MongoDB Enterprise Kubernetes Operator kubectl and oc Installation Settings
On this page
- AGENT_IMAGE
- APPDB_AGENT_VERSION
- APPDB_IMAGE_REPOSITORY
- CLUSTER_CLIENT_TIMEOUT
- DATABASE_VERSION
- IMAGE_PULL_POLICY
- INIT_APPDB_IMAGE_REPOSITORY
- INIT_APPDB_VERSION
- INIT_DATABASE_IMAGE_REPOSITORY
- INIT_DATABASE_VERSION
- INIT_OPS_MANAGER_IMAGE_REPOSITORY
- INIT_OPS_MANAGER_VERSION
- LOG_FILE_PATH
- MANAGED_SECURITY_CONTEXT
- MDB_AGENT_IMAGE_REPOSITORY
- MDB_APPDB_ASSUME_OLD_FORMAT
- MDB_AUTOMATIC_RECOVERY_ENABLE
- MDB_AUTOMATIC_RECOVERY_BACKOFF_TIME_S
- MDB_DEFAULT_ARCHITECTURE
- MDB_IMAGE_TYPE
- MDB_WITH_AGENT_FILE_LOGGING
- MDB_MAX_CONCURRENT_RECONCILES
- MONGODB_ENTERPRISE_DATABASE_IMAGE
- OPERATOR_ENV
- OPS_MANAGER_IMAGE_PULL_POLICY
- OPS_MANAGER_IMAGE_REPOSITORY
- READINESS_PROBE_LOGGER_BACKUPS
- READINESS_PROBE_LOGGER_COMPRESS
- READINESS_PROBE_LOGGER_MAX_SIZE
- READINESS_PROBE_LOGGER_MAX_AGE
- WATCH_NAMESPACE
To provide optional settings, edit the YAML file that corresponds to your deployment type in the directory where you cloned the Kubernetes Operator repository:
Vanilla Kubernetes using kubectl: mongodb-enterprise.yaml
OpenShift using oc: mongodb-enterprise-openshift.yaml
If the setting that you want to add doesn't exist in the YAML file, add it as a new array of key-value pair mappings in the spec.template.spec.containers.name.env. collection:
Set the value of the spec.template.spec.containers.name.env.name key to the setting's name.
Set the value of the spec.template.spec.containers.name.env.value key to the setting's value.
To fill in values for container images, see Container Images.
1 spec: 2 template: 3 spec: 4 serviceAccountName: mongodb-enterprise-operator 5 containers: 6 - name: mongodb-enterprise-operator 7 image: <operatorVersionUrl> 8 imagePullPolicy: <policyChoice> 9 env: 10 - name: INIT_APPDB_IMAGE_REPOSITORY 11 value: quay.io/mongodb/mongodb-enterprise-init-appdb-ubi
AGENT_IMAGE
URL of the repository from which the Kubernetes Operator downloads the MongoDB Agent image for non-static database deployments. Include the MongoDB Agent version. To learn more, see Container Images.
1 spec: 2 template: 3 spec: 4 serviceAccountName: mongodb-enterprise-operator 5 containers: 6 - name: mongodb-enterprise-operator 7 image: <operatorVersionUrl> 8 imagePullPolicy: <policyChoice> 9 env: 10 - name: AGENT_IMAGE 11 value: quay.io/mongodb/mongodb-agent-ubi:<version>
APPDB_AGENT_VERSION
Version of the image that contains the MongoDB Agent that the Application Database uses.
The default value is 10.2.15.5958-1_4.2.11-ent.
1 spec: 2 template: 3 spec: 4 serviceAccountName: mongodb-enterprise-operator 5 containers: 6 - name: mongodb-enterprise-operator 7 image: <operatorVersionUrl> 8 imagePullPolicy: <policyChoice> 9 env: 10 - name: APPDB_AGENT_VERSION 11 value: 10.2.15.5958-1_4.2.11-ent
APPDB_IMAGE_REPOSITORY
URL of the repository from which the Kubernetes Operator downloads the Application Database image.
