template.spec.containers.name.env.value:
    latest
    

    Example

     1
     2
     3
     4
     5
     6
     7
     8
     9
    10
    11
    spec:
      template:
        spec:
          serviceAccountName: mongodb-enterprise-operator
          containers:
          - name: mongodb-enterprise-operator
            image: <operatorVersionUrl>
            imagePullPolicy: <policyChoice>
            env:
            - name: INIT_APPDB_VERSION
              value: latest
    
4

Upgrade the Kubernetes Operator using the following kubectl command:

kubectl apply -f mongodb-enterprise.yaml
1

Upgrade the Kubernetes Operator using the following helm command:

helm template helm_chart > operator.yaml \
-- values helm_chart/values.yaml
kubectl apply -f operator.yaml

You can customize your Helm Chart before installing it. To modify it, add one or more of the following options to the values.yaml file:

Setting When to Use
namespace

To use a different namespace, you need to specify that namespace.

Default value is: mongodb.

Example

# Name of the Namespace to use
namespace: mongodb
operator.env

Label for the Operator’s deployment environment. The env value affects default timeouts and the format and level of logging.

If operator.env is Log Level is set to Log Format is set to
dev debug text
prod info json

Accepted values are: dev, prod.

Default value is: prod.

Example

operator:
 # Execution environment for the operator, dev or prod. Use dev for more verbose logging
 env: prod
operator.watchNamespace

Namespace that the Operator watches for MongoDB Kubernetes resource changes. If this namespace differs from the default, ensure that the Operator’s ServiceAccount can access that different namespace.

* means all namespaces and requires the ClusterRole assigned to the mongodb-enterprise-operator ServiceAccount which is the ServiceAccount used to run the Kubernetes Operator.

Default value is: <metadata.namespace>.

Important

To watch Ops Manager and MongoDB Kubernetes resources in a different namespace to which you deploy the Kubernetes Operator, see Kubernetes Operator Deployment Scopes for values you must use and additional steps you might have to perform.

Example

operator:
  watchNamespace: *
registry.operator

Repository from which the Kubernetes Operator image is pulled. Specify this value if you want to pull the Kubernetes Operator image from a private repository.

Example

registry:
  operator: quay.io/mongodb
registry.opsManager

Repository from which the Ops Manager image is pulled. Specify this value if you want to pull the Ops Manager image from a private repository.

Example

registry:
  opsManager: quay.io/mongodb
registry.initOpsManager

Repository from which the Ops Manager initContainer image is pulled. This image contains the start-up scripts and readiness probe for Ops Manager.

Specify this value if you want to pull the Ops Manager initContainer image from a private repository.

Example

registry:
  initOpsManager: quay.io/mongodb
registry.appDb

Repository from which the Application Database image is pulled. Specify this value if you want to pull the Ops Manager image from a private repository.

Example

registry:
  appDb: quay.io/mongodb
registry.initAppDb

Repository from which the Application Database initContainer image is pulled. This image contains the start-up scripts and readiness probe for the Application Database.

Specify this value if you want to pull the Application Database initContainer image from a private repository.

Example

registry:
  initAppDb: quay.io/mongodb
operator.watchedResources

Custom resources that the Kubernetes Operator watches.

The Kubernetes Operator installs the CustomResourceDefinitions for and watches only the resources you specify.

Accepted values are:

Value Description
mongodb Install the CustomResourceDefinitions for and watch database resources.
mongodbusers Install the CustomResourceDefinitions for and watch MongoDB user resources.
opsmanagers Install the CustomResourceDefinitions for and watch Ops Manager resources.

Default values are: mongodbusers, mongodb, and opsmanagers.

Example

operator:
  watchedResources:
    - mongodbusers
    - mongodb
    - opsmanagers

Note

You can also pass these values as options when you apply the Helm Chart:

helm template --set namespace=<testNamespace> \
helm_chart > operator.yaml \
-- values helm_chart/values.yaml
kubectl apply -f operator.yaml

To upgrade the Kubernetes Operator on a host not connected to the Internet, you have two options, you can download the Kubernetes Operator files from either:

1

Upgrade the latest version of the Kubernetes Operator with modified pull policy values using the following helm command:

helm template --set registry.pullPolicy=IfNotPresent \
helm_chart > operator.yaml \
-- values helm_chart/values.yaml
kubectl apply -f operator.yaml

You can customize your Helm Chart before installing it. To modify it, add one or more of the following options to the values.yaml file:

Setting When to Use
namespace

To use a different namespace, you need to specify that namespace.

Default value is: mongodb.

