• Install and Configure the Kubernetes Operator >
• Upgrade the Kubernetes Operator from Prior Versions >
• Upgrade from Operator Version 0.9 or Earlier

Upgrade from Operator Version 0.9 or Earlier

Warning

Version 0.10 of the MongoDB Enterprise Kubernetes Operator included breaking changes and requires some additional preparation before upgrading. The following procedure outlines the upgrade process for Kubernetes Operator versions 0.9 and earlier. If you are already running version 0.10 or later, see Upgrade from Operator Version 0.10 or Later for upgrade instructions.

Version 0.10 of the Kubernetes Operator consolidated the MongoDbStandalone, MongoDbShardedCluster, and MongoDbReplicaSet CustomResourceDefinitions into a single CustomResourceDefinition called MongoDB.

Important

The following upgrade procedure allows you to keep data stored in persistent volumes from previous deployments that the Kubernetes Operator managed. If you do not wish to retain data from previous deployments and plan on deploying new resources, skip to the Upgrade section.

Prerequisites

1. If you have not already, run the following command to execute all kubectl commands in the namespace you created:

   copy

   kubectl config set-context $(kubectl config current-context) --namespace=<namespace>
   

2. Verify you have the .yaml configuration file for each MongoDB resource you have deployed.

   Standalone Resources

   If you have standalone resources but do not have the .yaml configuration file for them, run the following command to generate the configuration file:

   copy

   kubectl mst <standalone-name> -o yaml > <standalone-conf-name>.yaml
   

   Replica Set Resources

   If you have replica set resources but do not have the .yaml configuration file for them, run the following command to generate the configuration file:

   copy

   kubectl get mrs <replicaset-name> -o yaml > <replicaset-conf-name>.yaml
   

   Sharded Cluster Resources

   If you have sharded cluster resources but do not have the .yaml configuration file for them, run the following command to generate the configuration file:

   copy

   kubectl get msc <shardedcluster-name> -o yaml > <shardedcluster-conf-name>.yaml
   

3. Edit each .yaml configuration file match the new CustomResourceDefinition:

   • Change the kind to MongoDB

   • Add the spec.type field and set it to Standalone, ReplicaSet, or ShardedCluster depending on your resource.

     Note

     The Kubernetes Operator does not support changing the type of an existing configuration even though it will accept a valid configuration for a different type.

     For example, if your MongoDB resource is a standalone, you cannot set the value of spec.type to ReplicaSet and set spec.members. If you do, the Kubernetes Operator throws an error and requires you to revert to the previously working configuration.

   After you edit each .yaml file, they should look like the following example:

   • Standalone
   • Replica Set
   • Sharded Cluster

   copy

   ---
   apiVersion: mongodb.com/v1
   kind: MongoDB
   metadata:
     name: <my-standalone>
   spec:
     version: 4.2.2-ent
     opsManager:
       configMapRef:
         name: <configMap.metadata.name>
               # Must match metadata.name in ConfigMap file
     credentials: <mycredentials>
     type: Standalone
     persistent: true
   ...
   

   copy

   ---
   apiVersion: mongodb.com/v1
   kind: MongoDB
   metadata:
     name: <my-replica-set>
   spec:
     members: 3
     version: 4.2.2-ent
     opsManager:
       configMapRef:
         name: <configMap.metadata.name>
               # Must match metadata.name in ConfigMap file
     credentials: <mycredentials>
     type: ReplicaSet
     persistent: true
   ...
   

   copy

   ---
   apiVersion: mongodb.com/v1
   kind: MongoDB
   metadata:
     name: <my-sharded-cluster>
   spec:
     shardCount: 2
     mongodsPerShardCount: 3
     mongosCount: 2
     configServerCount: 3
     version: 4.2.2-ent
     opsManager:
       configMapRef:
         name: <configMap.metadata.name>
               # Must match metadata.name in ConfigMap file
     credentials: <mycredentials>
     type: ShardedCluster
     persistent: true
   ...
   

