← Back to index Esc
Kind
Mongodbmulticluster
Group
mongodb.com
Version
v1
apiVersion: mongodb.com/v1 kind: Mongodbmulticluster metadata: name: example
View raw schema
apiVersion string
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
kind string
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
metadata object
spec object required
additionalMongodConfig object
AdditionalMongodConfig is additional configuration that can be passed to each data-bearing mongod at runtime. Uses the same structure as the mongod configuration file: https://docs.mongodb.com/manual/reference/configuration-options/
agent object
backupAgent object
logRotate object
LogRotate configures log rotation for the BackupAgent processes
sizeThresholdMB integer
Maximum size for an individual log file before rotation. OM only supports ints
timeThresholdHrs integer
Number of hours after which this MongoDB Agent rotates the log file.
logLevel string
logRotate object
DEPRECATED please use mongod.logRotate
includeAuditLogsWithMongoDBLogs boolean
set to 'true' to have the Automation Agent rotate the audit files along with mongodb log files
numTotal integer
maximum number of log files to have total
numUncompressed integer
maximum number of log files to leave uncompressed
percentOfDiskspace string
Maximum percentage of the total disk space these log files should take up. The string needs to be able to be converted to float64
sizeThresholdMB string required
Maximum size for an individual log file before rotation. The string needs to be able to be converted to float64. Fractional values of MB are supported.
timeThresholdHrs integer required
maximum hours for an individual log file before rotation
maxLogFileDurationHours integer
mongod object
AgentLoggingMongodConfig contain settings for the mongodb processes configured by the agent
auditlogRotate object
LogRotate configures audit log rotation for the mongodb processes
includeAuditLogsWithMongoDBLogs boolean
set to 'true' to have the Automation Agent rotate the audit files along with mongodb log files
numTotal integer
maximum number of log files to have total
numUncompressed integer
maximum number of log files to leave uncompressed
percentOfDiskspace string
Maximum percentage of the total disk space these log files should take up. The string needs to be able to be converted to float64
sizeThresholdMB string required
Maximum size for an individual log file before rotation. The string needs to be able to be converted to float64. Fractional values of MB are supported.
timeThresholdHrs integer required
maximum hours for an individual log file before rotation
logRotate object
LogRotate configures log rotation for the mongodb processes
includeAuditLogsWithMongoDBLogs boolean
set to 'true' to have the Automation Agent rotate the audit files along with mongodb log files
numTotal integer
maximum number of log files to have total
numUncompressed integer
maximum number of log files to leave uncompressed
percentOfDiskspace string
Maximum percentage of the total disk space these log files should take up. The string needs to be able to be converted to float64
sizeThresholdMB string required
Maximum size for an individual log file before rotation. The string needs to be able to be converted to float64. Fractional values of MB are supported.
timeThresholdHrs integer required
maximum hours for an individual log file before rotation
systemLog object
SystemLog configures system log of mongod
destination string required
logAppend boolean required
path string required
monitoringAgent object
logRotate object
LogRotate configures log rotation for the BackupAgent processes
sizeThresholdMB integer
Maximum size for an individual log file before rotation. OM only supports ints
timeThresholdHrs integer
Number of hours after which this MongoDB Agent rotates the log file.
readinessProbe object
environmentVariables object
startupOptions object
StartupParameters can be used to configure the startup parameters with which the agent starts. That also contains log rotation settings as defined here:
systemLog object
DEPRECATED please use mongod.systemLog
destination string required
logAppend boolean required
path string required
backup object
Backup contains configuration options for configuring backup for this MongoDB resource
assignmentLabels []string
Assignment Labels set in the Ops Manager
autoTerminateOnDeletion boolean
AutoTerminateOnDeletion indicates if the Operator should stop and terminate the Backup before the cleanup, when the MongoDB CR is deleted
encryption object
Encryption settings
kmip object
Kmip corresponds to the KMIP configuration assigned to the Ops Manager Project's configuration.