Example

# Name of the Namespace to use
namespace: mongodb
operator.env

Label for the Operator’s deployment environment. The env value affects default timeouts and the format and level of logging.

If operator.env is Log Level is set to Log Format is set to
dev debug text
prod info json

Accepted values are: dev, prod.

Default value is: prod.

Example

operator:
 # Execution environment for the operator, dev or prod. Use dev for more verbose logging
 env: prod
operator.watchNamespace

Namespace that the Operator watches for MongoDB Kubernetes resource changes. If this namespace differs from the default, ensure that the Operator’s ServiceAccount can access that different namespace.

* means all namespaces and requires the ClusterRole assigned to the mongodb-enterprise-operator ServiceAccount which is the ServiceAccount used to run the Kubernetes Operator.

Default value is: <metadata.namespace>.

Important

To watch Ops Manager and MongoDB Kubernetes resources in a different namespace to which you deploy the Kubernetes Operator, see Kubernetes Operator Deployment Scopes for values you must use and additional steps you might have to perform.

Example

operator:
  watchNamespace: *
registry.operator

Repository from which the Kubernetes Operator image is pulled. Specify this value if you want to pull the Kubernetes Operator image from a private repository.

Example

registry:
  operator: quay.io/mongodb
registry.opsManager

Repository from which the Ops Manager image is pulled. Specify this value if you want to pull the Ops Manager image from a private repository.

Example

registry:
  opsManager: quay.io/mongodb
registry.initOpsManager

Repository from which the Ops Manager initContainer image is pulled. This image contains the start-up scripts and readiness probe for Ops Manager.

Specify this value if you want to pull the Ops Manager initContainer image from a private repository.

Example

registry:
  initOpsManager: quay.io/mongodb
registry.appDb

Repository from which the Application Database image is pulled. Specify this value if you want to pull the Ops Manager image from a private repository.

Example

registry:
  appDb: quay.io/mongodb
registry.initAppDb

Repository from which the Application Database initContainer image is pulled. This image contains the start-up scripts and readiness probe for the Application Database.

Specify this value if you want to pull the Application Database initContainer image from a private repository.

Example

registry:
  initAppDb: quay.io/mongodb
operator.watchedResources

Custom resources that the Kubernetes Operator watches.

The Kubernetes Operator installs the CustomResourceDefinitions for and watches only the resources you specify.

Accepted values are:

Value Description
mongodb Install the CustomResourceDefinitions for and watch database resources.
mongodbusers Install the CustomResourceDefinitions for and watch MongoDB user resources.
opsmanagers Install the CustomResourceDefinitions for and watch Ops Manager resources.

Default values are: mongodbusers, mongodb, and opsmanagers.

Example

operator:
  watchedResources:
    - mongodbusers
    - mongodb
    - opsmanagers

Note

You can also pass these values as options when you apply the Helm Chart:

helm template --set registry.pullPolicy=IfNotPresent \
--set namespace=<testNamespace> \
helm_chart > operator.yaml \
-- values helm_chart/values.yaml
kubectl apply -f operator.yaml
1

Upgrade the latest version of the Kubernetes Operator with modified pull policy values using the following helm command:

helm template --set registry.pullPolicy=IfNotPresent \
helm_chart > operator.yaml \
-- values helm_chart/values.yaml
kubectl apply -f operator.yaml

You can customize your Helm Chart before installing it. To modify it, add one or more of the following options to the values.yaml file:

Setting When to Use
namespace

To use a different namespace, you need to specify that namespace.

Default value is: mongodb.

Example

# Name of the Namespace to use
namespace: mongodb
operator.env

Label for the Operator’s deployment environment. The env value affects default timeouts and the format and level of logging.

If operator.env is Log Level is set to Log Format is set to
dev debug text
prod info json

Accepted values are: dev, prod.

Default value is: prod.

Example

operator:
 # Execution environment for the operator, dev or prod. Use dev for more verbose logging
 env: prod
operator.watchNamespace

Namespace that the Operator watches for MongoDB Kubernetes resource changes. If this namespace differs from the default, ensure that the Operator’s ServiceAccount can access that different namespace.

* means all namespaces and requires the ClusterRole assigned to the mongodb-enterprise-operator ServiceAccount which is the ServiceAccount used to run the Kubernetes Operator.

Default value is: <metadata.namespace>.

Important

To watch Ops Manager and MongoDB Kubernetes resources in a different namespace to which you deploy the Kubernetes Operator, see Kubernetes Operator Deployment Scopes for values you must use and additional steps you might have to perform.