   Warning

   If you change the metadata.name field you will lose your resource’s data.

Upgrade the Kubernetes Operator

To upgrade to the latest version of the Kubernetes Operator from version v0.9 or earlier:

The following steps depend on how your environment is configured:

• Kubernetes
• OpenShift

• Online using kubectl
• Online using Helm
• Offline using Helm and Docker

1

Change to the directory in which you cloned the repository.

2

Upgrade the CustomResourceDefinitions for MongoDB deployments using the following kubectl command:

copy

kubectl apply -f crds.yaml

3

You can edit the Operator YAML file to further customize your Operator before upgrading it.

1. Open your mongodb-enterprise.yaml in your preferred text editor.

2. You may need to add one or more of the following options:

   Environment Variable	When to Use
   OPERATOR_ENV	Label for the Operator’s deployment environment. The env value affects default timeouts and the format and level of logging. If OPERATOR_ENV is Log Level is set to Log Format is set to dev debug text prod info json Accepted values are: dev, prod. Default value is: prod. You can set the following pair of values: copy spec.template.spec.containers.name.env.name: OPERATOR_ENV spec.template.spec.containers.name.env.value: prod Example copy spec: template: spec: serviceAccountName: mongodb-enterprise-operator containers: - name: mongodb-enterprise-operator image: <operatorVersionUrl> imagePullPolicy: <policyChoice> env: - name: OPERATOR_ENV value: prod
   WATCH_NAMESPACE	Namespace that the Operator watches for MongoDB Kubernetes resource changes. If this namespace differs from the default, ensure that the Operator’s ServiceAccount can access that different namespace. * means all namespaces and requires the ClusterRole assigned to the mongodb-enterprise-operator ServiceAccount which is the ServiceAccount used to run the Kubernetes Operator. Default value is: <metadata.namespace>. Important To watch Ops Manager and MongoDB Kubernetes resources in a different namespace to which you deploy the Kubernetes Operator, see Kubernetes Operator Deployment Scopes for values you must use and additional steps you might have to perform. You can set the following pair of values: copy spec.template.spec.containers.name.env.name: WATCH_NAMESPACE spec.template.spec.containers.name.env.value: "<testNamespace>" Example copy spec: template: spec: serviceAccountName: mongodb-enterprise-operator containers: - name: mongodb-enterprise-operator image: <operatorVersionUrl> imagePullPolicy: <policyChoice> env: - name: WATCH_NAMESPACE value: "<testNamespace>"
   OPS_MANAGER_IMAGE_REPOSITORY	URL of the repository from which the image for an Ops Manager resource is downloaded. Default value is: quay.io/mongodb/mongodb-enterprise-ops-manager copy spec.template.spec.containers.name.env.name: OPS_MANAGER_IMAGE_REPOSITORY spec.template.spec.containers.name.env.value: quay.io/mongodb/mongodb-enterprise-ops-manager Example copy spec: template: spec: serviceAccountName: mongodb-enterprise-operator containers: - name: mongodb-enterprise-operator image: <operatorVersionUrl> imagePullPolicy: <policyChoice> env: - name: OPS_MANAGER_IMAGE_REPOSITORY value: quay.io/mongodb/mongodb-enterprise-ops-manager - name: OPS_MANAGER_IMAGE_PULL_POLICY value: Always
   OPS_MANAGER_IMAGE_PULL_POLICY	Pull policy for the image deployed to an Ops Manager resource. Accepted values are: Always, IfNotPresent, Never Default value is: Always copy spec.template.spec.containers.name.env.name: OPS_MANAGER_IMAGE_PULL_POLICY spec.template.spec.containers.name.env.value: <policy> Example copy spec: template: spec: serviceAccountName: mongodb-enterprise-operator containers: - name: mongodb-enterprise-operator image: <operatorVersionUrl> imagePullPolicy: <policyChoice> env: - name: OPS_MANAGER_IMAGE_REPOSITORY value: quay.io/mongodb/mongodb-enterprise-ops-manager - name: OPS_MANAGER_IMAGE_PULL_POLICY value: Always
   MANAGED_SECURITY_CONTEXT	Flag that determines if the Kubernetes Operator inherits the securityContext settings that your Kubernetes cluster manages. Set this field to true if you want to run the Kubernetes Operator in OpenShift or in a restrictive environment. Default value is false. copy spec.template.spec.containers.name.env.name: MANAGED_SECURITY_CONTEXT spec.template.spec.containers.name.env.value: false Example copy spec: template: spec: serviceAccountName: mongodb-enterprise-operator containers: - name: mongodb-enterprise-operator image: <operatorVersionUrl> imagePullPolicy: <policyChoice> env: - name: MANAGED_SECURITY_CONTEXT value: true

