/ /

Custom Resources

Docs Home

Management

Atlas Kubernetes Operator

Custom Resources

Docs Home

Management

Atlas Kubernetes Operator

Custom Resources

`AtlasPrivateEndpoint` Custom Resource

Important

Legacy subresources are deprecated as of the release of their corresponding CRDs. If your configuration currently relies on the subresource form of this resource definition, migrate to a CRD.

The AtlasPrivateEndpoint custom resource configures a private endpoint for a Atlas project. This allows you to connect your cloud provider to Atlas without sending information through a public network. Private endpoints are unidirectional connections to Atlas from your virtual network.

Important

Custom Resources No Longer Delete Objects by Default

Atlas Kubernetes Operator uses custom resource configuration files to manage your Atlas configuration, but as of Atlas Kubernetes Operator 2.0, custom resources you delete in Kubernetes are no longer (by default) deleted in Atlas. Instead, Atlas Kubernetes Operator simply stops managing those resources in Atlas. For example, if you delete an AtlasProject Custom Resource in Kubernetes, by default the Atlas Kubernetes Operator no longer automatically deletes the corresponding project from Atlas. This change in behavior is intended to help prevent accidental or unexpected deletions. To learn more, including how to revert this behavior to the default used prior to Atlas Kubernetes Operator 2.0, see New Default: Deletion Protection in Atlas Kubernetes Operator 2.0.
Similarly, Atlas Kubernetes Operator does not delete teams from Atlas if you remove them from an Atlas project in Kubernetes with the Atlas Kubernetes Operator.

Explicitly define your desired configuration details in order to avoid implicitly using default Atlas configuration values. In some cases, inheriting Atlas defaults may result in a reconciliation loop which can prevent your custom resource from achieving a READY state. For example, explicitly defining your desired autoscaling behavior in your AtlasDeployment custom resource, as shown in the included example, ensures that a static instance size in your custom resource is not being repeatedly applied to an Atlas deployment which has autoscaling enabled.

autoScaling:
  diskGB:
    enabled: true
  compute:
    enabled: true
    scaleDownEnabled: true
    minInstanceSize: M30
    maxInstanceSize: M40

Atlas Kubernetes Operator takes one of the following actions using the Atlas Private Endpoint Service API Resource:

Creates a new private endpoint service.
Updates an existing private endpoint service.

To learn more about implementing private endpoints in Atlas Kubernetes Operator, see Manage Private Endpoints.

Examples

Basic Example

The following example shows an AtlasPrivateEndpoint custom resoure that defines an AWS private endpoint within the my-project project.

apiVersion: atlas.mongodb.com/v1
kind: AtlasPrivateEndpoint
metadata:
 name: my-atlas-pe1
spec:
  projectRef:
    name: my-project
    namespace: my-operator-namespace
  provider: AWS
  region: US_EAST_1
  awsConfiguration:
    - id: vpcpe-xyz

Independent CRD Example

The following example shows an AtlasPrivateEndpoint independent CRD that defines the same private endpoint defined in the Basic Example. This custom resource definition allows you to create this private endpoint in a project you don't manage in the same instance of Atlas Kubernetes Operator with which you define this resource. To enable independent operation, you must use an externalProjectRef instead of a projectRef, and you must supply a connectionSecret directly since this resource can't inherit API credentials from its parent project.

apiVersion: atlas.mongodb.com/v1
kind: AtlasPrivateEndpoint
metadata:
 name: my-atlas-pe1
spec:
  externalProjectRef:
    projectID: 66e2f2b621571b7e69a89b66
  connectionSecret:
    name: atlas-connection-secret
  provider: AWS
  region: US_EAST_1
  awsConfiguration:
    - id: vpcpe-xyz

Parameters

AtlasPrivateEndpoint

The AtlasPrivateEndpoint custom resource definition (CRD) defines a desired Private Endpoint configuration for an Atlas project. It allows a private connection between your cloud provider and Atlas that doesn't send information through a public network.

You can use private endpoints to create a unidirectional connection to Atlas clusters from your virtual network.

`Name`	Type	Description	Required
`apiVersion`	string	atlas.mongodb.com/v1	true
`kind`	string	`AtlasPrivateEndpoint`	true
`metadata`	object	Refer to the Kubernetes `API` documentation for the fields of the `metadata` field.	true
`spec`	object	`AtlasPrivateEndpointSpec` is the specification of the desired configuration of a project private endpoint Validations: (has(self.``externalProjectRef``) && !has(self.``projectRef``)) \|\| (!has(self.``externalProjectRef``) && has(self.``projectRef``)): must define only one project reference through `externalProjectRef` or `projectRef` (has(self.``externalProjectRef``) && has(self.``connectionSecret``)) \|\| !has(self.``externalProjectRef``): must define a local connection secret when referencing an external project	false
`status`	object	`AtlasPrivateEndpointStatus` is the most recent observed `status` of the `AtlasPrivateEndpoint` cluster. Read-only.	false

AtlasPrivateEndpoint.spec

AtlasPrivateEndpointSpec is the specification of the desired configuration of a project private endpoint

`Name`	Type	Description	Required
`provider`	enum	Name of the cloud service `provider` for which you want to create the private endpoint service. Enum: `AWS`, `GCP`, `AZURE`	true
`region`	string	Region of the chosen cloud provider in which you want to create the private endpoint service.	true
`awsConfiguration`	[]object	AWSConfiguration is the specific `AWS` settings for the private endpoint.	false
`azureConfiguration`	[]object	`AzureConfiguration` is the specific Azure settings for the private endpoint.	false
`connectionSecret`	object	Name of the secret containing Atlas `API` private and public keys.	false
`externalProjectRef`	object	`externalProjectRef` holds the parent Atlas project `ID`. Mutually exclusive with the "`projectRef`" field.	false
`gcpConfiguration`	[]object	GCPConfiguration is the specific Google Cloud settings for the private endpoint.	false
`projectRef`	object	`projectRef` is a reference to the parent `AtlasProject` resource. Mutually exclusive with the "`externalProjectRef`" field.	false

AtlasPrivateEndpoint.spec.awsConfiguration

AWSPrivateEndpointConfiguration holds the AWS configuration done on customer network.