Example

operator:
  watchNamespace: *
registry.operator

Repository from which the Kubernetes Operator image is pulled. Specify this value if you want to pull the Kubernetes Operator image from a private repository.

Example

registry:
  operator: quay.io/mongodb
registry.opsManager

Repository from which the Ops Manager image is pulled. Specify this value if you want to pull the Ops Manager image from a private repository.

Example

registry:
  opsManager: quay.io/mongodb
registry.initOpsManager

Repository from which the Ops Manager initContainer image is pulled. This image contains the start-up scripts and readiness probe for Ops Manager.

Specify this value if you want to pull the Ops Manager initContainer image from a private repository.

Example

registry:
  initOpsManager: quay.io/mongodb
registry.appDb

Repository from which the Application Database image is pulled. Specify this value if you want to pull the Ops Manager image from a private repository.

Example

registry:
  appDb: quay.io/mongodb
registry.initAppDb

Repository from which the Application Database initContainer image is pulled. This image contains the start-up scripts and readiness probe for the Application Database.

Specify this value if you want to pull the Application Database initContainer image from a private repository.

Example

registry:
  initAppDb: quay.io/mongodb
operator.watchedResources

Custom resources that the Kubernetes Operator watches.

The Kubernetes Operator installs the CustomResourceDefinitions for and watches only the resources you specify.

Accepted values are:

Value Description
mongodb Install the CustomResourceDefinitions for and watch database resources.
mongodbusers Install the CustomResourceDefinitions for and watch MongoDB user resources.
opsmanagers Install the CustomResourceDefinitions for and watch Ops Manager resources.

Default values are: mongodbusers, mongodb, and opsmanagers.

Example

operator:
  watchedResources:
    - mongodbusers
    - mongodb
    - opsmanagers

Note

You can also pass these values as options when you apply the Helm Chart:

helm template --set registry.pullPolicy=IfNotPresent \
--set namespace=<testNamespace> \
helm_chart > operator.yaml \
-- values helm_chart/values.yaml
kubectl apply -f operator.yaml
1

Change to the directory in which you cloned the repository.

2

Upgrade the CustomResourceDefinitions for MongoDB deployments using the following oc command:

oc apply -f crds.yaml
3

You can edit the Operator YAML file to further customize your Operator before upgrading it.

  1. Open your mongodb-enterprise-openshift.yaml in your preferred text editor.

  2. You must add your <openshift-pull-secret> to the ServiceAccount definitions:

    ---
    # Source: mongodb-enterprise-operator/templates/serviceaccount.yaml
    ---
    apiVersion: v1
    kind: ServiceAccount
    metadata:
      name: enterprise-operator
    
      namespace: mongodb
    
    imagePullSecrets:
     - name: <openshift-pull-secret>
    
    ---
    apiVersion: v1
    kind: ServiceAccount
    metadata:
      name: mongodb-enterprise-appdb
    
      namespace: mongodb
    
    imagePullSecrets:
     - name: <openshift-pull-secret>
    
    ---
    apiVersion: v1
    kind: ServiceAccount
    metadata:
      name: mongodb-enterprise-database-pods
    
      namespace: mongodb
    
    imagePullSecrets:
     - name: <openshift-pull-secret>
    
  3. You may need to add one or more of the following options:

Environment Variable When to Use
OPERATOR_ENV

Label for the Operator’s deployment environment. The env value affects default timeouts and the format and level of logging.

If OPERATOR_ENV is Log Level is set to Log Format is set to
dev debug text
prod info json

Accepted values are: dev, prod.

Default value is: prod.

You can set the following pair of values:

spec.template.spec.containers.name.env.name: OPERATOR_ENV
spec.template.spec.containers.name.env.value: prod

Example

spec:
  template:
    spec:
      serviceAccountName: mongodb-enterprise-operator
      containers:
      - name: mongodb-enterprise-operator
        image: <operatorVersionUrl>
        imagePullPolicy: <policyChoice>
        env:
        - name: OPERATOR_ENV
          value: prod
WATCH_NAMESPACE

Namespace that the Operator watches for MongoDB Kubernetes resource changes. If this namespace differs from the default, ensure that the Operator’s ServiceAccount can access that different namespace.

* means all namespaces and requires the ClusterRole assigned to the mongodb-enterprise-operator ServiceAccount which is the ServiceAccount used to run the Kubernetes Operator.

Default value is: <metadata.namespace>.

Important

To watch Ops Manager and MongoDB Kubernetes resources in a different namespace to which you deploy the Kubernetes Operator, see Kubernetes Operator Deployment Scopes for values you must use and additional steps you might have to perform.

