MongoDB Kubernetes Operator

MongoDB Kubernetes Operator 0.9.0

MongoDBCommunity Resource

• Changes
  • Introduced support for Mongodb7
  • Upgrading Kubernetes APIs to 1.26

Updated Image Tags

mongodb-kubernetes-operator:0.9.0

MongoDB Kubernetes Operator

MongoDB Kubernetes Operator 0.8.3

MongoDBCommunity Resource

• Changes
  • Introduced support for X.509 authentication for client and agent
    • spec.security.authentication.modes now supports value X509
    • The agent authentication mode will default to the value in spec.security.authentication.modes if there is only one specified.
    • Otherwise, agent authentication will need to be specified through spec.security.authentication.agentMode.
    • When agent authentication is set to X509, the field spec.security.authentication.agentCertificateSecretRef can be set (default is agent-certs).
    • The secret that agentCertificateSecretRef points to should contain a signed X.509 certificate (under the tls.crt key) and a private key (under tls.key) for the agent.
    • X.509 users can be added the same way as before under spec.users. The db field must be set to $external for X.509 authentication.
    • For these users, scramCredentialsSecretName and passwordSecretRef should not be set.
    • Sample resource yaml
    • Sample agent certificate yaml
  • Add support for configuring logRotate on the automation-agent. The settings can be found under processes[n].logRotate.<setting>.
  • Additionally, systemLog can now be configured. In particular the settings: path, destination and logAppend.
  • MongoDB 7.0.0 and onwards is not supported. Supporting it requires a newer Automation Agent version. Until a new version is available, the Operator will fail all deployments with this version. To ignore this error and force the Operator to reconcile these resources, use IGNORE_MDB_7_ERROR environment variable and set it to true.
  • Introduced support for ARM64 architecture
    • A manifest supporting both AMD64 and ARCH64 architectures is released for each version.
  • ubuntu based images are deprecated, users should move to ubi images next release.

Updated Image Tags

• mongodb-kubernetes-operator:0.8.3

All the images can be found in:

https://quay.io/mongodb
https://hub.docker.com/r/mongodb/mongodb-community-server

MongoDB Kubernetes Operator

MongoDB Kubernetes Operator 0.8.2

Kubernetes Operator

• Changes
  • Fix a bug when overriding tolerations causing an endless reconciliation loop (1344).

Updated Image Tags

• mongodb-kubernetes-operator:0.8.2
• mongodb-agent:12.0.25.7724-1

All the images can be found in:

https://quay.io/mongodb
https://hub.docker.com/r/mongodb/mongodb-community-server

MongoDB Kubernetes Operator

MongoDB Kubernetes Operator 0.8.1

MongoDBCommunity Resource

• Changes
  • Connection string options
    • The MongoDBCommunity Resource now contains a new field additionalConnectionStringConfig where connection string options can be set, and they will apply to the connection string of every user.
    • Each user in the resource contains the same field additionalConnectionStringConfig and these options apply only for this user and will override any existing options in the resource.
    • The following options will be ignored replicaSet, tls, ssl, as they are set through other means.
    • Sample
  • Improved Readiness Probe stability
  • Support for Label and Annotations Wrapper
    • Additionally to the specWrapper for statefulsets we now support overriding metadata.Labels and metadata.Annotations via the MetadataWrapper.
    • Sample

Updated Image Tags

• mongodb-kubernetes-operator:0.8.1
• mongodb-agent:12.0.24.7719-1
• mongodb-kubernetes-readinessprobe:1.0.15

All the images can be found in:

https://quay.io/mongodb
https://hub.docker.com/r/mongodb/mongodb-community-server

MongoDB Kubernetes Operator

MongoDB Kubernetes Operator 0.8.0

Kubernetes Operator

• Changes

  • The Operator now uses the official MongoDB Community Server images.
    It is still possible to use the Docker Inc. images by altering the JSON configuration file:

          mongodb_image_name=mongo
          mongodb_image_repo_url=docker.io
    

    Alternatively, it is possible to the Operator environmental variables to:

          MONGODB_IMAGE=mongo
          MONGODB_REPO_URL=docker.io
    

    The upgrade process for the official MongoDB images is automatic when using the default settings provided by both,
    kubectl and Helm
    operator installation methods. Once the Operator boots up, it will replace image tags in the StatefulSets. If however,
    you're using customized deployments (by modifying MONGODB_IMAGE or MONGODB_REPO_URL environment variable in the Operator
    Deployment), please check if your settings are correct and if they are pointing to the right coordinates. The Operator
    still provides basic backwards compatibility with previous images (docker.io/mongo).