4

Upgrade the Kubernetes Operator using the following kubectl command:

copy

kubectl apply -f mongodb-enterprise.yaml

1

Upgrade the Kubernetes Operator using the following helm command:

copy

helm template helm_chart > operator.yaml \
-- values helm_chart/values.yaml
kubectl apply -f operator.yaml

You can customize your Helm Chart before installing it. To modify it, add one or more of the following options to the values.yaml file:

Setting	When to Use
namespace	To use a different namespace, you need to specify that namespace. Default value is: mongodb. Example copy # Name of the Namespace to use namespace: mongodb
managedSecurityContext	Flag that determines if the Kubernetes Operator inherits the securityContext settings that your Kubernetes cluster manages. Set this field to true if your cluster manages the securityContext for your Kubernetes resources. Default value is false. Example copy # Set this to true if your cluster is managing SecurityContext for you. # If running OpenShift (Cloud, Minishift, etc.), set this to true. managedSecurityContext: false
operator.env	Label for the Operator’s deployment environment. The env value affects default timeouts and the format and level of logging. If operator.env is Log Level is set to Log Format is set to dev debug text prod info json Accepted values are: dev, prod. Default value is: prod. Example copy operator: # Execution environment for the operator, dev or prod. Use dev for more verbose logging env: prod
operator.watchNamespace	Namespace that the Operator watches for MongoDB Kubernetes resource changes. If this namespace differs from the default, ensure that the Operator’s ServiceAccount can access that different namespace. * means all namespaces and requires the ClusterRole assigned to the mongodb-enterprise-operator ServiceAccount which is the ServiceAccount used to run the Kubernetes Operator. Default value is: <metadata.namespace>. Important To watch Ops Manager and MongoDB Kubernetes resources in a different namespace to which you deploy the Kubernetes Operator, see Kubernetes Operator Deployment Scopes for values you must use and additional steps you might have to perform. Example copy operator: watchNamespace: *

Note

You can also pass these values as options when you apply the Helm Chart:

copy

helm template --set namespace=<testNamespace> \
helm_chart > operator.yaml \
-- values helm_chart/values.yaml
kubectl apply -f operator.yaml

To upgrade the Kubernetes Operator on a host not connected to the Internet, you have two options, you can download the Kubernetes Operator files from either:

• The Internet
• Another Host

1

Upgrade the latest version of the Kubernetes Operator with modified pull policy values using the following helm command:

copy

helm template --set registry.pullPolicy=IfNotPresent \
helm_chart > operator.yaml \
-- values helm_chart/values.yaml
kubectl apply -f operator.yaml

You can customize your Helm Chart before installing it. To modify it, add one or more of the following options to the values.yaml file:

Setting	When to Use
namespace	To use a different namespace, you need to specify that namespace. Default value is: mongodb. Example copy # Name of the Namespace to use namespace: mongodb
managedSecurityContext	Flag that determines if the Kubernetes Operator inherits the securityContext settings that your Kubernetes cluster manages. Set this field to true if your cluster manages the securityContext for your Kubernetes resources. Default value is false. Example copy # Set this to true if your cluster is managing SecurityContext for you. # If running OpenShift (Cloud, Minishift, etc.), set this to true. managedSecurityContext: false
operator.env	Label for the Operator’s deployment environment. The env value affects default timeouts and the format and level of logging. If operator.env is Log Level is set to Log Format is set to dev debug text prod info json Accepted values are: dev, prod. Default value is: prod. Example copy operator: # Execution environment for the operator, dev or prod. Use dev for more verbose logging env: prod
operator.watchNamespace	Namespace that the Operator watches for MongoDB Kubernetes resource changes. If this namespace differs from the default, ensure that the Operator’s ServiceAccount can access that different namespace. * means all namespaces and requires the ClusterRole assigned to the mongodb-enterprise-operator ServiceAccount which is the ServiceAccount used to run the Kubernetes Operator. Default value is: <metadata.namespace>. Important To watch Ops Manager and MongoDB Kubernetes resources in a different namespace to which you deploy the Kubernetes Operator, see Kubernetes Operator Deployment Scopes for values you must use and additional steps you might have to perform. Example copy operator: watchNamespace: *

Note

You can also pass these values as options when you apply the Helm Chart:

copy

helm template --set registry.pullPolicy=IfNotPresent \
--set namespace=<testNamespace> \
helm_chart > operator.yaml \
-- values helm_chart/values.yaml
kubectl apply -f operator.yaml

1

Upgrade the latest version of the Kubernetes Operator with modified pull policy values using the following helm command:

copy

helm template --set registry.pullPolicy=IfNotPresent \
helm_chart > operator.yaml \
-- values helm_chart/values.yaml
kubectl apply -f operator.yaml

You can customize your Helm Chart before installing it. To modify it, add one or more of the following options to the values.yaml file:

Setting	When to Use
namespace	To use a different namespace, you need to specify that namespace. Default value is: mongodb. Example copy # Name of the Namespace to use namespace: mongodb
managedSecurityContext	Flag that determines if the Kubernetes Operator inherits the securityContext settings that your Kubernetes cluster manages. Set this field to true if your cluster manages the securityContext for your Kubernetes resources. Default value is false. Example copy # Set this to true if your cluster is managing SecurityContext for you. # If running OpenShift (Cloud, Minishift, etc.), set this to true. managedSecurityContext: false
operator.env	Label for the Operator’s deployment environment. The env value affects default timeouts and the format and level of logging. If operator.env is Log Level is set to Log Format is set to dev debug text prod info json Accepted values are: dev, prod. Default value is: prod. Example copy operator: # Execution environment for the operator, dev or prod. Use dev for more verbose logging env: prod
operator.watchNamespace	Namespace that the Operator watches for MongoDB Kubernetes resource changes. If this namespace differs from the default, ensure that the Operator’s ServiceAccount can access that different namespace. * means all namespaces and requires the ClusterRole assigned to the mongodb-enterprise-operator ServiceAccount which is the ServiceAccount used to run the Kubernetes Operator. Default value is: <metadata.namespace>. Important To watch Ops Manager and MongoDB Kubernetes resources in a different namespace to which you deploy the Kubernetes Operator, see Kubernetes Operator Deployment Scopes for values you must use and additional steps you might have to perform. Example copy operator: watchNamespace: *

Note

You can also pass these values as options when you apply the Helm Chart:

copy

helm template --set registry.pullPolicy=IfNotPresent \
--set namespace=<testNamespace> \
helm_chart > operator.yaml \
-- values helm_chart/values.yaml
kubectl apply -f operator.yaml

• Online using oc
• Online using Helm
• Offline using Helm and Docker

1

Change to the directory in which you cloned the repository.

2

Upgrade the CustomResourceDefinitions for MongoDB deployments using the following oc command:

copy

oc apply -f crds.yaml

3

You can edit the Operator YAML file to further customize your Operator before upgrading it.