client object required
KMIP Client configuration
clientCertificatePrefix string
A prefix used to construct KMIP client certificate (and corresponding password) Secret names. The names are generated using the following pattern: KMIP Client Certificate (TLS Secret): <clientCertificatePrefix>-<CR Name>-kmip-client KMIP Client Certificate Password: <clientCertificatePrefix>-<CR Name>-kmip-client-password The expected key inside is called "password".
mode string
enum: enabled, disabled, terminated
snapshotSchedule object
clusterCheckpointIntervalMin integer
enum: 15, 30, 60
dailySnapshotRetentionDays integer
Number of days to retain daily snapshots. Setting 0 will disable this rule.
minimum: 0
maximum: 365
fullIncrementalDayOfWeek string
Day of the week when Ops Manager takes a full snapshot. This ensures a recent complete backup. Ops Manager sets the default value to SUNDAY.
enum: SUNDAY, MONDAY, TUESDAY, WEDNESDAY, THURSDAY, FRIDAY, SATURDAY
monthlySnapshotRetentionMonths integer
Number of months to retain weekly snapshots. Setting 0 will disable this rule.
minimum: 0
maximum: 36
pointInTimeWindowHours integer
Number of hours in the past for which a point-in-time snapshot can be created.
enum: 1, 2, 3, 4, 5, 6, 7, 15, 30, 60, 90, 120, 180, 360
referenceHourOfDay integer
Hour of the day to schedule snapshots using a 24-hour clock, in UTC.
minimum: 0
maximum: 23
referenceMinuteOfHour integer
Minute of the hour to schedule snapshots, in UTC.
minimum: 0
maximum: 59
snapshotIntervalHours integer
Number of hours between snapshots.
enum: 6, 8, 12, 24
snapshotRetentionDays integer
Number of days to keep recent snapshots.
minimum: 1
maximum: 365
weeklySnapshotRetentionWeeks integer
Number of weeks to retain weekly snapshots. Setting 0 will disable this rule
minimum: 0
maximum: 365
cloudManager object
configMapRef object
name string
clusterDomain string
format: hostname
clusterSpecList []object
clusterName string
ClusterName is name of the cluster where the MongoDB Statefulset will be scheduled, the name should have a one on one mapping with the service-account created in the central cluster to talk to the workload clusters.
externalAccess object
ExternalAccessConfiguration provides external access configuration for Multi-Cluster.
externalDomain string
An external domain that is used for exposing MongoDB to the outside world.
externalService object
Provides a way to override the default (NodePort) Service
annotations object
A map of annotations that shall be added to the externally available Service.
spec object
A wrapper for the Service spec object.
memberConfig []object
MemberConfig allows to specify votes, priorities and tags for each of the mongodb process.
priority string
tags object
votes integer
members integer required
Amount of members for this MongoDB Replica Set
podSpec object
persistence object
Note, that this field is used by MongoDB resources only, let's keep it here for simplicity
multiple object
data object
labelSelector object
storage string
storageClass string
journal object
labelSelector object
storage string
storageClass string
logs object
labelSelector object
storage string
storageClass string
single object
labelSelector object
storage string
storageClass string
podTemplate object
service string
this is an optional service, it will get the name "<rsName>-service" in case not provided
statefulSet object
StatefulSetConfiguration holds the optional custom StatefulSet that should be merged into the operator created one.
metadata object
StatefulSetMetadataWrapper is a wrapper around Labels and Annotations
annotations object
labels object
spec object required
connectivity object
replicaSetHorizons []object
ReplicaSetHorizons holds list of maps of horizons to be configured in each of MongoDB processes. Horizons map horizon names to the node addresses for each process in the replicaset, e.g.: [ { "internal": "my-rs-0.my-internal-domain.com:31843", "external": "my-rs-0.my-external-domain.com:21467" }, { "internal": "my-rs-1.my-internal-domain.com:31843", "external": "my-rs-1.my-external-domain.com:21467" }, ... ] The key of each item in the map is an arbitrary, user-chosen string that represents the name of the horizon. The value of the item is the host and, optionally, the port that this mongod node will be connected to from.
