- Install and Configure the Kubernetes Operator >
- Install the MongoDB Enterprise Kubernetes Operator
Install the MongoDB Enterprise Kubernetes Operator¶
Prerequisites and Considerations¶
Before you install the Kubernetes Operator, make sure you plan for your installation:
- Choose a deployment topology.
- Read the Considerations.
- Complete the Prerequisites.
Note
This tutorial presumes some knowledge of Kubernetes, but does link to relevant Kubernetes documentation where possible. If you are unfamiliar with Kubernetes, please review that documentation first.
Procedure¶
The following steps vary depending on how you want to configure your environment:
- Kubernetes
- OpenShift
- Online using kubectl
- Online using Helm
- Offline using Helm and Docker
Use the same namespace throughout
The following examples assume that you created a namespace
using the default Kubernetes Operator namespace of mongodb
.
If you specified a different label for your namespace when
you created it, change all
values for metadata.namespace
to that namespace.
To change the label for the namespace for the following
deployment to production
, edit all values for
metadata.namespace
in mongodb-enterprise.yaml
:
Change to the directory in which you cloned the repository.¶
Install the CustomResourceDefinitions for MongoDB deployments using the following kubectl
command:¶
You can edit the Operator YAML file to further customize your Operator before installing it.¶
Open your
mongodb-enterprise.yaml
in your preferred text editor.You may need to add one or more of the following options:
Environment Variable When to Use OPERATOR_ENV
Label for the Operator’s deployment environment. The
env
value affects default timeouts and the format and level of logging.If OPERATOR_ENV
isLog Level is set to Log Format is set to dev
debug text prod
info json Accepted values are:
dev
,prod
.Default value is:
prod
.You can set the following pair of values:
Example
WATCH_NAMESPACE
Namespace that the Operator watches for MongoDB Kubernetes resource changes. If this namespace differs from the default, ensure that the Operator’s ServiceAccount can access that different namespace.
*
means all namespaces and requires the ClusterRole assigned to themongodb-enterprise-operator
ServiceAccount which is the ServiceAccount used to run the Kubernetes Operator.Default value is:
<metadata.namespace>
.Important
To watch Ops Manager and MongoDB Kubernetes resources in a different namespace to which you deploy the Kubernetes Operator, see Kubernetes Operator Deployment Scopes for values you must use and additional steps you might have to perform.
You can set the following pair of values:
Example
OPS_MANAGER_IMAGE_REPOSITORY
URL of the repository from which the image for an Ops Manager resource is downloaded.
Default value is:
quay.io/mongodb/mongodb-enterprise-ops-manager
Example
OPS_MANAGER_IMAGE_PULL_POLICY
Pull policy for the image deployed to an Ops Manager resource.
Accepted values are:
Always
,IfNotPresent
,Never
Default value is:
Always
Example
MANAGED_SECURITY_CONTEXT
Flag that determines if the Kubernetes Operator inherits the
securityContext
settings that your Kubernetes cluster manages.Set this field to
true
if you want to run the Kubernetes Operator in OpenShift or in a restrictive environment.Default value is
false
.Example
If you have not already installed Helm, follow the instructions on GitHub to install it.
Change to the directory in which you cloned the repository.¶
Install the Kubernetes Operator using the following helm
command:¶
You can customize your Helm Chart before installing it. To modify it,
add one or more of the following options to the values.yaml
file:
Setting | When to Use | |||||||||
---|---|---|---|---|---|---|---|---|---|---|
namespace |
To use a different namespace, you need to specify that
Default value is: Example |
|||||||||
managedSecurityContext |
Flag that determines if the Kubernetes Operator inherits the
Set this field to Default value is Example |
|||||||||
operator.env |
Label for the Operator’s deployment environment. The
Accepted values are: Default value is: Example |
|||||||||
operator.watchNamespace |
Namespace that the Operator watches for MongoDB Kubernetes resource changes. If this namespace differs from the default, ensure that the Operator’s ServiceAccount can access that different namespace.