You can set the following pair of values:

spec.template.spec.containers.name.env.name: WATCH_NAMESPACE
spec.template.spec.containers.name.env.value: "<testNamespace>"

Example

spec:
  template:
    spec:
      serviceAccountName: enterprise-operator
      containers:
      - name: enterprise-operator
        image: <operatorVersionUrl>
        imagePullPolicy: <policyChoice>
        env:
        - name: WATCH_NAMESPACE
          value: "<testNamespace>"
MONGODB_ENTERPRISE_DATABASE_IMAGE

URL of the MongoDB Enterprise Database image the Kubernetes Operator deploys.

Default value is registry.connect.redhat.com/mongodb/mongodb-enterprise-database.

spec.template.spec.containers.name.env.name:
MONGODB_ENTERPRISE_DATABASE_IMAGE
spec.template.spec.containers.name.env.value:
registry.connect.redhat.com/mongodb/mongodb-enterprise-database

Example

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
spec:
  template:
    spec:
      serviceAccountName: mongodb-enterprise-operator
      containers:
      - name: mongodb-enterprise-operator
        image: <operatorVersionUrl>
        imagePullPolicy: <policyChoice>
        env:
        - name: MONGODB_ENTERPRISE_DATABASE_IMAGE
          value: registry.connect.redhat.com/mongodb/mongodb-enterprise-database
        - name: IMAGE_PULL_POLICY
          value: Always
IMAGE_PULL_POLICY

Pull policy for the MongoDB Enterprise database image the Kubernetes Operator deploys.

Accepted values are Always, IfNotPresent, Never.

Default value is Always.

spec.template.spec.containers.name.env.name:
IMAGE_PULL_POLICY
spec.template.spec.containers.name.env.value:
<policy>

Example

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
spec:
  template:
    spec:
      serviceAccountName: mongodb-enterprise-operator
      containers:
      - name: mongodb-enterprise-operator
        image: <operatorVersionUrl>
        imagePullPolicy: <policyChoice>
        env:
        - name: MONGODB_ENTERPRISE_DATABASE_IMAGE
          value: registry.connect.redhat.com/mongodb/mongodb-enterprise-database
        - name: IMAGE_PULL_POLICY
          value: Always
OPS_MANAGER_IMAGE_REPOSITORY

URL of the repository from which the image for an Ops Manager resource is downloaded.

Default value is registry.connect.redhat.com/mongodb/mongodb-enterprise-ops-manager.

spec.template.spec.containers.name.env.name:
OPS_MANAGER_IMAGE_REPOSITORY
spec.template.spec.containers.name.env.value:
registry.connect.redhat.com/mongodb/mongodb-enterprise-ops-manager

Example

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
spec:
  template:
    spec:
      serviceAccountName: enterprise-operator
      containers:
      - name: enterprise-operator
        image: <operatorVersionUrl>
        imagePullPolicy: <policyChoice>
        env:
        - name: OPS_MANAGER_IMAGE_REPOSITORY
          value: registry.connect.redhat.com/mongodb/mongodb-enterprise-ops-manager
        - name: OPS_MANAGER_IMAGE_PULL_POLICY
          value: Always
OPS_MANAGER_IMAGE_PULL_POLICY

Pull policy for the image deployed to an Ops Manager resource.

Accepted values are Always, IfNotPresent, Never.

Default value is Always.

spec.template.spec.containers.name.env.name:
OPS_MANAGER_IMAGE_PULL_POLICY
spec.template.spec.containers.name.env.value:
<policy>

Example

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
spec:
  template:
    spec:
      serviceAccountName: enterprise-operator
      containers:
      - name: enterprise-operator
        image: <operatorVersionUrl>
        imagePullPolicy: <policyChoice>
        env:
        - name: OPS_MANAGER_IMAGE_REPOSITORY
          value: registry.connect.redhat.com/mongodb/mongodb-enterprise-ops-manager
        - name: OPS_MANAGER_IMAGE_PULL_POLICY
          value: Always
INIT_OPS_MANAGER_IMAGE_REPOSITORY

URL of the repository from which the initContainer image that contains Ops Manager start-up scripts and the readiness probe is downloaded.

Default value is registry.connect.redhat.com/mongodb/mongodb-enterprise-ops-manager-init.

spec.template.spec.containers.name.env.name:
INIT_OPS_MANAGER_IMAGE_REPOSITORY
spec.template.spec.containers.name.env.value:
registry.connect.redhat.com/mongodb/mongodb-enterprise-ops-manager-init

Example

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
spec:
  template:
    spec:
      serviceAccountName: mongodb-enterprise-operator
      containers:
      - name: mongodb-enterprise-operator
        image: <operatorVersionUrl>
        imagePullPolicy: <policyChoice>
        env:
        - name: INIT_OPS_MANAGER_IMAGE_REPOSITORY
          value: registry.connect.redhat.com/mongodb/mongodb-enterprise-ops-manager-init
INIT_OPS_MANAGER_VERSION

Version of the initContainer image that contains Ops Manager start-up scripts and the readiness probe.

