Install and Configure the Kubernetes Operator >
Upgrade the Kubernetes Operator from Prior Versions >
Upgrade from Operator Version 0.10 and Later

Upgrade from Operator Version 0.10 and Later¶

Warning

Version 0.10 of the MongoDB Enterprise Kubernetes Operator included breaking changes and requires some additional preparation before upgrading. If you are using version 0.9 or earlier, see Upgrade from Operator Version 0.9 and Earlier.

The following procedure walks you through upgrading the Kubernetes Operator:

Change to the directory in which you cloned the Kubernetes Operator repository. The following steps depend on how your environment is configured:

Online using kubectl
Online using Helm
Offline using Helm and Docker

Upgrade the CustomResourceDefinitions for MongoDB deployments using the following kubectl command:
copy
```
kubectl apply -f crds.yaml
```
If you use OpenShift as your Kubernetes orchestrator, you need to allow OpenShift to manage the Security Context for the Kubernetes Operator.

Change the MANAGED_SECURITY_CONTEXT value as described in the next step.

You can edit the Operator YAML file to further customize your Operator before upgrading it.

Open your mongodb-enterprise.yaml in your preferred text editor.

You may need to add one or more of the following options:

Environment Variable When to Use

OPERATOR_ENV

Label for the Operator’s deployment environment. The env value affects default timeouts and the format and level of logging.

If `OPERATOR_ENV` is	Log Level is set to	Log Format is set to
`dev`	debug	text
`prod`	info	json

Accepted values are: dev, prod.

Default value is: prod.

You can set the following pair of values:

copy

spec.template.spec.containers.name.env.name: OPERATOR_ENV
spec.template.spec.containers.name.env.value: prod

Example

copy

spec:
  template:
    spec:
      serviceAccountName: mongodb-enterprise-operator
      containers:
      - name: mongodb-enterprise-operator
        image: <operatorVersionUrl>
        imagePullPolicy: <policyChoice>
        env:
        - name: OPERATOR_ENV
          value: prod

WATCH_NAMESPACE

Namespace that the Operator watches for MongoDB Kubernetes resource changes. If this namespace differs from the default, ensure that the Operator’s ServiceAccount can access that different namespace.

* means all namespaces and requires the ClusterRole assigned to the mongodb-enterprise-operator ServiceAccount which is the ServiceAccount used to run the Kubernetes Operator.

Default value is: <metadata.namespace>.

One Namespace or All Namespaces

If you need to watch more than one namespace, set the value of WATCH_NAMESPACE to * (all). This environment variable can watch one namespace or all namespaces.

You can set the following pair of values:

copy

spec.template.spec.containers.name.env.name: WATCH_NAMESPACE
spec.template.spec.containers.name.env.value: "<testNamespace>"

Example

copy

spec:
  template:
    spec:
      serviceAccountName: mongodb-enterprise-operator
      containers:
      - name: mongodb-enterprise-operator
        image: <operatorVersionUrl>
        imagePullPolicy: <policyChoice>
        env:
        - name: WATCH_NAMESPACE
          value: "<testNamespace>"

MANAGED_SECURITY_CONTEXT

If you use OpenShift as your Kubernetes orchestrator, set this to 'true' to allow OpenShift to manage the Security Context for the Kubernetes Operator.

Accepted values are: 'true', 'false'.

Default value is: 'false'.

You can set the following pair of values:

copy

spec.template.spec.containers.name.env.name: MANAGED_SECURITY_CONTEXT
spec.template.spec.containers.name.env.value: 'true'

Example

copy

spec:
  template:
    spec:
      serviceAccountName: mongodb-enterprise-operator
      containers:
      - name: mongodb-enterprise-operator
        image: <operatorVersionUrl>
        imagePullPolicy: <policyChoice>
        env:
        - name: MANAGED_SECURITY_CONTEXT
          value: 'true'

POD_WAIT_SEC

Time in seconds that the Operator waits for StatefulSets to start when MongoDB Kubernetes resources are being created or updated before retrying.

Default values depend upon OPERATOR_ENV:

If `OPERATOR_ENV` is	`POD_WAIT_SEC` is set to
`dev`	3
`prod`	5

You can set the following pair of values:

copy

spec.template.spec.containers.name.env.name: POD_WAIT_SEC
spec.template.spec.containers.name.env.value: 4

Example

copy

spec:
  template:
    spec:
      serviceAccountName: mongodb-enterprise-operator
      containers:
      - name: mongodb-enterprise-operator
        image: <operatorVersionUrl>
        imagePullPolicy: <policyChoice>
        env:
        - name: POD_WAIT_SEC
          value: 4
        - name: POD_WAIT_RETRIES
          value: 30

POD_WAIT_RETRIES

Maximum number of retries that the Operator attempts when waiting for StatefulSets to start after MongoDB Kubernetes resources are created or updated.

