Navigation

Upgrade the MongoDB Enterprise Kubernetes Operator

The following procedure outlines how to upgrade the Kubernetes Operator to its latest version.

Upgrading to version 1.11.0 and later

Starting in Kubernetes Operator version 1.11.0, you must migrate all deployed MongoDBOpsManager custom resources to a specified MongoDB version.

The following steps depend on how your environment is configured:

1

Change to the directory in which you cloned the repository.

2

Upgrade the CustomResourceDefinitions for MongoDB deployments.

Invoke the following kubectl command:

kubectl replace -f crds.yaml
3

Optional: Customize the Kubernetes Operator YAML before upgrading it.

To learn about optional Kubernetes Operator installation settings, see Operator kubectl and oc Installation Settings.

4

If all of the following are true, provide the name of the ConfigMap for your TLS CA with the spec.security.tls.ca setting:

  • You secure your Ops Manager deployment using TLS certificates.
  • You sign your TLS certificates using a custom CA.
  • You want to upgrade the Kubernetes Operator from a version earlier than 1.7.1 to version 1.7.1 or later.

Use the following command to add the spec.security.tls.ca setting to your Ops Manager resource definition:

kubectl patch opsmanagers/<opsmgr-resource-metadata.name> \
    --patch '{"spec": {"security": {"tls": {"ca": "<ca-configmap>"}}}}' \
    --type merge
5

Upgrade to the new version of the Kubernetes Operator.

Invoke the following kubectl command:

kubectl apply -f mongodb-enterprise.yaml
1

Change to the directory in which you cloned the repository.

2

Upgrade the CustomResourceDefinitions for MongoDB deployments.

Invoke the following kubectl command:

kubectl replace -f crds.yaml
3

If all of the following are true, provide the name of the ConfigMap for your TLS CA with the spec.security.tls.ca setting:

  • You secure your Ops Manager deployment using TLS certificates.
  • You sign your TLS certificates using a custom CA.
  • You want to upgrade the Kubernetes Operator from a version earlier than 1.7.1 to version 1.7.1 or later.

Use the following command to add the spec.security.tls.ca setting to your Ops Manager resource definition:

kubectl patch opsmanagers/<opsmgr-resource-metadata.name> \
    --patch '{"spec": {"security": {"tls": {"ca": "<ca-configmap>"}}}}' \
    --type merge
4

Optional: Customize your Helm Chart before upgrading it.

To learn about optional Kubernetes Operator installation settings, see Operator Helm Installation Settings.

5

Upgrade the Kubernetes Operator.

Invoke the following helm command:

helm upgrade <chart-name> helm_chart \
     --values helm_chart/values.yaml

To upgrade the Kubernetes Operator on a host not connected to the Internet:

1

Change to the directory in which you cloned the repository.

2

Upgrade the CustomResourceDefinitions for MongoDB deployments.

Invoke the following kubectl command:

kubectl replace -f crds.yaml
3

If all of the following are true, provide the name of the ConfigMap for your TLS CA with the spec.security.tls.ca setting:

  • You secure your Ops Manager deployment using TLS certificates.
  • You sign your TLS certificates using a custom CA.
  • You want to upgrade the Kubernetes Operator from a version earlier than 1.7.1 to version 1.7.1 or later.

Use the following command to add the spec.security.tls.ca setting to your Ops Manager resource definition:

kubectl patch opsmanagers/<opsmgr-resource-metadata.name> \
    --patch '{"spec": {"security": {"tls": {"ca": "<ca-configmap>"}}}}' \
    --type merge
4

Optional: Customize your Helm Chart before upgrading it.

To learn about optional Kubernetes Operator installation settings, see Operator Helm Installation Settings.

5

Upgrade to the latest version of the Kubernetes Operator.

Invoke the following helm command to upgrade with modified pull policy values:

helm upgrade <chart-name> helm_chart \
     --values helm_chart/values.yaml \
     --set registry.pullPolicy=IfNotPresent
1

Change to the directory in which you cloned the repository.

2

Upgrade the CustomResourceDefinitions for MongoDB deployments.

