From 2e98e6ccaed4b88984656c690d34c0e2265d6835 Mon Sep 17 00:00:00 2001 From: Mircea Cosbuc Date: Tue, 14 Oct 2025 11:49:46 +0200 Subject: [PATCH] operator mongodb-kubernetes (1.5.0) Signed-off-by: Mircea Cosbuc --- .../1.5.0/bundle.Dockerfile | 22 + ...pdb_rbac.authorization.k8s.io_v1_role.yaml | 20 + ...c.authorization.k8s.io_v1_rolebinding.yaml | 12 + ...db-kubernetes-appdb_v1_serviceaccount.yaml | 5 + ...netes-database-pods_v1_serviceaccount.yaml | 5 + ...ubernetes-operator-service_v1_service.yaml | 14 + ...ernetes-ops-manager_v1_serviceaccount.yaml | 5 + ...godb-kubernetes.clusterserviceversion.yaml | 1455 +++++++++ .../mongodb.com_clustermongodbroles.yaml | 114 + .../1.5.0/manifests/mongodb.com_mongodb.yaml | 2757 +++++++++++++++++ .../mongodb.com_mongodbmulticluster.yaml | 1169 +++++++ .../manifests/mongodb.com_mongodbsearch.yaml | 366 +++ .../manifests/mongodb.com_mongodbusers.yaml | 185 ++ .../manifests/mongodb.com_opsmanagers.yaml | 2049 ++++++++++++ ...ommunity.mongodb.com_mongodbcommunity.yaml | 682 ++++ .../1.5.0/metadata/annotations.yaml | 15 + .../1.5.0/tests/scorecard/config.yaml | 70 + 17 files changed, 8945 insertions(+) create mode 100644 operators/mongodb-kubernetes/1.5.0/bundle.Dockerfile create mode 100644 operators/mongodb-kubernetes/1.5.0/manifests/mongodb-kubernetes-appdb_rbac.authorization.k8s.io_v1_role.yaml create mode 100644 operators/mongodb-kubernetes/1.5.0/manifests/mongodb-kubernetes-appdb_rbac.authorization.k8s.io_v1_rolebinding.yaml create mode 100644 operators/mongodb-kubernetes/1.5.0/manifests/mongodb-kubernetes-appdb_v1_serviceaccount.yaml create mode 100644 operators/mongodb-kubernetes/1.5.0/manifests/mongodb-kubernetes-database-pods_v1_serviceaccount.yaml create mode 100644 operators/mongodb-kubernetes/1.5.0/manifests/mongodb-kubernetes-operator-service_v1_service.yaml create mode 100644 operators/mongodb-kubernetes/1.5.0/manifests/mongodb-kubernetes-ops-manager_v1_serviceaccount.yaml create mode 100644 operators/mongodb-kubernetes/1.5.0/manifests/mongodb-kubernetes.clusterserviceversion.yaml create mode 100644 operators/mongodb-kubernetes/1.5.0/manifests/mongodb.com_clustermongodbroles.yaml create mode 100644 operators/mongodb-kubernetes/1.5.0/manifests/mongodb.com_mongodb.yaml create mode 100644 operators/mongodb-kubernetes/1.5.0/manifests/mongodb.com_mongodbmulticluster.yaml create mode 100644 operators/mongodb-kubernetes/1.5.0/manifests/mongodb.com_mongodbsearch.yaml create mode 100644 operators/mongodb-kubernetes/1.5.0/manifests/mongodb.com_mongodbusers.yaml create mode 100644 operators/mongodb-kubernetes/1.5.0/manifests/mongodb.com_opsmanagers.yaml create mode 100644 operators/mongodb-kubernetes/1.5.0/manifests/mongodbcommunity.mongodb.com_mongodbcommunity.yaml create mode 100644 operators/mongodb-kubernetes/1.5.0/metadata/annotations.yaml create mode 100644 operators/mongodb-kubernetes/1.5.0/tests/scorecard/config.yaml diff --git a/operators/mongodb-kubernetes/1.5.0/bundle.Dockerfile b/operators/mongodb-kubernetes/1.5.0/bundle.Dockerfile new file mode 100644 index 000000000000..d524e697e3d9 --- /dev/null +++ b/operators/mongodb-kubernetes/1.5.0/bundle.Dockerfile @@ -0,0 +1,22 @@ +FROM scratch + +# Core bundle labels. +LABEL operators.operatorframework.io.bundle.mediatype.v1=registry+v1 +LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/ +LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/ +LABEL operators.operatorframework.io.bundle.package.v1=mongodb-kubernetes +LABEL operators.operatorframework.io.bundle.channels.v1=stable +LABEL operators.operatorframework.io.bundle.channel.default.v1=stable +LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.26.1 +LABEL operators.operatorframework.io.metrics.mediatype.v1=metrics+v1 +LABEL operators.operatorframework.io.metrics.project_layout=go.kubebuilder.io/v3 + +# Labels for testing. +LABEL operators.operatorframework.io.test.mediatype.v1=scorecard+v1 +LABEL operators.operatorframework.io.test.config.v1=tests/scorecard/ + +# Copy files to locations specified by labels. +COPY ./bundle/1.5.0//manifests /manifests/ +COPY ./bundle/1.5.0//metadata /metadata/ +COPY ./bundle/1.5.0//tests/scorecard /tests/scorecard/ +LABEL com.redhat.openshift.versions="v4.6" diff --git a/operators/mongodb-kubernetes/1.5.0/manifests/mongodb-kubernetes-appdb_rbac.authorization.k8s.io_v1_role.yaml b/operators/mongodb-kubernetes/1.5.0/manifests/mongodb-kubernetes-appdb_rbac.authorization.k8s.io_v1_role.yaml new file mode 100644 index 000000000000..d24f83e5b050 --- /dev/null +++ b/operators/mongodb-kubernetes/1.5.0/manifests/mongodb-kubernetes-appdb_rbac.authorization.k8s.io_v1_role.yaml @@ -0,0 +1,20 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + creationTimestamp: null + name: mongodb-kubernetes-appdb +rules: +- apiGroups: + - "" + resources: + - secrets + verbs: + - get +- apiGroups: + - "" + resources: + - pods + verbs: + - patch + - delete + - get diff --git a/operators/mongodb-kubernetes/1.5.0/manifests/mongodb-kubernetes-appdb_rbac.authorization.k8s.io_v1_rolebinding.yaml b/operators/mongodb-kubernetes/1.5.0/manifests/mongodb-kubernetes-appdb_rbac.authorization.k8s.io_v1_rolebinding.yaml new file mode 100644 index 000000000000..6b58bb086ab0 --- /dev/null +++ b/operators/mongodb-kubernetes/1.5.0/manifests/mongodb-kubernetes-appdb_rbac.authorization.k8s.io_v1_rolebinding.yaml @@ -0,0 +1,12 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + creationTimestamp: null + name: mongodb-kubernetes-appdb +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: mongodb-kubernetes-appdb +subjects: +- kind: ServiceAccount + name: mongodb-kubernetes-appdb diff --git a/operators/mongodb-kubernetes/1.5.0/manifests/mongodb-kubernetes-appdb_v1_serviceaccount.yaml b/operators/mongodb-kubernetes/1.5.0/manifests/mongodb-kubernetes-appdb_v1_serviceaccount.yaml new file mode 100644 index 000000000000..253105a4d65c --- /dev/null +++ b/operators/mongodb-kubernetes/1.5.0/manifests/mongodb-kubernetes-appdb_v1_serviceaccount.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + creationTimestamp: null + name: mongodb-kubernetes-appdb diff --git a/operators/mongodb-kubernetes/1.5.0/manifests/mongodb-kubernetes-database-pods_v1_serviceaccount.yaml b/operators/mongodb-kubernetes/1.5.0/manifests/mongodb-kubernetes-database-pods_v1_serviceaccount.yaml new file mode 100644 index 000000000000..22e290ca9cf5 --- /dev/null +++ b/operators/mongodb-kubernetes/1.5.0/manifests/mongodb-kubernetes-database-pods_v1_serviceaccount.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + creationTimestamp: null + name: mongodb-kubernetes-database-pods diff --git a/operators/mongodb-kubernetes/1.5.0/manifests/mongodb-kubernetes-operator-service_v1_service.yaml b/operators/mongodb-kubernetes/1.5.0/manifests/mongodb-kubernetes-operator-service_v1_service.yaml new file mode 100644 index 000000000000..49b8df6d9db8 --- /dev/null +++ b/operators/mongodb-kubernetes/1.5.0/manifests/mongodb-kubernetes-operator-service_v1_service.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + name: mongodb-kubernetes-operator-service +spec: + ports: + - name: webhook-port + port: 443 + targetPort: 1993 + selector: + app.kubernetes.io/name: mongodb-kubernetes-operator +status: + loadBalancer: {} diff --git a/operators/mongodb-kubernetes/1.5.0/manifests/mongodb-kubernetes-ops-manager_v1_serviceaccount.yaml b/operators/mongodb-kubernetes/1.5.0/manifests/mongodb-kubernetes-ops-manager_v1_serviceaccount.yaml new file mode 100644 index 000000000000..626b061eec1c --- /dev/null +++ b/operators/mongodb-kubernetes/1.5.0/manifests/mongodb-kubernetes-ops-manager_v1_serviceaccount.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + creationTimestamp: null + name: mongodb-kubernetes-ops-manager diff --git a/operators/mongodb-kubernetes/1.5.0/manifests/mongodb-kubernetes.clusterserviceversion.yaml b/operators/mongodb-kubernetes/1.5.0/manifests/mongodb-kubernetes.clusterserviceversion.yaml new file mode 100644 index 000000000000..9ac10bbe6130 --- /dev/null +++ b/operators/mongodb-kubernetes/1.5.0/manifests/mongodb-kubernetes.clusterserviceversion.yaml @@ -0,0 +1,1455 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + annotations: + alm-examples: |- + [ + { + "apiVersion": "mongodb.com/v1", + "kind": "ClusterMongoDBRole", + "metadata": { + "labels": { + "app.kubernetes.io/managed-by": "kustomize", + "app.kubernetes.io/name": "mongodb-enterprise" + }, + "name": "clustermongodbrole-sample" + }, + "spec": { + "db": "admin", + "role": "rootMonitor", + "roles": [ + { + "db": "admin", + "role": "root" + }, + { + "db": "admin", + "role": "clusterMonitor" + } + ] + } + }, + { + "apiVersion": "mongodb.com/v1", + "kind": "MongoDB", + "metadata": { + "name": "my-replica-set" + }, + "spec": { + "credentials": "my-credentials", + "members": 3, + "opsManager": { + "configMapRef": { + "name": "my-project" + } + }, + "persistent": true, + "type": "ReplicaSet", + "version": "4.4.0-ent" + } + }, + { + "apiVersion": "mongodb.com/v1", + "kind": "MongoDB", + "metadata": { + "name": "sample-sharded-cluster" + }, + "spec": { + "configServerCount": 3, + "credentials": "my-credentials", + "mongodsPerShardCount": 3, + "mongosCount": 2, + "opsManager": { + "configMapRef": { + "name": "my-project" + } + }, + "persistent": true, + "shardCount": 1, + "type": "ShardedCluster", + "version": "4.4.0-ent" + } + }, + { + "apiVersion": "mongodb.com/v1", + "kind": "MongoDBMultiCluster", + "metadata": { + "name": "multi-replica-set" + }, + "spec": { + "clusterSpecList": [ + { + "clusterName": "e2e.cluster1.mongokubernetes.com", + "members": 2 + }, + { + "clusterName": "e2e.cluster2.mongokubernetes.com", + "members": 1 + }, + { + "clusterName": "e2e.cluster3.mongokubernetes.com", + "members": 2 + } + ], + "credentials": "my-credentials", + "duplicateServiceObjects": false, + "opsManager": { + "configMapRef": { + "name": "my-project" + } + }, + "persistent": true, + "type": "ReplicaSet", + "version": "4.4.0-ent" + } + }, + { + "apiVersion": "mongodb.com/v1", + "kind": "MongoDBOpsManager", + "metadata": { + "name": "ops-manager" + }, + "spec": { + "adminCredentials": "ops-manager-admin", + "applicationDatabase": { + "members": 3, + "podSpec": { + "cpu": 1 + } + }, + "configuration": { + "mms.fromEmailAddr": "admin@thecompany.com" + }, + "externalConnectivity": { + "type": "LoadBalancer" + }, + "version": "6.0.3" + } + }, + { + "apiVersion": "mongodb.com/v1", + "kind": "MongoDBUser", + "metadata": { + "name": "my-replica-set-x509-user" + }, + "spec": { + "db": "$external", + "mongodbResourceRef": { + "name": "my-replica-set" + }, + "roles": [ + { + "db": "admin", + "name": "dbOwner" + } + ], + "username": "CN=my-replica-set-x509-user,OU=cloud,O=MongoDB,L=New York,ST=New York,C=US" + }, + "status": { + "phase": "Updated" + } + } + ] + capabilities: Deep Insights + categories: Database + certified: "true" + containerImage: quay.io/mongodb/mongodb-kubernetes@sha256:e1113d025f9a4d7cd7d577bdbda0da886f1bb033603c6b907f62028b57223c27 + createdAt: "2025-10-13T12:28:25Z" + description: The MongoDB Controllers for Kubernetes enable easy deploys of MongoDB into Kubernetes clusters, using our management, monitoring and backup platforms, Ops Manager and Cloud Manager. + features.operators.openshift.io/disconnected: "true" + features.operators.openshift.io/fips-compliant: "false" + features.operators.openshift.io/proxy-aware: "false" + features.operators.openshift.io/tls-profiles: "false" + features.operators.openshift.io/token-auth-aws: "false" + features.operators.openshift.io/token-auth-azure: "false" + features.operators.openshift.io/token-auth-gcp: "false" + operators.operatorframework.io/builder: operator-sdk-v1.26.1 + operators.operatorframework.io/project_layout: go.kubebuilder.io/v3 + repository: https://github.com/mongodb/mongodb-kubernetes + support: support@mongodb.com + labels: + operatorframework.io/arch.amd64: supported + operatorframework.io/arch.arm64: supported + operatorframework.io/arch.ppc64le: supported + operatorframework.io/arch.s390x: supported + operatorframework.io/os.linux: supported + name: mongodb-kubernetes.v1.5.0 + namespace: placeholder +spec: + apiservicedefinitions: {} + customresourcedefinitions: + owned: + - kind: ClusterMongoDBRole + name: clustermongodbroles.mongodb.com + version: v1 + - description: MongoDB Deployment + displayName: MongoDB Deployment + kind: MongoDB + name: mongodb.mongodb.com + resources: + - kind: StatefulSet + name: StatefulSet holding the Pod with MongoDB + version: apps/v1 + - kind: Service + name: "" + version: v1 + specDescriptors: + - displayName: MongoDB Deployment Type + path: type + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:select:Standalone + - urn:alm:descriptor:com.tectonic.ui:select:ReplicaSet + - urn:alm:descriptor:com.tectonic.ui:select:ShardedCluster + - urn:alm:descriptor:com.tectonic.ui:fieldGroup:ClusterConfiguration + - description: Version of MongoDB to use. + displayName: MongoDB Version + path: version + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - urn:alm:descriptor:com.tectonic.ui:fieldGroup:ClusterConfiguration + - description: In a Replica Set deployment type, specifies the amount of members. + displayName: Members of a Replica Set + path: members + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:podCount + - urn:alm:descriptor:com.tectonic.ui:fieldGroup:ClusterConfiguration + - displayName: Cloud/Ops Manager credentials + path: credentials + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:fieldGroup:OpsManagerConfig + - urn:alm:descriptor:io.kubernetes:Secret + - description: Project configuration for this deployment + displayName: Ops Manager project configuration + path: opsManager + - description: Name of the ConfigMap with the configuration for this project + displayName: Ops Manager Project Configuration + path: opsManager.configMapRef.name + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:fieldGroup:OpsManagerConfig + - urn:alm:descriptor:io.kubernetes:ConfigMap + - description: Enable Persistent Storage with Volume Claims + displayName: Persistent Storage + path: persistent + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - urn:alm:descriptor:com.tectonic.ui:fieldGroup:ClusterConfiguration + - description: Optional. Name of a Kubernetes Cluster Domain. + displayName: Name of Kubernetes Cluster Domain + path: clusterDomain + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - displayName: Enable TLS + path: security.tls.enabled + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:fieldGroup:security + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - displayName: Custom CA Config Map + path: security.tls.ca + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:fieldGroup:security + - urn:alm:descriptor:io.kubernetes:ConfigMap + - displayName: Enable authentication + path: security.authentication.enabled + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:fieldGroup:Authentication + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - displayName: Authentication Mode + path: security.authentication.modes + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:fieldGroup:Authentication + - urn:alm:descriptor:com.tectonic.ui:select:X509 + - urn:alm:descriptor:com.tectonic.ui:select:SCRAM + - urn:alm:descriptor:com.tectonic.ui:select:LDAP + - displayName: Authentication Mode used for Inter cluster communication + path: security.authentication.internalCluster + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:fieldGroup:Authentication + - urn:alm:descriptor:com.tectonic.ui:select:X509 + - urn:alm:descriptor:com.tectonic.ui:select:SCRAM + - urn:alm:descriptor:com.tectonic.ui:select:LDAP + - description: Number of Config Servers in Replica + displayName: Number of Config Servers + path: configServerCount + - description: Number of Shards in a Sharded Cluster + displayName: Number of Shards + path: shardCount + - description: Number of MongoDB Servers per Shard + displayName: Number of MongoDB Servers + path: mongodsPerShardCount + - description: Number of Mongo routers, in total, for the whole cluster + displayName: Number of Mongos + path: mongosCount + statusDescriptors: + - description: | + Phase the MongoDB Deployment is currently on. It can be any of Running, Pending, Failed. + displayName: Phase + path: phase + - description: | + Type describes the deployment type this MongoDB resource. Posible values + are Standalone, ReplicaSet or ShardedCluster. + displayName: Type + path: type + - description: | + Timestamp of last transition + displayName: Last Transition + path: lastTransition + - description: | + Current version of MongoDB + displayName: MongoDB Version + path: version + version: v1 + - kind: MongoDBCommunity + name: mongodbcommunity.mongodbcommunity.mongodb.com + version: v1 + - description: MongoDB Multi Deployment + displayName: MongoDB Multi Deployment + kind: MongoDBMultiCluster + name: mongodbmulticluster.mongodb.com + resources: + - kind: StatefulSet + name: StatefulSet holding the Pod with MongoDB + version: apps/v1 + - kind: Service + name: "" + version: v1 + specDescriptors: + - displayName: MongoDB Deployment Type + path: type + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:select:ReplicaSet + - description: Version of MongoDB to use. + displayName: MongoDB Version + path: version + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - urn:alm:descriptor:com.tectonic.ui:fieldGroup:ClusterConfiguration + - description: In a Replica Set deployment type, specifies the amount of members. + displayName: Members of a Replica Set + path: members + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:podCount + - urn:alm:descriptor:com.tectonic.ui:fieldGroup:ClusterConfiguration + - displayName: Cloud/Ops Manager credentials + path: credentials + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:fieldGroup:OpsManagerConfig + - urn:alm:descriptor:io.kubernetes:Secret + - description: Project configuration for this deployment + displayName: Ops Manager project configuration + path: opsManager + - description: Name of the ConfigMap with the configuration for this project + displayName: Ops Manager Project Configuration + path: opsManager.configMapRef.name + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:fieldGroup:OpsManagerConfig + - urn:alm:descriptor:io.kubernetes:ConfigMap + - description: Enable Persistent Storage with Volume Claims + displayName: Persistent Storage + path: persistent + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - urn:alm:descriptor:com.tectonic.ui:fieldGroup:ClusterConfiguration + - description: Optional. Specify whether to duplicate service objects among different Kubernetes clusters. + displayName: Duplicate Service Objects + path: duplicateServiceObjects + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - urn:alm:descriptor:com.tectonic.ui:fieldGroup:ClusterConfiguration + - description: Optional. Name of a Kubernetes Cluster Domain. + displayName: Name of Kubernetes Cluster Domain + path: clusterDomain + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - displayName: Enable TLS + path: security.tls.enabled + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:fieldGroup:security + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - displayName: Custom CA Config Map + path: security.tls.ca + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:fieldGroup:security + - urn:alm:descriptor:io.kubernetes:ConfigMap + - displayName: Enable authentication + path: security.authentication.enabled + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:fieldGroup:Authentication + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - displayName: Authentication Mode + path: security.authentication.modes + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:fieldGroup:Authentication + - urn:alm:descriptor:com.tectonic.ui:select:SCRAM + - description: Spec for each cluster that comprises MongoDB Replicaset + displayName: Cluster SpecList + path: clusterSpecList + statusDescriptors: + - description: | + Phase the MongoDB Deployment is currently on. It can be any of Running, Pending, Failed. + displayName: Phase + path: phase + version: v1 + - kind: MongoDBSearch + name: mongodbsearch.mongodb.com + version: v1 + - description: MongoDB x509 User + displayName: MongoDB User + kind: MongoDBUser + name: mongodbusers.mongodb.com + resources: + - kind: Secret + name: "" + version: v1 + specDescriptors: + - displayName: Name of the database user. + path: username + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - displayName: Name of the database that stores usernames. + path: db + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - displayName: Secret Name that user stores the user’s password. + path: passwordSecretKeyRef.name + x-descriptors: + - urn:alm:descriptor:io.kubernetes:Secret + - displayName: Name of the MongoDB resource to which this user is associated. + path: mongodbResourceRef.name + x-descriptors: + - urn:alm:descriptor:io.kubernetes:mongodb + - displayName: Database on which the role can act. + path: roles.db + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - urn:alm:descriptor:com.tectonic.ui:arrayFieldGroup:Roles + - displayName: Name of the role to grant the database user. + path: roles.name + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - urn:alm:descriptor:com.tectonic.ui:arrayFieldGroup:Roles + - description: MongoDB resource this user belongs to + displayName: MongoDB resource + path: mongodbResourceRef + - description: Roles this user will have + displayName: MongoDB roles + path: roles + statusDescriptors: + - description: | + The current state of the MongoDB User + displayName: State + path: phase + version: v1 + - description: MongoDB Ops Manager + displayName: MongoDB Ops Manager + kind: MongoDBOpsManager + name: opsmanagers.mongodb.com + resources: + - kind: StatefulSet + name: "" + version: apps/v1 + - kind: Service + name: "" + version: v1 + - kind: ConfigMap + name: "" + version: v1 + specDescriptors: + - displayName: The version of Ops Manager to deploy. + path: version + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:number + - urn:alm:descriptor:com.tectonic.ui:fieldGroup:OpsManagerConfiguration + - displayName: Number of Ops Manager instances. + path: replicas + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:number + - urn:alm:descriptor:com.tectonic.ui:fieldGroup:OpsManagerConfiguration + - displayName: Secret containing admin user credentials. + path: adminCredentials + x-descriptors: + - urn:alm:descriptor:io.kubernetes:Secret + - urn:alm:descriptor:com.tectonic.ui:fieldGroup:OpsManagerConfiguration + - displayName: Secret to enable TLS for Ops Manager allowing it to serve traffic over HTTPS. + path: security.tls.secretRef.name + x-descriptors: + - urn:alm:descriptor:io.kubernetes:Secret + - urn:alm:descriptor:com.tectonic.ui:fieldGroup:OpsManagerConfiguration + - displayName: Number of ReplicaSet nodes for Application Database. + path: applicationDatabase.members + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:number + - urn:alm:descriptor:com.tectonic.ui:fieldGroup:ApplicationDatabase + - displayName: Secret containing the TLS certificate signed by known or custom CA. + path: applicationDatabase.security.tls.secretRef.name + x-descriptors: + - urn:alm:descriptor:io.kubernetes:Secret + - urn:alm:descriptor:com.tectonic.ui:fieldGroup:ApplicationDatabase + - displayName: ConfigMap with CA for Custom TLS Certificate + path: applicationDatabase.security.tls.ca + x-descriptors: + - urn:alm:descriptor:io.kubernetes:ConfigMap + - urn:alm:descriptor:com.tectonic.ui:fieldGroup:ApplicationDatabase + - displayName: Enable Backup Infrastructure + path: backup.enabled + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - urn:alm:descriptor:com.tectonic.ui:fieldGroup:BackupInfrastructure + - description: Application Database configuration + displayName: Application Database + path: applicationDatabase + - description: configuration + displayName: configuration + path: configuration + - description: Configures external connectivity + displayName: External Connectivity + path: externalConnectivity + statusDescriptors: + - description: | + The current state of the MongoDBOpsManager. + displayName: Phase + path: opsManager.phase + - description: Type of deployment + displayName: Type + path: type + version: v1 + description: | + MongoDB Controllers for Kubernetes (MCK) is an open-source project. It represents a merge of the previous + MongoDB Community Operator (MCO) and MongoDB Enterprise Kubernetes Operator (MEKO). + + This release brings MongoDB Community and Enterprise editions together under a single, unified operator, + making it easier to manage, scale, and upgrade your deployments. While the first version simply brings + the capabilities of both into a single Operator, future changes will build on this to more closely align + how Community and Enterprise are managed in Kubernetes, to offer an even more seamless and streamlined experience. + As an open-source project, it now allows for community contributions, helping drive quicker bug fixes and ongoing innovation. + The MongoDB Controllers for Kubernetes enable easy deploys of MongoDB + into Kubernetes clusters, using our management, monitoring and backup + platforms, Ops Manager and Cloud Manager. + + ## Before You Start + + To start using the operator you''ll need an account in MongoDB Cloud Manager or + a MongoDB Ops Manager deployment. + + * [Create a Secret with your OpsManager API key](https://docs.mongodb.com/kubernetes-operator/stable/tutorial/create-operator-credentials/#procedure) + + * [Create a ConfigMap with your OpsManager project ID and URL](https://docs.mongodb.com/kubernetes-operator/stable/tutorial/create-project-using-configmap/) + + By installing this integration, you will be able to deploy MongoDB instances + with a single simple command. + + ## Required Parameters + + * `opsManager` or `cloudManager` - Enter the name of the ConfigMap containing project information + * `credentials` - Enter the name of the Secret containing your OpsManager credentials + * `type` - Enter MongoDB Deployment Types ("Standalone", "ReplicaSet", "ShardedCluster" + + ## Supported MongoDB Deployment Types ## + + * Standalone: An instance of mongod that is running as a single server and + not as part of a replica set, this is, it does not do any kind of + replication. + + * Replica Set: A replica set in MongoDB is a group of mongod processes that + maintain the same data set. Replica sets provide redundancy and high + availability, and are the basis for all production deployments. This section + introduces replication in MongoDB as well as the components and architecture + of replica sets. The section also provides tutorials for common tasks + related to replica sets. + + * Sharded Cluster: The set of nodes comprising a sharded MongoDB deployment. + A sharded cluster consists of config servers, shards, and one or more mongos + routing processes. Sharding is a A database architecture that partitions + data by key ranges and distributes the data among two or more database + instances. Sharding enables horizontal scaling. + + ## Requirements for deploying MongoDB OpsManager + + * In order to deploy resources of type MongoDB OpsManager, you will need to + create a secret containing the [credentials](https://docs.mongodb.com/kubernetes-operator/stable/tutorial/plan-om-resource/#om-rsrc-prereqs) + for the Global Owner user + + ## Security ## + + The operator can enable TLS for all traffic between servers and also between + clients and servers. Before enabling `security.tls.enabled` to `true` you + should create your certificates. or you can leave the operator to create all + the certificates for you. The operator ability to create certs is been + deprecated due to Kubernetes API changes. + + For more information, please read the official MongoDB + Kubernetes Operator [docs](https://docs.mongodb.com/kubernetes-operator/stable/). + displayName: MongoDB Controllers for Kubernetes + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAEAAAABACAYAAACqaXHeAAAJEXpUWHRSYXcgcHJvZmlsZSB0eXBlIGV4aWYAAHjarVhtdiMpDPzPKfYIDUIIHYfP9/YGe/wtQXcnsZ1JMjP2xLQBg1CVSmLc+O/f6f7BiwIFF1ly0pQOvKJGDQUP+divsj79EdfnesVzCN8/9Lt7IKCL0NL+mtM5/+r39wK7KXjidwvldg7UjwN67hDyw0LnRmQWBTz0cyE9F6KwB/y5QNnHOpJmeX+EOnbbr5Pk/efsI7VjHcSfo4/fo8B7nbEPhTDI04HPQHEbQPbnHRUbwCe+YKKnjOe4ejxdlsAhr/x0vLPKPaJyP/lP+h9AobT7HTo+OjPd7ct+z6+d75aL3+1M7d75Qz/3oz4e5/qbs2c359inKzHBpek81HWU9YSJWCTS+lnCW/DHeJb1VryzA3sbIO9Hw44Vz+oDvD999N0XP/1YbfMNJsYwgqANoQEb68skQUOjwxk29vYzCCl1oBaoAV5Cb7ht8WtfXds1n7Fx95gZPBbzK9bs42+8P11oTqO890e+fQW7ggUFzDDk7BOzAIifF494Ofh6P74MVwKCvNycccBy1L1EZX9yy3hEC2jCREa7Y81LPxeAi7A3wxhPQOBIntgnf0gI4j38mIFPwUIZQRMqIPDMocPKEIkSwMnB9sZvxK+5gcPuhmYBCKZEAmiUCrCKEDbwR2IGhwoTR2ZOLJxZuSRKMXFKSZKJXxGSKCxJRLKolEw5Zs4pS84uay4alCCOrElFs6qWgk0LVi74dcGEUmqoVGPlmqrUXLWWBvq02LilJi27pq300KlDJ3rq0nPXXoYfoNKIg0caMvLQUSaoNmnGyTNNmXnqLDdq3m1Yn97fR81fqIWFlE2UGzX8VORawpucsGEGxEL0QFwMARA6GGZH9jEGZ9AZZocGRAUHWMkGTveGGBCMwwee/sbuDbkPuLkY/wi3cCHnDLq/gZwz6D5B7hm3F6h1yzbtILcQsjA0px6E8MOEkUvIxZLat1t3d9QCRxsxap9zbTJnSpC9Ujts4Njb6FI9zspJeXbVkeaYtbVJSEezUW6JaKAvwg/D5hQZLDanrtM00jbEY0rHKkDDT6qjjyI1Tvi0x0mumC00PWvDJgQFlzlr6JBLDpCAfhT8JmmB17ocZZ0GOWg/HHfrHjt+t10LAbGArAzLYWMFIjiYSgUyBMqQThxLoUockGq0iRauh56ughvMVW77wZ9+oOWHXtjDEyFKmyAyYgHI19rzRglrZxYvpcA/8Ec1h7rT63Q63Tw690qqSBQJdCs5llETtVGW9VzNejNAzPo0VWt1MD+hwMgT1lTWuj1MBWGlfqQ8kPXMvgMxs56QdF+17rOBX7WS9IlLzsj0nkswang2SsLdcyIt4xRwm+8UBaGTU0gRkaOh10kbtJLBoye6g78sscDpBA9P6YMn4ngidXfgQR1AIWLLjFyG1Mbw/UzR2d7Z2yfcx6EhKA+P6DfFAW1nywjatUeUGk5/Hc+t+2zgkxYhUnAuglk6BGE0m4lCmm4eaSwCwWjITao1orWjGS3EjpZENeNoxg6Qc0pZEYQv5m4m+E+rg/b47bE2dXwVCQDlNY2me6QRBA1iGCEhRbBjNe8F0L/N03a/bc8FWAUaKJ7FAsVBF7mPWO/Ahnz+XNZCdu86wOgwYwXw4fSOAb+8M1bowkooSoXgmAKCKaaBSwER/RBBCHJR5F0klsyWSyrl2vVkchv+ay0Z5IgTNARSNpvOJbKgdkog+dGr8b23CUVLwm3MXGAv9zf5i0grEqY2dchhniumDwkX78a3afXWuruDC3R9mMCg2ZH4pFQxsNVXIAEKVghKRpe2vqIfodLqTwXAD0EOsNTbjSm4FrCboDvIQtJa77P5ihzfpOrk0jpKqQEZ7DHj30T4X6IfnjjiviTJynfQ74d8NyRZ9rkzoXsbghrGJoIikuGb1hDza7FCQ/LrfeLpbnpOR3Asbg+2S4ERh9mALLv3h+dZXowU1hkdQYwG7ohDpp6qnEf9eXpzI9cWdmgiBua6CmmpVo28HNFiAtLnGDi/IqehYLLd3Urk7acMROiNULaywxE4lTNlYaszIj8MXSMIAxMLMiO81TxpLxc+CIX7plJ8UvScIGDEPQ49k2B8RYKHQut9i9BqjOQWhtomW3G6pguDF2NuDWpCnjZpyP5zL/y6dd8IhbzrPyQdZJhmjcKstRWoSBtK9xFbVKVqmeuN+i+Z/1TdVUuQfAgywAEVaqBb5jGvGCf+AbMfNsTNwZtkGeOslliVhF3371oCOWdAc1jWzoXOnfdCFO6VqDKjipiVCMkYgm2VSwIM1S8Fr33UuDLJhwg2GbEQRgIFRCgbAvlCuOD03tu7Qu8SSNxJSi3FYFjpE76mhtw+vUM+N0WU2lNeBwpqB4ofqpRdBsYiKONYcc3BfWosqbYCLxy8q5HfqNnu2s3qCbWCytHwsH1WvnPmihPU+zgkNxTMioQiqPKROhd1/PDXWS0Fn7nOvWNDLB3FmJYHN24vKtdqBTMuc/gFLogWAJRONyL636yEhYjY7Uv7T7q5vYnIXaXI4a12X+6Ezxni0lHxJpgdU+jNVbkDq+bfqkNeRT8KUJzPWBRn64tFuCcNAotWugWLirEIpXvd1MX+DaXc8K6Q/U9WkwT7ruqDnuh2+ukAQWQJ6SNBGIVWhI7g1qpdEMsDPMINBJBdGLWMKxhmwIhVoOPeYSGyrx28rx0dlxoL9WTGIj1ZjYIyEXV5UsKN/SqRUBi27+vRd9sa5fQjoqPf0ejoDEdZ4UjI0kdWVC3mRZArW4GP0hO6hmi+a2a6auawa2bU2YKyMMAD+2qGKrJ4lNuofE7Zhg1LnMnSI1IGDg0esfENVp1sQ7J0F91M8I1uCJakKNxHE/C0FNw+Ajg3QhWWmrsdcIR5ak2cp9aIA03kpImJTclWlaYGPtVWWk0HfmBnOq84dF1xglVxGWdK2GuVx4o8mvyRO7pD+0Up9evW/TleGy73BV77WqdpX0Is8iEsdgnx+yZeJ0hmIupmwlUcl5BT7SKus9BBm/ft6+xqXfwzibyq3OxgyhFHqt/IHuuMUMrBHLhVjyI/7AoDgDkkjh8GiTETsfU/ZHuEtrDMfYEAAAGFaUNDUElDQyBwcm9maWxlAAB4nH2RPUjDQBzFX1O1UioiVhBxyFB1sSAq4qhVKEKFUCu06mBy6YfQpCFJcXEUXAsOfixWHVycdXVwFQTBDxA3NydFFynxf2mhRYwHx/14d+9x9w4QqkWmWW1jgKbbZjIeE9OZFTHwiiD60IMRdMjMMmYlKQHP8XUPH1/vojzL+9yfo0vNWgzwicQzzDBt4nXiqU3b4LxPHGYFWSU+Jx416YLEj1xX6vzGOe+ywDPDZio5RxwmFvMtrLQwK5ga8SRxRNV0yhfSdVY5b3HWimXWuCd/YSirLy9xneYg4ljAIiSIUFDGBoqwEaVVJ8VCkvZjHv4B1y+RSyHXBhg55lGCBtn1g//B726t3MR4PSkUA9pfHOdjCAjsArWK43wfO07tBPA/A1d601+qAtOfpFeaWuQI6N4GLq6bmrIHXO4A/U+GbMqu5Kcp5HLA+xl9UwbovQWCq/XeGvs4fQBS1FXiBjg4BIbzlL3m8e7O1t7+PdPo7wdVb3KbaWTEXAAADRxpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADw/eHBhY2tldCBiZWdpbj0i77u/IiBpZD0iVzVNME1wQ2VoaUh6cmVTek5UY3prYzlkIj8+Cjx4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IlhNUCBDb3JlIDQuNC4wLUV4aXYyIj4KIDxyZGY6UkRGIHhtbG5zOnJkZj0iaHR0cDovL3d3dy53My5vcmcvMTk5OS8wMi8yMi1yZGYtc3ludGF4LW5zIyI+CiAgPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIKICAgIHhtbG5zOnhtcE1NPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvbW0vIgogICAgeG1sbnM6c3RFdnQ9Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC9zVHlwZS9SZXNvdXJjZUV2ZW50IyIKICAgIHhtbG5zOmRjPSJodHRwOi8vcHVybC5vcmcvZGMvZWxlbWVudHMvMS4xLyIKICAgIHhtbG5zOkdJTVA9Imh0dHA6Ly93d3cuZ2ltcC5vcmcveG1wLyIKICAgIHhtbG5zOnRpZmY9Imh0dHA6Ly9ucy5hZG9iZS5jb20vdGlmZi8xLjAvIgogICAgeG1sbnM6eG1wPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvIgogICB4bXBNTTpEb2N1bWVudElEPSJnaW1wOmRvY2lkOmdpbXA6ZDk1YjhmMjctMWM0NS00YjU1LWEwZTMtNmNmMjM0Yzk1ZWVkIgogICB4bXBNTTpJbnN0YW5jZUlEPSJ4bXAuaWlkOmVhMGY5MTI5LWJlMDItNDVjOS1iNGU4LTU3N2MxZTBiZGJhNyIKICAgeG1wTU06T3JpZ2luYWxEb2N1bWVudElEPSJ4bXAuZGlkOjcyNmY4ZGFlLTM4ZTYtNGQ4Ni1hNTI4LWM0NTc4ZGE4ODA0NSIKICAgZGM6Rm9ybWF0PSJpbWFnZS9wbmciCiAgIEdJTVA6QVBJPSIyLjAiCiAgIEdJTVA6UGxhdGZvcm09Ik1hYyBPUyIKICAgR0lNUDpUaW1lU3RhbXA9IjE2MzQ4MzgwMTYyMTQ2MTMiCiAgIEdJTVA6VmVyc2lvbj0iMi4xMC4yNCIKICAgdGlmZjpPcmllbnRhdGlvbj0iMSIKICAgeG1wOkNyZWF0b3JUb29sPSJHSU1QIDIuMTAiPgogICA8eG1wTU06SGlzdG9yeT4KICAgIDxyZGY6U2VxPgogICAgIDxyZGY6bGkKICAgICAgc3RFdnQ6YWN0aW9uPSJzYXZlZCIKICAgICAgc3RFdnQ6Y2hhbmdlZD0iLyIKICAgICAgc3RFdnQ6aW5zdGFuY2VJRD0ieG1wLmlpZDo1YWNhZmVhMC0xZmY5LTRiMmUtYmY0NC02NTM3MzYwMGQzNjEiCiAgICAgIHN0RXZ0OnNvZnR3YXJlQWdlbnQ9IkdpbXAgMi4xMCAoTWFjIE9TKSIKICAgICAgc3RFdnQ6d2hlbj0iMjAyMS0xMC0yMVQxODo0MDoxNiswMTowMCIvPgogICAgPC9yZGY6U2VxPgogICA8L3htcE1NOkhpc3Rvcnk+CiAgPC9yZGY6RGVzY3JpcHRpb24+CiA8L3JkZjpSREY+CjwveDp4bXBtZXRhPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgCjw/eHBhY2tldCBlbmQ9InciPz6528V0AAAABmJLR0QA/wD/AP+gvaeTAAAACXBIWXMAABYlAAAWJQFJUiTwAAAAB3RJTUUH5QoVESgQ+iToFAAAA8xJREFUeNrlW01PU0EUPTPV+oqb4h+wENYKXbmzsjLEKPAHwB1xQ6N7adiboBtrSAT5AaQmBpuYSN25MS17k5Zf0MemFGznungttCkf782bmTels2w6mbnnnnPv3DvzYrBhrMytIT01gz9/f5temkVv/NMUwKsg1MFEGvlizeTy3ALj9zuuGAf4T2QzydEBACwHINXzwwSOE29N7iAWqe7BsoOYsEdITx2ZigcsIupnzqh/8SC0/6Wx+aNy8yTg6X7rWsfEbu96/71JAGQzyY7n/Rg2AcZ3dQdFswA0Exs+je8KYUZ3UDQXA1bmlgFsScwkMFrEx++F4QXgPN/LaZpQR6IxiY2SO6QSGMj3Qd00jpPE5+FkgDz1B3kAMYt8sTQ8AGQzSTTHyqG83z+qcBpplVLQK4Hm2KpC473U2BzLDgcDwgY+QwFRIwP4knLjuwFRIQv0MGB5PgnntKwFAMUs0MMA53Rem/Ge25I4ufvCXgkQVrVXsSSW7JTAq7lpCJQNnK4IEJNhW2jqGdDGsrH6QrB5GyXwWMKXLoi5gdnL8dwuCXjRvy4xs0vjVGDonMa9MNlALQPiJxlJOcvruOlM2yMBzuQ3Q3Al44BFADA8lJ9LrtSKnD2wBwAhe/hhIVIZpWxiQJgG5qHkohYBoPP4q6tks2Qfh1GBzu3xhWQckM0eWgAIfprrBE+SN4LZBACTNIQzF4KO5EAnmxgQwhtckj2WMeBA8gARpqQ9sAcAAfnrbLk4QGBUsQcAHmIzXFLLrbZFDMgXS1KZoN2W1DHVwj6iUH8O4FQKPCcWc3t6AkGCTin0dpUDQPhq6OREgNixD4BmvBBYBlKNTaqpuChVD8B2wQWj98EnOrVA3hf4YHExJLb1l3FUsBeAfLEG0Bef//Y8H28FqSW2VT2p1VgNUi5QLKC4z1qCqoBYt78fkC/WfMWCwMUM21H5oFrzA4n4xrUt724xQy0fxRRVkd/LKQ0lWgHYLrgAvfQXN1vXSYAAmlUeS7VH63yxBMIVUvDdB1jX8S2BmZbYp70scNkRmXtXaQkOXN4b3FJNfbMAAEDzzoLcFRhV4TReaztOGAPAiwdPLgDh8OqUR7M6XoiaB6CbGtts4cLzwbtv1N8Z7hiv+Rsi823xzb0KRB8T7gMA3jxj59dcZoz3snBUY+VpCmD7nautXGcva2Aog8Siqa/Hov1sbuAxJZXgHC/o1Hz0Ehgsmn71/FIxaXz0AAwS8sj0ihYAcBb5CVJ9weFnwLnR1K6PHgC9FyJsFCVwq+9afAQlIITbnxXMjv+6222dh4/VtAAAAABJRU5ErkJggg== + mediatype: image/png + install: + spec: + clusterPermissions: + - rules: + - apiGroups: + - mongodb.com + resources: + - clustermongodbroles + verbs: + - '*' + - nonResourceURLs: + - /version + verbs: + - get + - apiGroups: + - "" + resourceNames: + - kube-system + resources: + - namespaces + verbs: + - get + - apiGroups: + - "" + resources: + - nodes + verbs: + - list + serviceAccountName: mongodb-kubernetes-operator + deployments: + - name: mongodb-kubernetes-operator + spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: mongodb-kubernetes-operator + app.kubernetes.io/name: mongodb-kubernetes-operator + strategy: {} + template: + metadata: + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: mongodb-kubernetes-operator + app.kubernetes.io/name: mongodb-kubernetes-operator + spec: + containers: + - args: + - -watch-resource=mongodb + - -watch-resource=opsmanagers + - -watch-resource=mongodbusers + - -watch-resource=mongodbcommunity + - -watch-resource=mongodbsearch + - -watch-resource=clustermongodbroles + command: + - /usr/local/bin/mongodb-kubernetes-operator + env: + - name: OPERATOR_ENV + value: prod + - name: MDB_DEFAULT_ARCHITECTURE + value: non-static + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.annotations['olm.targetNamespaces'] + - name: MANAGED_SECURITY_CONTEXT + value: "true" + - name: MDB_OPERATOR_TELEMETRY_COLLECTION_FREQUENCY + value: 1h + - name: MDB_OPERATOR_TELEMETRY_SEND_FREQUENCY + value: 168h + - name: CLUSTER_CLIENT_TIMEOUT + value: "10" + - name: IMAGE_PULL_POLICY + value: Always + - name: MONGODB_ENTERPRISE_DATABASE_IMAGE + value: quay.io/mongodb/mongodb-kubernetes-database + - name: INIT_DATABASE_IMAGE_REPOSITORY + value: quay.io/mongodb/mongodb-kubernetes-init-database + - name: INIT_DATABASE_VERSION + value: 1.5.0 + - name: DATABASE_VERSION + value: 1.5.0 + - name: OPS_MANAGER_IMAGE_REPOSITORY + value: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi + - name: INIT_OPS_MANAGER_IMAGE_REPOSITORY + value: quay.io/mongodb/mongodb-kubernetes-init-ops-manager + - name: INIT_OPS_MANAGER_VERSION + value: 1.5.0 + - name: INIT_APPDB_IMAGE_REPOSITORY + value: quay.io/mongodb/mongodb-kubernetes-init-appdb + - name: INIT_APPDB_VERSION + value: 1.5.0 + - name: OPS_MANAGER_IMAGE_PULL_POLICY + value: Always + - name: AGENT_IMAGE + value: quay.io/mongodb/mongodb-agent@sha256:6394391f78da5e3218bb2c694e7ec9f6682fd17a6dd7e7250b0c0b5e1729796d + - name: MDB_AGENT_IMAGE_REPOSITORY + value: quay.io/mongodb/mongodb-agent + - name: MONGODB_IMAGE + value: mongodb-enterprise-server + - name: MONGODB_REPO_URL + value: quay.io/mongodb + - name: MDB_IMAGE_TYPE + value: ubi8 + - name: PERFORM_FAILOVER + value: "true" + - name: MDB_WEBHOOK_REGISTER_CONFIGURATION + value: "false" + - name: MDB_MAX_CONCURRENT_RECONCILES + value: "1" + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: OPERATOR_NAME + value: mongodb-kubernetes-operator + - name: MDB_COMMUNITY_AGENT_IMAGE + value: quay.io/mongodb/mongodb-agent@sha256:b422829aac63f068aed4a6948fd14cbd3c3bfad6d47ab76523f6839bf20b0203 + - name: VERSION_UPGRADE_HOOK_IMAGE + value: quay.io/mongodb/mongodb-kubernetes-operator-version-upgrade-post-start-hook:1.0.10 + - name: READINESS_PROBE_IMAGE + value: quay.io/mongodb/mongodb-kubernetes-readinessprobe:1.0.23 + - name: MDB_COMMUNITY_IMAGE + value: mongodb-community-server + - name: MDB_COMMUNITY_REPO_URL + value: quay.io/mongodb + - name: MDB_COMMUNITY_IMAGE_TYPE + value: ubi8 + - name: RELATED_IMAGE_MONGODB_ENTERPRISE_DATABASE_IMAGE_1_5_0 + value: quay.io/mongodb/mongodb-kubernetes-database@sha256:1441ea2276391268ae06ec8857d036b3771aacb21dd57438661ca7075dfbc162 + - name: RELATED_IMAGE_INIT_DATABASE_IMAGE_REPOSITORY_1_5_0 + value: quay.io/mongodb/mongodb-kubernetes-init-database@sha256:c94ea981da47b2d7e65019a391d46d14ab64e29d91749931f32f57a425a52d13 + - name: RELATED_IMAGE_INIT_OPS_MANAGER_IMAGE_REPOSITORY_1_5_0 + value: quay.io/mongodb/mongodb-kubernetes-init-ops-manager@sha256:5b071dd35157345bc4f6de97993685ba1c2612962f11b257d4d0aa33225d03e7 + - name: RELATED_IMAGE_INIT_APPDB_IMAGE_REPOSITORY_1_5_0 + value: quay.io/mongodb/mongodb-kubernetes-init-appdb@sha256:646840c0f3782c539dbb491416557e5ffebda1097a948d180fb1529ba45cc867 + - name: RELATED_IMAGE_AGENT_IMAGE_107_0_12_8669_1 + value: quay.io/mongodb/mongodb-agent@sha256:fa30370a75e8e4ac648650ceb39a7a259a754aab8a48d7e2f2801cd1b777e91b + - name: RELATED_IMAGE_AGENT_IMAGE_107_0_13_8702_1 + value: quay.io/mongodb/mongodb-agent@sha256:d8a2ef79d767f03162ec57fe028f9072294b292d376af8eb97d2967eb6d7047b + - name: RELATED_IMAGE_AGENT_IMAGE_107_0_15_8741_1 + value: quay.io/mongodb/mongodb-agent@sha256:5f5031e4c2a3729f618d026b0a7f34fd4509ea73d5a4e3068b551041dc291583 + - name: RELATED_IMAGE_AGENT_IMAGE_107_0_17_8771_1 + value: quay.io/mongodb/mongodb-agent@sha256:3fa5bcfda3228e0ea880434a60ced829e3872e74763b347636c18475d866d0e1 + - name: RELATED_IMAGE_AGENT_IMAGE_107_0_18_8784_1 + value: quay.io/mongodb/mongodb-agent@sha256:2d5652d0e263aa94554e7a068c93e4fd94b84ec223f077361d030d172bc93f67 + - name: RELATED_IMAGE_AGENT_IMAGE_108_0_1_8718_1 + value: quay.io/mongodb/mongodb-agent@sha256:a8358ce465adf463d8e73916d7944765d7aaf2b0ed10bd3b8119a87fc9080667 + - name: RELATED_IMAGE_AGENT_IMAGE_108_0_11_8830_1 + value: quay.io/mongodb/mongodb-agent@sha256:ee9f3906d893004bb2aaaa6412646f58288b0684502b9e90f33cafadcfce4349 + - name: RELATED_IMAGE_AGENT_IMAGE_108_0_12_8846_1 + value: quay.io/mongodb/mongodb-agent@sha256:6394391f78da5e3218bb2c694e7ec9f6682fd17a6dd7e7250b0c0b5e1729796d + - name: RELATED_IMAGE_AGENT_IMAGE_108_0_13_8870_1 + value: quay.io/mongodb/mongodb-agent@sha256:32dbfdb8f447b42ba91c8501a5278cb1e6a60ecf37008ca38487b31440c24a23 + - name: RELATED_IMAGE_AGENT_IMAGE_108_0_2_8729_1 + value: quay.io/mongodb/mongodb-agent@sha256:b422829aac63f068aed4a6948fd14cbd3c3bfad6d47ab76523f6839bf20b0203 + - name: RELATED_IMAGE_AGENT_IMAGE_108_0_3_8758_1 + value: quay.io/mongodb/mongodb-agent@sha256:89819704d70a3b6b4d2358745a22060ef740b33ad5c6debf8e6ac4d4a6fd63ba + - name: RELATED_IMAGE_AGENT_IMAGE_108_0_4_8770_1 + value: quay.io/mongodb/mongodb-agent@sha256:6cc4e953df3f09d793f0dbc6e57e55a3c5277ef63177a6d8f691a41227facf64 + - name: RELATED_IMAGE_AGENT_IMAGE_108_0_6_8796_1 + value: quay.io/mongodb/mongodb-agent@sha256:6c23febaa9dd52bc29ac1e52d087fc4b2b47c578f4d6ac3a1674bb750a38cb07 + - name: RELATED_IMAGE_AGENT_IMAGE_108_0_7_8810_1 + value: quay.io/mongodb/mongodb-agent@sha256:b387b7458f5640f907c9074fcb08ae4d4785be31d4bb65f2d7c459cd6762b2d6 + - name: RELATED_IMAGE_AGENT_IMAGE_12_0_35_7911_1 + value: quay.io/mongodb/mongodb-agent@sha256:af3de4f631d0b00cae7f7e80c3900378ba7e449e01830bf9dc643b873d2e6d33 + - name: RELATED_IMAGE_AGENT_IMAGE_13_41_0_9830_1 + value: quay.io/mongodb/mongodb-agent@sha256:cbdd6cbba0498fcf77c1d31acca0838024bffaf243fbc7ae7f7aced6df7f21ca + - name: RELATED_IMAGE_OPS_MANAGER_IMAGE_REPOSITORY_6_0_26 + value: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:3bbd3d7fd45d107621e7770f2b4c2a758e148cd472e0ee21719442f71bf6ade0 + - name: RELATED_IMAGE_OPS_MANAGER_IMAGE_REPOSITORY_6_0_27 + value: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:a4590af027182305913f0de1a2e37ad8612bd73b8b31f4df11068b80089021ff + - name: RELATED_IMAGE_OPS_MANAGER_IMAGE_REPOSITORY_7_0_11 + value: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:5d299820bb903f0cdfdf2626a3c44099d2eaee16188cd8234d2ff3a57259b3a7 + - name: RELATED_IMAGE_OPS_MANAGER_IMAGE_REPOSITORY_7_0_12 + value: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:b8aa1edbc5fb02af312a863bc7db8535a282dfd692a07b1e321e5a1acbfeb6a1 + - name: RELATED_IMAGE_OPS_MANAGER_IMAGE_REPOSITORY_7_0_13 + value: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:fa4aa97767bd19cf3711a74bf21ecb9cbbc25fed6b6b09a2eb241ebd3fbc8f3a + - name: RELATED_IMAGE_OPS_MANAGER_IMAGE_REPOSITORY_7_0_14 + value: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:b7764c316eeacffd3f9ddae62d9fd2a74eb58484d2cfd5021e460095d604764f + - name: RELATED_IMAGE_OPS_MANAGER_IMAGE_REPOSITORY_7_0_15 + value: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:09788976bdc1327acbf18cedf8efd5fca2159e43b506faa40e03ee42ad94928a + - name: RELATED_IMAGE_OPS_MANAGER_IMAGE_REPOSITORY_7_0_17 + value: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:702f529cb9d8d9042e54263f8bc37b40c062ac2695efc3e7150819779886e323 + - name: RELATED_IMAGE_OPS_MANAGER_IMAGE_REPOSITORY_7_0_18 + value: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:f71b027fccf649f18f63f8df7a59b1bac421a2cdab6712e0c985a93c08ed970a + - name: RELATED_IMAGE_OPS_MANAGER_IMAGE_REPOSITORY_8_0_0 + value: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:b9ab7147b59b62e40a69c6400f87d0c7faecfa5462bed6e68ca653b00e50b887 + - name: RELATED_IMAGE_OPS_MANAGER_IMAGE_REPOSITORY_8_0_1 + value: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:33bbd29b74f95baad522b380d70bcc9f933a3fee57642c37b09376c86179c40f + - name: RELATED_IMAGE_OPS_MANAGER_IMAGE_REPOSITORY_8_0_2 + value: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:cd869ff7d661059fad7593e30141d74e8cc751295b1579577f7a853396eb5d0b + - name: RELATED_IMAGE_OPS_MANAGER_IMAGE_REPOSITORY_8_0_3 + value: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:d81eac2129b6ab8346be1749c56ea67f6da64d4ee0fb9f3ff4171ba0f61918eb + - name: RELATED_IMAGE_OPS_MANAGER_IMAGE_REPOSITORY_8_0_4 + value: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:5e3982493e85ac1e40536758c3145b7c2fff9a7b4be9d053ee41201363a89920 + - name: RELATED_IMAGE_OPS_MANAGER_IMAGE_REPOSITORY_8_0_5 + value: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:146c4f5dc443f94f54d72808b4e4df93bb904e23589b222d17700166780776b4 + - name: RELATED_IMAGE_OPS_MANAGER_IMAGE_REPOSITORY_8_0_6 + value: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:78f11c9cd5e63f2b0e10c67dc1491f4ce1279fa90178c108814725414defab9a + - name: RELATED_IMAGE_OPS_MANAGER_IMAGE_REPOSITORY_8_0_7 + value: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:adeab0dc766a27138db7df5f37cbb1da860c14179ef631b2e001e5bb875325e4 + - name: RELATED_IMAGE_OPS_MANAGER_IMAGE_REPOSITORY_8_0_11 + value: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:895dbdfb87ddc2e9693671c7108a31ab28e16fec2e5be6d046bdd2e30319eade + - name: RELATED_IMAGE_OPS_MANAGER_IMAGE_REPOSITORY_8_0_12 + value: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:85b4e954c9c4bbe1019774bad1e05e9c8dc175648b01d3badf0b64143f182019 + - name: RELATED_IMAGE_OPS_MANAGER_IMAGE_REPOSITORY_8_0_13 + value: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:439d6fefb469613432e2d05149dfc96c32b16469d743835d5f402a2ada8be8cc + - name: RELATED_IMAGE_OPS_MANAGER_IMAGE_REPOSITORY_8_0_14 + value: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:6c475c3180bcfa1d1cdbd41c4aaca4d0eca82404fa1e35547c57c971fa3fe25c + - name: RELATED_IMAGE_MONGODB_IMAGE_4_4_0_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:19925e1297ab652db59c35f53e7b7c8b2b277f8ecdc4215682961aaf2b3e924e + - name: RELATED_IMAGE_MONGODB_IMAGE_4_4_1_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:c752a7f0726d21d55f204a359b85fa29cd727a5fe571b37289ae3ea52d6206b0 + - name: RELATED_IMAGE_MONGODB_IMAGE_4_4_2_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:8d7e5361c2a1604dec3fc671d629806fe6ddc6df524b69a441b86933a4b30093 + - name: RELATED_IMAGE_MONGODB_IMAGE_4_4_3_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:7885ab6e88214f9289d8babf5189136dde0dd4c84a15a5481ccd3ef512b2e66f + - name: RELATED_IMAGE_MONGODB_IMAGE_4_4_4_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:9a3a6496be0d2d446e6d654eb56386c7726e0cd2d7232f6dcec579923edf0014 + - name: RELATED_IMAGE_MONGODB_IMAGE_4_4_5_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:0fde236fe26d5b20210d6f246aadacd7845874712def516cbe2eec11d79d5181 + - name: RELATED_IMAGE_MONGODB_IMAGE_4_4_6_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:172e338a43df01ee5408d8d1e3cb038d2c55e77761c1a2ac6ed37959d1525140 + - name: RELATED_IMAGE_MONGODB_IMAGE_4_4_7_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:15e31285c8949a4666f7702df53416b0905d76945a28575a6028a876cc8a6f0f + - name: RELATED_IMAGE_MONGODB_IMAGE_4_4_8_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:11ab324698f919f84a5dab5a964d93fe63f98a48146bb3b86974cba7606d30ec + - name: RELATED_IMAGE_MONGODB_IMAGE_4_4_9_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:655896bac9e82de8e9729d59a36c3a31f66235f22b93449260a2ccb7709de084 + - name: RELATED_IMAGE_MONGODB_IMAGE_4_4_10_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:33a30d11969eb21952681108092fe7f916e25c8e1de43e6a4e40e126025a2bec + - name: RELATED_IMAGE_MONGODB_IMAGE_4_4_11_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:1d418c65d82ccad205b7889be4ba161d3cbfa8b1fb75b21c8fcf02de38fad9ca + - name: RELATED_IMAGE_MONGODB_IMAGE_4_4_12_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:d21c65780cadc9d8668d2c28935d492625d6993f13ba562722200a819281cbcc + - name: RELATED_IMAGE_MONGODB_IMAGE_4_4_13_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:dfd4277f0c16ed476ac7de51894739e8c8d13a65ea5024b9a97b3dce0f6c6975 + - name: RELATED_IMAGE_MONGODB_IMAGE_4_4_14_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:b00ac773623e1bf422b47e6d783263d2d08737865abe9abbe106d86d1ea25165 + - name: RELATED_IMAGE_MONGODB_IMAGE_4_4_15_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:ef732e3eea91cc86caf2eabedc0c9115ed235a8d204f33e74bbf090a0b0259fb + - name: RELATED_IMAGE_MONGODB_IMAGE_4_4_16_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:67238129df09d33ee4746ff1acb5515d699a29d9f42350eae3f3f69ccb7fbf54 + - name: RELATED_IMAGE_MONGODB_IMAGE_4_4_17_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:8445d59d491a6d3890ea9c8b421214bcd0fdcfbc420ed40497a790b79f0bc89e + - name: RELATED_IMAGE_MONGODB_IMAGE_4_4_18_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:523566f44cbb6bbf0cd12b1adae939a883f2254c78dc4b8c9d0098581337b1db + - name: RELATED_IMAGE_MONGODB_IMAGE_4_4_19_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:85c1d669c073caf9cbaac815e4c8ea2ca18b71deefa03bf84cd6d8b8ebd53e12 + - name: RELATED_IMAGE_MONGODB_IMAGE_4_4_20_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:37af0913742b6de339c7e664b30f35dcef04506529e4a09a9bbbdd57643f7149 + - name: RELATED_IMAGE_MONGODB_IMAGE_4_4_21_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:aa8683500e8d3632c4588bbcdddb4e3186a01f48aefe1b6d95f8860dae8b6c76 + - name: RELATED_IMAGE_MONGODB_IMAGE_5_0_0_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:fb8397cbcdbf7c33f6ad142492792771127f0d9a8c46388f350b6927405ee590 + - name: RELATED_IMAGE_MONGODB_IMAGE_5_0_1_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:d49417ea85ee1ddb84429552a5aac87a82c2843904d8c0300a43b657b7a49e0e + - name: RELATED_IMAGE_MONGODB_IMAGE_5_0_2_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:a48a4d5c275fd669a27469649fb39ea38c728dbcf9f0a9da4e7cf27a2ce912ed + - name: RELATED_IMAGE_MONGODB_IMAGE_5_0_3_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:3add8b68bfbaa42596fe5dbbee4623ba5ff1a826b18bb71301525adf574dcb94 + - name: RELATED_IMAGE_MONGODB_IMAGE_5_0_4_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:f2d9a3264a8814f33143b73c56624572fb80afeab184133d3a901713a31c1a87 + - name: RELATED_IMAGE_MONGODB_IMAGE_5_0_5_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:d323c1bcd14118cc537ac282996ea5a58756d20b6b73f1eec0efa8710d246077 + - name: RELATED_IMAGE_MONGODB_IMAGE_5_0_6_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:df6081325ea2fe01d1b27d0c70005dec8232aaf51a43d91661b722b8a1761263 + - name: RELATED_IMAGE_MONGODB_IMAGE_5_0_7_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:aa300abf739e26350a258f643fa8e57aedacd041055c7b923bd22b21ef554cdb + - name: RELATED_IMAGE_MONGODB_IMAGE_5_0_8_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:778f9e29e36d6687cd17dd95ec1f8127d2a732bde1a2dd5821212eb55c1c998a + - name: RELATED_IMAGE_MONGODB_IMAGE_5_0_9_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:1a77851485ad3b2566e765b4bb051ff0ddfa48703492cef6c6db021dde84d87f + - name: RELATED_IMAGE_MONGODB_IMAGE_5_0_10_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:3fe62f3ad52707ccf0e9993c69891e44c569a4b4e1a3244cf60e3b5fdde57bd2 + - name: RELATED_IMAGE_MONGODB_IMAGE_5_0_11_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:720056b985c1a16d48b2aecb7a88a15cba3d8186e55b3c6c24729699a85c8232 + - name: RELATED_IMAGE_MONGODB_IMAGE_5_0_12_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:8d7266b405ebb2dd24a9f7c12d3921024f547c3d8c01831e6bcfc1d551d63be1 + - name: RELATED_IMAGE_MONGODB_IMAGE_5_0_13_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:d2d8b59c1f39c41951e7878963f8496eb494688720366f8edc7060887cdbe6a0 + - name: RELATED_IMAGE_MONGODB_IMAGE_5_0_14_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:e7aeedb752dda77cf0e49df3430843b5a2bba64c8404628a983f46640d316808 + - name: RELATED_IMAGE_MONGODB_IMAGE_5_0_15_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:a86c4d8a0b9ca3c20cc524809676eb03a944ada43378ec98c107cd72cc64700f + - name: RELATED_IMAGE_MONGODB_IMAGE_5_0_16_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:5c8553e5ba115657fb878c0fe08704af9fd5decec572a87d89d2c8c156ffc9f9 + - name: RELATED_IMAGE_MONGODB_IMAGE_5_0_17_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:f1e72679b2468aed2f3c3106568327911e6594c9ee15f7348e953eaa0d8fd44a + - name: RELATED_IMAGE_MONGODB_IMAGE_5_0_18_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:c8aec83b76dfecc05b8f5d8f40fd61b24980c0287a07294f75f321c2d42c32b4 + - name: RELATED_IMAGE_MONGODB_IMAGE_6_0_0_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:9bef77e905dadd1e61d0439dd53b21ed1f3606e49affd9ffc4ba8156578e8f0f + - name: RELATED_IMAGE_MONGODB_IMAGE_6_0_1_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:c48631742ad1fec8a9ee745fc3cc9ca1fe7d86ef7fa68ad8e8337c7a4566dc87 + - name: RELATED_IMAGE_MONGODB_IMAGE_6_0_2_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:5145c97d2281aabcd8538ff515c3833aa48acb66b0b739fb1881120c1985d88a + - name: RELATED_IMAGE_MONGODB_IMAGE_6_0_3_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:454b1585c342375dea643b10ead688d0f62347841f5f30059fcd4f92e3297ee9 + - name: RELATED_IMAGE_MONGODB_IMAGE_6_0_4_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:3316015ac0699d66ac73f714e5dc0784738654e0349e80b1e1f4e953b3c88964 + - name: RELATED_IMAGE_MONGODB_IMAGE_6_0_5_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:bfbcfcfc5f0de22e20520b2d96f826638e424adb028a909ccc192013d11f5833 + - name: RELATED_IMAGE_MONGODB_IMAGE_8_0_0_ubi8 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:376ad7e5fe42651d946cba5705c0eee44aa636c1b4ff258210e4ce2fe4205b4d + - name: RELATED_IMAGE_MONGODB_IMAGE_8_0_0_ubi9 + value: quay.io/mongodb/mongodb-enterprise-server@sha256:7a93a0276531ff9be4c90bb8fe8d104e0a9e930c29792aafe03cc6a76a9fa89c + - name: RELATED_IMAGE_MDB_SEARCH_IMAGE_0_53_1 + value: quay.io/mongodb/mongodb-search@sha256:7149a7b6f1ee84646d3972837920f80fc5db49503c598406ce92e2f794bd5f0d + - name: MDB_SEARCH_REPO_URL + value: quay.io/mongodb + - name: MDB_SEARCH_NAME + value: mongodb-search + - name: MDB_SEARCH_VERSION + value: 0.53.1 + image: quay.io/mongodb/mongodb-kubernetes@sha256:e1113d025f9a4d7cd7d577bdbda0da886f1bb033603c6b907f62028b57223c27 + imagePullPolicy: Always + name: mongodb-kubernetes-operator + resources: + limits: + cpu: 1100m + memory: 1Gi + requests: + cpu: 500m + memory: 200Mi + serviceAccountName: mongodb-kubernetes-operator + permissions: + - rules: + - apiGroups: + - "" + resources: + - services + verbs: + - get + - list + - watch + - create + - update + - delete + - apiGroups: + - "" + resources: + - secrets + - configmaps + verbs: + - get + - list + - create + - update + - delete + - watch + - apiGroups: + - apps + resources: + - statefulsets + verbs: + - create + - get + - list + - watch + - delete + - update + - apiGroups: + - "" + resources: + - pods + verbs: + - get + - list + - watch + - delete + - deletecollection + - apiGroups: + - mongodbcommunity.mongodb.com + resources: + - mongodbcommunity + - mongodbcommunity/status + - mongodbcommunity/spec + - mongodbcommunity/finalizers + verbs: + - '*' + - apiGroups: + - mongodb.com + resources: + - mongodb + - mongodb/finalizers + - mongodbusers + - mongodbusers/finalizers + - opsmanagers + - opsmanagers/finalizers + - mongodbmulticluster + - mongodbmulticluster/finalizers + - mongodbsearch + - mongodbsearch/finalizers + - mongodb/status + - mongodbusers/status + - opsmanagers/status + - mongodbmulticluster/status + - mongodbsearch/status + verbs: + - '*' + - apiGroups: + - "" + resources: + - persistentvolumeclaims + verbs: + - get + - delete + - list + - watch + - patch + - update + serviceAccountName: mongodb-kubernetes-operator + strategy: deployment + installModes: + - supported: true + type: OwnNamespace + - supported: true + type: SingleNamespace + - supported: false + type: MultiNamespace + - supported: true + type: AllNamespaces + keywords: + - mongodb + - databases + - nosql + links: + - name: Documentation + url: https://docs.opsmanager.mongodb.com/current/tutorial/install-k8s-operator/index.html + maintainers: + - email: support@mongodb.com + name: MongoDB, Inc + maturity: stable + provider: + name: MongoDB, Inc + relatedImages: + - image: quay.io/mongodb/mongodb-agent@sha256:cbdd6cbba0498fcf77c1d31acca0838024bffaf243fbc7ae7f7aced6df7f21ca + name: agent-image-13-41-0-9830-1 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:8d7e5361c2a1604dec3fc671d629806fe6ddc6df524b69a441b86933a4b30093 + name: mongodb-image-4-4-2-ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:df6081325ea2fe01d1b27d0c70005dec8232aaf51a43d91661b722b8a1761263 + name: mongodb-image-5-0-6-ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:720056b985c1a16d48b2aecb7a88a15cba3d8186e55b3c6c24729699a85c8232 + name: mongodb-image-5-0-11-ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:d2d8b59c1f39c41951e7878963f8496eb494688720366f8edc7060887cdbe6a0 + name: mongodb-image-5-0-13-ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:5145c97d2281aabcd8538ff515c3833aa48acb66b0b739fb1881120c1985d88a + name: mongodb-image-6-0-2-ubi8 + - image: quay.io/mongodb/mongodb-agent@sha256:b387b7458f5640f907c9074fcb08ae4d4785be31d4bb65f2d7c459cd6762b2d6 + name: agent_image_108_0_7_8810_1 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:5d299820bb903f0cdfdf2626a3c44099d2eaee16188cd8234d2ff3a57259b3a7 + name: ops_manager_image_repository_7_0_11 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:09788976bdc1327acbf18cedf8efd5fca2159e43b506faa40e03ee42ad94928a + name: ops_manager_image_repository_7_0_15 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:8d7e5361c2a1604dec3fc671d629806fe6ddc6df524b69a441b86933a4b30093 + name: mongodb_image_4_4_2_ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:3add8b68bfbaa42596fe5dbbee4623ba5ff1a826b18bb71301525adf574dcb94 + name: mongodb_image_5_0_3_ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:523566f44cbb6bbf0cd12b1adae939a883f2254c78dc4b8c9d0098581337b1db + name: mongodb-image-4-4-18-ubi8 + - image: quay.io/mongodb/mongodb-kubernetes-init-appdb@sha256:646840c0f3782c539dbb491416557e5ffebda1097a948d180fb1529ba45cc867 + name: init_appdb_image_repository_1_5_0 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:33bbd29b74f95baad522b380d70bcc9f933a3fee57642c37b09376c86179c40f + name: ops_manager_image_repository_8_0_1 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:0fde236fe26d5b20210d6f246aadacd7845874712def516cbe2eec11d79d5181 + name: mongodb_image_4_4_5_ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:aa300abf739e26350a258f643fa8e57aedacd041055c7b923bd22b21ef554cdb + name: mongodb_image_5_0_7_ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:c48631742ad1fec8a9ee745fc3cc9ca1fe7d86ef7fa68ad8e8337c7a4566dc87 + name: mongodb_image_6_0_1_ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:3316015ac0699d66ac73f714e5dc0784738654e0349e80b1e1f4e953b3c88964 + name: mongodb_image_6_0_4_ubi8 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:cd869ff7d661059fad7593e30141d74e8cc751295b1579577f7a853396eb5d0b + name: ops-manager-image-repository-8-0-2 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:3bbd3d7fd45d107621e7770f2b4c2a758e148cd472e0ee21719442f71bf6ade0 + name: ops_manager_image_repository_6_0_26 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:a4590af027182305913f0de1a2e37ad8612bd73b8b31f4df11068b80089021ff + name: ops_manager_image_repository_6_0_27 + - image: quay.io/mongodb/mongodb-agent@sha256:2d5652d0e263aa94554e7a068c93e4fd94b84ec223f077361d030d172bc93f67 + name: agent_image_107_0_18_8784_1 + - image: quay.io/mongodb/mongodb-agent@sha256:ee9f3906d893004bb2aaaa6412646f58288b0684502b9e90f33cafadcfce4349 + name: agent_image_108_0_11_8830_1 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:6c475c3180bcfa1d1cdbd41c4aaca4d0eca82404fa1e35547c57c971fa3fe25c + name: ops_manager_image_repository_8_0_14 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:5d299820bb903f0cdfdf2626a3c44099d2eaee16188cd8234d2ff3a57259b3a7 + name: ops-manager-image-repository-7-0-11 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:9a3a6496be0d2d446e6d654eb56386c7726e0cd2d7232f6dcec579923edf0014 + name: mongodb-image-4-4-4-ubi8 + - image: quay.io/mongodb/mongodb-kubernetes-database@sha256:1441ea2276391268ae06ec8857d036b3771aacb21dd57438661ca7075dfbc162 + name: mongodb_enterprise_database_image_1_5_0 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:d81eac2129b6ab8346be1749c56ea67f6da64d4ee0fb9f3ff4171ba0f61918eb + name: ops_manager_image_repository_8_0_3 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:1d418c65d82ccad205b7889be4ba161d3cbfa8b1fb75b21c8fcf02de38fad9ca + name: mongodb_image_4_4_11_ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:85c1d669c073caf9cbaac815e4c8ea2ca18b71deefa03bf84cd6d8b8ebd53e12 + name: mongodb_image_4_4_19_ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:aa8683500e8d3632c4588bbcdddb4e3186a01f48aefe1b6d95f8860dae8b6c76 + name: mongodb_image_4_4_21_ubi8 + - image: quay.io/mongodb/mongodb-agent@sha256:3fa5bcfda3228e0ea880434a60ced829e3872e74763b347636c18475d866d0e1 + name: agent-image-107-0-17-8771-1 + - image: quay.io/mongodb/mongodb-agent@sha256:3fa5bcfda3228e0ea880434a60ced829e3872e74763b347636c18475d866d0e1 + name: agent_image_107_0_17_8771_1 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:cd869ff7d661059fad7593e30141d74e8cc751295b1579577f7a853396eb5d0b + name: ops_manager_image_repository_8_0_2 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:19925e1297ab652db59c35f53e7b7c8b2b277f8ecdc4215682961aaf2b3e924e + name: mongodb_image_4_4_0_ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:9a3a6496be0d2d446e6d654eb56386c7726e0cd2d7232f6dcec579923edf0014 + name: mongodb_image_4_4_4_ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:fb8397cbcdbf7c33f6ad142492792771127f0d9a8c46388f350b6927405ee590 + name: mongodb_image_5_0_0_ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:d2d8b59c1f39c41951e7878963f8496eb494688720366f8edc7060887cdbe6a0 + name: mongodb_image_5_0_13_ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:7a93a0276531ff9be4c90bb8fe8d104e0a9e930c29792aafe03cc6a76a9fa89c + name: mongodb_image_8_0_0_ubi9 + - image: quay.io/mongodb/mongodb-kubernetes-database@sha256:1441ea2276391268ae06ec8857d036b3771aacb21dd57438661ca7075dfbc162 + name: mongodb-enterprise-database-image-1-5-0 + - image: quay.io/mongodb/mongodb-kubernetes-init-database@sha256:c94ea981da47b2d7e65019a391d46d14ab64e29d91749931f32f57a425a52d13 + name: init-database-image-repository-1-5-0 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:146c4f5dc443f94f54d72808b4e4df93bb904e23589b222d17700166780776b4 + name: ops-manager-image-repository-8-0-5 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:6c475c3180bcfa1d1cdbd41c4aaca4d0eca82404fa1e35547c57c971fa3fe25c + name: ops-manager-image-repository-8-0-14 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:a86c4d8a0b9ca3c20cc524809676eb03a944ada43378ec98c107cd72cc64700f + name: mongodb-image-5-0-15-ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:376ad7e5fe42651d946cba5705c0eee44aa636c1b4ff258210e4ce2fe4205b4d + name: mongodb-image-8-0-0-ubi8 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:adeab0dc766a27138db7df5f37cbb1da860c14179ef631b2e001e5bb875325e4 + name: ops_manager_image_repository_8_0_7 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:439d6fefb469613432e2d05149dfc96c32b16469d743835d5f402a2ada8be8cc + name: ops-manager-image-repository-8-0-13 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:1a77851485ad3b2566e765b4bb051ff0ddfa48703492cef6c6db021dde84d87f + name: mongodb-image-5-0-9-ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:d21c65780cadc9d8668d2c28935d492625d6993f13ba562722200a819281cbcc + name: mongodb_image_4_4_12_ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:67238129df09d33ee4746ff1acb5515d699a29d9f42350eae3f3f69ccb7fbf54 + name: mongodb_image_4_4_16_ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:523566f44cbb6bbf0cd12b1adae939a883f2254c78dc4b8c9d0098581337b1db + name: mongodb_image_4_4_18_ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:d323c1bcd14118cc537ac282996ea5a58756d20b6b73f1eec0efa8710d246077 + name: mongodb_image_5_0_5_ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:e7aeedb752dda77cf0e49df3430843b5a2bba64c8404628a983f46640d316808 + name: mongodb_image_5_0_14_ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:9bef77e905dadd1e61d0439dd53b21ed1f3606e49affd9ffc4ba8156578e8f0f + name: mongodb_image_6_0_0_ubi8 + - image: quay.io/mongodb/mongodb-agent@sha256:af3de4f631d0b00cae7f7e80c3900378ba7e449e01830bf9dc643b873d2e6d33 + name: agent-image-12-0-35-7911-1 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:09788976bdc1327acbf18cedf8efd5fca2159e43b506faa40e03ee42ad94928a + name: ops-manager-image-repository-7-0-15 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:11ab324698f919f84a5dab5a964d93fe63f98a48146bb3b86974cba7606d30ec + name: mongodb-image-4-4-8-ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:1d418c65d82ccad205b7889be4ba161d3cbfa8b1fb75b21c8fcf02de38fad9ca + name: mongodb-image-4-4-11-ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:454b1585c342375dea643b10ead688d0f62347841f5f30059fcd4f92e3297ee9 + name: mongodb-image-6-0-3-ubi8 + - image: quay.io/mongodb/mongodb-agent@sha256:fa30370a75e8e4ac648650ceb39a7a259a754aab8a48d7e2f2801cd1b777e91b + name: agent_image_107_0_12_8669_1 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:b00ac773623e1bf422b47e6d783263d2d08737865abe9abbe106d86d1ea25165 + name: mongodb_image_4_4_14_ubi8 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:78f11c9cd5e63f2b0e10c67dc1491f4ce1279fa90178c108814725414defab9a + name: ops-manager-image-repository-8-0-6 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:e7aeedb752dda77cf0e49df3430843b5a2bba64c8404628a983f46640d316808 + name: mongodb-image-5-0-14-ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:f1e72679b2468aed2f3c3106568327911e6594c9ee15f7348e953eaa0d8fd44a + name: mongodb_image_5_0_17_ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:5145c97d2281aabcd8538ff515c3833aa48acb66b0b739fb1881120c1985d88a + name: mongodb_image_6_0_2_ubi8 + - image: quay.io/mongodb/mongodb-agent@sha256:32dbfdb8f447b42ba91c8501a5278cb1e6a60ecf37008ca38487b31440c24a23 + name: agent-image-108-0-13-8870-1 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:b7764c316eeacffd3f9ddae62d9fd2a74eb58484d2cfd5021e460095d604764f + name: ops-manager-image-repository-7-0-14 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:37af0913742b6de339c7e664b30f35dcef04506529e4a09a9bbbdd57643f7149 + name: mongodb-image-4-4-20-ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:f1e72679b2468aed2f3c3106568327911e6594c9ee15f7348e953eaa0d8fd44a + name: mongodb-image-5-0-17-ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:c8aec83b76dfecc05b8f5d8f40fd61b24980c0287a07294f75f321c2d42c32b4 + name: mongodb-image-5-0-18-ubi8 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:f71b027fccf649f18f63f8df7a59b1bac421a2cdab6712e0c985a93c08ed970a + name: ops_manager_image_repository_7_0_18 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:720056b985c1a16d48b2aecb7a88a15cba3d8186e55b3c6c24729699a85c8232 + name: mongodb_image_5_0_11_ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:5c8553e5ba115657fb878c0fe08704af9fd5decec572a87d89d2c8c156ffc9f9 + name: mongodb_image_5_0_16_ubi8 + - image: quay.io/mongodb/mongodb-agent@sha256:89819704d70a3b6b4d2358745a22060ef740b33ad5c6debf8e6ac4d4a6fd63ba + name: agent-image-108-0-3-8758-1 + - image: quay.io/mongodb/mongodb-agent@sha256:6cc4e953df3f09d793f0dbc6e57e55a3c5277ef63177a6d8f691a41227facf64 + name: agent-image-108-0-4-8770-1 + - image: quay.io/mongodb/mongodb-agent@sha256:b387b7458f5640f907c9074fcb08ae4d4785be31d4bb65f2d7c459cd6762b2d6 + name: agent-image-108-0-7-8810-1 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:19925e1297ab652db59c35f53e7b7c8b2b277f8ecdc4215682961aaf2b3e924e + name: mongodb-image-4-4-0-ubi8 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:439d6fefb469613432e2d05149dfc96c32b16469d743835d5f402a2ada8be8cc + name: ops_manager_image_repository_8_0_13 + - image: quay.io/mongodb/mongodb-agent@sha256:fa30370a75e8e4ac648650ceb39a7a259a754aab8a48d7e2f2801cd1b777e91b + name: agent-image-107-0-12-8669-1 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:5e3982493e85ac1e40536758c3145b7c2fff9a7b4be9d053ee41201363a89920 + name: ops-manager-image-repository-8-0-4 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:7885ab6e88214f9289d8babf5189136dde0dd4c84a15a5481ccd3ef512b2e66f + name: mongodb-image-4-4-3-ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:dfd4277f0c16ed476ac7de51894739e8c8d13a65ea5024b9a97b3dce0f6c6975 + name: mongodb-image-4-4-13-ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:ef732e3eea91cc86caf2eabedc0c9115ed235a8d204f33e74bbf090a0b0259fb + name: mongodb-image-4-4-15-ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:85c1d669c073caf9cbaac815e4c8ea2ca18b71deefa03bf84cd6d8b8ebd53e12 + name: mongodb-image-4-4-19-ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:d49417ea85ee1ddb84429552a5aac87a82c2843904d8c0300a43b657b7a49e0e + name: mongodb-image-5-0-1-ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:8d7266b405ebb2dd24a9f7c12d3921024f547c3d8c01831e6bcfc1d551d63be1 + name: mongodb-image-5-0-12-ubi8 + - image: quay.io/mongodb/mongodb-kubernetes@sha256:e1113d025f9a4d7cd7d577bdbda0da886f1bb033603c6b907f62028b57223c27 + name: mongodb-kubernetes-operator + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:c752a7f0726d21d55f204a359b85fa29cd727a5fe571b37289ae3ea52d6206b0 + name: mongodb_image_4_4_1_ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:778f9e29e36d6687cd17dd95ec1f8127d2a732bde1a2dd5821212eb55c1c998a + name: mongodb_image_5_0_8_ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:c8aec83b76dfecc05b8f5d8f40fd61b24980c0287a07294f75f321c2d42c32b4 + name: mongodb_image_5_0_18_ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:454b1585c342375dea643b10ead688d0f62347841f5f30059fcd4f92e3297ee9 + name: mongodb_image_6_0_3_ubi8 + - image: quay.io/mongodb/mongodb-agent@sha256:5f5031e4c2a3729f618d026b0a7f34fd4509ea73d5a4e3068b551041dc291583 + name: agent-image-107-0-15-8741-1 + - image: quay.io/mongodb/mongodb-agent@sha256:ee9f3906d893004bb2aaaa6412646f58288b0684502b9e90f33cafadcfce4349 + name: agent-image-108-0-11-8830-1 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:a4590af027182305913f0de1a2e37ad8612bd73b8b31f4df11068b80089021ff + name: ops-manager-image-repository-6-0-27 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:8445d59d491a6d3890ea9c8b421214bcd0fdcfbc420ed40497a790b79f0bc89e + name: mongodb-image-4-4-17-ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:a48a4d5c275fd669a27469649fb39ea38c728dbcf9f0a9da4e7cf27a2ce912ed + name: mongodb-image-5-0-2-ubi8 + - image: quay.io/mongodb/mongodb-kubernetes-init-database@sha256:c94ea981da47b2d7e65019a391d46d14ab64e29d91749931f32f57a425a52d13 + name: init_database_image_repository_1_5_0 + - image: quay.io/mongodb/mongodb-agent@sha256:6394391f78da5e3218bb2c694e7ec9f6682fd17a6dd7e7250b0c0b5e1729796d + name: agent_image_108_0_12_8846_1 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:b8aa1edbc5fb02af312a863bc7db8535a282dfd692a07b1e321e5a1acbfeb6a1 + name: ops_manager_image_repository_7_0_12 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:85b4e954c9c4bbe1019774bad1e05e9c8dc175648b01d3badf0b64143f182019 + name: ops_manager_image_repository_8_0_12 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:33bbd29b74f95baad522b380d70bcc9f933a3fee57642c37b09376c86179c40f + name: ops-manager-image-repository-8-0-1 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:5c8553e5ba115657fb878c0fe08704af9fd5decec572a87d89d2c8c156ffc9f9 + name: mongodb-image-5-0-16-ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:172e338a43df01ee5408d8d1e3cb038d2c55e77761c1a2ac6ed37959d1525140 + name: mongodb_image_4_4_6_ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:f2d9a3264a8814f33143b73c56624572fb80afeab184133d3a901713a31c1a87 + name: mongodb_image_5_0_4_ubi8 + - image: quay.io/mongodb/mongodb-agent@sha256:d8a2ef79d767f03162ec57fe028f9072294b292d376af8eb97d2967eb6d7047b + name: agent-image-107-0-13-8702-1 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:702f529cb9d8d9042e54263f8bc37b40c062ac2695efc3e7150819779886e323 + name: ops-manager-image-repository-7-0-17 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:b00ac773623e1bf422b47e6d783263d2d08737865abe9abbe106d86d1ea25165 + name: mongodb-image-4-4-14-ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:8445d59d491a6d3890ea9c8b421214bcd0fdcfbc420ed40497a790b79f0bc89e + name: mongodb_image_4_4_17_ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:a48a4d5c275fd669a27469649fb39ea38c728dbcf9f0a9da4e7cf27a2ce912ed + name: mongodb_image_5_0_2_ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:8d7266b405ebb2dd24a9f7c12d3921024f547c3d8c01831e6bcfc1d551d63be1 + name: mongodb_image_5_0_12_ubi8 + - image: quay.io/mongodb/mongodb-agent@sha256:6c23febaa9dd52bc29ac1e52d087fc4b2b47c578f4d6ac3a1674bb750a38cb07 + name: agent-image-108-0-6-8796-1 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:b9ab7147b59b62e40a69c6400f87d0c7faecfa5462bed6e68ca653b00e50b887 + name: ops-manager-image-repository-8-0-0 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:146c4f5dc443f94f54d72808b4e4df93bb904e23589b222d17700166780776b4 + name: ops_manager_image_repository_8_0_5 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:11ab324698f919f84a5dab5a964d93fe63f98a48146bb3b86974cba7606d30ec + name: mongodb_image_4_4_8_ubi8 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:85b4e954c9c4bbe1019774bad1e05e9c8dc175648b01d3badf0b64143f182019 + name: ops-manager-image-repository-8-0-12 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:aa8683500e8d3632c4588bbcdddb4e3186a01f48aefe1b6d95f8860dae8b6c76 + name: mongodb-image-4-4-21-ubi8 + - image: quay.io/mongodb/mongodb-agent@sha256:6cc4e953df3f09d793f0dbc6e57e55a3c5277ef63177a6d8f691a41227facf64 + name: agent_image_108_0_4_8770_1 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:d49417ea85ee1ddb84429552a5aac87a82c2843904d8c0300a43b657b7a49e0e + name: mongodb_image_5_0_1_ubi8 + - image: quay.io/mongodb/mongodb-kubernetes@sha256:e1113d025f9a4d7cd7d577bdbda0da886f1bb033603c6b907f62028b57223c27 + name: mongodb-kubernetes-e1113d025f9a4d7cd7d577bdbda0da886f1bb033603c6b907f62028b57223c27-annotation + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:172e338a43df01ee5408d8d1e3cb038d2c55e77761c1a2ac6ed37959d1525140 + name: mongodb-image-4-4-6-ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:9bef77e905dadd1e61d0439dd53b21ed1f3606e49affd9ffc4ba8156578e8f0f + name: mongodb-image-6-0-0-ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:3316015ac0699d66ac73f714e5dc0784738654e0349e80b1e1f4e953b3c88964 + name: mongodb-image-6-0-4-ubi8 + - image: quay.io/mongodb/mongodb-search@sha256:7149a7b6f1ee84646d3972837920f80fc5db49503c598406ce92e2f794bd5f0d + name: mdb_search_image_0_53_1 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:d323c1bcd14118cc537ac282996ea5a58756d20b6b73f1eec0efa8710d246077 + name: mongodb-image-5-0-5-ubi8 + - image: quay.io/mongodb/mongodb-kubernetes-init-appdb@sha256:646840c0f3782c539dbb491416557e5ffebda1097a948d180fb1529ba45cc867 + name: init-appdb-image-repository-1-5-0 + - image: quay.io/mongodb/mongodb-agent@sha256:a8358ce465adf463d8e73916d7944765d7aaf2b0ed10bd3b8119a87fc9080667 + name: agent-image-108-0-1-8718-1 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:f71b027fccf649f18f63f8df7a59b1bac421a2cdab6712e0c985a93c08ed970a + name: ops-manager-image-repository-7-0-18 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:376ad7e5fe42651d946cba5705c0eee44aa636c1b4ff258210e4ce2fe4205b4d + name: mongodb_image_8_0_0_ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:15e31285c8949a4666f7702df53416b0905d76945a28575a6028a876cc8a6f0f + name: mongodb-image-4-4-7-ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:655896bac9e82de8e9729d59a36c3a31f66235f22b93449260a2ccb7709de084 + name: mongodb-image-4-4-9-ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:d21c65780cadc9d8668d2c28935d492625d6993f13ba562722200a819281cbcc + name: mongodb-image-4-4-12-ubi8 + - image: quay.io/mongodb/mongodb-search@sha256:7149a7b6f1ee84646d3972837920f80fc5db49503c598406ce92e2f794bd5f0d + name: mdb-search-image-0-53-1 + - image: quay.io/mongodb/mongodb-agent@sha256:d8a2ef79d767f03162ec57fe028f9072294b292d376af8eb97d2967eb6d7047b + name: agent_image_107_0_13_8702_1 + - image: quay.io/mongodb/mongodb-agent@sha256:a8358ce465adf463d8e73916d7944765d7aaf2b0ed10bd3b8119a87fc9080667 + name: agent_image_108_0_1_8718_1 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:895dbdfb87ddc2e9693671c7108a31ab28e16fec2e5be6d046bdd2e30319eade + name: ops_manager_image_repository_8_0_11 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:655896bac9e82de8e9729d59a36c3a31f66235f22b93449260a2ccb7709de084 + name: mongodb_image_4_4_9_ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:df6081325ea2fe01d1b27d0c70005dec8232aaf51a43d91661b722b8a1761263 + name: mongodb_image_5_0_6_ubi8 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:fa4aa97767bd19cf3711a74bf21ecb9cbbc25fed6b6b09a2eb241ebd3fbc8f3a + name: ops-manager-image-repository-7-0-13 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:67238129df09d33ee4746ff1acb5515d699a29d9f42350eae3f3f69ccb7fbf54 + name: mongodb-image-4-4-16-ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:ef732e3eea91cc86caf2eabedc0c9115ed235a8d204f33e74bbf090a0b0259fb + name: mongodb_image_4_4_15_ubi8 + - image: quay.io/mongodb/mongodb-agent@sha256:6394391f78da5e3218bb2c694e7ec9f6682fd17a6dd7e7250b0c0b5e1729796d + name: agent-image-108-0-12-8846-1 + - image: quay.io/mongodb/mongodb-agent@sha256:5f5031e4c2a3729f618d026b0a7f34fd4509ea73d5a4e3068b551041dc291583 + name: agent_image_107_0_15_8741_1 + - image: quay.io/mongodb/mongodb-agent@sha256:32dbfdb8f447b42ba91c8501a5278cb1e6a60ecf37008ca38487b31440c24a23 + name: agent_image_108_0_13_8870_1 + - image: quay.io/mongodb/mongodb-agent@sha256:b422829aac63f068aed4a6948fd14cbd3c3bfad6d47ab76523f6839bf20b0203 + name: agent-image-108-0-2-8729-1 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:d81eac2129b6ab8346be1749c56ea67f6da64d4ee0fb9f3ff4171ba0f61918eb + name: ops-manager-image-repository-8-0-3 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:7a93a0276531ff9be4c90bb8fe8d104e0a9e930c29792aafe03cc6a76a9fa89c + name: mongodb-image-8-0-0-ubi9 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:fa4aa97767bd19cf3711a74bf21ecb9cbbc25fed6b6b09a2eb241ebd3fbc8f3a + name: ops_manager_image_repository_7_0_13 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:1a77851485ad3b2566e765b4bb051ff0ddfa48703492cef6c6db021dde84d87f + name: mongodb_image_5_0_9_ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:bfbcfcfc5f0de22e20520b2d96f826638e424adb028a909ccc192013d11f5833 + name: mongodb_image_6_0_5_ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:0fde236fe26d5b20210d6f246aadacd7845874712def516cbe2eec11d79d5181 + name: mongodb-image-4-4-5-ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:f2d9a3264a8814f33143b73c56624572fb80afeab184133d3a901713a31c1a87 + name: mongodb-image-5-0-4-ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:7885ab6e88214f9289d8babf5189136dde0dd4c84a15a5481ccd3ef512b2e66f + name: mongodb_image_4_4_3_ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:dfd4277f0c16ed476ac7de51894739e8c8d13a65ea5024b9a97b3dce0f6c6975 + name: mongodb_image_4_4_13_ubi8 + - image: quay.io/mongodb/mongodb-agent@sha256:b422829aac63f068aed4a6948fd14cbd3c3bfad6d47ab76523f6839bf20b0203 + name: agent_image_108_0_2_8729_1 + - image: quay.io/mongodb/mongodb-agent@sha256:2d5652d0e263aa94554e7a068c93e4fd94b84ec223f077361d030d172bc93f67 + name: agent-image-107-0-18-8784-1 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:3bbd3d7fd45d107621e7770f2b4c2a758e148cd472e0ee21719442f71bf6ade0 + name: ops-manager-image-repository-6-0-26 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:33a30d11969eb21952681108092fe7f916e25c8e1de43e6a4e40e126025a2bec + name: mongodb-image-4-4-10-ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:c48631742ad1fec8a9ee745fc3cc9ca1fe7d86ef7fa68ad8e8337c7a4566dc87 + name: mongodb-image-6-0-1-ubi8 + - image: quay.io/mongodb/mongodb-agent@sha256:cbdd6cbba0498fcf77c1d31acca0838024bffaf243fbc7ae7f7aced6df7f21ca + name: agent_image_13_41_0_9830_1 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:b7764c316eeacffd3f9ddae62d9fd2a74eb58484d2cfd5021e460095d604764f + name: ops_manager_image_repository_7_0_14 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:c752a7f0726d21d55f204a359b85fa29cd727a5fe571b37289ae3ea52d6206b0 + name: mongodb-image-4-4-1-ubi8 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:702f529cb9d8d9042e54263f8bc37b40c062ac2695efc3e7150819779886e323 + name: ops_manager_image_repository_7_0_17 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:3add8b68bfbaa42596fe5dbbee4623ba5ff1a826b18bb71301525adf574dcb94 + name: mongodb-image-5-0-3-ubi8 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:78f11c9cd5e63f2b0e10c67dc1491f4ce1279fa90178c108814725414defab9a + name: ops_manager_image_repository_8_0_6 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:a86c4d8a0b9ca3c20cc524809676eb03a944ada43378ec98c107cd72cc64700f + name: mongodb_image_5_0_15_ubi8 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:adeab0dc766a27138db7df5f37cbb1da860c14179ef631b2e001e5bb875325e4 + name: ops-manager-image-repository-8-0-7 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:778f9e29e36d6687cd17dd95ec1f8127d2a732bde1a2dd5821212eb55c1c998a + name: mongodb-image-5-0-8-ubi8 + - image: quay.io/mongodb/mongodb-kubernetes-init-ops-manager@sha256:5b071dd35157345bc4f6de97993685ba1c2612962f11b257d4d0aa33225d03e7 + name: init_ops_manager_image_repository_1_5_0 + - image: quay.io/mongodb/mongodb-agent@sha256:89819704d70a3b6b4d2358745a22060ef740b33ad5c6debf8e6ac4d4a6fd63ba + name: agent_image_108_0_3_8758_1 + - image: quay.io/mongodb/mongodb-agent@sha256:6c23febaa9dd52bc29ac1e52d087fc4b2b47c578f4d6ac3a1674bb750a38cb07 + name: agent_image_108_0_6_8796_1 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:37af0913742b6de339c7e664b30f35dcef04506529e4a09a9bbbdd57643f7149 + name: mongodb_image_4_4_20_ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:3fe62f3ad52707ccf0e9993c69891e44c569a4b4e1a3244cf60e3b5fdde57bd2 + name: mongodb_image_5_0_10_ubi8 + - image: quay.io/mongodb/mongodb-kubernetes-init-ops-manager@sha256:5b071dd35157345bc4f6de97993685ba1c2612962f11b257d4d0aa33225d03e7 + name: init-ops-manager-image-repository-1-5-0 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:b8aa1edbc5fb02af312a863bc7db8535a282dfd692a07b1e321e5a1acbfeb6a1 + name: ops-manager-image-repository-7-0-12 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:895dbdfb87ddc2e9693671c7108a31ab28e16fec2e5be6d046bdd2e30319eade + name: ops-manager-image-repository-8-0-11 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:fb8397cbcdbf7c33f6ad142492792771127f0d9a8c46388f350b6927405ee590 + name: mongodb-image-5-0-0-ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:aa300abf739e26350a258f643fa8e57aedacd041055c7b923bd22b21ef554cdb + name: mongodb-image-5-0-7-ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:3fe62f3ad52707ccf0e9993c69891e44c569a4b4e1a3244cf60e3b5fdde57bd2 + name: mongodb-image-5-0-10-ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:bfbcfcfc5f0de22e20520b2d96f826638e424adb028a909ccc192013d11f5833 + name: mongodb-image-6-0-5-ubi8 + - image: quay.io/mongodb/mongodb-agent@sha256:af3de4f631d0b00cae7f7e80c3900378ba7e449e01830bf9dc643b873d2e6d33 + name: agent_image_12_0_35_7911_1 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:b9ab7147b59b62e40a69c6400f87d0c7faecfa5462bed6e68ca653b00e50b887 + name: ops_manager_image_repository_8_0_0 + - image: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi@sha256:5e3982493e85ac1e40536758c3145b7c2fff9a7b4be9d053ee41201363a89920 + name: ops_manager_image_repository_8_0_4 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:15e31285c8949a4666f7702df53416b0905d76945a28575a6028a876cc8a6f0f + name: mongodb_image_4_4_7_ubi8 + - image: quay.io/mongodb/mongodb-enterprise-server@sha256:33a30d11969eb21952681108092fe7f916e25c8e1de43e6a4e40e126025a2bec + name: mongodb_image_4_4_10_ubi8 + replaces: mongodb-kubernetes.v1.4.0 + version: 1.5.0 + webhookdefinitions: + - admissionReviewVersions: + - v1 + deploymentName: mongodb-kubernetes-operator + failurePolicy: Ignore + generateName: validate-mongodb.mongodb.com + rules: + - apiGroups: + - mongodb.com + apiVersions: + - v1 + operations: + - CREATE + - UPDATE + resources: + - mongodb + sideEffects: None + timeoutSeconds: 5 + type: ValidatingAdmissionWebhook + webhookPath: /validate-mongodb-com-v1-mongodb + - admissionReviewVersions: + - v1 + deploymentName: mongodb-kubernetes-operator + failurePolicy: Ignore + generateName: validate-mongodbmulticluster.mongodb.com + rules: + - apiGroups: + - mongodb.com + apiVersions: + - v1 + operations: + - CREATE + - UPDATE + resources: + - mongodbmulticluster + sideEffects: None + timeoutSeconds: 5 + type: ValidatingAdmissionWebhook + webhookPath: /validate-mongodb-com-v1-mongodbmulticluster + - admissionReviewVersions: + - v1 + deploymentName: mongodb-kubernetes-operator + failurePolicy: Ignore + generateName: validate-opsmanagers.mongodb.com + rules: + - apiGroups: + - mongodb.com + apiVersions: + - v1 + operations: + - CREATE + - UPDATE + resources: + - opsmanagers + sideEffects: None + timeoutSeconds: 5 + type: ValidatingAdmissionWebhook + webhookPath: /validate-mongodb-com-v1-mongodbopsmanager diff --git a/operators/mongodb-kubernetes/1.5.0/manifests/mongodb.com_clustermongodbroles.yaml b/operators/mongodb-kubernetes/1.5.0/manifests/mongodb.com_clustermongodbroles.yaml new file mode 100644 index 000000000000..bac7dc3b4032 --- /dev/null +++ b/operators/mongodb-kubernetes/1.5.0/manifests/mongodb.com_clustermongodbroles.yaml @@ -0,0 +1,114 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + creationTimestamp: null + name: clustermongodbroles.mongodb.com +spec: + group: mongodb.com + names: + kind: ClusterMongoDBRole + listKind: ClusterMongoDBRoleList + plural: clustermongodbroles + shortNames: + - cmdbr + singular: clustermongodbrole + scope: Cluster + versions: + - additionalPrinterColumns: + - description: The time since the MongoDB Custom Role resource was created. + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: ClusterMongoDBRole is the Schema for the clustermongodbroles + API. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: ClusterMongoDBRoleSpec defines the desired state of ClusterMongoDBRole. + properties: + authenticationRestrictions: + items: + properties: + clientSource: + items: + type: string + type: array + serverAddress: + items: + type: string + type: array + type: object + type: array + db: + type: string + privileges: + items: + properties: + actions: + items: + type: string + type: array + resource: + properties: + cluster: + type: boolean + collection: + type: string + db: + type: string + type: object + required: + - actions + - resource + type: object + type: array + role: + type: string + roles: + items: + properties: + db: + type: string + role: + type: string + required: + - db + - role + type: object + type: array + required: + - db + - role + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/mongodb-kubernetes/1.5.0/manifests/mongodb.com_mongodb.yaml b/operators/mongodb-kubernetes/1.5.0/manifests/mongodb.com_mongodb.yaml new file mode 100644 index 000000000000..217dac19ff17 --- /dev/null +++ b/operators/mongodb-kubernetes/1.5.0/manifests/mongodb.com_mongodb.yaml @@ -0,0 +1,2757 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + creationTimestamp: null + name: mongodb.mongodb.com +spec: + group: mongodb.com + names: + kind: MongoDB + listKind: MongoDBList + plural: mongodb + shortNames: + - mdb + singular: mongodb + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Current state of the MongoDB deployment. + jsonPath: .status.phase + name: Phase + type: string + - description: Version of MongoDB server. + jsonPath: .status.version + name: Version + type: string + - description: The type of MongoDB deployment. One of 'ReplicaSet', 'ShardedCluster' + and 'Standalone'. + jsonPath: .spec.type + name: Type + type: string + - description: The time since the MongoDB resource was created. + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + properties: + additionalMongodConfig: + description: |- + AdditionalMongodConfig is additional configuration that can be passed to + each data-bearing mongod at runtime. Uses the same structure as the mongod + configuration file: + https://docs.mongodb.com/manual/reference/configuration-options/ + type: object + x-kubernetes-preserve-unknown-fields: true + agent: + properties: + backupAgent: + properties: + logRotate: + description: LogRotate configures log rotation for the BackupAgent + processes + properties: + sizeThresholdMB: + description: |- + Maximum size for an individual log file before rotation. + OM only supports ints + type: integer + timeThresholdHrs: + description: Number of hours after which this MongoDB + Agent rotates the log file. + type: integer + type: object + type: object + logLevel: + type: string + logRotate: + description: DEPRECATED please use mongod.logRotate + properties: + includeAuditLogsWithMongoDBLogs: + description: |- + set to 'true' to have the Automation Agent rotate the audit files along + with mongodb log files + type: boolean + numTotal: + description: maximum number of log files to have total + type: integer + numUncompressed: + description: maximum number of log files to leave uncompressed + type: integer + percentOfDiskspace: + description: |- + Maximum percentage of the total disk space these log files should take up. + The string needs to be able to be converted to float64 + type: string + sizeThresholdMB: + description: |- + Maximum size for an individual log file before rotation. + The string needs to be able to be converted to float64. + Fractional values of MB are supported. + type: string + timeThresholdHrs: + description: maximum hours for an individual log file before + rotation + type: integer + required: + - sizeThresholdMB + - timeThresholdHrs + type: object + maxLogFileDurationHours: + type: integer + mongod: + description: AgentLoggingMongodConfig contain settings for the + mongodb processes configured by the agent + properties: + auditlogRotate: + description: LogRotate configures audit log rotation for the + mongodb processes + properties: + includeAuditLogsWithMongoDBLogs: + description: |- + set to 'true' to have the Automation Agent rotate the audit files along + with mongodb log files + type: boolean + numTotal: + description: maximum number of log files to have total + type: integer + numUncompressed: + description: maximum number of log files to leave uncompressed + type: integer + percentOfDiskspace: + description: |- + Maximum percentage of the total disk space these log files should take up. + The string needs to be able to be converted to float64 + type: string + sizeThresholdMB: + description: |- + Maximum size for an individual log file before rotation. + The string needs to be able to be converted to float64. + Fractional values of MB are supported. + type: string + timeThresholdHrs: + description: maximum hours for an individual log file + before rotation + type: integer + required: + - sizeThresholdMB + - timeThresholdHrs + type: object + logRotate: + description: LogRotate configures log rotation for the mongodb + processes + properties: + includeAuditLogsWithMongoDBLogs: + description: |- + set to 'true' to have the Automation Agent rotate the audit files along + with mongodb log files + type: boolean + numTotal: + description: maximum number of log files to have total + type: integer + numUncompressed: + description: maximum