Default values depend upon OPERATOR_ENV:

If `OPERATOR_ENV` is	`POD_WAIT_RETRIES` is set to
`dev`	60
`prod`	180

You can set the following pair of values:

copy

spec.template.spec.containers.name.env.name: POD_WAIT_RETRIES
spec.template.spec.containers.name.env.value: 30

Example

copy

spec:
  template:
    spec:
      serviceAccountName: mongodb-enterprise-operator
      containers:
      - name: mongodb-enterprise-operator
        image: <operatorVersionUrl>
        imagePullPolicy: <policyChoice>
        env:
        - name: POD_WAIT_SEC
          value: 4
        - name: POD_WAIT_RETRIES
          value: 30

Note

Any values enclosed in single or double quotes require those quotes. Include the quotes when setting these values.

Upgrade the Kubernetes Operator using the following kubectl command:
copy
```
kubectl apply -f mongodb-enterprise.yaml
```

To troubleshoot your Kubernetes Operator, see Review Logs from the Kubernetes Operator.

Important

If you need to remove the Kubernetes Operator or the namespace, you first must remove MongoDB resources.

Upgrade the latest version of the Kubernetes Operator using the following helm command:

copy

helm template helm_chart > operator.yaml
kubectl apply -f operator.yaml

You can customize your Chart before installing it by using the --set option. For this Chart, you may need to add one or more of the following options:

--set option When to Use

namespace

To use a different namespace, you need to specify that namespace.

Default value is: mongodb.

Example

copy

helm template \
  --set namespace=<testNamespace> \
  helm_chart > operator.yaml
kubectl apply -f operator.yaml

operator.env

Label for the Operator’s deployment environment. The env value affects default timeouts and the format and level of logging.

If `operator.env` is	Log Level is set to	Log Format is set to
`dev`	debug	text
`prod`	info	json

Accepted values are: dev, prod.

Default value is: prod.

Example

copy

helm template \
  --set operator.env=dev \
  helm_chart > operator.yaml
kubectl apply -f operator.yaml

operator.watchNamespace

Namespace that the Operator watches for MongoDB Kubernetes resource changes. If this namespace differs from the default, ensure that the Operator’s ServiceAccount can access that different namespace.

* means all namespaces and requires the ClusterRole assigned to the mongodb-enterprise-operator ServiceAccount which is the ServiceAccount used to run the Kubernetes Operator.

Default value is: <metadata.namespace>.

Example

copy

helm template \
  --set operator.watchNamespace=<testNamespace> \
  helm_chart > operator.yaml
kubectl apply -f operator.yaml

managedSecurityContext

If you use OpenShift as your Kubernetes orchestrator, set this to true to allow OpenShift to manage the Security Context for the Kubernetes Operator.

Accepted values are: true, false.

Default value is: false.

Example

copy

helm template \
  --set managedSecurityContext=false \
  helm_chart > operator.yaml
kubectl apply -f operator.yaml

operator.podWaitSeconds

Time in seconds that the Operator waits for StatefulSets to start when MongoDB Kubernetes resources are being created or updated before retrying.

Default values depend upon operator.env:

If `operator.env` is	`operator.podWaitSeconds` is set to
`dev`	3
`prod`	5

Example

copy

helm template \
  --set operator.env=dev \
  --set operator.podWaitSeconds=10 \
  helm_chart > operator.yaml
kubectl apply -f operator.yaml

operator.podSetWaitRetries

Maximum number of retries that the Operator attempts when waiting for StatefulSets to start after MongoDB Kubernetes resources are created or updated.

Default values depend upon operator.env:

If `operator.env` is	`operator.podSetWaitRetries` is set to
`dev`	60
`prod`	180

Example

copy

helm template
  --set operator.env=dev \
  --set operator.podWaitSeconds=10 \
  --set operator.podSetWaitRetries=20 \
  helm_chart > operator.yaml
kubectl apply -f operator.yaml

To troubleshoot your Kubernetes Operator, see Review Logs from the Kubernetes Operator.

Important

If you need to remove the Kubernetes Operator or the namespace, you first must remove MongoDB resources.

To upgrade the Kubernetes Operator on a host not connected to the Internet, you have two options, you can download the Kubernetes Operator files from either:

The Internet
Another Host

Upgrade the latest version of the Kubernetes Operator with modified pull policy values using the following helm command:

copy

helm template --set registry.pullPolicy=IfNotPresent \
  helm_chart > operator.yaml
kubectl apply -f operator.yaml

You can further customize your Chart before installing it by using the --set option. For this Chart, you may need to add one or more of the following options:

--set option When to Use

namespace

To use a different namespace, you need to specify that namespace.