1 spec: 2 template: 3 spec: 4 serviceAccountName: mongodb-enterprise-operator 5 containers: 6 - name: mongodb-enterprise-operator 7 image: <operatorVersionUrl> 8 imagePullPolicy: <policyChoice> 9 env: 10 - name: APPDB_IMAGE_REPOSITORY 11 value: quay.io/mongodb/mongodb-enterprise-appdb-ubi
CLUSTER_CLIENT_TIMEOUT
Time, in seconds, the Kubernetes Operator attempts to connect to a cluster's Kubernetes API server endpoint. This timeout is set for all Kubernetes clusters in multi-Kubernetes cluster MongoDB deployments. If the Kubernetes Operator doesn't get a response from the Kubernetes API server within the specified time, it logs the cluster's status as "unhealthy". To learn more, see Troubleshooting Kubernetes Clusters.
The default value is 10.
1 spec: 2 template: 3 spec: 4 serviceAccountName: mongodb-enterprise-operator 5 containers: 6 - name: mongodb-enterprise-operator 7 image: <operatorVersionUrl> 8 imagePullPolicy: <policyChoice> 9 env: 10 - name: CLUSTER_CLIENT_TIMEOUT 11 value: 10
DATABASE_VERSION
Version of the MongoDB Enterprise Database image that the Kubernetes Operator deploys.
1 spec: 2 template: 3 spec: 4 serviceAccountName: mongodb-enterprise-operator 5 containers: 6 - name: mongodb-enterprise-operator 7 image: <operatorVersionUrl> 8 imagePullPolicy: <policyChoice> 9 env: 10 - name: DATABASE_VERSION 11 value: 1.27
IMAGE_PULL_POLICY
Pull policy for the MongoDB Enterprise database image the Kubernetes Operator deploys.
The Kubernetes Operator accepts the following values: Always, IfNotPresent, Never.
The default value is Always.
INIT_APPDB_IMAGE_REPOSITORY
URL of the repository from which the initContainer
image that
contains the Application Database start-up scripts and the readiness
probe is downloaded.
1 spec: 2 template: 3 spec: 4 serviceAccountName: mongodb-enterprise-operator 5 containers: 6 - name: mongodb-enterprise-operator 7 image: <operatorVersionUrl> 8 imagePullPolicy: <policyChoice> 9 env: 10 - name: INIT_APPDB_IMAGE_REPOSITORY 11 value: quay.io/mongodb/mongodb-enterprise-init-appdb-ubi
INIT_APPDB_VERSION
Version of the initContainer
image that contains the Application
Database start-up scripts and the readiness probe.
The default value is 1.27.
1 spec: 2 template: 3 spec: 4 serviceAccountName: mongodb-enterprise-operator 5 containers: 6 - name: mongodb-enterprise-operator 7 image: <operatorVersionUrl> 8 imagePullPolicy: <policyChoice> 9 env: 10 - name: INIT_APPDB_VERSION 11 value: 1.27
INIT_DATABASE_IMAGE_REPOSITORY
URL of the repository from which the initContainer
image that
contains the MongoDB Agent start-up scripts and the readiness probe is
downloaded.
1 spec: 2 template: 3 spec: 4 serviceAccountName: mongodb-enterprise-operator 5 containers: 6 - name: mongodb-enterprise-operator 7 image: <operatorVersionUrl> 8 imagePullPolicy: <policyChoice> 9 env: 10 - name: INIT_DATABASE_IMAGE_REPOSITORY 11 value: quay.io/mongodb/mongodb-enterprise-init-database-ubi
INIT_DATABASE_VERSION
Version of the initContainer
image that contains the MongoDB Agent
start-up scripts and the readiness probe.
The default value is 1.27.
1 spec: 2 template: 3 spec: 4 serviceAccountName: mongodb-enterprise-operator 5 containers: 6 - name: mongodb-enterprise-operator 7 image: <operatorVersionUrl> 8 imagePullPolicy: <policyChoice> 9 env: 10 - name: INIT_DATABASE_VERSION 11 value: 1.27
INIT_OPS_MANAGER_IMAGE_REPOSITORY
URL of the repository from which the initContainer
image that
contains the Ops Manager start-up scripts and the readiness probe is
downloaded.
1 spec: 2 template: 3 spec: 4 serviceAccountName: mongodb-enterprise-operator 5 containers: 6 - name: mongodb-enterprise-operator 7 image: <operatorVersionUrl> 8 imagePullPolicy: <policyChoice> 9 env: 10 - name: INIT_OPS_MANAGER_IMAGE_REPOSITORY 11 value: quay.io/mongodb/mongodb-enterprise-init-ops-manager-ubi
INIT_OPS_MANAGER_VERSION
Version of the initContainer
image that contains the Ops Manager
start-up scripts and the readiness probe.
The default value is 1.27.