Default value is: Important To watch Ops Manager and MongoDB Kubernetes resources in a different namespace to which you deploy the Kubernetes Operator, see Kubernetes Operator Deployment Scopes for values you must use and additional steps you might have to perform. Example |
Note
You can also pass these values as options when you apply the Helm Chart:
If you have not already installed Helm, follow the instructions on GitHub to install it.
To install the Kubernetes Operator on a host not connected to the Internet, choose to download its files from:
- The Internet
- Another Host
Change to the directory in which you cloned the repository.¶
Use docker
to request the files.¶
Replace the following values:
<op-version>
with the Kubernetes Operator version you’re installing<om-version>
with the Ops Manager version you’re installing.
Disconnect from the internet.¶
Install the Kubernetes Operator with modified pull policy values using the following helm
command:¶
You can customize your Helm Chart before installing it. To modify it,
add one or more of the following options to the values.yaml
file:
Setting | When to Use | |||||||||
---|---|---|---|---|---|---|---|---|---|---|
namespace |
To use a different namespace, you need to specify that
Default value is: Example |
|||||||||
managedSecurityContext |
Flag that determines if the Kubernetes Operator inherits the
Set this field to Default value is Example |
|||||||||
operator.env |
Label for the Operator’s deployment environment. The
Accepted values are: Default value is: Example |
|||||||||
operator.watchNamespace |
Namespace that the Operator watches for MongoDB Kubernetes resource changes. If this namespace differs from the default, ensure that the Operator’s ServiceAccount can access that different namespace.
Default value is: Important To watch Ops Manager and MongoDB Kubernetes resources in a different namespace to which you deploy the Kubernetes Operator, see Kubernetes Operator Deployment Scopes for values you must use and additional steps you might have to perform. Example |
Note
You can also pass these values as options when you apply the Helm Chart:
Use docker
to request the files on a host connected to the Internet.¶
Replace the following values:
<op-version>
with the Kubernetes Operator version you’re installing<om-version>
with the Ops Manager version you’re installing.
Export the Kubernetes Operator images as .tar
archive files:¶
Replace the following values:
<op-version>
with the Kubernetes Operator version you’re installing<om-version>
with the Ops Manager version you’re installing.
Copy these .tar
files to the host running the Kubernetes docker
daemon.¶
Import the .tar
files into docker
.¶
Replace the following values:
<op-version>
with the Kubernetes Operator version you’re installing<om-version>
with the Ops Manager version you’re installing.
Install the Kubernetes Operator with modified pull policy values using the following helm
command:¶
You can customize your Helm Chart before installing it. To modify it,
add one or more of the following options to the values.yaml
file:
Setting | When to Use | |||||||||
---|---|---|---|---|---|---|---|---|---|---|
namespace |
To use a different namespace, you need to specify that
Default value is: Example |
|||||||||
managedSecurityContext |
Flag that determines if the Kubernetes Operator inherits the
Set this field to Default value is Example |
|||||||||
operator.env |
Label for the Operator’s deployment environment. The
Accepted values are: Default value is: Example |
|||||||||
operator.watchNamespace |
Namespace that the Operator watches for MongoDB Kubernetes resource changes. If this namespace differs from the default, ensure that the Operator’s ServiceAccount can access that different namespace.
Default value is: Important To watch Ops Manager and MongoDB Kubernetes resources in a different namespace to which you deploy the Kubernetes Operator, see Kubernetes Operator Deployment Scopes for values you must use and additional steps you might have to perform. Example |
Note
You can also pass these values as options when you apply the Helm Chart:
- Online using oc
- Online using Helm
- Offline using Helm and Docker
Use the same namespace throughout
The following examples assume that you created a namespace
using the default Kubernetes Operator namespace of mongodb
.
If you specified a different label for your namespace when
you created it, change all
values for metadata.namespace
to that namespace.
