MongoDB Enterprise Kubernetes Operator 1.2.3

• Update: The MongoDB Enterprise Kubernetes Operator will remove support for multiple clusters per project in a future release. If a project contains more than one cluster, a warning will be added to the status of the MongoDB Resources. Additionally, any new cluster being added to a non-empty project will result in a Failed state, and won’t be processed.
• Fix: The overall stability of the operator has been improved. The operator is now more conservative in resource updates both on Kubernetes and Cloud Manager or Ops Manager.

MongoDB Enterprise Kubernetes Operator 1.2.2

• Security Fix: Clusters configured by Operator versions 1.0-1.2.1 used an insufficiently-strong keyfile for internal cluster authentication between mongoDs. This only affects clusters which are using x509 for user-authentication, but are not using x509 for internal cluster authentication. Users are advised to upgrade to 1.2.2, which will replace all managed keyfiles.

• Security Fix: Clusters configured by with Operator versions 1.0-1.2.1 used an insufficiently-strong password to authenticate the MongoDB Agent. This only affects clusters which have been manually configured to enable SCRAM-SHA1, which is not a supported configuration. Users are advised to upgrade to 1.2.2, which will reset these passwords.

MongoDB Enterprise Kubernetes Operator 1.2.1

• Fixed bug which caused the Operator to incorrectly generate CSRs for agent x509 certificates when approved CSRs have been deleted

• If the OPERATOR_ENV environment variable is set to something unrecognized by the Operator, it will no longer result in a "CrashLoopBackOff" of the pod. A default value of "prod" is used.

• The Operator now supports more than 100 agents in a given project

MongoDB Enterprise Kubernetes Operator 1.2

• A new Resource, MongoDBOpsManager has been added to allow Ops Manager 4.2 to be deployed into your Kubernetes cluster. This feature is in alpha stage.
• A Readiness Probe has been added to the MongoDB Pods to make rolling upgrades more reliable.

MongoDB Enterprise Kubernetes Operator 1.1

• Fixed sample yaml files, in particular, the attribute related to featureCompatibilityVersion
• Fixed a bug that will not allow for TLS to be disabled in a deployment
• Added script (under the "support" directory) that can be used to gather information of your MongoDB resources in Kubernetes
• In a TLS environment, the operator can now use a custom Certificate Authority. All the certificates need to be passed in the form of Secret Kubernetes objects

MongoDB Enterprise Kubernetes Operator 1.0

The MongoDB Enterprise Kubernetes Operator is now Generally Available and is ready to be used in production environments

Supported Kubernetes Distributions:

• Kubernetes v1.11+

If you have any questions regarding this release, reach us out at #enterprise-kubernetes Slack channel.

The MongoDB Enterprise Kubernetes Operator can be used to provision any kind of MongoDB deployment in the Kubernetes Cluster of your organization:

• Standalone
• Replica Set
• Sharded Cluster

The Operator can automatically configure TLS on the MongoDB deployments and have all traffic encrypted, with servers and clients being able to verify each other’s identities.

It can manage MongoDB Users as well, enabling connections to your databases using x509 authentication.

Documentation on how to install and configure the Operator can be found here.

MongoDB Enterprise Kubernetes Operator 0.12

• Rolling upgrade of MongoDB resource ensures that rs.stepDown() is called for primary member (requires MongoDB version >= 4.0.8 or 4.1.10)
• During a MongoDB Major update, the featureCompatibilityVersion field can be set
• Fixed a bug when replicas with more than 7 members could not be created
• x509 Authentication can be enabled at a Project level. Requires Ops Manager >= 4.0.11 or Cloud Manager
• Internal Cluster Authentication based on x509 can be enabled at a Deployment level
• MongoDB Users with x509 authentication can be created, using the new MongoDBUser Custom Resource

MongoDB Enterprise Kubernetes Operator 0.11

• NodePort service creation can be disabled.
• TLS can be enabled for internal authentication between the MongoDB members in Replica Sets and Sharded Clusters. The TLS certificates will be created automatically by the Operator. Please refer to the sample yaml files on samples/extended directory for a full set of examples on how to achieve this.
• Wide (or asterisk) roles have been replaced with strict listing of verbs in roles.yaml
• Printing mdb objects with kubectl will give more information about the MongoDB object (type, state and MongoDB Server version)

Docker Images
A list of the packages installed, and any security vulnerabilities detected in our build process, are outlined here

• For the MongoDB Enterprise Operator
  https://quay.io/repository/mongodb/mongodb-enterprise-operator?tab=tags

• For the MongoDB Enterprise Database
  https://quay.io/repository/mongodb/mongodb-enterprise-database?tab=tags

MongoDB Enterprise Kubernetes Operator 0.10

• The Operator and Database images are now based on ubuntu:16.04
• The Operator now uses a single CustomResourceDefinition MongoDB instead of MongoDbReplicaSet, MongoDbShardedCluster and MongoDbStandalone
  • It's important to follow the upgrade procedure described here to transfer existing MongoDbReplicaSet, MongoDbShardedCluster and MongoDbStandalone resources to the new format

A list of the packages installed, and any security vulnerabilities detected in our build process, are outlined here:

• For the MongoDB Enterprise Operator
  https://quay.io/repository/mongodb/mongodb-enterprise-operator?tab=tags
• And for the MongoDB Enterprise Database
  https://quay.io/repository/mongodb/mongodb-enterprise-database?tab=tags

MongoDB Enterprise Kubernetes Operator 0.9

• The Operator and Database images are now based on debian:stretch-slim which is the latest and up-to-date Docker image for Debian 9.