credentials string required
Name of the Secret holding credentials information
duplicateServiceObjects boolean
In few service mesh options for ex: Istio, by default we would need to duplicate the service objects created per pod in all the clusters to enable DNS resolution. Users can however configure their ServiceMesh with DNS proxy(https://istio.io/latest/docs/ops/configuration/traffic-management/dns-proxy/) enabled in which case the operator doesn't need to create the service objects per cluster. This options tells the operator whether it should create the service objects in all the clusters or not. By default, if not specified the operator would create the duplicate svc objects.
externalAccess object
ExternalAccessConfiguration provides external access configuration.
externalDomain string
An external domain that is used for exposing MongoDB to the outside world.
externalService object
Provides a way to override the default (NodePort) Service
annotations object
A map of annotations that shall be added to the externally available Service.
spec object
A wrapper for the Service spec object.
featureCompatibilityVersion string
logLevel string
enum: DEBUG, INFO, WARN, ERROR, FATAL
opsManager object
configMapRef object
name string
persistent boolean
prometheus object
Prometheus configurations.
metricsPath string
Indicates path to the metrics endpoint.
pattern: ^\/[a-z0-9]+$
passwordSecretRef object required
Name of a Secret containing a HTTP Basic Auth Password.
key string
Key is the key in the secret storing this password. Defaults to "password"
name string required
Name is the name of the secret storing this user's password
port integer
Port where metrics endpoint will bind to. Defaults to 9216.
tlsSecretKeyRef object
Name of a Secret (type kubernetes.io/tls) holding the certificates to use in the Prometheus endpoint.
key string
Key is the key in the secret storing this password. Defaults to "password"
name string required
Name is the name of the secret storing this user's password
username string required
HTTP Basic Auth Username for metrics endpoint.
security object
authentication object
Authentication holds various authentication related settings that affect this MongoDB resource.
agents object
Agents contains authentication configuration properties for the agents
automationLdapGroupDN string
automationPasswordSecretRef object
SecretKeySelector selects a key of a Secret.
key string required
The key of the secret to select from. Must be a valid secret key.
name string
Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional boolean
Specify whether the Secret or its key must be defined
automationUserName string
clientCertificateSecretRef object
mode string required
Mode is the desired Authentication mode that the agents will use
enabled boolean required
ignoreUnknownUsers boolean
IgnoreUnknownUsers maps to the inverse of auth.authoritativeSet
internalCluster string
ldap object
LDAP Configuration
authzQueryTemplate string
bindQueryPasswordSecretRef object
name string required
bindQueryUser string
caConfigMapRef object
Allows to point at a ConfigMap/key with a CA file to mount on the Pod
key string required
The key to select.
name string
Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional boolean
Specify whether the ConfigMap or its key must be defined
servers []string
timeoutMS integer
transportSecurity string
enum: tls, none
userCacheInvalidationInterval integer
userToDNMapping string
validateLDAPServerConfig boolean
modes []string
oidcProviderConfigs []object
Configuration for OIDC providers
audience string required
Entity that your external identity provider intends the token for. Enter the audience value from the app you registered with external Identity Provider.
authorizationMethod string required
Configure single-sign-on for human user access to deployments with Workforce Identity Federation. For programmatic, application access to deployments use Workload Identity Federation. Only one Workforce Identity Federation IdP can be configured per MongoDB resource
enum: WorkforceIdentityFederation, WorkloadIdentityFederation
authorizationType string required
Select GroupMembership to grant authorization based on IdP user group membership, or select UserID to grant an individual user authorization.