• mongodb-readiness-hook and mongodb-version-upgrade-hook images are now rebuilt daily, incorporating updates to system packages and security fixes. The binaries are built only once during the release process and used without changes in daily rebuilt

Updated Image Tags

• mongodb-kubernetes-operator:0.8.0
• mongodb-agent:12.0.21.7698-1
• mongodb-kubernetes-readinessprobe:1.0.14
• mongodb-kubernetes-operator-version-upgrade-post-start-hook:1.0.7

All the images can be found in:

https://quay.io/mongodb
https://hub.docker.com/r/mongodb/mongodb-community-server

MongoDB Kubernetes Operator

MongoDB Kubernetes Operator 0.7.9

Kubernetes Operator

• Changes
  • Fixes a bug where the readiness probe would panic if the health-status file is missing.
  • Make automation agent log level configurable.

Updated Image Tags

• mongodb-kubernetes-operator:0.7.9
• mongodb-agent:12.0.15.7646-1
• mongodb-kubernetes-readinessprobe:1.0.13
• mongodb-kubernetes-operator-version-upgrade-post-start-hook:1.0.6

All the images can be found in:

https://quay.io/mongodb

MongoDB Kubernetes Operator

MongoDB Kubernetes Operator 0.7.8

Kubernetes Operator

• Changes
  • Fix a StatefulSet controller race condition with the mongodb-agent
  • Fix merging label selectors when source is nil
  • Improve logging verbosity

Updated Image Tags

• mongodb-kubernetes-operator:0.7.8
• mongodb-agent:12.0.15.7646-1
• mongodb-kubernetes-readinessprobe:1.0.12
• mongodb-kubernetes-operator-version-upgrade-post-start-hook:1.0.6

All the images can be found in:

https://quay.io/mongodb

MongoDB Kubernetes Operator

MongoDB Kubernetes Operator 0.7.7

WARNING
The default values file in the helm chart for this release of the MongoDB Kubernetes Community Operator points to an older operator image: 0.7.6. Please use a newer version of the chart.

Kubernetes Operator

• Changes
  • Fix TLS configuration to allow enabling both server encryption and secure Prometheus connections (#1127)
  • Fix TLS validation to correctly indicate an incomplete configuration

Updated Image Tags

• mongodb-kubernetes-operator:0.7.7
• mongodb-agent:12.0.15.7646-1
• mongodb-kubernetes-readinessprobe:1.0.12
• mongodb-kubernetes-operator-version-upgrade-post-start-hook:1.0.6

All the images can be found in:

https://quay.io/mongodb

MongoDB Kubernetes Operator

MongoDB Kubernetes Operator 0.7.6

Kubernetes Operator

• Changes
  • mongodb-kubernetes-operator image is now rebuilt daily, incorporating updates to system packages and security fixes. The operator binary is built only once during the release process and used without changes in daily rebuild.
  • Improved security by introducing readOnlyRootFilesystem property to all deployed containers. This change also introduces a few additional volumes and volume mounts.
  • Improved security by introducing allowPrivilegeEscalation set to false for all containers.

Updated Image Tags

• mongodb-kubernetes-operator:0.7.6
• mongodb-agent:12.0.10.7591-1
• mongodb-kubernetes-readinessprobe:1.0.11
• mongodb-kubernetes-operator-version-upgrade-post-start-hook:1.0.5

All the images can be found in:

https://quay.io/mongodb

MongoDB Kubernetes Operator

MongoDB Kubernetes Operator 0.7.5

Upgrade breaking change notice

Versions 0.7.3, 0.7.4 have an issue that breaks deployment of MongoDB replica set when:

• TLS is enabled
• Replica set was deployed using the operator with version <=0.7.2

If above conditions are met, it is strongly advised to upgrade the MongoDB Kubernetes Operator to version 0.7.5 or higher.

Kubernetes Operator

• Bug fixes

  • Fixed ignoring changes to existing volumes in the StatefulSet, i.e. changes of the volumes' underlying secret. This could cause that TLS enabled MongoDB deployment was not able to locate TLS certificates when upgrading the operator to versions 0.7.3 or 0.7.4.

• Security fixes

  • The operator, readiness and versionhook binaries are now built with 1.18.5 which addresses security issues.