1. Open your mongodb-enterprise-openshift.yaml in your preferred text editor.

2. You must add your <openshift-pull-secret> to the ServiceAccount definitions:

   copy

   ---
   # Source: mongodb-enterprise-operator/templates/serviceaccount.yaml
   ---
   apiVersion: v1
   kind: ServiceAccount
   metadata:
     name: enterprise-operator
   
     namespace: mongodb
   
   imagePullSecrets:
    - name: <openshift-pull-secret>
   
   ---
   apiVersion: v1
   kind: ServiceAccount
   metadata:
     name: mongodb-enterprise-appdb
   
     namespace: mongodb
   
   imagePullSecrets:
    - name: <openshift-pull-secret>
   
   ---
   apiVersion: v1
   kind: ServiceAccount
   metadata:
     name: mongodb-enterprise-database-pods
   
     namespace: mongodb
   
   imagePullSecrets:
    - name: <openshift-pull-secret>
   

3. You may need to add one or more of the following options:

Environment Variable	When to Use
OPERATOR_ENV	Label for the Operator’s deployment environment. The env value affects default timeouts and the format and level of logging. If OPERATOR_ENV is Log Level is set to Log Format is set to dev debug text prod info json Accepted values are: dev, prod. Default value is: prod. You can set the following pair of values: copy spec.template.spec.containers.name.env.name: OPERATOR_ENV spec.template.spec.containers.name.env.value: prod Example copy spec: template: spec: serviceAccountName: mongodb-enterprise-operator containers: - name: mongodb-enterprise-operator image: <operatorVersionUrl> imagePullPolicy: <policyChoice> env: - name: OPERATOR_ENV value: prod
WATCH_NAMESPACE	Namespace that the Operator watches for MongoDB Kubernetes resource changes. If this namespace differs from the default, ensure that the Operator’s ServiceAccount can access that different namespace. * means all namespaces and requires the ClusterRole assigned to the mongodb-enterprise-operator ServiceAccount which is the ServiceAccount used to run the Kubernetes Operator. Default value is: <metadata.namespace>. Important To watch Ops Manager and MongoDB Kubernetes resources in a different namespace to which you deploy the Kubernetes Operator, see Kubernetes Operator Deployment Scopes for values you must use and additional steps you might have to perform. You can set the following pair of values: copy spec.template.spec.containers.name.env.name: WATCH_NAMESPACE spec.template.spec.containers.name.env.value: "<testNamespace>" Example copy spec: template: spec: serviceAccountName: enterprise-operator containers: - name: enterprise-operator image: <operatorVersionUrl> imagePullPolicy: <policyChoice> env: - name: WATCH_NAMESPACE value: "<testNamespace>"
OPS_MANAGER_IMAGE_REPOSITORY	URL of the repository from which the image for an Ops Manager resource is downloaded. Default value is: registry.connect.redhat.com/mongodb/mongodb-enterprise-ops-manager copy spec.template.spec.containers.name.env.name: OPS_MANAGER_IMAGE_REPOSITORY spec.template.spec.containers.name.env.value: registry.connect.redhat.com/mongodb/mongodb-enterprise-ops-manager Example copy spec: template: spec: serviceAccountName: enterprise-operator containers: - name: enterprise-operator image: <operatorVersionUrl> imagePullPolicy: <policyChoice> env: - name: OPS_MANAGER_IMAGE_REPOSITORY value: registry.connect.redhat.com/mongodb/mongodb-enterprise-ops-manager - name: OPS_MANAGER_IMAGE_PULL_POLICY value: Always
OPS_MANAGER_IMAGE_PULL_POLICY	Pull policy for the image deployed to an Ops Manager resource. Accepted values are: Always, IfNotPresent, Never Default value is: Always copy spec.template.spec.containers.name.env.name: OPS_MANAGER_IMAGE_PULL_POLICY spec.template.spec.containers.name.env.value: <policy> Example copy spec: template: spec: serviceAccountName: enterprise-operator containers: - name: enterprise-operator image: <operatorVersionUrl> imagePullPolicy: <policyChoice> env: - name: OPS_MANAGER_IMAGE_REPOSITORY value: registry.connect.redhat.com/mongodb/mongodb-enterprise-ops-manager - name: OPS_MANAGER_IMAGE_PULL_POLICY value: Always
MANAGED_SECURITY_CONTEXT	Flag that determines if the Kubernetes Operator inherits the securityContext settings that your Kubernetes cluster manages. For OpenShift, MANAGED_SECURITY_CONTEXT must always be true. Default value is true. copy spec.template.spec.containers.name.env.name: MANAGED_SECURITY_CONTEXT spec.template.spec.containers.name.env.value: true Example copy spec: template: spec: serviceAccountName: mongodb-enterprise-operator containers: - name: mongodb-enterprise-operator image: <operatorVersionUrl> imagePullPolicy: <policyChoice> env: - name: MANAGED_SECURITY_CONTEXT value: true