Default value is latest.

spec.template.spec.containers.name.env.name:
INIT_OPS_MANAGER_VERSION
spec.template.spec.containers.name.env.value:
latest

Example

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
spec:
  template:
    spec:
      serviceAccountName: mongodb-enterprise-operator
      containers:
      - name: mongodb-enterprise-operator
        image: <operatorVersionUrl>
        imagePullPolicy: <policyChoice>
        env:
        - name: INIT_APPDB_VERSION
          value: latest
APPDB_IMAGE_REPOSITORY

URL of the repository from which the Application Database image is downloaded.

Default value is registry.connect.redhat.com/mongodb/mongodb-enterprise-appdb.

spec.template.spec.containers.name.env.name:
APPDB_IMAGE_REPOSITORY
spec.template.spec.containers.name.env.value:
registry.connect.redhat.com/mongodb/mongodb-enterprise-appdb

Example

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
spec:
  template:
    spec:
      serviceAccountName: mongodb-enterprise-operator
      containers:
      - name: mongodb-enterprise-operator
        image: <operatorVersionUrl>
        imagePullPolicy: <policyChoice>
        env:
        - name: APPDB_IMAGE_REPOSITORY
          value: registry.connect.redhat.com/mongodb/mongodb-enterprise-appdb
INIT_APPDB_IMAGE_REPOSITORY

URL of the repository from which the initContainer image that contains Application Database start-up scripts and the readiness probe is downloaded.

Default value is registry.connect.redhat.com/mongodb/mongodb-enterprise-appdb-init.

spec.template.spec.containers.name.env.name:
INIT_APPDB_IMAGE_REPOSITORY
spec.template.spec.containers.name.env.value:
registry.connect.redhat.com/mongodb/mongodb-enterprise-init-appdb

Example

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
spec:
  template:
    spec:
      serviceAccountName: mongodb-enterprise-operator
      containers:
      - name: mongodb-enterprise-operator
        image: <operatorVersionUrl>
        imagePullPolicy: <policyChoice>
        env:
        - name: INIT_APPDB_IMAGE_REPOSITORY
          value: registry.connect.redhat.com/mongodb/mongodb-enterprise-init-appdb
INIT_APPDB_VERSION

Version of the initContainer image that contains Ops Manager start-up scripts and the readiness probe.

Default value is latest.

spec.template.spec.containers.name.env.name:
INIT_APPDB_VERSION
spec.template.spec.containers.name.env.value:
latest

Example

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
spec:
  template:
    spec:
      serviceAccountName: mongodb-enterprise-operator
      containers:
      - name: mongodb-enterprise-operator
        image: <operatorVersionUrl>
        imagePullPolicy: <policyChoice>
        env:
        - name: INIT_APPDB_VERSION
          value: latest
4

Upgrade the Kubernetes Operator using the following oc command:

oc apply -f mongodb-enterprise-openshift.yaml
1

Upgrade the Kubernetes Operator using the following helm command:

helm template helm_chart > operator.yaml \
-- values helm_chart/values-openshift.yaml
oc apply -f operator.yaml

You can customize your Helm Chart before installing it. To modify it, add one or more of the following options to the values-openshift.yaml file:

Setting When to Use
registry.imagePullSecrets

secret that contains the credentials required to pull imagePullSecrets from the repository.

Important

This setting is mandatory for OpenShift installs. You must either define it in this file or pass it when you install the Kubernetes Operator using Helm.

Example

registry:
  imagePullSecrets: <openshift-pull-secret>
registry.operator

Repository from which the Kubernetes Operator image is pulled. Specify this value if you want to pull the Kubernetes Operator image from a private repository.

Example

registry:
  operator: registry.connect.redhat.com/mongodb
registry.opsManager

Repository from which the Ops Manager image is pulled. Specify this value if you want to pull the Ops Manager image from a private repository.

Example

registry:
  opsManager: registry.connect.redhat.com/mongodb
registry.initOpsManager

Repository from which the Ops Manager initContainer image is pulled. This image contains the start-up scripts and readiness probe for Ops Manager.

Specify this value if you want to pull the Ops Manager initContainer image from a private repository.