number of log files to leave uncompressed + type: integer + percentOfDiskspace: + description: |- + Maximum percentage of the total disk space these log files should take up. + The string needs to be able to be converted to float64 + type: string + sizeThresholdMB: + description: |- + Maximum size for an individual log file before rotation. + The string needs to be able to be converted to float64. + Fractional values of MB are supported. + type: string + timeThresholdHrs: + description: maximum hours for an individual log file + before rotation + type: integer + required: + - sizeThresholdMB + - timeThresholdHrs + type: object + systemLog: + description: SystemLog configures system log of mongod + properties: + destination: + type: string + logAppend: + type: boolean + path: + type: string + required: + - destination + - logAppend + - path + type: object + type: object + monitoringAgent: + properties: + logRotate: + description: LogRotate configures log rotation for the BackupAgent + processes + properties: + sizeThresholdMB: + description: |- + Maximum size for an individual log file before rotation. + OM only supports ints + type: integer + timeThresholdHrs: + description: Number of hours after which this MongoDB + Agent rotates the log file. + type: integer + type: object + type: object + readinessProbe: + properties: + environmentVariables: + additionalProperties: + type: string + type: object + type: object + startupOptions: + additionalProperties: + type: string + description: |- + StartupParameters can be used to configure the startup parameters with which the agent starts. That also contains + log rotation settings as defined here: + type: object + systemLog: + description: DEPRECATED please use mongod.systemLog + properties: + destination: + type: string + logAppend: + type: boolean + path: + type: string + required: + - destination + - logAppend + - path + type: object + type: object + backup: + description: |- + Backup contains configuration options for configuring + backup for this MongoDB resource + properties: + assignmentLabels: + description: Assignment Labels set in the Ops Manager + items: + type: string + type: array + autoTerminateOnDeletion: + description: |- + AutoTerminateOnDeletion indicates if the Operator should stop and terminate the Backup before the cleanup, + when the MongoDB CR is deleted + type: boolean + encryption: + description: Encryption settings + properties: + kmip: + description: Kmip corresponds to the KMIP configuration assigned + to the Ops Manager Project's configuration. + properties: + client: + description: KMIP Client configuration + properties: + clientCertificatePrefix: + description: |- + A prefix used to construct KMIP client certificate (and corresponding password) Secret names. + The names are generated using the following pattern: + KMIP Client Certificate (TLS Secret): + --kmip-client + KMIP Client Certificate Password: + --kmip-client-password + The expected key inside is called "password". + type: string + type: object + required: + - client + type: object + type: object + mode: + enum: + - enabled + - disabled + - terminated + type: string + snapshotSchedule: + properties: + clusterCheckpointIntervalMin: + enum: + - 15 + - 30 + - 60 + type: integer + dailySnapshotRetentionDays: + description: Number of days to retain daily snapshots. Setting + 0 will disable this rule. + maximum: 365 + minimum: 0 + type: integer + fullIncrementalDayOfWeek: + description: Day of the week when Ops Manager takes a full + snapshot. This ensures a recent complete backup. Ops Manager + sets the default value to SUNDAY. + enum: + - SUNDAY + - MONDAY + - TUESDAY + - WEDNESDAY + - THURSDAY + - FRIDAY + - SATURDAY + type: string + monthlySnapshotRetentionMonths: + description: Number of months to retain weekly snapshots. + Setting 0 will disable this rule. + maximum: 36 + minimum: 0 + type: integer + pointInTimeWindowHours: + description: Number of hours in the past for which a point-in-time + snapshot can be created. + enum: + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + - 7 + - 15 + - 30 + - 60 + - 90 + - 120 + - 180 + - 360 + type: integer + referenceHourOfDay: + description: Hour of the day to schedule snapshots using a + 24-hour clock, in UTC. + maximum: 23 + minimum: 0 + type: integer + referenceMinuteOfHour: + description: Minute of the hour to schedule snapshots, in + UTC. + maximum: 59 + minimum: 0 + type: integer + snapshotIntervalHours: + description: Number of hours between snapshots. + enum: + - 6 + - 8 + - 12 + - 24 + type: integer + snapshotRetentionDays: + description: Number of days to keep recent snapshots. + maximum: 365 + minimum: 1 + type: integer + weeklySnapshotRetentionWeeks: + description: Number of weeks to retain weekly snapshots. Setting + 0 will disable this rule + maximum: 365 + minimum: 0 + type: integer + type: object + type: object + cloudManager: + properties: + configMapRef: + properties: + name: + type: string + type: object + type: object + clusterDomain: + format: hostname + type: string + configServerCount: + type: integer + configSrv: + properties: + additionalMongodConfig: + type: object + x-kubernetes-preserve-unknown-fields: true + agent: + description: |- + Configuring logRotation is not allowed under this section. + Please use the most top level resource fields for this; spec.Agent + properties: + backupAgent: + properties: + logRotate: + description: LogRotate configures log rotation for the + BackupAgent processes + properties: + sizeThresholdMB: + description: |- + Maximum size for an individual log file before rotation. + OM only supports ints + type: integer + timeThresholdHrs: + description: Number of hours after which this MongoDB + Agent rotates the log file. + type: integer + type: object + type: object + logLevel: + type: string + logRotate: + description: DEPRECATED please use mongod.logRotate + properties: + includeAuditLogsWithMongoDBLogs: + description: |- + set to 'true' to have the Automation Agent rotate the audit files along + with mongodb log files + type: boolean + numTotal: + description: maximum number of log files to have total + type: integer + numUncompressed: + description: maximum number of log files to leave uncompressed + type: integer + percentOfDiskspace: + description: |- + Maximum percentage of the total disk space these log files should take up. + The string needs to be able to be converted to float64 + type: string + sizeThresholdMB: + description: |- + Maximum size for an individual log file before rotation. + The string needs to be able to be converted to float64. + Fractional values of MB are supported. + type: string + timeThresholdHrs: + description: maximum hours for an individual log file + before rotation + type: integer + required: + - sizeThresholdMB + - timeThresholdHrs + type: object + maxLogFileDurationHours: + type: integer + mongod: + description: AgentLoggingMongodConfig contain settings for + the mongodb processes configured by the agent + properties: + auditlogRotate: + description: LogRotate configures audit log rotation for + the mongodb processes + properties: + includeAuditLogsWithMongoDBLogs: + description: |- + set to 'true' to have the Automation Agent rotate the audit files along + with mongodb log files + type: boolean + numTotal: + description: maximum number of log files to have total + type: integer + numUncompressed: + description: maximum number of log files to leave + uncompressed + type: integer + percentOfDiskspace: + description: |- + Maximum percentage of the total disk space these log files should take up. + The string needs to be able to be converted to float64 + type: string + sizeThresholdMB: + description: |- + Maximum size for an individual log file before rotation. + The string needs to be able to be converted to float64. + Fractional values of MB are supported. + type: string + timeThresholdHrs: + description: maximum hours for an individual log file + before rotation + type: integer + required: + - sizeThresholdMB + - timeThresholdHrs + type: object + logRotate: + description: LogRotate configures log rotation for the + mongodb processes + properties: + includeAuditLogsWithMongoDBLogs: + description: |- + set to 'true' to have the Automation Agent rotate the audit files along + with mongodb log files + type: boolean + numTotal: + description: maximum number of log files to have total + type: integer + numUncompressed: + description: maximum number of log files to leave + uncompressed + type: integer + percentOfDiskspace: + description: |- + Maximum percentage of the total disk space these log files should take up. + The string needs to be able to be converted to float64 + type: string + sizeThresholdMB: + description: |- + Maximum size for an individual log file before rotation. + The string needs to be able to be converted to float64. + Fractional values of MB are supported. + type: string + timeThresholdHrs: + description: maximum hours for an individual log file + before rotation + type: integer + required: + - sizeThresholdMB + - timeThresholdHrs + type: object + systemLog: + description: SystemLog configures system log of mongod + properties: + destination: + type: string + logAppend: + type: boolean + path: + type: string + required: + - destination + - logAppend + - path + type: object + type: object + monitoringAgent: + properties: + logRotate: + description: LogRotate configures log rotation for the + BackupAgent processes + properties: + sizeThresholdMB: + description: |- + Maximum size for an individual log file before rotation. + OM only supports ints + type: integer + timeThresholdHrs: + description: Number of hours after which this MongoDB + Agent rotates the log file. + type: integer + type: object + type: object + readinessProbe: + properties: + environmentVariables: + additionalProperties: + type: string + type: object + type: object + startupOptions: + additionalProperties: + type: string + description: |- + StartupParameters can be used to configure the startup parameters with which the agent starts. That also contains + log rotation settings as defined here: + type: object + systemLog: + description: DEPRECATED please use mongod.systemLog + properties: + destination: + type: string + logAppend: + type: boolean + path: + type: string + required: + - destination + - logAppend + - path + type: object + type: object + clusterSpecList: + items: + description: |- + ClusterSpecItem is the mongodb multi-cluster spec that is specific to a + particular Kubernetes cluster, this maps to the statefulset created in each cluster + properties: + clusterName: + description: |- + ClusterName is name of the cluster where the MongoDB Statefulset will be scheduled, the + name should have a one on one mapping with the service-account created in the central cluster + to talk to the workload clusters. + type: string + externalAccess: + description: ExternalAccessConfiguration provides external + access configuration for Multi-Cluster. + properties: + externalDomain: + description: An external domain that is used for exposing + MongoDB to the outside world. + type: string + externalService: + description: Provides a way to override the default + (NodePort) Service + properties: + annotations: + additionalProperties: + type: string + description: A map of annotations that shall be + added to the externally available Service. + type: object + spec: + description: A wrapper for the Service spec object. + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: object + memberConfig: + description: MemberConfig allows to specify votes, priorities + and tags for each of the mongodb process. + items: + properties: + priority: + type: string + tags: + additionalProperties: + type: string + type: object + votes: + type: integer + type: object + type: array + members: + description: Amount of members for this MongoDB Replica + Set + type: integer + podSpec: + properties: + persistence: + description: Note, that this field is used by MongoDB + resources only, let's keep it here for simplicity + properties: + multiple: + properties: + data: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + journal: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + logs: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + type: object + single: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + type: object + podTemplate: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + service: + description: this is an optional service, it will get the + name "-service" in case not provided + type: string + statefulSet: + description: |- + StatefulSetConfiguration holds the optional custom StatefulSet + that should be merged into the operator created one. + properties: + metadata: + description: StatefulSetMetadataWrapper is a wrapper + around Labels and Annotations + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - spec + type: object + required: + - members + type: object + type: array + type: object + x-kubernetes-preserve-unknown-fields: true + configSrvPodSpec: + properties: + persistence: + description: Note, that this field is used by MongoDB resources + only, let's keep it here for simplicity + properties: + multiple: + properties: + data: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + journal: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + logs: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + type: object + single: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + type: object + podTemplate: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + connectivity: + properties: + replicaSetHorizons: + description: |- + ReplicaSetHorizons holds list of maps of horizons to be configured in each of MongoDB processes. + Horizons map horizon names to the node addresses for each process in the replicaset, e.g.: + [ + { + "internal": "my-rs-0.my-internal-domain.com:31843", + "external": "my-rs-0.my-external-domain.com:21467" + }, + { + "internal": "my-rs-1.my-internal-domain.com:31843", + "external": "my-rs-1.my-external-domain.com:21467" + }, + ... + ] + The key of each item in the map is an arbitrary, user-chosen string that + represents the name of the horizon. The value of the item is the host and, + optionally, the port that this mongod node will be connected to from. + items: + additionalProperties: + type: string + type: object + type: array + type: object + credentials: + description: Name of the Secret holding credentials information + type: string + duplicateServiceObjects: + description: |- + In few service mesh options for ex: Istio, by default we would need to duplicate the + service objects created per pod in all the clusters to enable DNS resolution. Users can + however configure their ServiceMesh with DNS proxy(https://istio.io/latest/docs/ops/configuration/traffic-management/dns-proxy/) + enabled in which case the operator doesn't need to create the service objects per cluster. This options tells the operator + whether it should create the service objects in all the clusters or not. By default, if not specified the operator would create the duplicate svc objects. + type: boolean + externalAccess: + description: ExternalAccessConfiguration provides external access + configuration. + properties: + externalDomain: + description: An external domain that is used for exposing MongoDB + to the outside world. + type: string + externalService: + description: Provides a way to override the default (NodePort) + Service + properties: + annotations: + additionalProperties: + type: string + description: A map of annotations that shall be added to the + externally available Service. + type: object + spec: + description: A wrapper for the Service spec object. + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: object + featureCompatibilityVersion: + type: string + logLevel: + enum: + - DEBUG + - INFO + - WARN + - ERROR + - FATAL + type: string + memberConfig: + description: MemberConfig allows to specify votes, priorities and + tags for each of the mongodb process. + items: + properties: + priority: + type: string + tags: + additionalProperties: + type: string + type: object + votes: + type: integer + type: object + type: array + x-kubernetes-preserve-unknown-fields: true + members: + description: Amount of members for this MongoDB Replica Set + type: integer + mongodsPerShardCount: + type: integer + mongos: + properties: + additionalMongodConfig: + type: object + x-kubernetes-preserve-unknown-fields: true + agent: + description: |- + Configuring logRotation is not allowed under this section. + Please use the most top level resource fields for this; spec.Agent + properties: + backupAgent: + properties: + logRotate: + description: LogRotate configures log rotation for the + BackupAgent processes + properties: + sizeThresholdMB: + description: |- + Maximum size for an individual log file before rotation. + OM only supports ints + type: integer + timeThresholdHrs: + description: Number of hours after which this MongoDB + Agent rotates the log file. + type: integer + type: object + type: object + logLevel: + type: string + logRotate: + description: DEPRECATED please use mongod.logRotate + properties: + includeAuditLogsWithMongoDBLogs: + description: |- + set to 'true' to have the Automation Agent rotate the audit files along + with mongodb log files + type: boolean + numTotal: + description: maximum number of log files to have total + type: integer + numUncompressed: + description: maximum number of log files to leave uncompressed + type: integer + percentOfDiskspace: + description: |- + Maximum percentage of the total disk space these log files should take up. + The string needs to be able to be converted to float64 + type: string + sizeThresholdMB: + description: |- + Maximum size for an individual log file before rotation. + The string needs to be able to be converted to float64. + Fractional values of MB are supported. + type: string + timeThresholdHrs: + description: maximum hours for an individual log file + before rotation + type: integer + required: + - sizeThresholdMB + - timeThresholdHrs + type: object + maxLogFileDurationHours: + type: integer + mongod: + description: AgentLoggingMongodConfig contain settings for + the mongodb processes configured by the agent + properties: + auditlogRotate: + description: LogRotate configures audit log rotation for + the mongodb processes + properties: + includeAuditLogsWithMongoDBLogs: + description: |- + set to 'true' to have the Automation Agent rotate the audit files along + with mongodb log files + type: boolean + numTotal: + description: maximum number of log files to have total + type: integer + numUncompressed: + description: maximum number of log files to leave + uncompressed + type: integer + percentOfDiskspace: + description: |- + Maximum percentage of the total disk space these log files should take up. + The string needs to be able to be converted to float64 + type: string + sizeThresholdMB: + description: |- + Maximum size for an individual log file before rotation. + The string needs to be able to be converted to float64. + Fractional values of MB are supported. + type: string + timeThresholdHrs: + description: maximum hours for an individual log file + before rotation + type: integer + required: + - sizeThresholdMB + - timeThresholdHrs + type: object + logRotate: + description: LogRotate configures log rotation for the + mongodb processes + properties: + includeAuditLogsWithMongoDBLogs: + description: |- + set to 'true' to have the Automation Agent rotate the audit files along + with mongodb log files + type: boolean + numTotal: + description: maximum number of log files to have total + type: integer + numUncompressed: + description: maximum number of log files to leave + uncompressed + type: integer + percentOfDiskspace: + description: |- + Maximum percentage of the total disk space these log files should take up. + The string needs to be able to be converted to float64 + type: string + sizeThresholdMB: + description: |- + Maximum size for an individual log file before rotation. + The string needs to be able to be converted to float64. + Fractional values of MB are supported. + type: string + timeThresholdHrs: + description: maximum hours for an individual log file + before rotation + type: integer + required: + - sizeThresholdMB + - timeThresholdHrs + type: object + systemLog: + description: SystemLog configures system log of mongod + properties: + destination: + type: string + logAppend: + type: boolean + path: + type: string + required: + - destination + - logAppend + - path + type: object + type: object + monitoringAgent: + properties: + logRotate: + description: LogRotate configures log rotation for the + BackupAgent processes + properties: + sizeThresholdMB: + description: |- + Maximum size for an individual log file before rotation. + OM only supports ints + type: integer + timeThresholdHrs: + description: Number of hours after which this MongoDB + Agent rotates the log file. + type: integer + type: object + type: object + readinessProbe: + properties: + environmentVariables: + additionalProperties: + type: string + type: object + type: object + startupOptions: + additionalProperties: + type: string + description: |- + StartupParameters can be used to configure the startup parameters with which the agent starts. That also contains + log rotation settings as defined here: + type: object + systemLog: + description: DEPRECATED please use mongod.systemLog + properties: + destination: + type: string + logAppend: + type: boolean + path: + type: string + required: + - destination + - logAppend + - path + type: object + type: object + clusterSpecList: + items: + description: |- + ClusterSpecItem is the mongodb multi-cluster spec that is specific to a + particular Kubernetes cluster, this maps to the statefulset created in each cluster + properties: + clusterName: + description: |- + ClusterName is name of the cluster where the MongoDB Statefulset will be scheduled, the + name should have a one on one mapping with the service-account created in the central cluster + to talk to the workload clusters. + type: string + externalAccess: + description: ExternalAccessConfiguration provides external + access configuration for Multi-Cluster. + properties: + externalDomain: + description: An external domain that is used for exposing + MongoDB to the outside world. + type: string + externalService: + description: Provides a way to override the default + (NodePort) Service + properties: + annotations: + additionalProperties: + type: string + description: A map of annotations that shall be + added to the externally available Service. + type: object + spec: + description: A wrapper for the Service spec object. + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: object + memberConfig: + description: MemberConfig allows to specify votes, priorities + and tags for each of the mongodb process. + items: + properties: + priority: + type: string + tags: + additionalProperties: + type: string + type: object + votes: + type: integer + type: object + type: array + members: + description: Amount of members for this MongoDB Replica + Set + type: integer + podSpec: + properties: + persistence: + description: Note, that this field is used by MongoDB + resources only, let's keep it here for simplicity + properties: + multiple: + properties: + data: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + journal: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + logs: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + type: object + single: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + type: object + podTemplate: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + service: + description: this is an optional service, it will get the + name "-service" in case not provided + type: string + statefulSet: + description: |- + StatefulSetConfiguration holds the optional custom StatefulSet + that should be merged into the operator created one. + properties: + metadata: + description: StatefulSetMetadataWrapper is a wrapper + around Labels and Annotations + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - spec + type: object + required: + - members + type: object + type: array + type: object + x-kubernetes-preserve-unknown-fields: true + mongosCount: + type: integer + mongosPodSpec: + properties: + persistence: + description: Note, that this field is used by MongoDB resources + only, let's keep it here for simplicity + properties: + multiple: + properties: + data: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + journal: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + logs: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + type: object + single: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + type: object + podTemplate: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + opsManager: + properties: + configMapRef: + properties: + name: + type: string + type: object + type: object + persistent: + type: boolean + podSpec: + properties: + persistence: + description: Note, that this field is used by MongoDB resources + only, let's keep it here for simplicity + properties: + multiple: + properties: + data: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + journal: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + logs: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + type: object + single: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + type: object + podTemplate: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + prometheus: + description: Prometheus configurations. + properties: + metricsPath: + description: Indicates path to the metrics endpoint. + pattern: ^\/[a-z0-9]+$ + type: string + passwordSecretRef: + description: Name of a Secret containing a HTTP Basic Auth Password. + properties: + key: + description: Key is the key in the secret storing this password. + Defaults to "password" + type: string + name: + description: Name is the name of the secret storing this user's + password + type: string + required: + - name + type: object + port: + description: Port where metrics endpoint will bind to. Defaults + to 9216. + type: integer + tlsSecretKeyRef: + description: |- + Name of a Secret (type kubernetes.io/tls) holding the certificates to use in the + Prometheus endpoint. + properties: + key: + description: Key is the key in the secret storing this password. + Defaults to "password" + type: string + name: + description: Name is the name of the secret storing this user's + password + type: string + required: + - name + type: object + username: + description: HTTP Basic Auth Username for metrics endpoint. + type: string + required: + - passwordSecretRef + - username + type: object + security: + properties: + authentication: + description: |- + Authentication holds various authentication related settings that affect + this MongoDB resource. + properties: + agents: + description: Agents contains authentication configuration + properties for the agents + properties: + automationLdapGroupDN: + type: string + automationPasswordSecretRef: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + automationUserName: + type: string + clientCertificateSecretRef: + type: object + x-kubernetes-preserve-unknown-fields: true + mode: + description: Mode is the desired Authentication mode that + the agents will use + type: string + required: + - mode + type: object + enabled: + type: boolean + ignoreUnknownUsers: + description: IgnoreUnknownUsers maps to the inverse of auth.authoritativeSet + type: boolean + internalCluster: + type: string + ldap: + description: LDAP Configuration + properties: + authzQueryTemplate: + type: string + bindQueryPasswordSecretRef: + properties: + name: + type: string + required: + - name + type: object + bindQueryUser: + type: string + caConfigMapRef: + description: Allows to point at a ConfigMap/key with a + CA file to mount on the Pod + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + servers: + items: + type: string + type: array + timeoutMS: + type: integer + transportSecurity: + enum: + - tls + - none + type: string + userCacheInvalidationInterval: + type: integer + userToDNMapping: + type: string + validateLDAPServerConfig: + type: boolean + type: object + modes: + items: + enum: + - X509 + - SCRAM + - SCRAM-SHA-1 + - MONGODB-CR + - SCRAM-SHA-256 + - LDAP + - OIDC + type: string + type: array + oidcProviderConfigs: + description: Configuration for OIDC providers + items: + properties: + audience: + description: |- + Entity that your external identity provider intends the token for. + Enter the audience value from the app you registered with external Identity Provider. + type: string + authorizationMethod: + description: |- + Configure single-sign-on for human user access to deployments with Workforce Identity Federation. + For programmatic, application access to deployments use Workload Identity Federation. + Only one Workforce Identity Federation IdP can be configured per MongoDB resource + enum: + - WorkforceIdentityFederation + - WorkloadIdentityFederation + type: string + authorizationType: + description: |- + Select GroupMembership to grant authorization based on IdP user group membership, or select UserID to grant + an individual user authorization. + enum: + - GroupMembership + - UserID + type: string + clientId: + description: |- + Unique identifier for your registered application. Enter the clientId value from the app you + registered with an external Identity Provider. + Required when selected Workforce Identity Federation authorization method + type: string + configurationName: + description: |- + Unique label that identifies this configuration. It is case-sensitive and can only contain the following characters: + - alphanumeric characters (combination of a to z and 0 to 9) + - hyphens (-) + - underscores (_) + pattern: ^[a-zA-Z0-9-_]+$ + type: string + groupsClaim: + description: |- + The identifier of the claim that includes the principal's IdP user group membership information. + Required when selected GroupMembership as the authorization type, ignored otherwise + type: string + issuerURI: + description: |- + Issuer value provided by your registered IdP application. Using this URI, MongoDB finds an OpenID Connect Provider + Configuration Document, which should be available in the /.wellknown/open-id-configuration endpoint. + For MongoDB 8.0+, the combination of issuerURI and audience must be unique across OIDC provider configurations. + For other MongoDB versions, the issuerURI itself must be unique. + type: string + requestedScopes: + description: |- + Tokens that give users permission to request data from the authorization endpoint. + Only used for Workforce Identity Federation authorization method + items: + type: string + type: array + userClaim: + default: sub + description: |- + The identifier of the claim that includes the user principal identity. + Accept the default value unless your IdP uses a different claim. + type: string + required: + - audience + - authorizationMethod + - authorizationType + - configurationName + - issuerURI + - userClaim + type: object + type: array + requireClientTLSAuthentication: + description: Clients should present valid TLS certificates + type: boolean + required: + - enabled + type: object + certsSecretPrefix: + type: string + roleRefs: + items: + properties: + kind: + enum: + - ClusterMongoDBRole + type: string + name: + type: string + required: + - kind + - name + type: object + type: array + roles: + items: + properties: + authenticationRestrictions: + items: + properties: + clientSource: + items: + type: string + type: array + serverAddress: + items: + type: string + type: array + type: object + type: array + db: + type: string + privileges: + items: + properties: + actions: + items: + type: string + type: array + resource: + properties: + cluster: + type: boolean + collection: + type: string + db: + type: string + type: object + required: + - actions + - resource + type: object + type: array + role: + type: string + roles: + items: + properties: + db: + type: string + role: + type: string + required: + - db + - role + type: object + type: array + required: + - db + - role + type: object + type: array + tls: + properties: + additionalCertificateDomains: + items: + type: string + type: array + ca: + description: |- + CA corresponds to a ConfigMap containing an entry for the CA certificate (ca.pem) + used to validate the certificates created already. + type: string + enabled: + description: |- + DEPRECATED please enable TLS by setting `security.certsSecretPrefix` or `security.tls.secretRef.prefix`. + Enables TLS for this resource. This will make the operator try to mount a + Secret with a defined name (-cert). + This is only used when enabling TLS on a MongoDB resource, and not on the + AppDB, where TLS is configured by setting `secretRef.Name`. + type: boolean + type: object + type: object + x-kubernetes-validations: + - message: At most one of roles or roleRefs can be non-empty + rule: '!