`Name`	Type	Description	Required
`id`	string	`ID` that identifies the private endpoint's network interface that someone added to this private endpoint service.	true

AtlasPrivateEndpoint.spec.azureConfiguration

AzurePrivateEndpointConfiguration holds the Azure configuration done on customer network.

`Name`	Type	Description	Required
`id`	string	`ID` that identifies the private endpoint's network interface that someone added to this private endpoint service.	true
`ipAddress`	string	`IP` address of the private endpoint in your Azure VNet that someone added to this private endpoint service.	true

AtlasPrivateEndpoint.spec.connectionSecret

Name of the secret containing Atlas API private and public keys.

`Name`	Type	Description	Required
`name`	string	Name of the resource being referred to More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names	true

AtlasPrivateEndpoint.spec.externalProjectRef

externalProjectRef holds the parent Atlas project ID. Mutually exclusive with the "projectRef" field.

`Name`	Type	Description	Required
`id`	string	`ID` is the Atlas project `ID`.	true

AtlasPrivateEndpoint.spec.gcpConfiguration

GCPPrivateEndpointConfiguration holds the GCP configuration done on customer network.

`Name`	Type	Description	Required
`endpoints`	[]object	Endpoints is the list of individual private `endpoints` that comprise this endpoint group.	true
`groupName`	string	`GroupName` is the label that identifies a set of endpoints.	true
`projectId`	string	`ProjectID` that identifies the Google Cloud project in which you created the endpoints.	true

AtlasPrivateEndpoint.spec.gcpConfiguration.endpoints

GCPPrivateEndpoint holds the GCP forwarding rules configured on customer network.

`Name`	Type	Description	Required
`ipAddress`	string	`IP` address to which this Google Cloud consumer forwarding rule resolves.	true
`name`	string	Name that identifies the Google Cloud consumer forwarding rule that you created.	true

AtlasPrivateEndpoint.spec.projectRef

projectRef is a reference to the parent AtlasProject resource. Mutually exclusive with the "externalProjectRef" field.

`Name`	Type	Description	Required
`name`	string	Name of the Kubernetes Resource	true
`namespace`	string	Namespace of the Kubernetes Resource	false

AtlasPrivateEndpoint.status

AtlasPrivateEndpointStatus is the most recent observed status of the AtlasPrivateEndpoint cluster. Read-only.

`Name`	Type	Description	Required
`conditions`	[]object	Conditions is the list of statuses showing the current state of the Atlas Custom Resource	true
`endpoints`	[]object	Endpoints are the status of the `endpoints` connected to the service	false
`error`	string	Error is the description of the failure occurred when configuring the private endpoint	false
`observedGeneration`	integer	`ObservedGeneration` indicates the generation of the resource specification of which the Atlas Operator is aware. The Atlas Operator updates this field to the value of 'metadata.generation' as soon as it starts reconciliation of the resource. Format: int64	false
`resourceId`	string	`ResourceID` is the root-relative path that identifies of the Atlas Azure Private Link Service	false
`serviceAttachmentNames`	[]string	`ServiceAttachmentNames` is the list of URLs that identifies endpoints that Atlas can use to access one service across the private connection	false
`serviceId`	string	`ServiceID` is the unique identifier of the private endpoint service in Atlas	false
`serviceName`	string	`ServiceName` is the unique identifier of the Amazon Web Services (`AWS`) `PrivateLink` endpoint service or Azure Private Link Service managed by Atlas	false
`serviceStatus`	string	`ServiceStatus` is the state of the private endpoint service	false

AtlasPrivateEndpoint.status.conditions

Condition describes the state of an Atlas Custom Resource at a certain point.

`Name`	Type	Description	Required
`status`	string	Status of the condition; one of True, False, Unknown.	true
`type`	string	Type of Atlas Custom Resource condition.	true
`lastTransitionTime`	string	Last time the condition transitioned from one status to another. Represented in `ISO` 8601 format. Format: date-time	false
`message`	string	A `message` providing details about the transition.	false
`reason`	string	The `reason` for the condition's last transition.	false

AtlasPrivateEndpoint.status.endpoints

EndpointInterfaceStatus is the most recent observed status the interfaces attached to the configured service. Read-only.

`Name`	Type	Description	Required
`ID`	string	`ID` is the external identifier set on the specification to configure the interface	false
`InterfaceStatus`	string	`InterfaceStatus` is the state of the private endpoint interface	false
`connectionName`	string	`ConnectionName` is the label that Atlas generates that identifies the Azure private endpoint connection	false
`error`	string	Error is the description of the failure occurred when configuring the private endpoint	false
`gcpForwardingRules`	[]object	GCPForwardingRules is the status of the customer `GCP` private endpoint(forwarding rules)	false

AtlasPrivateEndpoint.status.endpoints.gcpForwardingRules

GCPForwardingRule is the most recent observed status the GCP forwarding rules configured for an interface. Read-only.

`Name`	Type	Description	Required
`name`	string	Human-readable label that identifies the Google Cloud consumer forwarding rule that you created.	false
`status`	string	State of the `MongoDB` Atlas endpoint group.	false

Back

AtlasOrgSettings

AtlasSearchIndexConfig