Example

registry:
  initOpsManager: registry.connect.redhat.com/mongodb
registry.appDb

Repository from which the Application Database image is pulled. Specify this value if you want to pull the Ops Manager image from a private repository.

Example

registry:
  appDb: registry.connect.redhat.com/mongodb
registry.initAppDb

Repository from which the Application Database initContainer image is pulled. This image contains the start-up scripts and readiness probe for the Application Database.

Specify this value if you want to pull the Application Database initContainer image from a private repository.

Example

registry:
  initAppDb: registry.connect.redhat.com/mongodb
namespace

To use a different namespace, you need to specify that namespace.

Default value is: mongodb.

Example

# Name of the Namespace to use
namespace: mongodb
operator.env

Label for the Operator’s deployment environment. The env value affects default timeouts and the format and level of logging.

If operator.env is Log Level is set to Log Format is set to
dev debug text
prod info json

Accepted values are: dev, prod.

Default value is: prod.

Example

operator:
 # Execution environment for the operator, dev or prod. Use dev for more verbose logging
 env: prod
operator.watchNamespace

Namespace that the Operator watches for MongoDB Kubernetes resource changes. If this namespace differs from the default, ensure that the Operator’s ServiceAccount can access that different namespace.

* means all namespaces and requires the ClusterRole assigned to the mongodb-enterprise-operator ServiceAccount which is the ServiceAccount used to run the Kubernetes Operator.

Default value is: <metadata.namespace>.

Important

To watch Ops Manager and MongoDB Kubernetes resources in a different namespace to which you deploy the Kubernetes Operator, see Kubernetes Operator Deployment Scopes for values you must use and additional steps you might have to perform.

Example

operator:
  watchNamespace: *
operator.watchedResources

Custom resources that the Kubernetes Operator watches.

The Kubernetes Operator installs the CustomResourceDefinitions for and watches only the resources you specify.

Accepted values are:

Value Description
mongodb Install the CustomResourceDefinitions for and watch database resources.
mongodbusers Install the CustomResourceDefinitions for and watch MongoDB user resources.
opsmanagers Install the CustomResourceDefinitions for and watch Ops Manager resources.

Default values are: mongodbusers, mongodb, and opsmanagers.

Example

operator:
  watchedResources:
    - mongodbusers
    - mongodb
    - opsmanagers

Note

You can also pass these values as options when you apply the Helm Chart:

helm template --set registry.imagePullSecrets=<openshift-pull-secret> \
helm_chart > operator.yaml \
-- values helm_chart/values-openshift.yaml
oc apply -f operator.yaml

To upgrade the Kubernetes Operator on a host not connected to the Internet, you have two options, you can download the Kubernetes Operator files from either:

1

Upgrade the latest version of the Kubernetes Operator with modified pull policy values using the following helm command:

helm template --set registry.pullPolicy=IfNotPresent \
--set registry.imagePullSecrets=<openshift-pull-secret> \
helm_chart > operator.yaml \
-- values helm_chart/values-openshift.yaml
oc apply -f operator.yaml

You can customize your Helm Chart before installing it. To modify it, add one or more of the following options to the values-openshift.yaml file:

Setting When to Use
registry.imagePullSecrets

secret that contains the credentials required to pull imagePullSecrets from the repository.

Important

This setting is mandatory for OpenShift installs. You must either define it in this file or pass it when you install the Kubernetes Operator using Helm.

Example

registry:
  imagePullSecrets: <openshift-pull-secret>
registry.operator

Repository from which the Kubernetes Operator image is pulled. Specify this value if you want to pull the Kubernetes Operator image from a private repository.

Example

registry:
  operator: registry.connect.redhat.com/mongodb
registry.opsManager

Repository from which the Ops Manager image is pulled. Specify this value if you want to pull the Ops Manager image from a private repository.

Example

registry:
  opsManager: registry.connect.redhat.com/mongodb
registry.initOpsManager

Repository from which the Ops Manager initContainer image is pulled. This image contains the start-up scripts and readiness probe for Ops Manager.

Specify this value if you want to pull the Ops Manager initContainer image from a private repository.

Example

registry:
  initOpsManager: registry.connect.redhat.com/mongodb
registry.appDb

Repository from which the Application Database image is pulled. Specify this value if you want to pull the Ops Manager image from a private repository.

Example

registry:
  appDb: registry.connect.redhat.com/mongodb
registry.initAppDb

Repository from which the Application Database initContainer image is pulled. This image contains the start-up scripts and readiness probe for the Application Database.

Specify this value if you want to pull the Application Database initContainer image from a private repository.

