MongoDB Kubernetes Operator

MongoDB Kubernetes Operator 0.11.0

Migrating agent images to UBI base image

All agent images names were updated to reference the UBI base image

Documentation improvements

Improvements were made to the documentation of using the community operator as well as the one for local development.

Logging changes

• The field spec.agent.logRotate was deprecated and the spec.agent.auditLogRotate field was added to AgentConfiguration

Bug Fixes

• Deletion of a user from the resource now fully removes that user from the deployments it had access to, and deletes the connection string Kubernetes secret for that user
• Scram secret name collisions will now be identified and result in an error

Important Bumps

• Bumped Go to 1.22

MongoDB Kubernetes Operator

MongoDB Kubernetes Operator 0.10.0

Released images signed

All container images published for the community operator are signed with our private key. This is visible on our Quay registry. Signature can be verified using our public key, which is available at this address.

Logging changes

• The agent logging can be configured to stdout
• ReadinessProbe logging configuration can now be configured
• More can be found here.

Overriding Mongod settings via the CRD

• Example can be found here.

ReadinessProbe error logging

• fixed a red herring which caused the probe to panic when the health status is not available. Instead it will just log the error

Important Bumps

• Bumped K8S libs to 1.27

MongoDB Kubernetes Operator

MongoDB Kubernetes Operator 0.9.0

MongoDBCommunity Resource

• Changes
  • Introduced support for Mongodb7
  • Upgrading Kubernetes APIs to 1.26

Updated Image Tags

mongodb-kubernetes-operator:0.9.0

MongoDB Kubernetes Operator

MongoDB Kubernetes Operator 0.8.3

MongoDBCommunity Resource

• Changes
  • Introduced support for X.509 authentication for client and agent
    • spec.security.authentication.modes now supports value X509
    • The agent authentication mode will default to the value in spec.security.authentication.modes if there is only one specified.
    • Otherwise, agent authentication will need to be specified through spec.security.authentication.agentMode.
    • When agent authentication is set to X509, the field spec.security.authentication.agentCertificateSecretRef can be set (default is agent-certs).
    • The secret that agentCertificateSecretRef points to should contain a signed X.509 certificate (under the tls.crt key) and a private key (under tls.key) for the agent.
    • X.509 users can be added the same way as before under spec.users. The db field must be set to $external for X.509 authentication.
    • For these users, scramCredentialsSecretName and passwordSecretRef should not be set.
    • Sample resource yaml
    • Sample agent certificate yaml
  • Add support for configuring logRotate on the automation-agent. The settings can be found under processes[n].logRotate.<setting>.
  • Additionally, systemLog can now be configured. In particular the settings: path, destination and logAppend.
  • MongoDB 7.0.0 and onwards is not supported. Supporting it requires a newer Automation Agent version. Until a new version is available, the Operator will fail all deployments with this version. To ignore this error and force the Operator to reconcile these resources, use IGNORE_MDB_7_ERROR environment variable and set it to true.
  • Introduced support for ARM64 architecture
    • A manifest supporting both AMD64 and ARCH64 architectures is released for each version.
  • ubuntu based images are deprecated, users should move to ubi images next release.

Updated Image Tags

• mongodb-kubernetes-operator:0.8.3

All the images can be found in:

https://quay.io/mongodb
https://hub.docker.com/r/mongodb/mongodb-community-server

MongoDB Kubernetes Operator

MongoDB Kubernetes Operator 0.8.2

Kubernetes Operator

• Changes
  • Fix a bug when overriding tolerations causing an endless reconciliation loop (1344).

Updated Image Tags

• mongodb-kubernetes-operator:0.8.2
• mongodb-agent:12.0.25.7724-1

All the images can be found in:

https://quay.io/mongodb
https://hub.docker.com/r/mongodb/mongodb-community-server

MongoDB Kubernetes Operator

MongoDB Kubernetes Operator 0.8.1

MongoDBCommunity Resource

• Changes
  • Connection string options
    • The MongoDBCommunity Resource now contains a new field additionalConnectionStringConfig where connection string options can be set, and they will apply to the connection string of every user.
    • Each user in the resource contains the same field additionalConnectionStringConfig and these options apply only for this user and will override any existing options in the resource.
    • The following options will be ignored replicaSet, tls, ssl, as they are set through other means.
    • Sample
  • Improved Readiness Probe stability
  • Support for Label and Annotations Wrapper
    • Additionally to the specWrapper for statefulsets we now support overriding metadata.Labels and metadata.Annotations via the MetadataWrapper.
    • Sample

Updated Image Tags

• mongodb-kubernetes-operator:0.8.1
• mongodb-agent:12.0.24.7719-1
• mongodb-kubernetes-readinessprobe:1.0.15

All the images can be found in:

https://quay.io/mongodb
https://hub.docker.com/r/mongodb/mongodb-community-server

MongoDB Kubernetes Operator

MongoDB Kubernetes Operator 0.8.0

Kubernetes Operator

• Changes

  • The Operator now uses the official MongoDB Community Server images.
    It is still possible to use the Docker Inc. images by altering the JSON configuration file:

          mongodb_image_name=mongo
          mongodb_image_repo_url=docker.io
    

    Alternatively, it is possible to the Operator environmental variables to:

          MONGODB_IMAGE=mongo
          MONGODB_REPO_URL=docker.io
    

    The upgrade process for the official MongoDB images is automatic when using the default settings provided by both,
    kubectl and Helm
    operator installation methods. Once the Operator boots up, it will replace image tags in the StatefulSets. If however,
    you're using customized deployments (by modifying MONGODB_IMAGE or MONGODB_REPO_URL environment variable in the Operator
    Deployment), please check if your settings are correct and if they are pointing to the right coordinates. The Operator
    still provides basic backwards compatibility with previous images (docker.io/mongo).

• mongodb-readiness-hook and mongodb-version-upgrade-hook images are now rebuilt daily, incorporating updates to system packages and security fixes. The binaries are built only once during the release process and used without changes in daily rebuilt

Updated Image Tags

• mongodb-kubernetes-operator:0.8.0
• mongodb-agent:12.0.21.7698-1
• mongodb-kubernetes-readinessprobe:1.0.14
• mongodb-kubernetes-operator-version-upgrade-post-start-hook:1.0.7

All the images can be found in:

https://quay.io/mongodb
https://hub.docker.com/r/mongodb/mongodb-community-server

MongoDB Kubernetes Operator

MongoDB Kubernetes Operator 0.7.9

Kubernetes Operator

• Changes
  • Fixes a bug where the readiness probe would panic if the health-status file is missing.
  • Make automation agent log level configurable.

Updated Image Tags

• mongodb-kubernetes-operator:0.7.9
• mongodb-agent:12.0.15.7646-1
• mongodb-kubernetes-readinessprobe:1.0.13
• mongodb-kubernetes-operator-version-upgrade-post-start-hook:1.0.6

All the images can be found in:

https://quay.io/mongodb

MongoDB Kubernetes Operator

MongoDB Kubernetes Operator 0.7.8

Kubernetes Operator

• Changes
  • Fix a StatefulSet controller race condition with the mongodb-agent
  • Fix merging label selectors when source is nil
  • Improve logging verbosity

Updated Image Tags

• mongodb-kubernetes-operator:0.7.8
• mongodb-agent:12.0.15.7646-1
• mongodb-kubernetes-readinessprobe:1.0.12
• mongodb-kubernetes-operator-version-upgrade-post-start-hook:1.0.6

All the images can be found in:

https://quay.io/mongodb

MongoDB Kubernetes Operator

MongoDB Kubernetes Operator 0.7.7

WARNING
The default values file in the helm chart for this release of the MongoDB Kubernetes Community Operator points to an older operator image: 0.7.6. Please use a newer version of the chart.

Kubernetes Operator

• Changes
  • Fix TLS configuration to allow enabling both server encryption and secure Prometheus connections (#1127)
  • Fix TLS validation to correctly indicate an incomplete configuration

Updated Image Tags

• mongodb-kubernetes-operator:0.7.7
• mongodb-agent:12.0.15.7646-1
• mongodb-kubernetes-readinessprobe:1.0.12
• mongodb-kubernetes-operator-version-upgrade-post-start-hook:1.0.6

All the images can be found in:

https://quay.io/mongodb