enum: GroupMembership, UserID
clientId string
Unique identifier for your registered application. Enter the clientId value from the app you registered with an external Identity Provider. Required when selected Workforce Identity Federation authorization method
configurationName string required
Unique label that identifies this configuration. It is case-sensitive and can only contain the following characters: - alphanumeric characters (combination of a to z and 0 to 9) - hyphens (-) - underscores (_)
pattern: ^[a-zA-Z0-9-_]+$
groupsClaim string
The identifier of the claim that includes the principal's IdP user group membership information. Required when selected GroupMembership as the authorization type, ignored otherwise
issuerURI string required
Issuer value provided by your registered IdP application. Using this URI, MongoDB finds an OpenID Connect Provider Configuration Document, which should be available in the /.wellknown/open-id-configuration endpoint. For MongoDB 8.0+, the combination of issuerURI and audience must be unique across OIDC provider configurations. For other MongoDB versions, the issuerURI itself must be unique.
requestedScopes []string
Tokens that give users permission to request data from the authorization endpoint. Only used for Workforce Identity Federation authorization method
userClaim string required
The identifier of the claim that includes the user principal identity. Accept the default value unless your IdP uses a different claim.
requireClientTLSAuthentication boolean
Clients should present valid TLS certificates
certsSecretPrefix string
roleRefs []object
kind string required
enum: ClusterMongoDBRole
name string required
roles []object
authenticationRestrictions []object
clientSource []string
serverAddress []string
db string required
privileges []object
actions []string required
resource object required
cluster boolean
collection string
db string
role string required
roles []object
db string required
role string required
tls object
additionalCertificateDomains []string
ca string
CA corresponds to a ConfigMap containing an entry for the CA certificate (ca.pem) used to validate the certificates created already.
enabled boolean
DEPRECATED please enable TLS by setting `security.certsSecretPrefix` or `security.tls.secretRef.prefix`. Enables TLS for this resource. This will make the operator try to mount a Secret with a defined name (<resource-name>-cert). This is only used when enabling TLS on a MongoDB resource, and not on the AppDB, where TLS is configured by setting `secretRef.Name`.
statefulSet object
StatefulSetConfiguration provides the statefulset override for each of the cluster's statefulset if "StatefulSetConfiguration" is specified at cluster level under "clusterSpecList" that takes precedence over the global one
metadata object
StatefulSetMetadataWrapper is a wrapper around Labels and Annotations
annotations object
labels object
spec object required
topology string
Topology sets the desired cluster topology of MongoDB resources It defaults (if empty or not set) to SingleCluster. If MultiCluster specified, then clusterSpecList field is mandatory and at least one member cluster has to be specified.
enum: SingleCluster, MultiCluster
type string required
enum: Standalone, ReplicaSet, ShardedCluster
version string required
pattern: ^[0-9]+.[0-9]+.[0-9]+(-.+)?$|^$
status object
backup object
statusName string required
clusterStatusList object
ClusterStatusList holds a list of clusterStatuses corresponding to each cluster
clusterStatuses []object
clusterName string
ClusterName is name of the cluster where the MongoDB Statefulset will be scheduled, the name should have a one on one mapping with the service-account created in the central cluster to talk to the workload clusters.
lastTransition string
members integer
message string
observedGeneration integer
format: int64
phase string required
pvc []object
phase string required
statefulsetName string required
resourcesNotReady []object
errors []object
message string
reason string
kind string required
ResourceKind specifies a kind of a Kubernetes resource. Used in status of a Custom Resource
message string
name string required
warnings []string
featureCompatibilityVersion string
lastTransition string
link string
message string
observedGeneration integer
format: int64
phase string required
pvc []object
phase string required
statefulsetName string required
resourcesNotReady []object
errors []object
message string
reason string
kind string required
ResourceKind specifies a kind of a Kubernetes resource. Used in status of a Custom Resource
message string
name string required
version string required
warnings []string
Copied!