(has(self.roles) && has(self.roleRefs)) || !(self.roles.size() + > 0 && self.roleRefs.size() > 0)' + service: + description: |- + DEPRECATED please use `spec.statefulSet.spec.serviceName` to provide a custom service name. + this is an optional service, it will get the name "-service" in case not provided + type: string + shard: + properties: + additionalMongodConfig: + type: object + x-kubernetes-preserve-unknown-fields: true + agent: + description: |- + Configuring logRotation is not allowed under this section. + Please use the most top level resource fields for this; spec.Agent + properties: + backupAgent: + properties: + logRotate: + description: LogRotate configures log rotation for the + BackupAgent processes + properties: + sizeThresholdMB: + description: |- + Maximum size for an individual log file before rotation. + OM only supports ints + type: integer + timeThresholdHrs: + description: Number of hours after which this MongoDB + Agent rotates the log file. + type: integer + type: object + type: object + logLevel: + type: string + logRotate: + description: DEPRECATED please use mongod.logRotate + properties: + includeAuditLogsWithMongoDBLogs: + description: |- + set to 'true' to have the Automation Agent rotate the audit files along + with mongodb log files + type: boolean + numTotal: + description: maximum number of log files to have total + type: integer + numUncompressed: + description: maximum number of log files to leave uncompressed + type: integer + percentOfDiskspace: + description: |- + Maximum percentage of the total disk space these log files should take up. + The string needs to be able to be converted to float64 + type: string + sizeThresholdMB: + description: |- + Maximum size for an individual log file before rotation. + The string needs to be able to be converted to float64. + Fractional values of MB are supported. + type: string + timeThresholdHrs: + description: maximum hours for an individual log file + before rotation + type: integer + required: + - sizeThresholdMB + - timeThresholdHrs + type: object + maxLogFileDurationHours: + type: integer + mongod: + description: AgentLoggingMongodConfig contain settings for + the mongodb processes configured by the agent + properties: + auditlogRotate: + description: LogRotate configures audit log rotation for + the mongodb processes + properties: + includeAuditLogsWithMongoDBLogs: + description: |- + set to 'true' to have the Automation Agent rotate the audit files along + with mongodb log files + type: boolean + numTotal: + description: maximum number of log files to have total + type: integer + numUncompressed: + description: maximum number of log files to leave + uncompressed + type: integer + percentOfDiskspace: + description: |- + Maximum percentage of the total disk space these log files should take up. + The string needs to be able to be converted to float64 + type: string + sizeThresholdMB: + description: |- + Maximum size for an individual log file before rotation. + The string needs to be able to be converted to float64. + Fractional values of MB are supported. + type: string + timeThresholdHrs: + description: maximum hours for an individual log file + before rotation + type: integer + required: + - sizeThresholdMB + - timeThresholdHrs + type: object + logRotate: + description: LogRotate configures log rotation for the + mongodb processes + properties: + includeAuditLogsWithMongoDBLogs: + description: |- + set to 'true' to have the Automation Agent rotate the audit files along + with mongodb log files + type: boolean + numTotal: + description: maximum number of log files to have total + type: integer + numUncompressed: + description: maximum number of log files to leave + uncompressed + type: integer + percentOfDiskspace: + description: |- + Maximum percentage of the total disk space these log files should take up. + The string needs to be able to be converted to float64 + type: string + sizeThresholdMB: + description: |- + Maximum size for an individual log file before rotation. + The string needs to be able to be converted to float64. + Fractional values of MB are supported. + type: string + timeThresholdHrs: + description: maximum hours for an individual log file + before rotation + type: integer + required: + - sizeThresholdMB + - timeThresholdHrs + type: object + systemLog: + description: SystemLog configures system log of mongod + properties: + destination: + type: string + logAppend: + type: boolean + path: + type: string + required: + - destination + - logAppend + - path + type: object + type: object + monitoringAgent: + properties: + logRotate: + description: LogRotate configures log rotation for the + BackupAgent processes + properties: + sizeThresholdMB: + description: |- + Maximum size for an individual log file before rotation. + OM only supports ints + type: integer + timeThresholdHrs: + description: Number of hours after which this MongoDB + Agent rotates the log file. + type: integer + type: object + type: object + readinessProbe: + properties: + environmentVariables: + additionalProperties: + type: string + type: object + type: object + startupOptions: + additionalProperties: + type: string + description: |- + StartupParameters can be used to configure the startup parameters with which the agent starts. That also contains + log rotation settings as defined here: + type: object + systemLog: + description: DEPRECATED please use mongod.systemLog + properties: + destination: + type: string + logAppend: + type: boolean + path: + type: string + required: + - destination + - logAppend + - path + type: object + type: object + clusterSpecList: + items: + description: |- + ClusterSpecItem is the mongodb multi-cluster spec that is specific to a + particular Kubernetes cluster, this maps to the statefulset created in each cluster + properties: + clusterName: + description: |- + ClusterName is name of the cluster where the MongoDB Statefulset will be scheduled, the + name should have a one on one mapping with the service-account created in the central cluster + to talk to the workload clusters. + type: string + externalAccess: + description: ExternalAccessConfiguration provides external + access configuration for Multi-Cluster. + properties: + externalDomain: + description: An external domain that is used for exposing + MongoDB to the outside world. + type: string + externalService: + description: Provides a way to override the default + (NodePort) Service + properties: + annotations: + additionalProperties: + type: string + description: A map of annotations that shall be + added to the externally available Service. + type: object + spec: + description: A wrapper for the Service spec object. + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: object + memberConfig: + description: MemberConfig allows to specify votes, priorities + and tags for each of the mongodb process. + items: + properties: + priority: + type: string + tags: + additionalProperties: + type: string + type: object + votes: + type: integer + type: object + type: array + members: + description: Amount of members for this MongoDB Replica + Set + type: integer + podSpec: + properties: + persistence: + description: Note, that this field is used by MongoDB + resources only, let's keep it here for simplicity + properties: + multiple: + properties: + data: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + journal: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + logs: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + type: object + single: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + type: object + podTemplate: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + service: + description: this is an optional service, it will get the + name "-service" in case not provided + type: string + statefulSet: + description: |- + StatefulSetConfiguration holds the optional custom StatefulSet + that should be merged into the operator created one. + properties: + metadata: + description: StatefulSetMetadataWrapper is a wrapper + around Labels and Annotations + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - spec + type: object + required: + - members + type: object + type: array + type: object + x-kubernetes-preserve-unknown-fields: true + shardCount: + type: integer + shardOverrides: + description: |- + ShardOverrides allow for overriding the configuration of a specific shard. + It replaces deprecated spec.shard.shardSpecificPodSpec field. When spec.shard.shardSpecificPodSpec is still defined then + spec.shard.shardSpecificPodSpec is applied first to the particular shard and then spec.shardOverrides is applied on top + of that (if defined for the same shard). + items: + properties: + additionalMongodConfig: + type: object + x-kubernetes-preserve-unknown-fields: true + agent: + properties: + backupAgent: + properties: + logRotate: + description: LogRotate configures log rotation for the + BackupAgent processes + properties: + sizeThresholdMB: + description: |- + Maximum size for an individual log file before rotation. + OM only supports ints + type: integer + timeThresholdHrs: + description: Number of hours after which this MongoDB + Agent rotates the log file. + type: integer + type: object + type: object + logLevel: + type: string + logRotate: + description: DEPRECATED please use mongod.logRotate + properties: + includeAuditLogsWithMongoDBLogs: + description: |- + set to 'true' to have the Automation Agent rotate the audit files along + with mongodb log files + type: boolean + numTotal: + description: maximum number of log files to have total + type: integer + numUncompressed: + description: maximum number of log files to leave uncompressed + type: integer + percentOfDiskspace: + description: |- + Maximum percentage of the total disk space these log files should take up. + The string needs to be able to be converted to float64 + type: string + sizeThresholdMB: + description: |- + Maximum size for an individual log file before rotation. + The string needs to be able to be converted to float64. + Fractional values of MB are supported. + type: string + timeThresholdHrs: + description: maximum hours for an individual log file + before rotation + type: integer + required: + - sizeThresholdMB + - timeThresholdHrs + type: object + maxLogFileDurationHours: + type: integer + mongod: + description: AgentLoggingMongodConfig contain settings for + the mongodb processes configured by the agent + properties: + auditlogRotate: + description: LogRotate configures audit log rotation + for the mongodb processes + properties: + includeAuditLogsWithMongoDBLogs: + description: |- + set to 'true' to have the Automation Agent rotate the audit files along + with mongodb log files + type: boolean + numTotal: + description: maximum number of log files to have + total + type: integer + numUncompressed: + description: maximum number of log files to leave + uncompressed + type: integer + percentOfDiskspace: + description: |- + Maximum percentage of the total disk space these log files should take up. + The string needs to be able to be converted to float64 + type: string + sizeThresholdMB: + description: |- + Maximum size for an individual log file before rotation. + The string needs to be able to be converted to float64. + Fractional values of MB are supported. + type: string + timeThresholdHrs: + description: maximum hours for an individual log + file before rotation + type: integer + required: + - sizeThresholdMB + - timeThresholdHrs + type: object + logRotate: + description: LogRotate configures log rotation for the + mongodb processes + properties: + includeAuditLogsWithMongoDBLogs: + description: |- + set to 'true' to have the Automation Agent rotate the audit files along + with mongodb log files + type: boolean + numTotal: + description: maximum number of log files to have + total + type: integer + numUncompressed: + description: maximum number of log files to leave + uncompressed + type: integer + percentOfDiskspace: + description: |- + Maximum percentage of the total disk space these log files should take up. + The string needs to be able to be converted to float64 + type: string + sizeThresholdMB: + description: |- + Maximum size for an individual log file before rotation. + The string needs to be able to be converted to float64. + Fractional values of MB are supported. + type: string + timeThresholdHrs: + description: maximum hours for an individual log + file before rotation + type: integer + required: + - sizeThresholdMB + - timeThresholdHrs + type: object + systemLog: + description: SystemLog configures system log of mongod + properties: + destination: + type: string + logAppend: + type: boolean + path: + type: string + required: + - destination + - logAppend + - path + type: object + type: object + monitoringAgent: + properties: + logRotate: + description: LogRotate configures log rotation for the + BackupAgent processes + properties: + sizeThresholdMB: + description: |- + Maximum size for an individual log file before rotation. + OM only supports ints + type: integer + timeThresholdHrs: + description: Number of hours after which this MongoDB + Agent rotates the log file. + type: integer + type: object + type: object + readinessProbe: + properties: + environmentVariables: + additionalProperties: + type: string + type: object + type: object + startupOptions: + additionalProperties: + type: string + description: |- + StartupParameters can be used to configure the startup parameters with which the agent starts. That also contains + log rotation settings as defined here: + type: object + systemLog: + description: DEPRECATED please use mongod.systemLog + properties: + destination: + type: string + logAppend: + type: boolean + path: + type: string + required: + - destination + - logAppend + - path + type: object + type: object + clusterSpecList: + items: + description: |- + ClusterSpecItemOverride is almost exact copy of ClusterSpecItem object. + The object is used in ClusterSpecList in ShardedClusterComponentOverrideSpec in shard overrides. + The difference lies in some fields being optional, e.g. Members to make it possible to NOT override fields and rely on + what was set in top level shard configuration. + properties: + clusterName: + description: |- + ClusterName is name of the cluster where the MongoDB Statefulset will be scheduled, the + name should have a one on one mapping with the service-account created in the central cluster + to talk to the workload clusters. + type: string + memberConfig: + description: MemberConfig allows to specify votes, priorities + and tags for each of the mongodb process. + items: + properties: + priority: + type: string + tags: + additionalProperties: + type: string + type: object + votes: + type: integer + type: object + type: array + x-kubernetes-preserve-unknown-fields: true + members: + description: Amount of members for this MongoDB Replica + Set + type: integer + podSpec: + properties: + persistence: + description: Note, that this field is used by MongoDB + resources only, let's keep it here for simplicity + properties: + multiple: + properties: + data: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + journal: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + logs: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + type: object + single: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + type: object + podTemplate: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + statefulSet: + description: |- + StatefulSetConfiguration holds the optional custom StatefulSet + that should be merged into the operator created one. + properties: + metadata: + description: StatefulSetMetadataWrapper is a wrapper + around Labels and Annotations + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - spec + type: object + type: object + type: array + memberConfig: + description: Process configuration override for this shard. + Used in SingleCluster only. The number of items specified + must be >= spec.mongodsPerShardCount or spec.shardOverride.members. + items: + properties: + priority: + type: string + tags: + additionalProperties: + type: string + type: object + votes: + type: integer + type: object + type: array + x-kubernetes-preserve-unknown-fields: true + members: + description: Number of member nodes in this shard. Used only + in SingleCluster. For MultiCluster the number of members is + specified in ShardOverride.ClusterSpecList. + type: integer + podSpec: + description: The following override fields work for SingleCluster + only. For MultiCluster - fields from specific clusters are + used. + properties: + persistence: + description: Note, that this field is used by MongoDB resources + only, let's keep it here for simplicity + properties: + multiple: + properties: + data: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + journal: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + logs: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + type: object + single: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + type: object + podTemplate: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + shardNames: + items: + type: string + minItems: 1 + type: array + statefulSet: + description: Statefulset override for this particular shard. + properties: + metadata: + description: StatefulSetMetadataWrapper is a wrapper around + Labels and Annotations + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - spec + type: object + required: + - shardNames + type: object + type: array + shardPodSpec: + properties: + persistence: + description: Note, that this field is used by MongoDB resources + only, let's keep it here for simplicity + properties: + multiple: + properties: + data: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + journal: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + logs: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + type: object + single: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + type: object + podTemplate: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + shardSpecificPodSpec: + description: |- + ShardSpecificPodSpec allows you to provide a Statefulset override per shard. + DEPRECATED please use spec.shard.shardOverrides instead + items: + properties: + persistence: + description: Note, that this field is used by MongoDB resources + only, let's keep it here for simplicity + properties: + multiple: + properties: + data: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + journal: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + logs: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + type: object + single: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + type: object + podTemplate: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + statefulSet: + description: |- + StatefulSetConfiguration provides the statefulset override for each of the cluster's statefulset + if "StatefulSetConfiguration" is specified at cluster level under "clusterSpecList" that takes precedence over + the global one + properties: + metadata: + description: StatefulSetMetadataWrapper is a wrapper around Labels + and Annotations + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - spec + type: object + topology: + description: |- + Topology sets the desired cluster topology of MongoDB resources + It defaults (if empty or not set) to SingleCluster. If MultiCluster specified, + then clusterSpecList field is mandatory and at least one member cluster has to be specified. + enum: + - SingleCluster + - MultiCluster + type: string + type: + enum: + - Standalone + - ReplicaSet + - ShardedCluster + type: string + version: + pattern: ^[0-9]+.[0-9]+.[0-9]+(-.+)?$|^$ + type: string + required: + - credentials + - type + - version + type: object + x-kubernetes-preserve-unknown-fields: true + status: + properties: + backup: + properties: + statusName: + type: string + required: + - statusName + type: object + configServerCount: + type: integer + featureCompatibilityVersion: + type: string + lastTransition: + type: string + link: + type: string + members: + type: integer + message: + type: string + mongodsPerShardCount: + type: integer + mongosCount: + type: integer + observedGeneration: + format: int64 + type: integer + phase: + type: string + pvc: + items: + properties: + phase: + type: string + statefulsetName: + type: string + required: + - phase + - statefulsetName + type: object + type: array + resourcesNotReady: + items: + description: ResourceNotReady describes the dependent resource which + is not ready yet + properties: + errors: + items: + properties: + message: + type: string + reason: + type: string + type: object + type: array + kind: + description: ResourceKind specifies a kind of a Kubernetes resource. + Used in status of a Custom Resource + type: string + message: + type: string + name: + type: string + required: + - kind + - name + type: object + type: array + shardCount: + type: integer + sizeStatusInClusters: + description: MongodbShardedSizeStatusInClusters describes the number + and sizes of replica sets members deployed across member clusters + properties: + configServerMongodsInClusters: + additionalProperties: + type: integer + type: object + mongosCountInClusters: + additionalProperties: + type: integer + type: object + shardMongodsInClusters: + additionalProperties: + type: integer + type: object + shardOverridesInClusters: + additionalProperties: + additionalProperties: + type: integer + type: object + type: object + type: object + version: + type: string + warnings: + items: + type: string + type: array + required: + - phase + - version + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/mongodb-kubernetes/1.5.0/manifests/mongodb.com_mongodbmulticluster.yaml b/operators/mongodb-kubernetes/1.5.0/manifests/mongodb.com_mongodbmulticluster.yaml new file mode 100644 index 000000000000..682e69fadcb9 --- /dev/null +++ b/operators/mongodb-kubernetes/1.5.0/manifests/mongodb.com_mongodbmulticluster.yaml @@ -0,0 +1,1169 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + creationTimestamp: null + name: mongodbmulticluster.mongodb.com +spec: + group: mongodb.com + names: + kind: MongoDBMultiCluster + listKind: MongoDBMultiClusterList + plural: mongodbmulticluster + shortNames: + - mdbmc + singular: mongodbmulticluster + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Current state of the MongoDB deployment. + jsonPath: .status.phase + name: Phase + type: string + - description: The time since the MongoDBMultiCluster resource was created. + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + properties: + additionalMongodConfig: + description: |- + AdditionalMongodConfig is additional configuration that can be passed to + each data-bearing mongod at runtime. Uses the same structure as the mongod + configuration file: + https://docs.mongodb.com/manual/reference/configuration-options/ + type: object + x-kubernetes-preserve-unknown-fields: true + agent: + properties: + backupAgent: + properties: + logRotate: + description: LogRotate configures log rotation for the BackupAgent + processes + properties: + sizeThresholdMB: + description: |- + Maximum size for an individual log file before rotation. + OM only supports ints + type: integer + timeThresholdHrs: + description: Number of hours after which this MongoDB + Agent rotates the log file. + type: integer + type: object + type: object + logLevel: + type: string + logRotate: + description: DEPRECATED please use mongod.logRotate + properties: + includeAuditLogsWithMongoDBLogs: + description: |- + set to 'true' to have the Automation Agent rotate the audit files along + with mongodb log files + type: boolean + numTotal: + description: maximum number of log files to have total + type: integer + numUncompressed: + description: maximum number of log files to leave uncompressed + type: integer + percentOfDiskspace: + description: |- + Maximum percentage of the total disk space these log files should take up. + The string needs to be able to be converted to float64 + type: string + sizeThresholdMB: + description: |- + Maximum size for an individual log file before rotation. + The string needs to be able to be converted to float64. + Fractional values of MB are supported. + type: string + timeThresholdHrs: + description: maximum hours for an individual log file before + rotation + type: integer + required: + - sizeThresholdMB + - timeThresholdHrs + type: object + maxLogFileDurationHours: + type: integer + mongod: + description: AgentLoggingMongodConfig contain settings for the + mongodb processes configured by the agent + properties: + auditlogRotate: + description: LogRotate configures audit log rotation for the + mongodb processes + properties: + includeAuditLogsWithMongoDBLogs: + description: |- + set to 'true' to have the Automation Agent rotate the audit files along + with mongodb log files + type: boolean + numTotal: + description: maximum number of log files to have total + type: integer + numUncompressed: + description: maximum number of log files to leave uncompressed + type: integer + percentOfDiskspace: + description: |- + Maximum percentage of the total disk space these log files should take up. + The string needs to be able to be converted to float64 + type: string + sizeThresholdMB: + description: |- + Maximum size for an individual log file before rotation. + The string needs to be able to be converted to float64. + Fractional values of MB are supported. + type: string + timeThresholdHrs: + description: maximum hours for an individual log file + before rotation + type: integer + required: + - sizeThresholdMB + - timeThresholdHrs + type: object + logRotate: + description: LogRotate configures log rotation for the mongodb + processes + properties: + includeAuditLogsWithMongoDBLogs: + description: |- + set to 'true' to have the Automation Agent rotate the audit files along + with mongodb log files + type: boolean + numTotal: + description: maximum number of log files to have total + type: integer + numUncompressed: + description: maximum number of log files to leave uncompressed + type: integer + percentOfDiskspace: + description: |- + Maximum percentage of the total disk space these log files should take up. + The string needs to be able to be converted to float64 + type: string + sizeThresholdMB: + description: |- + Maximum size for an individual log file before rotation. + The string needs to be able to be converted to float64. + Fractional values of MB are supported. + type: string + timeThresholdHrs: + description: maximum hours for an individual log file + before rotation + type: integer + required: + - sizeThresholdMB + - timeThresholdHrs + type: object + systemLog: + description: SystemLog configures system log of mongod + properties: + destination: + type: string + logAppend: + type: boolean + path: + type: string + required: + - destination + - logAppend + - path + type: object + type: object + monitoringAgent: + properties: + logRotate: + description: LogRotate configures log rotation for the BackupAgent + processes + properties: + sizeThresholdMB: + description: |- + Maximum size for an individual log file before rotation. + OM only supports ints + type: integer + timeThresholdHrs: + description: Number of hours after which this MongoDB + Agent rotates the log file. + type: integer + type: object + type: object + readinessProbe: + properties: + environmentVariables: + additionalProperties: + type: string + type: object + type: object + startupOptions: + additionalProperties: + type: string + description: |- + StartupParameters can be used to configure the startup parameters with which the agent starts. That also contains + log rotation settings as defined here: + type: object + systemLog: + description: DEPRECATED please use mongod.systemLog + properties: + destination: + type: string + logAppend: + type: boolean + path: + type: string + required: + - destination + - logAppend + - path + type: object + type: object + backup: + description: |- + Backup contains configuration options for configuring + backup for this MongoDB resource + properties: + assignmentLabels: + description: Assignment Labels set in the Ops Manager + items: + type: string + type: array + autoTerminateOnDeletion: + description: |- + AutoTerminateOnDeletion indicates if the Operator should stop and terminate the Backup before the cleanup, + when the MongoDB CR is deleted + type: boolean + encryption: + description: Encryption