1 spec: 2 template: 3 spec: 4 serviceAccountName: mongodb-enterprise-operator 5 containers: 6 - name: mongodb-enterprise-operator 7 image: <operatorVersionUrl> 8 imagePullPolicy: <policyChoice> 9 env: 10 - name: INIT_OPS_MANAGER_VERSION 11 value: 1.27
LOG_FILE_PATH
Path to the rotated readiness.log
backup files maintained by the
Readiness Probe.
The default value is /var/log/mongodb-mms-automation/readiness.log
.
1 spec: 2 template: 3 spec: 4 serviceAccountName: mongodb-enterprise-operator 5 containers: 6 - name: mongodb-enterprise-operator 7 image: <operatorVersionUrl> 8 imagePullPolicy: <policyChoice> 9 env: 10 - name: LOG_FILE_PATH 11 value: /var/log/mongodb-mms-automation/readiness.log
MANAGED_SECURITY_CONTEXT
Flag that determines whether or not the Kubernetes Operator inherits the securityContext settings that your Kubernetes cluster manages.
This value must be true if you want to run the Kubernetes Operator in OpenShift or in a restrictive environment.
The default value is false.
1 spec: 2 template: 3 spec: 4 serviceAccountName: mongodb-enterprise-operator 5 containers: 6 - name: mongodb-enterprise-operator 7 image: <operatorVersionUrl> 8 imagePullPolicy: <policyChoice> 9 env: 10 - name: MANAGED_SECURITY_CONTEXT 11 value: false
The default value is true.
1 spec: 2 template: 3 spec: 4 serviceAccountName: mongodb-enterprise-operator 5 containers: 6 - name: mongodb-enterprise-operator 7 image: <operatorVersionUrl> 8 imagePullPolicy: <policyChoice> 9 env: 10 - name: MANAGED_SECURITY_CONTEXT 11 value: true
MDB_AGENT_IMAGE_REPOSITORY
URL of the repository from which the Kubernetes Operator downloads the MongoDB Agent image for database deployments. To learn more, see Container Images.
1 spec: 2 template: 3 spec: 4 serviceAccountName: mongodb-enterprise-operator 5 containers: 6 - name: mongodb-enterprise-operator 7 image: <operatorVersionUrl> 8 imagePullPolicy: <policyChoice> 9 env: 10 - name: MDB_AGENT_IMAGE_REPOSITORY 11 value: quay.io/mongodb/mongodb-agent-ubi
MDB_APPDB_ASSUME_OLD_FORMAT
In Kubernetes Operator 1.20, the container registry changed for the application database image and the images use a new tag suffix. When you upgrade the Kubernetes Operator, the Kubernetes Operator automatically updates the earlier suffix, -ent
, for all images that reference the new container registry to -ubi8
or the suffix set in MDB_IMAGE_TYPE or mongodb.imageType.
For example, the Kubernetes Operator changes quay.io/mongodb/mongodb-enterprise-server:4.4.5-ent
to quay.io/mongodb/mongodb-enterprise-server:4.4.5-ubi8
.
To stop the Kubernetes Operator from automatically updating the suffix, set MDB_APPDB_ASSUME_OLD_FORMAT or mongodb.appdbAssumeOldFormat to true
. For example, you might want to stop the automatic suffix change if you're mirroring this image from your own repository.
The default value is false
, which automatically updates the image suffix.
1 spec: 2 template: 3 spec: 4 serviceAccountName: mongodb-enterprise-operator 5 containers: 6 - name: mongodb-enterprise-operator 7 image: <operatorVersionUrl> 8 imagePullPolicy: <policyChoice> 9 env: 10 - name: MDB_APPDB_ASSUME_OLD_FORMAT 11 value: false
MDB_AUTOMATIC_RECOVERY_ENABLE
Flag that determines whether or not the Kubernetes Operator
enables automatic recovery for MongoDB
resources
per Pod.
The default value is true.
1 spec: 2 template: 3 spec: 4 serviceAccountName: mongodb-enterprise-operator 5 containers: 6 - name: mongodb-enterprise-operator 7 image: <operatorVersionUrl> 8 imagePullPolicy: <policyChoice> 9 env: 10 - name: MDB_AUTOMATIC_RECOVERY_ENABLE 11 value: false
MDB_AUTOMATIC_RECOVERY_BACKOFF_TIME_S
Number of seconds that a custom resource can remain in a
Pending
or Failed
state before the Kubernetes Operator
automatically recovers your MongoDB
resources.