Example

registry:
  initAppDb: registry.connect.redhat.com/mongodb
namespace

To use a different namespace, you need to specify that namespace.

Default value is: mongodb.

Example

# Name of the Namespace to use
namespace: mongodb
operator.env

Label for the Operator’s deployment environment. The env value affects default timeouts and the format and level of logging.

If operator.env is Log Level is set to Log Format is set to
dev debug text
prod info json

Accepted values are: dev, prod.

Default value is: prod.

Example

operator:
 # Execution environment for the operator, dev or prod. Use dev for more verbose logging
 env: prod
operator.watchNamespace

Namespace that the Operator watches for MongoDB Kubernetes resource changes. If this namespace differs from the default, ensure that the Operator’s ServiceAccount can access that different namespace.

* means all namespaces and requires the ClusterRole assigned to the mongodb-enterprise-operator ServiceAccount which is the ServiceAccount used to run the Kubernetes Operator.

Default value is: <metadata.namespace>.

Important

To watch Ops Manager and MongoDB Kubernetes resources in a different namespace to which you deploy the Kubernetes Operator, see Kubernetes Operator Deployment Scopes for values you must use and additional steps you might have to perform.

Example

operator:
  watchNamespace: *
operator.watchedResources

Custom resources that the Kubernetes Operator watches.

The Kubernetes Operator installs the CustomResourceDefinitions for and watches only the resources you specify.

Accepted values are:

Value Description
mongodb Install the CustomResourceDefinitions for and watch database resources.
mongodbusers Install the CustomResourceDefinitions for and watch MongoDB user resources.
opsmanagers Install the CustomResourceDefinitions for and watch Ops Manager resources.

Default values are: mongodbusers, mongodb, and opsmanagers.

Example

operator:
  watchedResources:
    - mongodbusers
    - mongodb
    - opsmanagers

Note

You can also pass these values as options when you apply the Helm Chart:

helm template --set registry.pullPolicy=IfNotPresent \
--set registry.imagePullSecrets=<openshift-pull-secret> \
--set namespace=<testNamespace> \
helm_chart > operator.yaml \
-- values helm_chart/values-openshift.yaml
oc apply -f operator.yaml
1

Upgrade the latest version of the Kubernetes Operator with modified pull policy values using the following helm command:

helm template --set registry.pullPolicy=IfNotPresent \
--set registry.imagePullSecrets=<openshift-pull-secret> \
helm_chart > operator.yaml \
-- values helm_chart/values-openshift.yaml
oc apply -f operator.yaml

You can customize your Helm Chart before installing it. To modify it, add one or more of the following options to the values-openshift.yaml file:

Setting When to Use
registry.imagePullSecrets

secret that contains the credentials required to pull imagePullSecrets from the repository.

Important

This setting is mandatory for OpenShift installs. You must either define it in this file or pass it when you install the Kubernetes Operator using Helm.

Example

registry:
  imagePullSecrets: <openshift-pull-secret>
registry.operator

Repository from which the Kubernetes Operator image is pulled. Specify this value if you want to pull the Kubernetes Operator image from a private repository.

Example

registry:
  operator: registry.connect.redhat.com/mongodb
registry.opsManager

Repository from which the Ops Manager image is pulled. Specify this value if you want to pull the Ops Manager image from a private repository.

Example

registry:
  opsManager: registry.connect.redhat.com/mongodb
registry.initOpsManager

Repository from which the Ops Manager initContainer image is pulled. This image contains the start-up scripts and readiness probe for Ops Manager.

Specify this value if you want to pull the Ops Manager initContainer image from a private repository.

Example

registry:
  initOpsManager: registry.connect.redhat.com/mongodb
registry.appDb

Repository from which the Application Database image is pulled. Specify this value if you want to pull the Ops Manager image from a private repository.

Example

registry:
  appDb: registry.connect.redhat.com/mongodb
registry.initAppDb

Repository from which the Application Database initContainer image is pulled. This image contains the start-up scripts and readiness probe for the Application Database.

Specify this value if you want to pull the Application Database initContainer image from a private repository.

Example

registry:
  initAppDb: registry.connect.redhat.com/mongodb
namespace

To use a different namespace, you need to specify that namespace.

Default value is: mongodb.

Example

# Name of the Namespace to use
namespace: mongodb
operator.env

Label for the Operator’s deployment environment. The env value affects default timeouts and the format and level of logging.

If operator.env is Log Level is set to Log Format is set to
dev debug text
prod info json

Accepted values are: dev, prod.

Default value is: prod.