settings + properties: + kmip: + description: Kmip corresponds to the KMIP configuration assigned + to the Ops Manager Project's configuration. + properties: + client: + description: KMIP Client configuration + properties: + clientCertificatePrefix: + description: |- + A prefix used to construct KMIP client certificate (and corresponding password) Secret names. + The names are generated using the following pattern: + KMIP Client Certificate (TLS Secret): + --kmip-client + KMIP Client Certificate Password: + --kmip-client-password + The expected key inside is called "password". + type: string + type: object + required: + - client + type: object + type: object + mode: + enum: + - enabled + - disabled + - terminated + type: string + snapshotSchedule: + properties: + clusterCheckpointIntervalMin: + enum: + - 15 + - 30 + - 60 + type: integer + dailySnapshotRetentionDays: + description: Number of days to retain daily snapshots. Setting + 0 will disable this rule. + maximum: 365 + minimum: 0 + type: integer + fullIncrementalDayOfWeek: + description: Day of the week when Ops Manager takes a full + snapshot. This ensures a recent complete backup. Ops Manager + sets the default value to SUNDAY. + enum: + - SUNDAY + - MONDAY + - TUESDAY + - WEDNESDAY + - THURSDAY + - FRIDAY + - SATURDAY + type: string + monthlySnapshotRetentionMonths: + description: Number of months to retain weekly snapshots. + Setting 0 will disable this rule. + maximum: 36 + minimum: 0 + type: integer + pointInTimeWindowHours: + description: Number of hours in the past for which a point-in-time + snapshot can be created. + enum: + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + - 7 + - 15 + - 30 + - 60 + - 90 + - 120 + - 180 + - 360 + type: integer + referenceHourOfDay: + description: Hour of the day to schedule snapshots using a + 24-hour clock, in UTC. + maximum: 23 + minimum: 0 + type: integer + referenceMinuteOfHour: + description: Minute of the hour to schedule snapshots, in + UTC. + maximum: 59 + minimum: 0 + type: integer + snapshotIntervalHours: + description: Number of hours between snapshots. + enum: + - 6 + - 8 + - 12 + - 24 + type: integer + snapshotRetentionDays: + description: Number of days to keep recent snapshots. + maximum: 365 + minimum: 1 + type: integer + weeklySnapshotRetentionWeeks: + description: Number of weeks to retain weekly snapshots. Setting + 0 will disable this rule + maximum: 365 + minimum: 0 + type: integer + type: object + type: object + cloudManager: + properties: + configMapRef: + properties: + name: + type: string + type: object + type: object + clusterDomain: + format: hostname + type: string + clusterSpecList: + items: + description: |- + ClusterSpecItem is the mongodb multi-cluster spec that is specific to a + particular Kubernetes cluster, this maps to the statefulset created in each cluster + properties: + clusterName: + description: |- + ClusterName is name of the cluster where the MongoDB Statefulset will be scheduled, the + name should have a one on one mapping with the service-account created in the central cluster + to talk to the workload clusters. + type: string + externalAccess: + description: ExternalAccessConfiguration provides external access + configuration for Multi-Cluster. + properties: + externalDomain: + description: An external domain that is used for exposing + MongoDB to the outside world. + type: string + externalService: + description: Provides a way to override the default (NodePort) + Service + properties: + annotations: + additionalProperties: + type: string + description: A map of annotations that shall be added + to the externally available Service. + type: object + spec: + description: A wrapper for the Service spec object. + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: object + memberConfig: + description: MemberConfig allows to specify votes, priorities + and tags for each of the mongodb process. + items: + properties: + priority: + type: string + tags: + additionalProperties: + type: string + type: object + votes: + type: integer + type: object + type: array + members: + description: Amount of members for this MongoDB Replica Set + type: integer + podSpec: + properties: + persistence: + description: Note, that this field is used by MongoDB resources + only, let's keep it here for simplicity + properties: + multiple: + properties: + data: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + journal: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + logs: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + type: object + single: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + type: object + podTemplate: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + service: + description: this is an optional service, it will get the name + "-service" in case not provided + type: string + statefulSet: + description: |- + StatefulSetConfiguration holds the optional custom StatefulSet + that should be merged into the operator created one. + properties: + metadata: + description: StatefulSetMetadataWrapper is a wrapper around + Labels and Annotations + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - spec + type: object + required: + - members + type: object + type: array + connectivity: + properties: + replicaSetHorizons: + description: |- + ReplicaSetHorizons holds list of maps of horizons to be configured in each of MongoDB processes. + Horizons map horizon names to the node addresses for each process in the replicaset, e.g.: + [ + { + "internal": "my-rs-0.my-internal-domain.com:31843", + "external": "my-rs-0.my-external-domain.com:21467" + }, + { + "internal": "my-rs-1.my-internal-domain.com:31843", + "external": "my-rs-1.my-external-domain.com:21467" + }, + ... + ] + The key of each item in the map is an arbitrary, user-chosen string that + represents the name of the horizon. The value of the item is the host and, + optionally, the port that this mongod node will be connected to from. + items: + additionalProperties: + type: string + type: object + type: array + type: object + credentials: + description: Name of the Secret holding credentials information + type: string + duplicateServiceObjects: + description: |- + In few service mesh options for ex: Istio, by default we would need to duplicate the + service objects created per pod in all the clusters to enable DNS resolution. Users can + however configure their ServiceMesh with DNS proxy(https://istio.io/latest/docs/ops/configuration/traffic-management/dns-proxy/) + enabled in which case the operator doesn't need to create the service objects per cluster. This options tells the operator + whether it should create the service objects in all the clusters or not. By default, if not specified the operator would create the duplicate svc objects. + type: boolean + externalAccess: + description: ExternalAccessConfiguration provides external access + configuration. + properties: + externalDomain: + description: An external domain that is used for exposing MongoDB + to the outside world. + type: string + externalService: + description: Provides a way to override the default (NodePort) + Service + properties: + annotations: + additionalProperties: + type: string + description: A map of annotations that shall be added to the + externally available Service. + type: object + spec: + description: A wrapper for the Service spec object. + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: object + featureCompatibilityVersion: + type: string + logLevel: + enum: + - DEBUG + - INFO + - WARN + - ERROR + - FATAL + type: string + opsManager: + properties: + configMapRef: + properties: + name: + type: string + type: object + type: object + persistent: + type: boolean + prometheus: + description: Prometheus configurations. + properties: + metricsPath: + description: Indicates path to the metrics endpoint. + pattern: ^\/[a-z0-9]+$ + type: string + passwordSecretRef: + description: Name of a Secret containing a HTTP Basic Auth Password. + properties: + key: + description: Key is the key in the secret storing this password. + Defaults to "password" + type: string + name: + description: Name is the name of the secret storing this user's + password + type: string + required: + - name + type: object + port: + description: Port where metrics endpoint will bind to. Defaults + to 9216. + type: integer + tlsSecretKeyRef: + description: |- + Name of a Secret (type kubernetes.io/tls) holding the certificates to use in the + Prometheus endpoint. + properties: + key: + description: Key is the key in the secret storing this password. + Defaults to "password" + type: string + name: + description: Name is the name of the secret storing this user's + password + type: string + required: + - name + type: object + username: + description: HTTP Basic Auth Username for metrics endpoint. + type: string + required: + - passwordSecretRef + - username + type: object + security: + properties: + authentication: + description: |- + Authentication holds various authentication related settings that affect + this MongoDB resource. + properties: + agents: + description: Agents contains authentication configuration + properties for the agents + properties: + automationLdapGroupDN: + type: string + automationPasswordSecretRef: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + automationUserName: + type: string + clientCertificateSecretRef: + type: object + x-kubernetes-preserve-unknown-fields: true + mode: + description: Mode is the desired Authentication mode that + the agents will use + type: string + required: + - mode + type: object + enabled: + type: boolean + ignoreUnknownUsers: + description: IgnoreUnknownUsers maps to the inverse of auth.authoritativeSet + type: boolean + internalCluster: + type: string + ldap: + description: LDAP Configuration + properties: + authzQueryTemplate: + type: string + bindQueryPasswordSecretRef: + properties: + name: + type: string + required: + - name + type: object + bindQueryUser: + type: string + caConfigMapRef: + description: Allows to point at a ConfigMap/key with a + CA file to mount on the Pod + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + servers: + items: + type: string + type: array + timeoutMS: + type: integer + transportSecurity: + enum: + - tls + - none + type: string + userCacheInvalidationInterval: + type: integer + userToDNMapping: + type: string + validateLDAPServerConfig: + type: boolean + type: object + modes: + items: + enum: + - X509 + - SCRAM + - SCRAM-SHA-1 + - MONGODB-CR + - SCRAM-SHA-256 + - LDAP + - OIDC + type: string + type: array + oidcProviderConfigs: + description: Configuration for OIDC providers + items: + properties: + audience: + description: |- + Entity that your external identity provider intends the token for. + Enter the audience value from the app you registered with external Identity Provider. + type: string + authorizationMethod: + description: |- + Configure single-sign-on for human user access to deployments with Workforce Identity Federation. + For programmatic, application access to deployments use Workload Identity Federation. + Only one Workforce Identity Federation IdP can be configured per MongoDB resource + enum: + - WorkforceIdentityFederation + - WorkloadIdentityFederation + type: string + authorizationType: + description: |- + Select GroupMembership to grant authorization based on IdP user group membership, or select UserID to grant + an individual user authorization. + enum: + - GroupMembership + - UserID + type: string + clientId: + description: |- + Unique identifier for your registered application. Enter the clientId value from the app you + registered with an external Identity Provider. + Required when selected Workforce Identity Federation authorization method + type: string + configurationName: + description: |- + Unique label that identifies this configuration. It is case-sensitive and can only contain the following characters: + - alphanumeric characters (combination of a to z and 0 to 9) + - hyphens (-) + - underscores (_) + pattern: ^[a-zA-Z0-9-_]+$ + type: string + groupsClaim: + description: |- + The identifier of the claim that includes the principal's IdP user group membership information. + Required when selected GroupMembership as the authorization type, ignored otherwise + type: string + issuerURI: + description: |- + Issuer value provided by your registered IdP application. Using this URI, MongoDB finds an OpenID Connect Provider + Configuration Document, which should be available in the /.wellknown/open-id-configuration endpoint. + For MongoDB 8.0+, the combination of issuerURI and audience must be unique across OIDC provider configurations. + For other MongoDB versions, the issuerURI itself must be unique. + type: string + requestedScopes: + description: |- + Tokens that give users permission to request data from the authorization endpoint. + Only used for Workforce Identity Federation authorization method + items: + type: string + type: array + userClaim: + default: sub + description: |- + The identifier of the claim that includes the user principal identity. + Accept the default value unless your IdP uses a different claim. + type: string + required: + - audience + - authorizationMethod + - authorizationType + - configurationName + - issuerURI + - userClaim + type: object + type: array + requireClientTLSAuthentication: + description: Clients should present valid TLS certificates + type: boolean + required: + - enabled + type: object + certsSecretPrefix: + type: string + roleRefs: + items: + properties: + kind: + enum: + - ClusterMongoDBRole + type: string + name: + type: string + required: + - kind + - name + type: object + type: array + roles: + items: + properties: + authenticationRestrictions: + items: + properties: + clientSource: + items: + type: string + type: array + serverAddress: + items: + type: string + type: array + type: object + type: array + db: + type: string + privileges: + items: + properties: + actions: + items: + type: string + type: array + resource: + properties: + cluster: + type: boolean + collection: + type: string + db: + type: string + type: object + required: + - actions + - resource + type: object + type: array + role: + type: string + roles: + items: + properties: + db: + type: string + role: + type: string + required: + - db + - role + type: object + type: array + required: + - db + - role + type: object + type: array + tls: + properties: + additionalCertificateDomains: + items: + type: string + type: array + ca: + description: |- + CA corresponds to a ConfigMap containing an entry for the CA certificate (ca.pem) + used to validate the certificates created already. + type: string + enabled: + description: |- + DEPRECATED please enable TLS by setting `security.certsSecretPrefix` or `security.tls.secretRef.prefix`. + Enables TLS for this resource. This will make the operator try to mount a + Secret with a defined name (-cert). + This is only used when enabling TLS on a MongoDB resource, and not on the + AppDB, where TLS is configured by setting `secretRef.Name`. + type: boolean + type: object + type: object + x-kubernetes-validations: + - message: At most one of roles or roleRefs can be non-empty + rule: '!(has(self.roles) && has(self.roleRefs)) || !(self.roles.size() + > 0 && self.roleRefs.size() > 0)' + statefulSet: + description: |- + StatefulSetConfiguration provides the statefulset override for each of the cluster's statefulset + if "StatefulSetConfiguration" is specified at cluster level under "clusterSpecList" that takes precedence over + the global one + properties: + metadata: + description: StatefulSetMetadataWrapper is a wrapper around Labels + and Annotations + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - spec + type: object + topology: + description: |- + Topology sets the desired cluster topology of MongoDB resources + It defaults (if empty or not set) to SingleCluster. If MultiCluster specified, + then clusterSpecList field is mandatory and at least one member cluster has to be specified. + enum: + - SingleCluster + - MultiCluster + type: string + type: + enum: + - Standalone + - ReplicaSet + - ShardedCluster + type: string + version: + pattern: ^[0-9]+.[0-9]+.[0-9]+(-.+)?$|^$ + type: string + required: + - credentials + - type + - version + type: object + x-kubernetes-preserve-unknown-fields: true + status: + properties: + backup: + properties: + statusName: + type: string + required: + - statusName + type: object + clusterStatusList: + description: ClusterStatusList holds a list of clusterStatuses corresponding + to each cluster + properties: + clusterStatuses: + items: + description: |- + ClusterStatusItem is the mongodb multi-cluster spec that is specific to a + particular Kubernetes cluster, this maps to the statefulset created in each cluster + properties: + clusterName: + description: |- + ClusterName is name of the cluster where the MongoDB Statefulset will be scheduled, the + name should have a one on one mapping with the service-account created in the central cluster + to talk to the workload clusters. + type: string + lastTransition: + type: string + members: + type: integer + message: + type: string + observedGeneration: + format: int64 + type: integer + phase: + type: string + pvc: + items: + properties: + phase: + type: string + statefulsetName: + type: string + required: + - phase + - statefulsetName + type: object + type: array + resourcesNotReady: + items: + description: ResourceNotReady describes the dependent + resource which is not ready yet + properties: + errors: + items: + properties: + message: + type: string + reason: + type: string + type: object + type: array + kind: + description: ResourceKind specifies a kind of a Kubernetes + resource. Used in status of a Custom Resource + type: string + message: + type: string + name: + type: string + required: + - kind + - name + type: object + type: array + warnings: + items: + type: string + type: array + required: + - phase + type: object + type: array + type: object + featureCompatibilityVersion: + type: string + lastTransition: + type: string + link: + type: string + message: + type: string + observedGeneration: + format: int64 + type: integer + phase: + type: string + pvc: + items: + properties: + phase: + type: string + statefulsetName: + type: string + required: + - phase + - statefulsetName + type: object + type: array + resourcesNotReady: + items: + description: ResourceNotReady describes the dependent resource which + is not ready yet + properties: + errors: + items: + properties: + message: + type: string + reason: + type: string + type: object + type: array + kind: + description: ResourceKind specifies a kind of a Kubernetes resource. + Used in status of a Custom Resource + type: string + message: + type: string + name: + type: string + required: + - kind + - name + type: object + type: array + version: + type: string + warnings: + items: + type: string + type: array + required: + - phase + - version + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/mongodb-kubernetes/1.5.0/manifests/mongodb.com_mongodbsearch.yaml b/operators/mongodb-kubernetes/1.5.0/manifests/mongodb.com_mongodbsearch.yaml new file mode 100644 index 000000000000..b223018b252b --- /dev/null +++ b/operators/mongodb-kubernetes/1.5.0/manifests/mongodb.com_mongodbsearch.yaml @@ -0,0 +1,366 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + creationTimestamp: null + name: mongodbsearch.mongodb.com +spec: + group: mongodb.com + names: + kind: MongoDBSearch + listKind: MongoDBSearchList + plural: mongodbsearch + shortNames: + - mdbs + singular: mongodbsearch + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Current state of the MongoDB deployment. + jsonPath: .status.phase + name: Phase + type: string + - description: The time since the MongoDB resource was created. + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + properties: + logLevel: + description: Configure verbosity of mongot logs. Defaults to INFO + if not set. + enum: + - TRACE + - DEBUG + - INFO + - WARN + - ERROR + type: string + persistence: + description: Configure MongoDB Search's persistent volume. If not + defined, the operator will request 10GB of storage. + properties: + multiple: + properties: + data: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + journal: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + logs: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + type: object + single: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + type: object + resourceRequirements: + description: Configure resource requests and limits for the MongoDB + Search pods. + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + security: + description: Configure security settings of the MongoDB Search server + that MongoDB database is connecting to when performing search queries. + properties: + tls: + properties: + certificateKeySecretRef: + description: |- + CertificateKeySecret is a reference to a Secret containing a private key and certificate to use for TLS. + The key and cert are expected to be PEM encoded and available at "tls.key" and "tls.crt". + This is the same format used for the standard "kubernetes.io/tls" Secret type, but no specific type is required. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + required: + - certificateKeySecretRef + type: object + type: object + source: + description: MongoDB database connection details from which MongoDB + Search will synchronize data to build indexes. + properties: + external: + properties: + hostAndPorts: + items: + type: string + type: array + keyfileSecretRef: + description: mongod keyfile used to connect to the external + MongoDB deployment + properties: + key: + type: string + name: + type: string + required: + - name + type: object + tls: + description: TLS configuration for the external MongoDB deployment + properties: + ca: + description: |- + CA is a reference to a Secret containing the CA certificate that issued mongod's TLS certificate. + The CA certificate is expected to be PEM encoded and available at the "ca.crt" key. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + required: + - ca + type: object + type: object + mongodbResourceRef: + properties: + name: + type: string + namespace: + type: string + required: + - name + type: object + passwordSecretRef: + description: |- + SecretKeyRef is a reference to a value in a given secret in the same + namespace. Based on: + https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.15/#secretkeyselector-v1-core + properties: + key: + type: string + name: + type: string + required: + - name + type: object + username: + type: string + type: object + statefulSet: + description: |- + StatefulSetSpec which the operator will apply to the MongoDB Search StatefulSet at the end of the reconcile loop. Use to provide necessary customizations, + which aren't exposed as fields in the MongoDBSearch.spec. + properties: + metadata: + description: StatefulSetMetadataWrapper is a wrapper around Labels + and Annotations + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - spec + type: object + version: + description: Optional version of MongoDB Search component (mongot). + If not set, then the operator will set the most appropriate version + of MongoDB Search. + type: string + type: object + status: + properties: + lastTransition: + type: string + message: + type: string + observedGeneration: + format: int64 + type: integer + phase: + type: string + pvc: + items: + properties: + phase: + type: string + statefulsetName: + type: string + required: + - phase + - statefulsetName + type: object + type: array + resourcesNotReady: + items: + description: ResourceNotReady describes the dependent resource which + is not ready yet + properties: + errors: + items: + properties: + message: + type: string + reason: + type: string + type: object + type: array + kind: + description: ResourceKind specifies a kind of a Kubernetes resource. + Used in status of a Custom Resource + type: string + message: + type: string + name: + type: string + required: + - kind + - name + type: object + type: array + version: + type: string + warnings: + items: + type: string + type: array + required: + - phase + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/mongodb-kubernetes/1.5.0/manifests/mongodb.com_mongodbusers.yaml b/operators/mongodb-kubernetes/1.5.0/manifests/mongodb.com_mongodbusers.yaml new file mode 100644 index 000000000000..0cca20db9d54 --- /dev/null +++ b/operators/mongodb-kubernetes/1.5.0/manifests/mongodb.com_mongodbusers.yaml @@ -0,0 +1,185 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + creationTimestamp: null + name: mongodbusers.mongodb.com +spec: + group: mongodb.com + names: + kind: MongoDBUser + listKind: MongoDBUserList + plural: mongodbusers + shortNames: + - mdbu + singular: mongodbuser + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The current state of the MongoDB User. + jsonPath: .status.phase + name: Phase + type: string + - description: The time since the MongoDB User resource was created. + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + properties: + connectionStringSecretName: + type: string + db: + type: string + mongodbResourceRef: + properties: + name: + type: string + namespace: + type: string + required: + - name + type: object + passwordSecretKeyRef: + description: |- + SecretKeyRef is a reference to a value in a given secret in the same + namespace. Based on: + https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.15/#secretkeyselector-v1-core + properties: + key: + type: string + name: + type: string + required: + - name + type: object + roles: + items: + properties: + db: + type: string + name: + type: string + required: + - db + - name + type: object + type: array + username: + type: string + required: + - db + - username + type: object + status: + properties: + db: + type: string + lastTransition: + type: string + message: + type: string + observedGeneration: + format: int64 + type: integer + phase: + type: string + project: + type: string + pvc: + items: + properties: + phase: + type: string + statefulsetName: + type: string + required: + - phase + - statefulsetName + type: object + type: array + resourcesNotReady: + items: + description: ResourceNotReady describes the dependent resource which + is not ready yet + properties: + errors: + items: + properties: + message: + type: string + reason: + type: string + type: object + type: array + kind: + description: ResourceKind specifies a kind of a Kubernetes resource. + Used in status of a Custom Resource + type: string + message: + type: string + name: + type: string + required: + - kind + - name + type: object + type: array + roles: + items: + properties: + db: + type: string + name: + type: string + required: + - db + - name + type: object + type: array + username: + type: string + warnings: + items: + type: string + type: array + required: + - db + - phase + - project + - username + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/mongodb-kubernetes/1.5.0/manifests/mongodb.com_opsmanagers.yaml b/operators/mongodb-kubernetes/1.5.0/manifests/mongodb.com_opsmanagers.yaml new file mode 100644 index 000000000000..59fb2f853bb4 --- /dev/null +++ b/operators/mongodb-kubernetes/1.5.0/manifests/mongodb.com_opsmanagers.yaml @@ -0,0 +1,2049 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + creationTimestamp: null + name: opsmanagers.mongodb.com +spec: + group: mongodb.com + names: + kind: MongoDBOpsManager + listKind: MongoDBOpsManagerList + plural: opsmanagers + shortNames: + - om + singular: opsmanager + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The number of replicas of MongoDBOpsManager. + jsonPath: .spec.replicas + name: Replicas + type: integer + - description: The version of MongoDBOpsManager. + jsonPath: .spec.version + name: Version + type: string + - description: The current state of the MongoDBOpsManager. + jsonPath: .status.opsManager.phase + name: State (OpsManager) + type: string + - description: The current state of the MongoDBOpsManager Application Database. + jsonPath: .status.applicationDatabase.phase + name: State (AppDB) + type: string + - description: The current state of the MongoDBOpsManager Backup Daemon. + jsonPath: .status.backup.phase + name: State (Backup) + type: string + - description: The time since the MongoDBOpsManager resource was created. + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Warnings. + jsonPath: .status.warnings + name: Warnings + type: string + name: v1 + schema: + openAPIV3Schema: + description: The MongoDBOpsManager resource allows you to deploy Ops Manager + within your Kubernetes cluster + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + properties: + adminCredentials: + description: |- + AdminSecret is the secret for the first admin user to create + has the fields: "Username", "Password", "FirstName", "LastName" + type: string + applicationDatabase: + properties: + additionalMongodConfig: + description: |- + AdditionalMongodConfig are additional configurations that can be passed to + each data-bearing mongod at runtime. Uses the same structure as the mongod + configuration file: + https://docs.mongodb.com/manual/reference/configuration-options/ + type: object + x-kubernetes-preserve-unknown-fields: true + agent: + description: specify configuration like startup flags and automation + config settings for the AutomationAgent and MonitoringAgent + properties: + backupAgent: + properties: + logRotate: + description: LogRotate configures log rotation for the + BackupAgent processes + properties: + sizeThresholdMB: + description: |- + Maximum size for an individual log file before rotation. + OM only supports ints + type: integer + timeThresholdHrs: + description: Number of hours after which this MongoDB + Agent rotates the log file. + type: integer + type: object + type: object + logLevel: + type: string + logRotate: + description: DEPRECATED please use mongod.logRotate + properties: + includeAuditLogsWithMongoDBLogs: + description: |- + set to 'true' to have the Automation Agent rotate the audit files along + with mongodb log files + type: boolean + numTotal: + description: maximum number of log files to have total + type: integer + numUncompressed: + description: maximum number of log files to leave uncompressed + type: integer + percentOfDiskspace: + description: |- + Maximum percentage of the total disk space these log files should take up. + The string needs to be able to be converted to float64 + type: string + sizeThresholdMB: + description: |- + Maximum size for an individual log file before rotation. + The string needs to be able to be converted to float64. + Fractional values of MB are supported. + type: string + timeThresholdHrs: + description: maximum hours for an individual log file + before rotation + type: integer + required: + - sizeThresholdMB + - timeThresholdHrs + type: object + maxLogFileDurationHours: + type: integer + mongod: + description: AgentLoggingMongodConfig contain settings for + the mongodb processes configured by the agent + properties: + auditlogRotate: + description: LogRotate configures audit log rotation for + the mongodb processes + properties: + includeAuditLogsWithMongoDBLogs: + description: |- + set to 'true' to have the Automation Agent rotate the audit files along + with mongodb log files + type: boolean + numTotal: + description: maximum number of log files to have total + type: integer + numUncompressed: + description: maximum number of log files to leave + uncompressed + type: integer + percentOfDiskspace: + description: |- + Maximum percentage of the total disk space these log files should take up. + The string needs to be able to be converted to float64 + type: string + sizeThresholdMB: + description: |- + Maximum size for an individual log file before rotation. + The string needs to be able to be converted to float64. + Fractional values of MB are supported. + type: string + timeThresholdHrs: + description: maximum hours for an individual log file + before rotation + type: integer + required: + - sizeThresholdMB + - timeThresholdHrs + type: object + logRotate: + description: LogRotate configures log rotation for the + mongodb processes + properties: + includeAuditLogsWithMongoDBLogs: + description: |- + set to 'true' to have the Automation Agent rotate the audit files along + with mongodb log files + type: boolean + numTotal: + description: maximum number of log files to have total + type: integer + numUncompressed: + description: maximum number of log files to leave + uncompressed + type: integer + percentOfDiskspace: + description: |- + Maximum percentage of the total disk space these log files should take up. + The string needs to be able to be converted to float64 + type: string + sizeThresholdMB: + description: |- + Maximum size for an individual log file before rotation. + The string needs to be able to be converted to float64. + Fractional values of MB are supported. + type: string + timeThresholdHrs: + description: maximum hours for an individual log file + before rotation + type: integer + required: + - sizeThresholdMB + - timeThresholdHrs + type: object + systemLog: + description: SystemLog configures system log of mongod + properties: + destination: + type: string + logAppend: + type: boolean + path: + type: string + required: + - destination + - logAppend + - path + type: object + type: object + monitoringAgent: + properties: + logRotate: + description: LogRotate configures log rotation for the + BackupAgent processes + properties: + sizeThresholdMB: + description: |- + Maximum size for an individual log file before rotation. + OM only supports ints + type: integer + timeThresholdHrs: + description: Number of hours after which this MongoDB + Agent rotates the log file. + type: integer + type: object + type: object + readinessProbe: + properties: + environmentVariables: + additionalProperties: + type: string + type: object + type: object + startupOptions: + additionalProperties: + type: string + description: |- + StartupParameters can be used to configure the startup parameters with which the agent starts. That also contains + log rotation settings as defined here: + type: object + systemLog: + description: DEPRECATED please use mongod.systemLog + properties: + destination: + type: string + logAppend: + type: boolean + path: + type: string + required: + - destination + - logAppend + - path + type: object + type: object + automationConfig: + description: |- + AutomationConfigOverride holds any fields that will be merged on top of the Automation Config + that the operator creates for the AppDB. Currently only the process.disabled and logRotate field is recognized. + properties: + processes: + items: + description: OverrideProcess contains fields that we can + override on the AutomationConfig processes. + properties: + disabled: + type: boolean + logRotate: + description: CrdLogRotate is the crd definition of LogRotate + including fields in strings while the agent supports + them as float64 + properties: + includeAuditLogsWithMongoDBLogs: + description: |- + set to 'true' to have the Automation Agent rotate the audit files along + with mongodb log files + type: boolean + numTotal: + description: maximum number of log files to have + total + type: integer + numUncompressed: + description: maximum number of log files to leave + uncompressed + type: integer + percentOfDiskspace: + description: |- + Maximum percentage of the total disk space these log files should take up. + The string needs to be able to be converted to float64 + type: string + sizeThresholdMB: + description: |- + Maximum size for an individual log file before rotation. + The string needs to be able to be converted to float64. + Fractional values of MB are supported. + type: string + timeThresholdHrs: + description: maximum hours for an individual log + file before rotation + type: integer + required: + - sizeThresholdMB + - timeThresholdHrs + type: object + name: + type: string + required: + - disabled + - name + type: object + type: array + replicaSet: + properties: + id: + description: |- + Id can be used together with additionalMongodConfig.replication.replSetName + to manage clusters where replSetName differs from the MongoDBCommunity resource name + type: string + settings: + description: |- + MapWrapper is a wrapper for a map to be used by other structs. + The CRD generator does not support map[string]interface{} + on the top level and hence we need to work around this with + a wrapping struct. + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: object + cloudManager: + properties: + configMapRef: + properties: + name: + type: string + type: object + type: object + clusterDomain: + type: string + clusterSpecList: + items: + description: |- + ClusterSpecItem is the mongodb multi-cluster spec that is specific to a + particular Kubernetes cluster, this maps to the statefulset created in each cluster + properties: + clusterName: + description: |- + ClusterName is name of the cluster where the MongoDB Statefulset will be scheduled, the + name should have a one on one mapping with the service-account created in the central cluster + to talk to the workload clusters. + type: string + externalAccess: + description: ExternalAccessConfiguration provides external + access configuration for Multi-Cluster. + properties: + externalDomain: + description: An external domain that is used for exposing + MongoDB to the outside world. + type: string + externalService: + description: Provides a way to override the default + (NodePort) Service + properties: + annotations: + additionalProperties: + type: string + description: A map of annotations that shall be + added to the externally available Service. + type: object + spec: + description: A wrapper for the Service spec object. + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: object + memberConfig: + description: MemberConfig allows to specify votes, priorities + and tags for each of the mongodb process. + items: + properties: + priority: + type: string + tags: + additionalProperties: + type: string + type: object + votes: + type: integer + type: object + type: array + members: + description: Amount of members for this MongoDB Replica + Set + type: integer + podSpec: + properties: + persistence: + description: Note, that this field is used by MongoDB + resources only, let's keep it here for simplicity + properties: + multiple: + properties: + data: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + journal: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + logs: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + type: object + single: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + type: object + podTemplate: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + service: + description: this is an optional service, it will get the + name "-service" in case not provided + type: string + statefulSet: + description: |- + StatefulSetConfiguration holds the optional custom StatefulSet + that should be merged into the operator created one. + properties: + metadata: + description: StatefulSetMetadataWrapper is a wrapper + around Labels and Annotations + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - spec + type: object + required: + - members + type: object + type: array + connectivity: + properties: + replicaSetHorizons: + description: |- + ReplicaSetHorizons holds list of maps of horizons to be configured in each of MongoDB processes. + Horizons map horizon names to the node addresses for each process in the replicaset, e.g.: + [ + { + "internal": "my-rs-0.my-internal-domain.com:31843", + "external": "my-rs-0.my-external-domain.com:21467" + }, + { + "internal": "my-rs-1.my-internal-domain.com:31843", + "external": "my-rs-1.my-external-domain.com:21467" + }, + ... + ] + The key of each item in the map is an arbitrary, user-chosen string that + represents the name of the horizon. The value of the item is the host and, + optionally, the port that this mongod node will be connected to from. + items: + additionalProperties: + type: string + type: object + type: array + type: object + credentials: + description: Name of the Secret holding credentials information + type: string + externalAccess: + description: ExternalAccessConfiguration provides external access + configuration. + properties: + externalDomain: + description: An external domain that is used for exposing + MongoDB to the outside world. + type: string + externalService: + description: Provides a way to override the default (NodePort) + Service + properties: + annotations: + additionalProperties: + type: string + description: A map of annotations that shall be added + to the externally available Service. + type: object + spec: + description: A wrapper for the Service spec object. + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: object + featureCompatibilityVersion: + type: string + memberConfig: + description: MemberConfig allows to specify votes, priorities + and tags for each of the mongodb process. + items: + properties: + priority: + type: string + tags: + additionalProperties: + type: string + type: object + votes: + type: integer + type: object + type: array + members: + description: Amount of members for this MongoDB Replica Set + maximum: 50 + minimum: 3 + type: integer + monitoringAgent: + description: |- + Specify configuration like startup flags just for the MonitoringAgent. + These take precedence over + the flags set in AutomationAgent + properties: + startupOptions: + additionalProperties: + type: string + description: |- + StartupParameters can be used to configure the startup parameters with which the agent starts. That also contains + log rotation settings as defined here: + type: object + required: + - startupOptions + type: object + opsManager: + properties: + configMapRef: + properties: + name: + type: string + type: object + type: object + passwordSecretKeyRef: + description: |- + PasswordSecretKeyRef contains a reference to the secret which contains the password + for the mongodb-ops-manager SCRAM-SHA user + properties: + key: + type: string + name: + type: string + required: + - name + type: object + podSpec: + properties: + persistence: + description: Note, that this field is used by MongoDB resources + only, let's keep it here for simplicity + properties: + multiple: + properties: + data: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + journal: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + logs: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + type: object + single: + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + type: object + podTemplate: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + prometheus: + description: Enables Prometheus integration on the AppDB. + properties: + metricsPath: + description: Indicates path to the metrics endpoint. + pattern: ^\/[a-z0-9]+$ + type: string + passwordSecretRef: + description: Name of a Secret containing a HTTP Basic Auth + Password. + properties: + key: + description: Key is the key in the secret storing this + password. Defaults to "password" + type: string + name: + description: Name is the name of the secret storing this + user's password + type: string + required: + - name + type: object + port: + description: Port where metrics endpoint will bind to. Defaults + to 9216. + type: integer + tlsSecretKeyRef: + description: |- + Name of a Secret (type kubernetes.io/tls) holding the certificates to use in the + Prometheus endpoint. + properties: + key: + description: Key is the key in the secret storing this + password. Defaults to "password" + type: string + name: + description: Name is the name of the secret storing this + user's password + type: string + required: + - name + type: object + username: + description: HTTP Basic Auth Username for metrics endpoint. + type: string + required: + - passwordSecretRef + - username + type: object + security: + properties: + authentication: + description: |- + Authentication holds various authentication related settings that affect + this MongoDB resource. + properties: + agents: + description: Agents contains authentication configuration + properties for the agents + properties: + automationLdapGroupDN: + type: string + automationPasswordSecretRef: + description: SecretKeySelector selects a key of a + Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + automationUserName: + type: string + clientCertificateSecretRef: + type: object + x-kubernetes-preserve-unknown-fields: true + mode: + description: Mode is the desired Authentication mode + that the agents will use + type: string + required: + - mode + type: object + enabled: + type: boolean + ignoreUnknownUsers: + description: IgnoreUnknownUsers maps to the inverse of + auth.authoritativeSet + type: boolean + internalCluster: + type: string + ldap: + description: LDAP Configuration + properties: + authzQueryTemplate: + type: string + bindQueryPasswordSecretRef: + properties: + name: + type: string + required: + - name + type: object + bindQueryUser: + type: string + caConfigMapRef: + description: Allows to point at a ConfigMap/key with + a CA file to mount on the Pod + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + servers: + items: + type: string + type: array + timeoutMS: + type: integer + transportSecurity: + enum: + - tls + - none + type: string + userCacheInvalidationInterval: + type: integer + userToDNMapping: + type: string + validateLDAPServerConfig: + type: boolean + type: object + modes: + items: + enum: + - X509 + - SCRAM + - SCRAM-SHA-1 + - MONGODB-CR + - SCRAM-SHA-256 + - LDAP + - OIDC + type: string + type: array + oidcProviderConfigs: + description: Configuration for OIDC providers + items: + properties: + audience: + description: |- + Entity that your external identity provider intends the token for. + Enter the audience value from the app you registered with external Identity Provider. + type: string + authorizationMethod: + description: |- + Configure single-sign-on for human user access to deployments with Workforce Identity Federation. + For programmatic, application access to deployments use Workload Identity Federation. + Only one Workforce Identity Federation IdP can be configured per MongoDB resource + enum: + - WorkforceIdentityFederation + - WorkloadIdentityFederation + type: string + authorizationType: + description: |- + Select GroupMembership to grant authorization based on IdP user group membership, or select UserID to grant + an individual user authorization. + enum: + - GroupMembership + - UserID + type: string + clientId: + description: |- + Unique identifier for your registered application. Enter the clientId value from the app you + registered with an external Identity Provider. + Required when selected Workforce Identity Federation authorization method + type: string + configurationName: + description: |- + Unique label that identifies this configuration. It is case-sensitive and can only contain the following characters: + - alphanumeric characters (combination of a to z and 0 to 9) + - hyphens (-) + - underscores (_) + pattern: ^[a-zA-Z0-9-_]+$ + type: string + groupsClaim: + description: |- + The identifier of the claim that includes the principal's IdP user group membership information. + Required when selected GroupMembership as the authorization type, ignored otherwise + type: string + issuerURI: + description: |- + Issuer value provided by your registered IdP application. Using this URI, MongoDB finds an OpenID Connect Provider + Configuration Document, which should be available in the /.wellknown/open-id-configuration endpoint. + For MongoDB 8.0+, the combination of issuerURI and audience must be unique across OIDC provider configurations. + For other MongoDB versions, the issuerURI itself must be unique. + type: string + requestedScopes: + description: |- + Tokens that give users permission to request data from the authorization endpoint. + Only used for Workforce Identity Federation authorization method + items: + type: string + type: array + userClaim: + default: sub + description: |- + The identifier of the claim that includes the user principal identity. + Accept the default value unless your IdP uses a different claim. + type: string + required: + - audience + - authorizationMethod + - authorizationType + - configurationName + - issuerURI + - userClaim + type: object + type: array + requireClientTLSAuthentication: + description: Clients should present valid TLS certificates + type: boolean + required: + - enabled + type: object + certsSecretPrefix: + type: string + roleRefs: + items: + properties: + kind: + enum: + - ClusterMongoDBRole + type: string + name: + type: string + required: + - kind + - name + type: object + type: array + roles: + items: + properties: + authenticationRestrictions: + items: + properties: + clientSource: + items: + type: string + type: array + serverAddress: + items: + type: string + type: array + type: object + type: array + db: + type: string + privileges: + items: + properties: + actions: + items: + type: string + type: array + resource: + properties: + cluster: + type: boolean + collection: + type: string + db: + type: string + type: object + required: + - actions + - resource + type: object + type: array + role: + type: string + roles: + items: + properties: + db: + type: string + role: + type: string + required: + - db + - role + type: object + type: array + required: + - db + - role + type: object + type: array + tls: + properties: + additionalCertificateDomains: + items: + type: string + type: array + ca: + description: |- + CA corresponds to a ConfigMap containing an entry for the CA certificate (ca.pem) + used to validate the certificates created already. + type: string + enabled: + description: |- + DEPRECATED please enable TLS by setting `security.certsSecretPrefix` or `security.tls.secretRef.prefix`. + Enables TLS for this resource. This will make the operator try to mount a + Secret with a defined name (-cert). + This is only used when enabling TLS on a MongoDB resource, and not on the + AppDB, where TLS is configured by setting `secretRef.Name`. + type: boolean + type: object + type: object + x-kubernetes-validations: + - message: At most one of roles or roleRefs can be non-empty + rule: '!(has(self.roles) && has(self.roleRefs)) || !(self.roles.size() + > 0 && self.roleRefs.size() > 0)' + service: + description: this is an optional service, it will get the name + "-svc" in case not provided + type: string + topology: + enum: + - SingleCluster + - MultiCluster + type: string + type: + enum: + - Standalone + - ReplicaSet + - ShardedCluster + type: string + version: + pattern: ^[0-9]+.[0-9]+.[0-9]+(-.+)?$|^$ + type: string + required: + - version + type: object + backup: + description: Backup + properties: + assignmentLabels: + description: Assignment Labels set in the Ops Manager + items: + type: string + type: array + blockStores: + items: + description: |- + DataStoreConfig is the description of the config used to reference to database. Reused by Oplog and Block stores + Optionally references the user if the Mongodb is configured with authentication + properties: + assignmentLabels: + description: Assignment Labels set in the Ops Manager + items: + type: string + type: array + mongodbResourceRef: + properties: + name: + type: string + namespace: + type: string + required: + - name + type: object + mongodbUserRef: + properties: + name: + type: string + required: + - name + type: object + name: + type: string + required: + - mongodbResourceRef + - name + type: object + type: array + enabled: + description: Enabled indicates if Backups will be enabled for + this Ops Manager. + type: boolean + encryption: + description: Encryption settings + properties: + kmip: + description: Kmip corresponds to the KMIP configuration assigned + to the Ops Manager Project's configuration. + properties: + server: + description: KMIP Server configuration + properties: + ca: + description: |- + CA corresponds to a ConfigMap containing an entry for the CA certificate (ca.pem) + used for KMIP authentication + type: string + url: + description: |- + KMIP Server url in the following format: hostname:port + Valid examples are: + 10.10.10.3:5696 + my-kmip-server.mycorp.com:5696 + kmip-svc.svc.cluster.local:5696 + pattern: '[^\:]+:[0-9]{0,5}' + type: string + required: + - ca + - url + type: object + required: + - server + type: object + type: object + externalServiceEnabled: + type: boolean + fileSystemStores: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + headDB: + description: HeadDB specifies configuration options for the HeadDB + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + jvmParameters: + items: + type: string + type: array + logging: + properties: + LogBackAccessRef: + description: LogBackAccessRef points at a ConfigMap/key with + the logback access configuration file to mount on the Pod + properties: + name: + type: string + type: object + LogBackRef: + description: LogBackRef points at a ConfigMap/key with the + logback configuration file to mount on the Pod + properties: + name: + type: string + type: object + type: object + members: + description: Members indicate the number of backup daemon pods + to create. + minimum: 1 + type: integer + opLogStores: + description: OplogStoreConfigs describes the list of oplog store + configs used for backup + items: + description: |- + DataStoreConfig is the description of the config used to reference to database. Reused by Oplog and Block stores + Optionally references the user if the Mongodb is configured with authentication + properties: + assignmentLabels: + description: Assignment Labels set in the Ops Manager + items: + type: string + type: array + mongodbResourceRef: + properties: + name: + type: string + namespace: + type: string + required: + - name + type: object + mongodbUserRef: + properties: + name: + type: string + required: + - name + type: object + name: + type: string + required: + - mongodbResourceRef + - name + type: object + type: array + queryableBackupSecretRef: + description: |- + QueryableBackupSecretRef references the secret which contains the pem file which is used + for queryable backup. This will be mounted into the Ops Manager pod. + properties: + name: + type: string + required: + - name + type: object + s3OpLogStores: + description: S3OplogStoreConfigs describes the list of s3 oplog + store configs used for backup. + items: + properties: + assignmentLabels: + description: Assignment Labels set in the Ops Manager + items: + type: string + type: array + customCertificate: + description: |- + Set this to "true" to use the appDBCa as a CA to access S3. + Deprecated: This has been replaced by CustomCertificateSecretRefs, + In the future all custom certificates, which includes the appDBCa + for s3Config should be configured in CustomCertificateSecretRefs instead. + type: boolean + customCertificateSecretRefs: + description: |- + CustomCertificateSecretRefs is a list of valid Certificate Authority certificate secrets + that apply to the associated S3 bucket. + items: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: array + irsaEnabled: + description: |- + This is only set to "true" when a user is running in EKS and is using AWS IRSA to configure + S3 snapshot store. For more details refer this: https://aws.amazon.com/blogs/opensource/introducing-fine-grained-iam-roles-service-accounts/ + type: boolean + mongodbResourceRef: + properties: + name: + type: string + namespace: + type: string + required: + - name + type: object + mongodbUserRef: + properties: + name: + type: string + required: + - name + type: object + name: + type: string + pathStyleAccessEnabled: + type: boolean + s3BucketEndpoint: + type: string + s3BucketName: + type: string + s3RegionOverride: + type: string + s3SecretRef: + description: |- + S3SecretRef is the secret that contains the AWS credentials used to access S3 + It is optional because the credentials can be provided via AWS IRSA + properties: + name: + type: string + required: + - name + type: object + required: + - name + - pathStyleAccessEnabled + - s3BucketEndpoint + - s3BucketName + type: object + type: array + s3Stores: + items: + properties: + assignmentLabels: + description: Assignment Labels set in the Ops Manager + items: + type: string + type: array + customCertificate: + description: |- + Set this to "true" to use the appDBCa as a CA to access S3. + Deprecated: This has been replaced by CustomCertificateSecretRefs, + In the future all custom certificates, which includes the appDBCa + for s3Config should be configured in CustomCertificateSecretRefs instead. + type: boolean + customCertificateSecretRefs: + description: |- + CustomCertificateSecretRefs is a list of valid Certificate Authority certificate secrets + that apply to the associated S3 bucket. + items: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: array + irsaEnabled: + description: |- + This is only set to "true" when a user is running in EKS and is using AWS IRSA to configure + S3 snapshot store. For more details refer this: https://aws.amazon.com/blogs/opensource/introducing-fine-grained-iam-roles-service-accounts/ + type: boolean + mongodbResourceRef: + properties: + name: + type: string + namespace: + type: string + required: + - name + type: object + mongodbUserRef: + properties: + name: + type: string + required: + - name + type: object + name: + type: string + pathStyleAccessEnabled: + type: boolean + s3BucketEndpoint: + type: string + s3BucketName: + type: string + s3RegionOverride: + type: string + s3SecretRef: + description: |- + S3SecretRef is the secret that contains the AWS credentials used to access S3 + It is optional because the credentials can be provided via AWS IRSA + properties: + name: + type: string + required: + - name + type: object + required: + - name + - pathStyleAccessEnabled + - s3BucketEndpoint + - s3BucketName + type: object + type: array + statefulSet: + description: |- + StatefulSetConfiguration holds the optional custom StatefulSet + that should be merged into the operator created one. + properties: + metadata: + description: StatefulSetMetadataWrapper is a wrapper around + Labels and Annotations + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - spec + type: object + required: + - enabled + type: object + clusterDomain: + format: hostname + type: string + clusterName: + description: |- + Deprecated: This has been replaced by the ClusterDomain which should be + used instead + format: hostname + type: string + clusterSpecList: + items: + description: ClusterSpecOMItem defines members cluster details for + Ops Manager multi-cluster deployment. + properties: + backup: + description: |- + Backup contains settings to override from top-level `spec.backup` for this member cluster. + If the value is not set here, then the value is taken from `spec.backup`. + properties: + assignmentLabels: + description: Assignment Labels set in the Ops Manager + items: + type: string + type: array + headDB: + description: HeadDB specifies configuration options for + the HeadDB + properties: + labelSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + type: string + storageClass: + type: string + type: object + jvmParameters: + items: + type: string + type: array + members: + description: Members indicate the number of backup daemon + pods to create. + minimum: 0 + type: integer + statefulSet: + description: StatefulSetConfiguration specified optional + overrides for backup datemon statefulset. + properties: + metadata: + description: StatefulSetMetadataWrapper is a wrapper + around Labels and Annotations + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - spec + type: object + required: + - members + type: object + clusterDomain: + description: Cluster domain to override the default *.svc.cluster.local + if the default cluster domain has been changed on a cluster + level. + format: hostname + type: string + clusterName: + description: |- + ClusterName is name of the cluster where the Ops Manager Statefulset will be scheduled. + The operator is using ClusterName to find API credentials in `mongodb-kubernetes-operator-member-list` config map to use for this member cluster. + If the credentials are not found, then the member cluster is considered unreachable and ignored in the reconcile process. + type: string + configuration: + additionalProperties: + type: string + description: |- + The configuration properties passed to Ops Manager and Backup Daemon in this cluster. + If specified (not empty) then this field overrides `spec.configuration` field entirely. + If not specified, then `spec.configuration` field is used for the Ops Manager and Backup Daemon instances in this cluster. + type: object + externalConnectivity: + description: |- + MongoDBOpsManagerExternalConnectivity if sets allows for the creation of a Service for + accessing Ops Manager instances in this member cluster from outside the Kubernetes cluster. + If specified (even if provided empty) then this field overrides `spec.externalConnectivity` field entirely. + If not specified, then `spec.externalConnectivity` field is used for the Ops Manager and Backup Daemon instances in this cluster. + properties: + annotations: + additionalProperties: + type: string + description: Annotations is a list of annotations to be + directly passed to the Service object. + type: object + clusterIP: + description: ClusterIP IP