4

Upgrade the Kubernetes Operator using the following oc command:

copy

oc apply -f mongodb-enterprise-openshift.yaml

1

Upgrade the Kubernetes Operator using the following helm command:

copy

helm template helm_chart > operator.yaml \
-- values helm_chart/values-openshift.yaml
oc apply -f operator.yaml

You can customize your Helm Chart before installing it. To modify it, add one or more of the following options to the values-openshift.yaml file:

Setting	When to Use
registry.imagePullSecrets	secret that contains the credentials required to pull imagePullSecrets from the repository. Important This setting is mandatory for OpenShift installs. You must either define it in this file or pass it when you install the Kubernetes Operator using Helm. Example copy registry: imagePullSecrets: <openshift-pull-secret>
namespace	To use a different namespace, you need to specify that namespace. Default value is: mongodb. Example copy # Name of the Namespace to use namespace: mongodb
managedSecurityContext	Flag that determines if the Kubernetes Operator inherits the securityContext settings that your Kubernetes cluster manages. Default value is true. For OpenShift, managedSecurityContext must always be true. Example copy # OpenShift manages security context on its own managedSecurityContext: true
operator.env	Label for the Operator’s deployment environment. The env value affects default timeouts and the format and level of logging. If operator.env is Log Level is set to Log Format is set to dev debug text prod info json Accepted values are: dev, prod. Default value is: prod. Example copy operator: # Execution environment for the operator, dev or prod. Use dev for more verbose logging env: prod
operator.watchNamespace	Namespace that the Operator watches for MongoDB Kubernetes resource changes. If this namespace differs from the default, ensure that the Operator’s ServiceAccount can access that different namespace. * means all namespaces and requires the ClusterRole assigned to the mongodb-enterprise-operator ServiceAccount which is the ServiceAccount used to run the Kubernetes Operator. Default value is: <metadata.namespace>. Important To watch Ops Manager and MongoDB Kubernetes resources in a different namespace to which you deploy the Kubernetes Operator, see Kubernetes Operator Deployment Scopes for values you must use and additional steps you might have to perform. Example copy operator: watchNamespace: *

Note

You can also pass these values as options when you apply the Helm Chart:

copy

helm template --set registry.imagePullSecrets=<openshift-pull-secret> \
helm_chart > operator.yaml \
-- values helm_chart/values-openshift.yaml
oc apply -f operator.yaml

To upgrade the Kubernetes Operator on a host not connected to the Internet, you have two options, you can download the Kubernetes Operator files from either:

• The Internet
• Another Host

1

Upgrade the latest version of the Kubernetes Operator with modified pull policy values using the following helm command:

copy

helm template --set registry.pullPolicy=IfNotPresent \
--set registry.imagePullSecrets=<openshift-pull-secret> \
helm_chart > operator.yaml \
-- values helm_chart/values-openshift.yaml
oc apply -f operator.yaml

You can customize your Helm Chart before installing it. To modify it, add one or more of the following options to the values-openshift.yaml file:

Setting	When to Use
registry.imagePullSecrets	secret that contains the credentials required to pull imagePullSecrets from the repository. Important This setting is mandatory for OpenShift installs. You must either define it in this file or pass it when you install the Kubernetes Operator using Helm. Example copy registry: imagePullSecrets: <openshift-pull-secret>
namespace	To use a different namespace, you need to specify that namespace. Default value is: mongodb. Example copy # Name of the Namespace to use namespace: mongodb
managedSecurityContext	Flag that determines if the Kubernetes Operator inherits the securityContext settings that your Kubernetes cluster manages. Default value is true. For OpenShift, managedSecurityContext must always be true. Example copy # OpenShift manages security context on its own managedSecurityContext: true
operator.env	Label for the Operator’s deployment environment. The env value affects default timeouts and the format and level of logging. If operator.env is Log Level is set to Log Format is set to dev debug text prod info json Accepted values are: dev, prod. Default value is: prod. Example copy operator: # Execution environment for the operator, dev or prod. Use dev for more verbose logging env: prod
operator.watchNamespace	Namespace that the Operator watches for MongoDB Kubernetes resource changes. If this namespace differs from the default, ensure that the Operator’s ServiceAccount can access that different namespace. * means all namespaces and requires the ClusterRole assigned to the mongodb-enterprise-operator ServiceAccount which is the ServiceAccount used to run the Kubernetes Operator. Default value is: <metadata.namespace>. Important To watch Ops Manager and MongoDB Kubernetes resources in a different namespace to which you deploy the Kubernetes Operator, see Kubernetes Operator Deployment Scopes for values you must use and additional steps you might have to perform. Example copy operator: watchNamespace: *

Note

You can also pass these values as options when you apply the Helm Chart:

copy

helm template --set registry.pullPolicy=IfNotPresent \
--set registry.imagePullSecrets=<openshift-pull-secret> \
--set namespace=<testNamespace> \
helm_chart > operator.yaml \
-- values helm_chart/values-openshift.yaml
oc apply -f operator.yaml

1

Upgrade the latest version of the Kubernetes Operator with modified pull policy values using the following helm command:

copy

helm template --set registry.pullPolicy=IfNotPresent \
--set registry.imagePullSecrets=<openshift-pull-secret> \
helm_chart > operator.yaml \
-- values helm_chart/values-openshift.yaml
oc apply -f operator.yaml

You can customize your Helm Chart before installing it. To modify it, add one or more of the following options to the values-openshift.yaml file:

Setting	When to Use
registry.imagePullSecrets	secret that contains the credentials required to pull imagePullSecrets from the repository. Important This setting is mandatory for OpenShift installs. You must either define it in this file or pass it when you install the Kubernetes Operator using Helm. Example copy registry: imagePullSecrets: <openshift-pull-secret>
namespace	To use a different namespace, you need to specify that namespace. Default value is: mongodb. Example copy # Name of the Namespace to use namespace: mongodb
managedSecurityContext	Flag that determines if the Kubernetes Operator inherits the securityContext settings that your Kubernetes cluster manages. Default value is true. For OpenShift, managedSecurityContext must always be true. Example copy # OpenShift manages security context on its own managedSecurityContext: true
operator.env	Label for the Operator’s deployment environment. The env value affects default timeouts and the format and level of logging. If operator.env is Log Level is set to Log Format is set to dev debug text prod info json Accepted values are: dev, prod. Default value is: prod. Example copy operator: # Execution environment for the operator, dev or prod. Use dev for more verbose logging env: prod
operator.watchNamespace	Namespace that the Operator watches for MongoDB Kubernetes resource changes. If this namespace differs from the default, ensure that the Operator’s ServiceAccount can access that different namespace. * means all namespaces and requires the ClusterRole assigned to the mongodb-enterprise-operator ServiceAccount which is the ServiceAccount used to run the Kubernetes Operator. Default value is: <metadata.namespace>. Important To watch Ops Manager and MongoDB Kubernetes resources in a different namespace to which you deploy the Kubernetes Operator, see Kubernetes Operator Deployment Scopes for values you must use and additional steps you might have to perform. Example copy operator: watchNamespace: *

Note

You can also pass these values as options when you apply the Helm Chart:

copy

helm template --set registry.pullPolicy=IfNotPresent \
--set registry.imagePullSecrets=<openshift-pull-secret> \
--set namespace=<testNamespace> \
helm_chart > operator.yaml \
-- values helm_chart/values-openshift.yaml
oc apply -f operator.yaml

To troubleshoot your Kubernetes Operator, see Review Logs from the Kubernetes Operator.

Important

If you need to remove the Kubernetes Operator or the namespace, you first must remove MongoDB resources.

Recreate MongoDB Resources and Delete the Version 0.9 CRDs

1. After you upgrade the Kubernetes Operator, verify you have four CRDs by running the following command:

   copy

   kubectl get crds
   

   The following output contains the new mongodb.mongodb.com CRD and the version 0.9 CRDs:

   NAME                                 CREATED AT
   mongodb.mongodb.com                  2019-03-27T19:30:09Z
   mongodbreplicasets.mongodb.com       2018-12-07T18:25:42Z
   mongodbshardedclusters.mongodb.com   2018-12-07T18:25:42Z
   mongodbstandalones.mongodb.com       2018-12-07T18:25:42Z
   

2. Remove the old resources from Kubernetes.

   Important

   Removing MongoDB resources will remove the database server pods and drop any client connections to the database. Connections are reestablished when the new MongoDB resources are created in Kubernetes.

   Run each of the following commands to remove all MongoDB resources:

   copy

   kubectl delete mst --all
   

   copy

   kubectl delete mrs --all
   

   copy

   kubectl delete msc --all
   

   Note

   MongoDB resources that have persistent: true set in their .yaml configuration file will not lose data as it is stored in persistent volumes. The previous command only deletes pods containing MongoDB and not the persistent volumes containing the data. Persistent volume claims referencing persistent volumes stay alive and are reused by the new MongoDB resources.

3. Create the MongoDB resources again.

   Use the .yaml resource configuration file to recreate each resource:

   copy

   kubectl apply -f <resource-conf>.yaml
   

   Note

   If the old resources had persistent: true set and the metadata.name haven’t changed, the new MongoDB pods will reuse the data from the old pods.

   Run the following command to check the status of each resource and verify that the phase reaches the Running status:

   copy

   kubectl get mdb <resource-name> -o yaml -w
   

   For an example of this command’s output, see Get Status of a Deployed Resource.

4. Delete the old CRDs.

   Once all the resources are up and running, delete all of the v0.9 CRDs as the Kubernetes Operator no longer watches them:

   copy

   kubectl delete crd mongodbreplicasets.mongodb.com
   

   copy

   kubectl delete crd mongodbshardedclusters.mongodb.com
   

   copy

   kubectl delete crd mongodbstandalones.mongodb.com
   

   Run the following command to verify the old CRDs were removed:

   copy

   kubectl get crds
   

   The output of the command above should look similar to the following:

   NAME                  CREATED AT
   mongodb.mongodb.com   2019-03-27T19:30:09Z
   

Once the version 0.9 CustomResourceDefinitions are deleted, the MongoDB Enterprise Kubernetes Operator upgrade is complete.

Troubleshooting

To troubleshoot your Kubernetes Operator, see Review Logs from the Kubernetes Operator.

Important

If you need to remove the Kubernetes Operator or the namespace, you first must remove MongoDB resources.

© MongoDB, Inc 2008-present. MongoDB, Mongo, and the leaf logo are registered trademarks of MongoDB, Inc.