Example

operator:
 # Execution environment for the operator, dev or prod. Use dev for more verbose logging
 env: prod
operator.watchNamespace

Namespace that the Operator watches for MongoDB Kubernetes resource changes. If this namespace differs from the default, ensure that the Operator’s ServiceAccount can access that different namespace.

* means all namespaces and requires the ClusterRole assigned to the mongodb-enterprise-operator ServiceAccount which is the ServiceAccount used to run the Kubernetes Operator.

Default value is: <metadata.namespace>.

Important

To watch Ops Manager and MongoDB Kubernetes resources in a different namespace to which you deploy the Kubernetes Operator, see Kubernetes Operator Deployment Scopes for values you must use and additional steps you might have to perform.

Example

operator:
  watchNamespace: *
operator.watchedResources

Custom resources that the Kubernetes Operator watches.

The Kubernetes Operator installs the CustomResourceDefinitions for and watches only the resources you specify.

Accepted values are:

Value Description
mongodb Install the CustomResourceDefinitions for and watch database resources.
mongodbusers Install the CustomResourceDefinitions for and watch MongoDB user resources.
opsmanagers Install the CustomResourceDefinitions for and watch Ops Manager resources.

Default values are: mongodbusers, mongodb, and opsmanagers.

Example

operator:
  watchedResources:
    - mongodbusers
    - mongodb
    - opsmanagers

Note

You can also pass these values as options when you apply the Helm Chart:

helm template --set registry.pullPolicy=IfNotPresent \
--set registry.imagePullSecrets=<openshift-pull-secret> \
--set namespace=<testNamespace> \
helm_chart > operator.yaml \
-- values helm_chart/values-openshift.yaml
oc apply -f operator.yaml

To troubleshoot your Kubernetes Operator, see Review Logs from the Kubernetes Operator.

Important

If you need to remove the Kubernetes Operator or the namespace, you first must remove MongoDB resources.

Recreate MongoDB Resources and Delete the Version 0.9 CRDs

  1. After you upgrade the Kubernetes Operator, verify you have four CRDs by running the following command:

    kubectl get crds
    

    The following output contains the new mongodb.mongodb.com CRD and the version 0.9 CRDs:

    NAME                                 CREATED AT
    mongodb.mongodb.com                  2019-03-27T19:30:09Z
    mongodbreplicasets.mongodb.com       2018-12-07T18:25:42Z
    mongodbshardedclusters.mongodb.com   2018-12-07T18:25:42Z
    mongodbstandalones.mongodb.com       2018-12-07T18:25:42Z
    
  2. Remove the old resources from Kubernetes.

    Important

    Removing MongoDB resources will remove the database server pods and drop any client connections to the database. Connections are reestablished when the new MongoDB resources are created in Kubernetes.

    Run each of the following commands to remove all MongoDB resources:

    kubectl delete mst --all
    
    kubectl delete mrs --all
    
    kubectl delete msc --all
    

    Note

    MongoDB resources that have persistent: true set in their .yaml configuration file will not lose data as it is stored in persistent volumes. The previous command only deletes pods containing MongoDB and not the persistent volumes containing the data. Persistent volume claims referencing persistent volumes stay alive and are reused by the new MongoDB resources.

  3. Create the MongoDB resources again.

    Use the .yaml resource configuration file to recreate each resource:

    kubectl apply -f <resource-conf>.yaml
    

    Note

    If the old resources had persistent: true set and the metadata.name haven’t changed, the new MongoDB pods will reuse the data from the old pods.

    Run the following command to check the status of each resource and verify that the phase reaches the Running status:

    kubectl get mdb <resource-name> -o yaml -w
    

    For an example of this command’s output, see Get Status of a Deployed Resource.

  1. Delete the old CRDs.

    Once all the resources are up and running, delete all of the v0.9 CRDs as the Kubernetes Operator no longer watches them:

    kubectl delete crd mongodbreplicasets.mongodb.com
    
    kubectl delete crd mongodbshardedclusters.mongodb.com
    
    kubectl delete crd mongodbstandalones.mongodb.com
    

    Run the following command to verify the old CRDs were removed:

    kubectl get crds
    

    The output of the command above should look similar to the following:

    NAME                  CREATED AT
    mongodb.mongodb.com   2019-03-27T19:30:09Z
    

Once the version 0.9 CustomResourceDefinitions are deleted, the MongoDB Enterprise Kubernetes Operator upgrade is complete.

Troubleshooting

To troubleshoot your Kubernetes Operator, see Review Logs from the Kubernetes Operator.

Important

If you need to remove the Kubernetes Operator or the namespace, you first must remove MongoDB resources.