that will be assigned to this + Service when creating a ClusterIP type Service + type: string + externalTrafficPolicy: + description: |- + ExternalTrafficPolicy mechanism to preserve the client source IP. + Only supported on GCE and Google Kubernetes Engine. + enum: + - Cluster + - Local + type: string + loadBalancerIP: + description: LoadBalancerIP IP that will be assigned to + this LoadBalancer. + type: string + port: + description: Port in which this `Service` will listen to, + this applies to `NodePort`. + format: int32 + type: integer + type: + description: Type of the `Service` to be created. + enum: + - LoadBalancer + - NodePort + - ClusterIP + type: string + required: + - type + type: object + jvmParameters: + description: |- + JVM parameters to pass to Ops Manager and Backup Daemon instances in this member cluster. + If specified (not empty) then this field overrides `spec.jvmParameters` field entirely. + If not specified, then `spec.jvmParameters` field is used for the Ops Manager and Backup Daemon instances in this cluster. + items: + type: string + type: array + members: + description: Number of Ops Manager instances in this member + cluster. + type: integer + statefulSet: + description: |- + Configure custom StatefulSet configuration to override in Ops Manager's statefulset in this member cluster. + If specified (even if provided empty) then this field overrides `spec.externalConnectivity` field entirely. + If not specified, then `spec.externalConnectivity` field is used for the Ops Manager and Backup Daemon instances in this cluster. + properties: + metadata: + description: StatefulSetMetadataWrapper is a wrapper around + Labels and Annotations + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - spec + type: object + required: + - clusterName + - members + type: object + type: array + configuration: + additionalProperties: + type: string + description: The configuration properties passed to Ops Manager/Backup + Daemon + type: object + externalConnectivity: + description: |- + MongoDBOpsManagerExternalConnectivity if sets allows for the creation of a Service for + accessing this Ops Manager resource from outside the Kubernetes cluster. + properties: + annotations: + additionalProperties: + type: string + description: Annotations is a list of annotations to be directly + passed to the Service object. + type: object + clusterIP: + description: ClusterIP IP that will be assigned to this Service + when creating a ClusterIP type Service + type: string + externalTrafficPolicy: + description: |- + ExternalTrafficPolicy mechanism to preserve the client source IP. + Only supported on GCE and Google Kubernetes Engine. + enum: + - Cluster + - Local + type: string + loadBalancerIP: + description: LoadBalancerIP IP that will be assigned to this LoadBalancer. + type: string + port: + description: Port in which this `Service` will listen to, this + applies to `NodePort`. + format: int32 + type: integer + type: + description: Type of the `Service` to be created. + enum: + - LoadBalancer + - NodePort + - ClusterIP + type: string + required: + - type + type: object + internalConnectivity: + description: |- + InternalConnectivity if set allows for overriding the settings of the default service + used for internal connectivity to the OpsManager servers. + properties: + annotations: + additionalProperties: + type: string + description: Annotations is a list of annotations to be directly + passed to the Service object. + type: object + clusterIP: + description: ClusterIP IP that will be assigned to this Service + when creating a ClusterIP type Service + type: string + externalTrafficPolicy: + description: |- + ExternalTrafficPolicy mechanism to preserve the client source IP. + Only supported on GCE and Google Kubernetes Engine. + enum: + - Cluster + - Local + type: string + loadBalancerIP: + description: LoadBalancerIP IP that will be assigned to this LoadBalancer. + type: string + port: + description: Port in which this `Service` will listen to, this + applies to `NodePort`. + format: int32 + type: integer + type: + description: Type of the `Service` to be created. + enum: + - LoadBalancer + - NodePort + - ClusterIP + type: string + required: + - type + type: object + jvmParameters: + description: Custom JVM parameters passed to the Ops Manager JVM + items: + type: string + type: array + logging: + properties: + LogBackAccessRef: + description: LogBackAccessRef points at a ConfigMap/key with the + logback access configuration file to mount on the Pod + properties: + name: + type: string + type: object + LogBackRef: + description: LogBackRef points at a ConfigMap/key with the logback + configuration file to mount on the Pod + properties: + name: + type: string + type: object + type: object + opsManagerURL: + description: |- + OpsManagerURL specified the URL with which the operator and AppDB monitoring agent should access Ops Manager instance (or instances). + When not set, the operator is using FQDN of Ops Manager's headless service `{name}-svc.{namespace}.svc.cluster.local` to connect to the instance. If that URL cannot be used, then URL in this field should be provided for the operator to connect to Ops Manager instances. + type: string + replicas: + minimum: 1 + type: integer + security: + description: Configure HTTPS. + properties: + certsSecretPrefix: + type: string + tls: + properties: + ca: + type: string + secretRef: + properties: + name: + type: string + required: + - name + type: object + type: object + type: object + statefulSet: + description: Configure custom StatefulSet configuration + properties: + metadata: + description: StatefulSetMetadataWrapper is a wrapper around Labels + and Annotations + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - spec + type: object + topology: + description: |- + Topology sets the desired cluster topology of Ops Manager deployment. + It defaults (and if not set) to SingleCluster. If MultiCluster specified, + then clusterSpecList field is mandatory and at least one member cluster has to be specified. + enum: + - SingleCluster + - MultiCluster + type: string + version: + type: string + required: + - applicationDatabase + - version + type: object + status: + properties: + applicationDatabase: + properties: + backup: + properties: + statusName: + type: string + required: + - statusName + type: object + clusterStatusList: + items: + properties: + clusterName: + type: string + members: + type: integer + type: object + type: array + configServerCount: + type: integer + featureCompatibilityVersion: + type: string + lastTransition: + type: string + link: + type: string + members: + type: integer + message: + type: string + mongodsPerShardCount: + type: integer + mongosCount: + type: integer + observedGeneration: + format: int64 + type: integer + phase: + type: string + pvc: + items: + properties: + phase: + type: string + statefulsetName: + type: string + required: + - phase + - statefulsetName + type: object + type: array + resourcesNotReady: + items: + description: ResourceNotReady describes the dependent resource + which is not ready yet + properties: + errors: + items: + properties: + message: + type: string + reason: + type: string + type: object + type: array + kind: + description: ResourceKind specifies a kind of a Kubernetes + resource. Used in status of a Custom Resource + type: string + message: + type: string + name: + type: string + required: + - kind + - name + type: object + type: array + shardCount: + type: integer + sizeStatusInClusters: + description: MongodbShardedSizeStatusInClusters describes the + number and sizes of replica sets members deployed across member + clusters + properties: + configServerMongodsInClusters: + additionalProperties: + type: integer + type: object + mongosCountInClusters: + additionalProperties: + type: integer + type: object + shardMongodsInClusters: + additionalProperties: + type: integer + type: object + shardOverridesInClusters: + additionalProperties: + additionalProperties: + type: integer + type: object + type: object + type: object + version: + type: string + warnings: + items: + type: string + type: array + required: + - phase + - version + type: object + backup: + properties: + clusterStatusList: + items: + properties: + clusterName: + type: string + replicas: + type: integer + type: object + type: array + lastTransition: + type: string + message: + type: string + observedGeneration: + format: int64 + type: integer + phase: + type: string + pvc: + items: + properties: + phase: + type: string + statefulsetName: + type: string + required: + - phase + - statefulsetName + type: object + type: array + resourcesNotReady: + items: + description: ResourceNotReady describes the dependent resource + which is not ready yet + properties: + errors: + items: + properties: + message: + type: string + reason: + type: string + type: object + type: array + kind: + description: ResourceKind specifies a kind of a Kubernetes + resource. Used in status of a Custom Resource + type: string + message: + type: string + name: + type: string + required: + - kind + - name + type: object + type: array + version: + type: string + warnings: + items: + type: string + type: array + required: + - phase + type: object + opsManager: + properties: + clusterStatusList: + items: + properties: + clusterName: + type: string + replicas: + type: integer + type: object + type: array + lastTransition: + type: string + message: + type: string + observedGeneration: + format: int64 + type: integer + phase: + type: string + pvc: + items: + properties: + phase: + type: string + statefulsetName: + type: string + required: + - phase + - statefulsetName + type: object + type: array + replicas: + type: integer + resourcesNotReady: + items: + description: ResourceNotReady describes the dependent resource + which is not ready yet + properties: + errors: + items: + properties: + message: + type: string + reason: + type: string + type: object + type: array + kind: + description: ResourceKind specifies a kind of a Kubernetes + resource. Used in status of a Custom Resource + type: string + message: + type: string + name: + type: string + required: + - kind + - name + type: object + type: array + url: + type: string + version: + type: string + warnings: + items: + type: string + type: array + required: + - phase + type: object + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/mongodb-kubernetes/1.5.0/manifests/mongodbcommunity.mongodb.com_mongodbcommunity.yaml b/operators/mongodb-kubernetes/1.5.0/manifests/mongodbcommunity.mongodb.com_mongodbcommunity.yaml new file mode 100644 index 000000000000..e868b264ade9 --- /dev/null +++ b/operators/mongodb-kubernetes/1.5.0/manifests/mongodbcommunity.mongodb.com_mongodbcommunity.yaml @@ -0,0 +1,682 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + service.binding: path={.metadata.name}-{.spec.users[0].db}-{.spec.users[0].name},objectType=Secret + service.binding/connectionString: path={.metadata.name}-{.spec.users[0].db}-{.spec.users[0].name},objectType=Secret,sourceKey=connectionString.standardSrv + service.binding/password: path={.metadata.name}-{.spec.users[0].db}-{.spec.users[0].name},objectType=Secret,sourceKey=password + service.binding/provider: community + service.binding/type: mongodb + service.binding/username: path={.metadata.name}-{.spec.users[0].db}-{.spec.users[0].name},objectType=Secret,sourceKey=username + creationTimestamp: null + name: mongodbcommunity.mongodbcommunity.mongodb.com +spec: + group: mongodbcommunity.mongodb.com + names: + kind: MongoDBCommunity + listKind: MongoDBCommunityList + plural: mongodbcommunity + shortNames: + - mdbc + singular: mongodbcommunity + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Current state of the MongoDB deployment + jsonPath: .status.phase + name: Phase + type: string + - description: Version of MongoDB server + jsonPath: .status.version + name: Version + type: string + name: v1 + schema: + openAPIV3Schema: + description: MongoDBCommunity is the Schema for the mongodbs API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: MongoDBCommunitySpec defines the desired state of MongoDB + properties: + additionalConnectionStringConfig: + description: Additional options to be appended to the connection string. + These options apply to the entire resource and to each user. + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + additionalMongodConfig: + description: |- + AdditionalMongodConfig is additional configuration that can be passed to + each data-bearing mongod at runtime. Uses the same structure as the mongod + configuration file: https://www.mongodb.com/docs/manual/reference/configuration-options/ + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + agent: + description: AgentConfiguration sets options for the MongoDB automation + agent + properties: + auditLogRotate: + description: AuditLogRotate if enabled, will enable AuditLogRotate + for all processes. + properties: + includeAuditLogsWithMongoDBLogs: + description: |- + set to 'true' to have the Automation Agent rotate the audit files along + with mongodb log files + type: boolean + numTotal: + description: maximum number of log files to have total + type: integer + numUncompressed: + description: maximum number of log files to leave uncompressed + type: integer + percentOfDiskspace: + description: |- + Maximum percentage of the total disk space these log files should take up. + The string needs to be able to be converted to float64 + type: string + sizeThresholdMB: + description: |- + Maximum size for an individual log file before rotation. + The string needs to be able to be converted to float64. + Fractional values of MB are supported. + type: string + timeThresholdHrs: + description: maximum hours for an individual log file before + rotation + type: integer + required: + - sizeThresholdMB + - timeThresholdHrs + type: object + logFile: + type: string + logLevel: + type: string + logRotate: + description: LogRotate if enabled, will enable LogRotate for all + processes. + properties: + includeAuditLogsWithMongoDBLogs: + description: |- + set to 'true' to have the Automation Agent rotate the audit files along + with mongodb log files + type: boolean + numTotal: + description: maximum number of log files to have total + type: integer + numUncompressed: + description: maximum number of log files to leave uncompressed + type: integer + percentOfDiskspace: + description: |- + Maximum percentage of the total disk space these log files should take up. + The string needs to be able to be converted to float64 + type: string + sizeThresholdMB: + description: |- + Maximum size for an individual log file before rotation. + The string needs to be able to be converted to float64. + Fractional values of MB are supported. + type: string + timeThresholdHrs: + description: maximum hours for an individual log file before + rotation + type: integer + required: + - sizeThresholdMB + - timeThresholdHrs + type: object + maxLogFileDurationHours: + type: integer + systemLog: + description: SystemLog configures system log of mongod + properties: + destination: + type: string + logAppend: + type: boolean + path: + type: string + required: + - destination + - logAppend + - path + type: object + type: object + arbiters: + description: |- + Arbiters is the number of arbiters to add to the Replica Set. + It is not recommended to have more than one arbiter per Replica Set. + More info: https://www.mongodb.com/docs/manual/tutorial/add-replica-set-arbiter/ + type: integer + automationConfig: + description: |- + AutomationConfigOverride is merged on top of the operator created automation config. Processes are merged + by name. Currently Only the process.disabled field is supported. + properties: + processes: + items: + description: OverrideProcess contains fields that we can override + on the AutomationConfig processes. + properties: + disabled: + type: boolean + logRotate: + description: CrdLogRotate is the crd definition of LogRotate + including fields in strings while the agent supports them + as float64 + properties: + includeAuditLogsWithMongoDBLogs: + description: |- + set to 'true' to have the Automation Agent rotate the audit files along + with mongodb log files + type: boolean + numTotal: + description: maximum number of log files to have total + type: integer + numUncompressed: + description: maximum number of log files to leave uncompressed + type: integer + percentOfDiskspace: + description: |- + Maximum percentage of the total disk space these log files should take up. + The string needs to be able to be converted to float64 + type: string + sizeThresholdMB: + description: |- + Maximum size for an individual log file before rotation. + The string needs to be able to be converted to float64. + Fractional values of MB are supported. + type: string + timeThresholdHrs: + description: maximum hours for an individual log file + before rotation + type: integer + required: + - sizeThresholdMB + - timeThresholdHrs + type: object + name: + type: string + required: + - disabled + - name + type: object + type: array + replicaSet: + properties: + id: + description: |- + Id can be used together with additionalMongodConfig.replication.replSetName + to manage clusters where replSetName differs from the MongoDBCommunity resource name + type: string + settings: + description: |- + MapWrapper is a wrapper for a map to be used by other structs. + The CRD generator does not support map[string]interface{} + on the top level and hence we need to work around this with + a wrapping struct. + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: object + featureCompatibilityVersion: + description: |- + FeatureCompatibilityVersion configures the feature compatibility version that will + be set for the deployment + type: string + memberConfig: + description: MemberConfig + items: + properties: + priority: + type: string + tags: + additionalProperties: + type: string + type: object + votes: + type: integer + type: object + type: array + members: + description: Members is the number of members in the replica set + type: integer + prometheus: + description: Prometheus configurations. + properties: + metricsPath: + description: Indicates path to the metrics endpoint. + pattern: ^\/[a-z0-9]+$ + type: string + passwordSecretRef: + description: Name of a Secret containing a HTTP Basic Auth Password. + properties: + key: + description: Key is the key in the secret storing this password. + Defaults to "password" + type: string + name: + description: Name is the name of the secret storing this user's + password + type: string + required: + - name + type: object + port: + description: Port where metrics endpoint will bind to. Defaults + to 9216. + type: integer + tlsSecretKeyRef: + description: |- + Name of a Secret (type kubernetes.io/tls) holding the certificates to use in the + Prometheus endpoint. + properties: + key: + description: Key is the key in the secret storing this password. + Defaults to "password" + type: string + name: + description: Name is the name of the secret storing this user's + password + type: string + required: + - name + type: object + username: + description: HTTP Basic Auth Username for metrics endpoint. + type: string + required: + - passwordSecretRef + - username + type: object + replicaSetHorizons: + description: |- + ReplicaSetHorizons Add this parameter and values if you need your database + to be accessed outside of Kubernetes. This setting allows you to + provide different DNS settings within the Kubernetes cluster and + to the Kubernetes cluster. The Kubernetes Operator uses split horizon + DNS for replica set members. This feature allows communication both + within the Kubernetes cluster and from outside Kubernetes. + items: + additionalProperties: + type: string + type: object + type: array + security: + description: Security configures security features, such as TLS, and + authentication settings for a deployment + properties: + authentication: + properties: + agentCertificateSecretRef: + description: |- + AgentCertificateSecret is a reference to a Secret containing the certificate and the key for the automation agent + The secret needs to have available: + - certificate under key: "tls.crt" + - private key under key: "tls.key" + If additionally, tls.pem is present, then it needs to be equal to the concatenation of tls.crt and tls.key + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + agentMode: + description: AgentMode contains the authentication mode used + by the automation agent. + enum: + - SCRAM + - SCRAM-SHA-256 + - SCRAM-SHA-1 + - X509 + type: string + ignoreUnknownUsers: + default: true + nullable: true + type: boolean + modes: + description: Modes is an array specifying which authentication + methods should be enabled. + items: + enum: + - SCRAM + - SCRAM-SHA-256 + - SCRAM-SHA-1 + - X509 + type: string + type: array + required: + - modes + type: object + roles: + description: User-specified custom MongoDB roles that should be + configured in the deployment. + items: + description: CustomRole defines a custom MongoDB role. + properties: + authenticationRestrictions: + description: The authentication restrictions the server + enforces on the role. + items: + description: |- + AuthenticationRestriction specifies a list of IP addresses and CIDR ranges users + are allowed to connect to or from. + properties: + clientSource: + items: + type: string + type: array + serverAddress: + items: + type: string + type: array + required: + - clientSource + - serverAddress + type: object + type: array + db: + description: The database of the role. + type: string + privileges: + description: The privileges to grant the role. + items: + description: Privilege defines the actions a role is allowed + to perform on a given resource. + properties: + actions: + items: + type: string + type: array + resource: + description: |- + Resource specifies specifies the resources upon which a privilege permits actions. + See https://www.mongodb.com/docs/manual/reference/resource-document for more. + properties: + anyResource: + type: boolean + cluster: + type: boolean + collection: + type: string + db: + type: string + type: object + required: + - actions + - resource + type: object + type: array + role: + description: The name of the role. + type: string + roles: + description: An array of roles from which this role inherits + privileges. + items: + description: Role is the database role this user should + have + properties: + db: + description: DB is the database the role can act on + type: string + name: + description: Name is the name of the role + type: string + required: + - db + - name + type: object + type: array + required: + - db + - privileges + - role + type: object + type: array + tls: + description: TLS configuration for both client-server and server-server + communication + properties: + caCertificateSecretRef: + description: |- + CaCertificateSecret is a reference to a Secret containing the certificate for the CA which signed the server certificates + The certificate is expected to be available under the key "ca.crt" + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + caConfigMapRef: + description: |- + CaConfigMap is a reference to a ConfigMap containing the certificate for the CA which signed the server certificates + The certificate is expected to be available under the key "ca.crt" + This field is ignored when CaCertificateSecretRef is configured + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + certificateKeySecretRef: + description: |- + CertificateKeySecret is a reference to a Secret containing a private key and certificate to use for TLS. + The key and cert are expected to be PEM encoded and available at "tls.key" and "tls.crt". + This is the same format used for the standard "kubernetes.io/tls" Secret type, but no specific type is required. + Alternatively, an entry tls.pem, containing the concatenation of cert and key, can be provided. + If all of tls.pem, tls.crt and tls.key are present, the tls.pem one needs to be equal to the concatenation of tls.crt and tls.key + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + enabled: + type: boolean + optional: + description: Optional configures if TLS should be required + or optional for connections + type: boolean + required: + - enabled + type: object + type: object + statefulSet: + description: |- + StatefulSetConfiguration holds the optional custom StatefulSet + that should be merged into the operator created one. + properties: + metadata: + description: StatefulSetMetadataWrapper is a wrapper around Labels + and Annotations + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - spec + type: object + type: + description: Type defines which type of MongoDB deployment the resource + should create + enum: + - ReplicaSet + type: string + users: + description: Users specifies the MongoDB users that should be configured + in your deployment + items: + properties: + additionalConnectionStringConfig: + description: |- + Additional options to be appended to the connection string. + These options apply only to this user and will override any existing options in the resource. + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + connectionStringSecretAnnotations: + additionalProperties: + type: string + description: ConnectionStringSecretAnnotations is the annotations + of the secret object created by the operator which exposes + the connection strings for the user. + type: object + connectionStringSecretName: + description: |- + ConnectionStringSecretName is the name of the secret object created by the operator which exposes the connection strings for the user. + If provided, this secret must be different for each user in a deployment. + type: string + connectionStringSecretNamespace: + description: ConnectionStringSecretNamespace is the namespace + of the secret object created by the operator which exposes + the connection strings for the user. + type: string + db: + default: admin + description: DB is the database the user is stored in. Defaults + to "admin" + type: string + name: + description: Name is the username of the user + type: string + passwordSecretRef: + description: PasswordSecretRef is a reference to the secret + containing this user's password + properties: + key: + description: Key is the key in the secret storing this password. + Defaults to "password" + type: string + name: + description: Name is the name of the secret storing this + user's password + type: string + required: + - name + type: object + roles: + description: Roles is an array of roles assigned to this user + items: + description: Role is the database role this user should have + properties: + db: + description: DB is the database the role can act on + type: string + name: + description: Name is the name of the role + type: string + required: + - db + - name + type: object + type: array + scramCredentialsSecretName: + description: |- + ScramCredentialsSecretName appended by string "scram-credentials" is the name of the secret object created by the mongoDB operator for storing SCRAM credentials + These secrets names must be different for each user in a deployment. + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + type: string + required: + - name + - roles + type: object + type: array + version: + description: Version defines which version of MongoDB will be used + type: string + required: + - security + - type + - users + type: object + status: + description: MongoDBCommunityStatus defines the observed state of MongoDB + properties: + currentMongoDBArbiters: + type: integer + currentMongoDBMembers: + type: integer + currentStatefulSetArbitersReplicas: + type: integer + currentStatefulSetReplicas: + type: integer + message: + type: string + mongoUri: + type: string + phase: + type: string + version: + type: string + required: + - currentMongoDBMembers + - currentStatefulSetReplicas + - mongoUri + - phase + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/mongodb-kubernetes/1.5.0/metadata/annotations.yaml b/operators/mongodb-kubernetes/1.5.0/metadata/annotations.yaml new file mode 100644 index 000000000000..3a5a133e09be --- /dev/null +++ b/operators/mongodb-kubernetes/1.5.0/metadata/annotations.yaml @@ -0,0 +1,15 @@ +annotations: + # Core bundle annotations. + operators.operatorframework.io.bundle.mediatype.v1: registry+v1 + operators.operatorframework.io.bundle.manifests.v1: manifests/ + operators.operatorframework.io.bundle.metadata.v1: metadata/ + operators.operatorframework.io.bundle.package.v1: mongodb-kubernetes + operators.operatorframework.io.bundle.channels.v1: stable + operators.operatorframework.io.bundle.channel.default.v1: stable + operators.operatorframework.io.metrics.builder: operator-sdk-v1.26.1 + operators.operatorframework.io.metrics.mediatype.v1: metrics+v1 + operators.operatorframework.io.metrics.project_layout: go.kubebuilder.io/v3 + # Annotations for testing. + operators.operatorframework.io.test.mediatype.v1: scorecard+v1 + operators.operatorframework.io.test.config.v1: tests/scorecard/ + com.redhat.openshift.versions: v4.6 diff --git a/operators/mongodb-kubernetes/1.5.0/tests/scorecard/config.yaml b/operators/mongodb-kubernetes/1.5.0/tests/scorecard/config.yaml new file mode 100644 index 000000000000..89bdfbe4df9e --- /dev/null +++ b/operators/mongodb-kubernetes/1.5.0/tests/scorecard/config.yaml @@ -0,0 +1,70 @@ +apiVersion: scorecard.operatorframework.io/v1alpha3 +kind: Configuration +metadata: + name: config +stages: +- parallel: true + tests: + - entrypoint: + - scorecard-test + - basic-check-spec + image: quay.io/operator-framework/scorecard-test:v1.12.0 + labels: + suite: basic + test: basic-check-spec-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-bundle-validation + image: quay.io/operator-framework/scorecard-test:v1.12.0 + labels: + suite: olm + test: olm-bundle-validation-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-crds-have-validation + image: quay.io/operator-framework/scorecard-test:v1.12.0 + labels: + suite: olm + test: olm-crds-have-validation-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-crds-have-resources + image: quay.io/operator-framework/scorecard-test:v1.12.0 + labels: + suite: olm + test: olm-crds-have-resources-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-spec-descriptors + image: quay.io/operator-framework/scorecard-test:v1.12.0 + labels: + suite: olm + test: olm-spec-descriptors-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-status-descriptors + image: quay.io/operator-framework/scorecard-test:v1.12.0 + labels: + suite: olm + test: olm-status-descriptors-test + storage: + spec: + mountPath: {} +storage: + spec: + mountPath: {}