To change the label for the namespace for the following
deployment to production
, edit all values for
metadata.namespace
in mongodb-enterprise-openshift.yaml
:
Change to the directory in which you cloned the repository.¶
Install the CustomResourceDefinitions for MongoDB deployments using the following oc
command:¶
You can edit the Operator YAML file to further customize your Operator before installing it.¶
Open your
mongodb-enterprise-openshift.yaml
in your preferred text editor.You must add your
<openshift-pull-secret>
to theServiceAccount
definitions:You may need to add one or more of the following options:
Environment Variable When to Use OPERATOR_ENV
Label for the Operator’s deployment environment. The
env
value affects default timeouts and the format and level of logging.If OPERATOR_ENV
isLog Level is set to Log Format is set to dev
debug text prod
info json Accepted values are:
dev
,prod
.Default value is:
prod
.You can set the following pair of values:
Example
WATCH_NAMESPACE
Namespace that the Operator watches for MongoDB Kubernetes resource changes. If this namespace differs from the default, ensure that the Operator’s ServiceAccount can access that different namespace.
*
means all namespaces and requires the ClusterRole assigned to themongodb-enterprise-operator
ServiceAccount which is the ServiceAccount used to run the Kubernetes Operator.Default value is:
<metadata.namespace>
.Important
To watch Ops Manager and MongoDB Kubernetes resources in a different namespace to which you deploy the Kubernetes Operator, see Kubernetes Operator Deployment Scopes for values you must use and additional steps you might have to perform.
You can set the following pair of values:
Example
OPS_MANAGER_IMAGE_REPOSITORY
URL of the repository from which the image for an Ops Manager resource is downloaded.
Default value is:
registry.connect.redhat.com/mongodb/mongodb-enterprise-ops-manager
Example
OPS_MANAGER_IMAGE_PULL_POLICY
Pull policy for the image deployed to an Ops Manager resource.
Accepted values are:
Always
,IfNotPresent
,Never
Default value is:
Always
Example
MANAGED_SECURITY_CONTEXT
Flag that determines if the Kubernetes Operator inherits the
securityContext
settings that your Kubernetes cluster manages.For OpenShift,
MANAGED_SECURITY_CONTEXT
must always betrue
.Default value is
true
.Example
If you have not already installed Helm, follow the instructions on GitHub to install it.
Change to the directory in which you cloned the repository.¶
Add the name of your <openshift-pull-secret>
to the registry.imagePullSecrets
setting in the helm_chart/values-openshift.yaml
file:¶
Install the Kubernetes Operator using the following helm
command:¶
You can customize your Helm Chart before installing it. To modify it,
add one or more of the following options to the
values-openshift.yaml
file:
Setting | When to Use | |||||||||
---|---|---|---|---|---|---|---|---|---|---|
registry.imagePullSecrets |
secret that contains the credentials required to pull imagePullSecrets from the repository. Important This setting is mandatory for OpenShift installs. You must either define it in this file or pass it when you install the Kubernetes Operator using Helm. Example |
|||||||||
namespace |
To use a different namespace, you need to specify that
Default value is: Example |
|||||||||
managedSecurityContext |
Flag that determines if the Kubernetes Operator inherits the
Default value is For OpenShift, Example |
|||||||||
operator.env |
Label for the Operator’s deployment environment. The
Accepted values are: Default value is: Example |
|||||||||
operator.watchNamespace |
Namespace that the Operator watches for MongoDB Kubernetes resource changes. If this namespace differs from the default, ensure that the Operator’s ServiceAccount can access that different namespace.
Default value is: Important To watch Ops Manager and MongoDB Kubernetes resources in a different namespace to which you deploy the Kubernetes Operator, see Kubernetes Operator Deployment Scopes for values you must use and additional steps you might have to perform. Example |
Note
You can also pass these values as options when you apply the Helm Chart:
If you have not already installed Helm, follow the instructions on GitHub to install it.
To install the Kubernetes Operator on a host not connected to the Internet, choose to download its files from:
- The Internet
- Another Host
Change to the directory in which you cloned the repository.¶
Use docker
to request the files.¶
Replace the following values:
<op-version>
with the Kubernetes Operator version you’re installing<om-version>
with the Ops Manager version you’re installing.