OpenShift 3.11 or earlier

If you run OpenShift 3.11 or earlier, you must first manually edit the CustomResourceDefinitions to remove subresources. In each CustomResourceDefinition, remove the following option:

spec:
  subresources:
    status: {}

Invoke the following oc command:

oc replace -f crds.yaml
3

Optional: Customize the Kubernetes Operator YAML before upgrading it.

To learn about optional Kubernetes Operator installation settings, see Operator kubectl and oc Installation Settings.

4

If all of the following are true, provide the name of the ConfigMap for your TLS CA with the spec.security.tls.ca setting:

  • You secure your Ops Manager deployment using TLS certificates.
  • You sign your TLS certificates using a custom CA.
  • You want to upgrade the Kubernetes Operator from a version earlier than 1.7.1 to version 1.7.1 or later.

Use the following command to add the spec.security.tls.ca setting to your Ops Manager resource definition:

oc patch opsmanagers/<opsmgr-resource-metadata.name> \
    --patch '{"spec": {"security": {"tls": {"ca": "<ca-configmap>"}}}}' \
    --type merge
5

Upgrade to the new version of the Kubernetes Operator.

Invoke the following oc command:

oc apply -f mongodb-enterprise-openshift.yaml
1

Change to the directory in which you cloned the repository.

2

Upgrade the CustomResourceDefinitions for MongoDB deployments.

OpenShift 3.11 or earlier

If you run OpenShift 3.11 or earlier, you must first manually edit the CustomResourceDefinitions to remove subresources. In each CustomResourceDefinition, remove the following option:

spec:
  subresources:
    status: {}

Invoke the following oc command:

oc replace -f crds.yaml
3

If all of the following are true, provide the name of the ConfigMap for your TLS CA with the spec.security.tls.ca setting:

  • You secure your Ops Manager deployment using TLS certificates.
  • You sign your TLS certificates using a custom CA.
  • You want to upgrade the Kubernetes Operator from a version earlier than 1.7.1 to version 1.7.1 or later.

Use the following command to add the spec.security.tls.ca setting to your Ops Manager resource definition:

oc patch opsmanagers/<opsmgr-resource-metadata.name> \
    --patch '{"spec": {"security": {"tls": {"ca": "<ca-configmap>"}}}}' \
    --type merge
4

Optional: Customize your Helm Chart before upgrading it.

To learn about optional Kubernetes Operator installation settings, see Operator Helm Installation Settings.

5

Upgrade the Kubernetes Operator.

Invoke the following helm command:

helm upgrade <chart-name> helm_chart \
      --values helm_chart/values-openshift.yaml

To upgrade the Kubernetes Operator on a host not connected to the Internet:

1

Change to the directory in which you cloned the repository.

2

Upgrade the CustomResourceDefinitions for MongoDB deployments.

OpenShift 3.11 or earlier

If you run OpenShift 3.11 or earlier, you must first manually edit the CustomResourceDefinitions to remove subresources. In each CustomResourceDefinition, remove the following option:

spec:
  subresources:
    status: {}

Invoke the following oc command:

oc replace -f crds.yaml
3

If all of the following are true, provide the name of the ConfigMap for your TLS CA with the spec.security.tls.ca setting:

  • You secure your Ops Manager deployment using TLS certificates.
  • You sign your TLS certificates using a custom CA.
  • You want to upgrade the Kubernetes Operator from a version earlier than 1.7.1 to version 1.7.1 or later.

Use the following command to add the spec.security.tls.ca setting to your Ops Manager resource definition:

oc patch opsmanagers/<opsmgr-resource-metadata.name> \
    --patch '{"spec": {"security": {"tls": {"ca": "<ca-configmap>"}}}}' \
    --type merge
4

Optional: Customize your Helm Chart before upgrading it.

To learn about optional Kubernetes Operator installation settings, see Operator Helm Installation Settings.

5

Upgrade to the latest version of the Kubernetes Operator.

Invoke the following helm command with modified pull policy values:

helm upgrade <chart-name> helm_chart \
     --values helm_chart/values-openshift.yaml \
     --set registry.pullPolicy=IfNotPresent \
     --set registry.imagePullSecrets=<openshift-pull-secret>

To troubleshoot your Kubernetes Operator, see Review Logs from the Kubernetes Operator and other troubleshooting topics.

Important

If you need to remove the Kubernetes Operator or the namespace, you first must remove MongoDB resources.