The default value is 1200 seconds (20 minutes).
To disable automatic recovery, set the
MDB_AUTOMATIC_RECOVERY_ENABLE
environment variable to false
.
1 spec: 2 template: 3 spec: 4 serviceAccountName: mongodb-enterprise-operator 5 containers: 6 - name: mongodb-enterprise-operator 7 image: <operatorVersionUrl> 8 imagePullPolicy: <policyChoice> 9 env: 10 - name: MDB_AUTOMATIC_RECOVERY_BACKOFF_TIME_S 11 value: 3600
MDB_DEFAULT_ARCHITECTURE
Determines the container architecture used by all your deployments:
The default non-static containers that download the MongoDB binary at runtime, or
Static Containers (Public Preview) that are immutable at runtime.
To enable static containers for a single deployment,
use metadata.annotations.mongodb.com/v1.architecture
in
the MongoDB resource instead.
The default is non-static
.
To enable static containers, set to static
.
1 spec: 2 template: 3 spec: 4 serviceAccountName: mongodb-enterprise-operator 5 containers: 6 - name: mongodb-enterprise-operator 7 image: <operatorVersionUrl> 8 imagePullPolicy: <policyChoice> 9 env: 10 - name: MDB_DEFAULT_ARCHITECTURE 11 value: static
MDB_IMAGE_TYPE
The suffix of the application database image.
In Kubernetes Operator 1.20, the container registry changed for the application database image and the images use a new tag suffix. When you upgrade the Kubernetes Operator, the Kubernetes Operator automatically updates the earlier suffix, -ent
, for all images that reference the new container registry to -ubi8
or the suffix set in MDB_IMAGE_TYPE or mongodb.imageType.
For example, the Kubernetes Operator changes quay.io/mongodb/mongodb-enterprise-server:4.4.5-ent
to quay.io/mongodb/mongodb-enterprise-server:4.4.5-ubi8
.
To stop the Kubernetes Operator from automatically updating the suffix, set MDB_APPDB_ASSUME_OLD_FORMAT or mongodb.appdbAssumeOldFormat to true
. For example, you might want to stop the automatic suffix change if you're mirroring this image from your own repository.
The default is -ubi8
.
1 spec: 2 template: 3 spec: 4 serviceAccountName: mongodb-enterprise-operator 5 containers: 6 - name: mongodb-enterprise-operator 7 image: <operatorVersionUrl> 8 imagePullPolicy: <policyChoice> 9 env: 10 - name: MDB_IMAGE_TYPE 11 value: ubi8
MDB_WITH_AGENT_FILE_LOGGING
Controls whether log files are output to standard output, such as when
you run kubectl describe
.
The default is true
.
1 spec: 2 template: 3 spec: 4 serviceAccountName: mongodb-enterprise-operator 5 containers: 6 - name: mongodb-enterprise-operator 7 image: <operatorVersionUrl> 8 imagePullPolicy: <policyChoice> 9 env: 10 - name: MDB_WITH_AGENT_FILE_LOGGING 11 value: true
MDB_MAX_CONCURRENT_RECONCILES
The number of concurrent reconciliation processes the Kubernetes Operator can perform.
Example
1 spec: 2 template: 3 spec: 4 serviceAccountName: mongodb-enterprise-operator 5 containers: 6 - env: 7 - name: MDB_MAX_CONCURRENT_RECONCILES 8 value: "10"
MONGODB_ENTERPRISE_DATABASE_IMAGE
URL of the MongoDB Enterprise Database image that the Kubernetes Operator deploys.
1 spec: 2 template: 3 spec: 4 serviceAccountName: mongodb-enterprise-operator 5 containers: 6 - name: mongodb-enterprise-operator 7 image: <operatorVersionUrl> 8 imagePullPolicy: <policyChoice> 9 env: 10 - name: MONGODB_ENTERPRISE_DATABASE_IMAGE 11 value: quay.io/mongodb/mongodb-enterprise-database-ubi
OPERATOR_ENV
Label for the Kubernetes Operators deployment environment. This value affects the default timeouts and the logging level and format:
If the value is | Log Level is set to | Log Format is set to |
---|---|---|
| debug | text |
| info | json |
The default value is prod.
OPS_MANAGER_IMAGE_PULL_POLICY
Pull policy for the Ops Manager images the Kubernetes Operator deploys.
The Kubernetes Operator accepts the following values: Always, IfNotPresent, and Never.
The default value is Always.
1 spec: 2 template: 3 spec: 4 serviceAccountName: mongodb-enterprise-operator 5 containers: 6 - name: mongodb-enterprise-operator 7 image: <operatorVersionUrl> 8 imagePullPolicy: <policyChoice> 9 env: 10 - name: OPS_MANAGER_IMAGE_PULL_POLICY 11 value: Always
OPS_MANAGER_IMAGE_REPOSITORY
URL of the repository from which the image for an Ops Manager resource is downloaded.
1 spec: 2 template: 3 spec: 4 serviceAccountName: mongodb-enterprise-operator 5 containers: 6 - name: mongodb-enterprise-operator 7 image: <operatorVersionUrl> 8 imagePullPolicy: <policyChoice> 9 env: 10 - name: OPS_MANAGER_IMAGE_REPOSITORY 11 value: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi
READINESS_PROBE_LOGGER_BACKUPS
The number of rotated readiness.log
backup files maintained by the
Readiness Probe.
The default value is 5.
1 spec: 2 template: 3 spec: 4 serviceAccountName: mongodb-enterprise-operator 5 containers: 6 - name: mongodb-enterprise-operator 7 image: <operatorVersionUrl> 8 imagePullPolicy: <policyChoice> 9 env: 10 - name: READINESS_PROBE_LOGGER_BACKUPS 11 value: 1
READINESS_PROBE_LOGGER_COMPRESS
Controls whether the rotated readiness.log
backup files maintained by the
Readiness Probe are compressed to readiness.log.gz
files.
The default value is false
, which leaves the readiness.log
files uncompressed.
1 spec: 2 template: 3 spec: 4 serviceAccountName: mongodb-enterprise-operator 5 containers: 6 - name: mongodb-enterprise-operator 7 image: <operatorVersionUrl> 8 imagePullPolicy: <policyChoice> 9 env: 10 - name: READINESS_PROBE_LOGGER_COMPRESS 11 value: true
READINESS_PROBE_LOGGER_MAX_SIZE
The maximum size of the readiness.log
file in MB.
The default value is 100.
1 spec: 2 template: 3 spec: 4 serviceAccountName: mongodb-enterprise-operator 5 containers: 6 - name: mongodb-enterprise-operator 7 image: <operatorVersionUrl> 8 imagePullPolicy: <policyChoice> 9 env: 10 - name: READINESS_PROBE_LOGGER_MAX_SIZE 11 value: 125
READINESS_PROBE_LOGGER_MAX_AGE
The maximum number of days to retain rotated readiness.log
files,
starting with the date in the file timestamp. If set to 0, the
Kubernetes Operator doesn't remove readiness.log
files on the basis of
age, instead relying on READINESS_PROBE_LOGGER_BACKUPS
to determine
retention.
The default value is 0.
1 spec: 2 template: 3 spec: 4 serviceAccountName: mongodb-enterprise-operator 5 containers: 6 - name: mongodb-enterprise-operator 7 image: <operatorVersionUrl> 8 imagePullPolicy: <policyChoice> 9 env: 10 - name: READINESS_PROBE_LOGGER_MAX_AGE 11 value: 3
WATCH_NAMESPACE
Namespaces that the Kubernetes Operator watches for MongoDB
resource
changes. If this namespace differs from the default, ensure that
the Kubernetes Operator ServiceAccount can access
this namespace.
To watch all namespaces, specify * and assign the ClusterRole to the
mongodb-enterprise-operator
ServiceAccount that you use to run the Kubernetes Operator.To watch a subset of all namespaces, specify them in a comma-separated list, escape each comma with a backslash, and surround the list in quotes, such as
"operator.watchNamespace=ns1\,ns2"
.
Watching a subset of namespaces is useful in deployments where a single
Kubernetes Operator instance watches a different cluster resource type.
For example, you can configure the Kubernetes Operator to watch MongoDB
resources
in one subset of namespaces, and to watch MongoDBMultiCluster
resources in another
subset of namespaces. To avoid race conditions during resource reconciliation,
for each custom resource type that you want the Kubernetes Operator to watch,
ensure that you set scope to a distinct subset of namespaces.
Important
To deploy Ops Manager and MongoDB
resources to one or more namespaces other
than the one where you deploy the Kubernetes Operator,
see Set Scope for MongoDB Enterprise Kubernetes Operator Deployment for values you must use and
additional steps you might have to perform.
The default value is <metadata.namespace>.