Disconnect from the internet.¶
Add the name of your <openshift-pull-secret>
to the registry.imagePullSecrets
setting in the helm_chart/values-openshift.yaml
file:¶
Install the Kubernetes Operator with modified pull policy values using the following helm
command:¶
You can customize your Helm Chart before installing it. To modify it,
add one or more of the following options to the
values-openshift.yaml
file:
Setting | When to Use | |||||||||
---|---|---|---|---|---|---|---|---|---|---|
registry.imagePullSecrets |
secret that contains the credentials required to pull imagePullSecrets from the repository. Important This setting is mandatory for OpenShift installs. You must either define it in this file or pass it when you install the Kubernetes Operator using Helm. Example |
|||||||||
namespace |
To use a different namespace, you need to specify that
Default value is: Example |
|||||||||
managedSecurityContext |
Flag that determines if the Kubernetes Operator inherits the
Default value is For OpenShift, Example |
|||||||||
operator.env |
Label for the Operator’s deployment environment. The
Accepted values are: Default value is: Example |
|||||||||
operator.watchNamespace |
Namespace that the Operator watches for MongoDB Kubernetes resource changes. If this namespace differs from the default, ensure that the Operator’s ServiceAccount can access that different namespace.
Default value is: Important To watch Ops Manager and MongoDB Kubernetes resources in a different namespace to which you deploy the Kubernetes Operator, see Kubernetes Operator Deployment Scopes for values you must use and additional steps you might have to perform. Example |
Note
You can also pass these values as options when you apply the Helm Chart:
Use docker
to request the files on a host connected to the Internet.¶
Replace the following values:
<op-version>
with the Kubernetes Operator version you’re installing<om-version>
with the Ops Manager version you’re installing.
Export the Kubernetes Operator images as .tar
archive files:¶
Replace the following values:
<op-version>
with the Kubernetes Operator version you’re installing<om-version>
with the Ops Manager version you’re installing.
Copy these .tar
files to the host running the Kubernetes docker
daemon.¶
Import the .tar
files into docker
.¶
Replace the following values:
<op-version>
with the Kubernetes Operator version you’re installing<om-version>
with the Ops Manager version you’re installing.
Add the name of your <openshift-pull-secret>
to the registry.imagePullSecrets
setting in the helm_chart/values-openshift.yaml
file:¶
Install the Kubernetes Operator with modified pull policy values using the following helm
command:¶
You can customize your Helm Chart before installing it. To modify it,
add one or more of the following options to the
values-openshift.yaml
file:
Setting | When to Use | |||||||||
---|---|---|---|---|---|---|---|---|---|---|
registry.imagePullSecrets |
secret that contains the credentials required to pull imagePullSecrets from the repository. Important This setting is mandatory for OpenShift installs. You must either define it in this file or pass it when you install the Kubernetes Operator using Helm. Example |
|||||||||
namespace |
To use a different namespace, you need to specify that
Default value is: Example |
|||||||||
managedSecurityContext |
Flag that determines if the Kubernetes Operator inherits the
Default value is For OpenShift, Example |
|||||||||
operator.env |
Label for the Operator’s deployment environment. The
Accepted values are: Default value is: Example |
|||||||||
operator.watchNamespace |
Namespace that the Operator watches for MongoDB Kubernetes resource changes. If this namespace differs from the default, ensure that the Operator’s ServiceAccount can access that different namespace.
Default value is: Important To watch Ops Manager and MongoDB Kubernetes resources in a different namespace to which you deploy the Kubernetes Operator, see Kubernetes Operator Deployment Scopes for values you must use and additional steps you might have to perform. Example |
Note
You can also pass these values as options when you apply the Helm Chart:
Verify the Installation¶
To verify that the Kubernetes Operator installed correctly, run the following command and verify the output:
By default, deployments exist in the mongodb
namespace. If the
following error message appears, ensure you use the correct
namespace:
To troubleshoot your Kubernetes Operator, see Review Logs from the Kubernetes Operator.
Important
If you need to remove the Kubernetes Operator or the namespace, you first must remove MongoDB resources.
Next Steps¶
After installing the MongoDB Enterprise Kubernetes Operator, you can: