MongoDBCommunity
mongodbcommunity.mongodb.com / v1
apiVersion: mongodbcommunity.mongodb.com/v1
kind: MongoDBCommunity
metadata:
name: example
apiVersion
string
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
kind
string
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
metadata
object
spec object
MongoDBCommunitySpec defines the desired state of MongoDB
additionalConnectionStringConfig
object
Additional options to be appended to the connection string. These options apply to the entire resource and to each user.
additionalMongodConfig
object
AdditionalMongodConfig is additional configuration that can be passed to
each data-bearing mongod at runtime. Uses the same structure as the mongod
configuration file: https://www.mongodb.com/docs/manual/reference/configuration-options/
agent object
AgentConfiguration sets options for the MongoDB automation agent
auditLogRotate object
AuditLogRotate if enabled, will enable AuditLogRotate for all processes.
includeAuditLogsWithMongoDBLogs
boolean
set to 'true' to have the Automation Agent rotate the audit files along
with mongodb log files
numTotal
integer
maximum number of log files to have total
numUncompressed
integer
maximum number of log files to leave uncompressed
percentOfDiskspace
string
Maximum percentage of the total disk space these log files should take up.
The string needs to be able to be converted to float64
sizeThresholdMB
string required
Maximum size for an individual log file before rotation.
The string needs to be able to be converted to float64.
Fractional values of MB are supported.
timeThresholdHrs
integer required
maximum hours for an individual log file before rotation
logFile
string
logLevel
string
logRotate object
LogRotate if enabled, will enable LogRotate for all processes.
includeAuditLogsWithMongoDBLogs
boolean
set to 'true' to have the Automation Agent rotate the audit files along
with mongodb log files
numTotal
integer
maximum number of log files to have total
numUncompressed
integer
maximum number of log files to leave uncompressed
percentOfDiskspace
string
Maximum percentage of the total disk space these log files should take up.
The string needs to be able to be converted to float64
sizeThresholdMB
string required
Maximum size for an individual log file before rotation.
The string needs to be able to be converted to float64.
Fractional values of MB are supported.
timeThresholdHrs
integer required
maximum hours for an individual log file before rotation
maxLogFileDurationHours
integer
systemLog object
SystemLog configures system log of mongod
destination
string required
logAppend
boolean required
path
string required
arbiters
integer
Arbiters is the number of arbiters to add to the Replica Set.
It is not recommended to have more than one arbiter per Replica Set.
More info: https://www.mongodb.com/docs/manual/tutorial/add-replica-set-arbiter/
automationConfig object
AutomationConfigOverride is merged on top of the operator created automation config. Processes are merged
by name. Currently Only the process.disabled field is supported.
processes []object
disabled
boolean required
logRotate object
CrdLogRotate is the crd definition of LogRotate including fields in strings while the agent supports them as float64
includeAuditLogsWithMongoDBLogs
boolean
set to 'true' to have the Automation Agent rotate the audit files along
with mongodb log files
numTotal
integer
maximum number of log files to have total
numUncompressed
integer
maximum number of log files to leave uncompressed
percentOfDiskspace
string
Maximum percentage of the total disk space these log files should take up.
The string needs to be able to be converted to float64
sizeThresholdMB
string required
Maximum size for an individual log file before rotation.
The string needs to be able to be converted to float64.
Fractional values of MB are supported.
timeThresholdHrs
integer required
maximum hours for an individual log file before rotation
name
string required
replicaSet object
id
string
Id can be used together with additionalMongodConfig.replication.replSetName
to manage clusters where replSetName differs from the MongoDBCommunity resource name
settings
object
MapWrapper is a wrapper for a map to be used by other structs.
The CRD generator does not support map[string]interface{}
on the top level and hence we need to work around this with
a wrapping struct.
clusterDomain
string
format:
hostname
featureCompatibilityVersion
string
FeatureCompatibilityVersion configures the feature compatibility version that will
be set for the deployment
memberConfig []object
MemberConfig
priority
string
tags
object
votes
integer
members
integer
Members is the number of members in the replica set
prometheus object
Prometheus configurations.
metricsPath
string
Indicates path to the metrics endpoint.
pattern:
^\/[a-z0-9]+$passwordSecretRef object required
Name of a Secret containing a HTTP Basic Auth Password.
key
string
Key is the key in the secret storing this password. Defaults to "password"
name
string required
Name is the name of the secret storing this user's password
port
integer
Port where metrics endpoint will bind to. Defaults to 9216.
tlsSecretKeyRef object
Name of a Secret (type kubernetes.io/tls) holding the certificates to use in the
Prometheus endpoint.
key
string
Key is the key in the secret storing this password. Defaults to "password"
name
string required
Name is the name of the secret storing this user's password
username
string required
HTTP Basic Auth Username for metrics endpoint.
replicaSetHorizons
[]object
ReplicaSetHorizons Add this parameter and values if you need your database
to be accessed outside of Kubernetes. This setting allows you to
provide different DNS settings within the Kubernetes cluster and
to the Kubernetes cluster. The Kubernetes Operator uses split horizon
DNS for replica set members. This feature allows communication both
within the Kubernetes cluster and from outside Kubernetes.
security object required
Security configures security features, such as TLS, and authentication settings for a deployment
authentication object
agentCertificateSecretRef object
AgentCertificateSecret is a reference to a Secret containing the certificate and the key for the automation agent
The secret needs to have available:
- certificate under key: "tls.crt"
- private key under key: "tls.key"
If additionally, tls.pem is present, then it needs to be equal to the concatenation of tls.crt and tls.key
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
agentMode
string
AgentMode contains the authentication mode used by the automation agent.
enum:
SCRAM, SCRAM-SHA-256, SCRAM-SHA-1, X509
ignoreUnknownUsers
boolean
modes
[]string required
Modes is an array specifying which authentication methods should be enabled.
roles []object
User-specified custom MongoDB roles that should be configured in the deployment.
authenticationRestrictions []object
The authentication restrictions the server enforces on the role.
clientSource
[]string required
serverAddress
[]string required
db
string required
The database of the role.
privileges []object required
The privileges to grant the role.
actions
[]string required
resource object required
Resource specifies specifies the resources upon which a privilege permits actions.
See https://www.mongodb.com/docs/manual/reference/resource-document for more.
anyResource
boolean
cluster
boolean
collection
string
db
string
role
string required
The name of the role.
roles []object
An array of roles from which this role inherits privileges.
db
string required
DB is the database the role can act on
name
string required
Name is the name of the role
tls object
TLS configuration for both client-server and server-server communication
caCertificateSecretRef object
CaCertificateSecret is a reference to a Secret containing the certificate for the CA which signed the server certificates
The certificate is expected to be available under the key "ca.crt"
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
caConfigMapRef object
CaConfigMap is a reference to a ConfigMap containing the certificate for the CA which signed the server certificates
The certificate is expected to be available under the key "ca.crt"
This field is ignored when CaCertificateSecretRef is configured
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
certificateKeySecretRef object
CertificateKeySecret is a reference to a Secret containing a private key and certificate to use for TLS.
The key and cert are expected to be PEM encoded and available at "tls.key" and "tls.crt".
This is the same format used for the standard "kubernetes.io/tls" Secret type, but no specific type is required.
Alternatively, an entry tls.pem, containing the concatenation of cert and key, can be provided.
If all of tls.pem, tls.crt and tls.key are present, the tls.pem one needs to be equal to the concatenation of tls.crt and tls.key
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
enabled
boolean required
optional
boolean
Optional configures if TLS should be required or optional for connections
statefulSet object
StatefulSetConfiguration holds the optional custom StatefulSet
that should be merged into the operator created one.
metadata object
StatefulSetMetadataWrapper is a wrapper around Labels and Annotations
annotations
object
labels
object
spec
object required
type
string required
Type defines which type of MongoDB deployment the resource should create
enum:
ReplicaSetusers []object required
Users specifies the MongoDB users that should be configured in your deployment
additionalConnectionStringConfig
object
Additional options to be appended to the connection string.
These options apply only to this user and will override any existing options in the resource.
connectionStringSecretAnnotations
object
ConnectionStringSecretAnnotations is the annotations of the secret object created by the operator which exposes the connection strings for the user.
connectionStringSecretName
string
ConnectionStringSecretName is the name of the secret object created by the operator which exposes the connection strings for the user.
If provided, this secret must be different for each user in a deployment.
connectionStringSecretNamespace
string
ConnectionStringSecretNamespace is the namespace of the secret object created by the operator which exposes the connection strings for the user.
db
string
DB is the database the user is stored in. Defaults to "admin"
name
string required
Name is the username of the user
passwordSecretRef object
PasswordSecretRef is a reference to the secret containing this user's password
key
string
Key is the key in the secret storing this password. Defaults to "password"
name
string required
Name is the name of the secret storing this user's password
roles []object required
Roles is an array of roles assigned to this user
db
string required
DB is the database the role can act on
name
string required
Name is the name of the role
scramCredentialsSecretName
string
ScramCredentialsSecretName appended by string "scram-credentials" is the name of the secret object created by the mongoDB operator for storing SCRAM credentials
These secrets names must be different for each user in a deployment.
pattern:
^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
version
string
Version defines which version of MongoDB will be used
status object
MongoDBCommunityStatus defines the observed state of MongoDB
currentMongoDBArbiters
integer
currentMongoDBMembers
integer required
currentStatefulSetArbitersReplicas
integer
currentStatefulSetReplicas
integer required
message
string
mongoUri
string required
phase
string required
version
string
No matches. Try .spec.additionalConnectionStringConfig for an exact path