Default value is: mongodb.

Example

copy

helm template \
  --set registry.pullPolicy=IfNotPresent \
  --set namespace=<testNamespace> \
  helm_chart > operator.yaml
kubectl apply -f operator.yaml

operator.env

Label for the Operator’s deployment environment. The env value affects default timeouts and the format and level of logging.

If `operator.env` is	Log Level is set to	Log Format is set to
`dev`	debug	text
`prod`	info	json

Accepted values are: dev, prod.

Default value is: prod.

Example

copy

helm template \
  --set registry.pullPolicy=IfNotPresent \
  --set operator.env=dev \
  helm_chart > operator.yaml
kubectl apply -f operator.yaml

operator.watchNamespace

Namespace that the Operator watches for MongoDB Kubernetes resource changes. If this namespace differs from the default, ensure that the Operator’s ServiceAccount can access that different namespace.

* means all namespaces and requires the ClusterRole assigned to the mongodb-enterprise-operator ServiceAccount which is the ServiceAccount used to run the Kubernetes Operator.

Default value is: <metadata.namespace>.

Example

copy

helm template \
  --set registry.pullPolicy=IfNotPresent \
  --set operator.watchNamespace=<testNamespace> \
  helm_chart > operator.yaml
kubectl apply -f operator.yaml

managedSecurityContext

If you use OpenShift as your Kubernetes orchestrator, set this to true to allow OpenShift to manage the Security Context for the Kubernetes Operator.

Accepted values are: true, false.

Default value is: false.

Example

copy

helm template \
  --set registry.pullPolicy=IfNotPresent \
  --set managedSecurityContext=false \
  helm_chart > operator.yaml
kubectl apply -f operator.yaml

operator.podWaitSeconds

Time in seconds that the Operator waits for StatefulSets to start when MongoDB Kubernetes resources are being created or updated before retrying.

Default values depend upon operator.env:

If `operator.env` is	`operator.podWaitSeconds` is set to
`dev`	3
`prod`	5

Example

copy

helm template \
  --set registry.pullPolicy=IfNotPresent \
  --set operator.env=dev \
  --set operator.podWaitSeconds=10 \
  helm_chart > operator.yaml
kubectl apply -f operator.yaml

operator.podSetWaitRetries

Maximum number of retries that the Operator attempts when waiting for StatefulSets to start after MongoDB Kubernetes resources are created or updated.

Default values depend upon operator.env:

If `operator.env` is	`operator.podSetWaitRetries` is set to
`dev`	60
`prod`	180

Example

copy

helm template \
  --set registry.pullPolicy=IfNotPresent \
  --set operator.env=dev \
  --set operator.podWaitSeconds=10 \
  --set operator.podSetWaitRetries=20 \
  helm_chart > operator.yaml
kubectl apply -f operator.yaml

To troubleshoot your Kubernetes Operator, see Review Logs from the Kubernetes Operator.

Important

If you need to remove the Kubernetes Operator or the namespace, you first must remove MongoDB resources.

Upgrade the latest version of the Kubernetes Operator with modified pull policy values using the following helm command:

copy

helm template --set registry.pullPolicy=IfNotPresent \
  helm_chart > operator.yaml
kubectl apply -f operator.yaml

You can further customize your Chart before installing it by using the --set option. For this Chart, you may need to add one or more of the following options:

--set option When to Use

namespace

To use a different namespace, you need to specify that namespace.

Default value is: mongodb.

Example

copy

helm template \
  --set registry.pullPolicy=IfNotPresent \
  --set namespace=<testNamespace> \
  helm_chart > operator.yaml
kubectl apply -f operator.yaml

operator.env

Label for the Operator’s deployment environment. The env value affects default timeouts and the format and level of logging.

If `operator.env` is	Log Level is set to	Log Format is set to
`dev`	debug	text
`prod`	info	json

Accepted values are: dev, prod.

Default value is: prod.

Example

copy

helm template \
  --set registry.pullPolicy=IfNotPresent \
  --set operator.env=dev \
  helm_chart > operator.yaml
kubectl apply -f operator.yaml

operator.watchNamespace

Namespace that the Operator watches for MongoDB Kubernetes resource changes. If this namespace differs from the default, ensure that the Operator’s ServiceAccount can access that different namespace.

* means all namespaces and requires the ClusterRole assigned to the mongodb-enterprise-operator ServiceAccount which is the ServiceAccount used to run the Kubernetes Operator.

Default value is: <metadata.namespace>.

Example

copy

helm template \
  --set registry.pullPolicy=IfNotPresent \
  --set operator.watchNamespace=<testNamespace> \
  helm_chart > operator.yaml
kubectl apply -f operator.yaml

managedSecurityContext

If you use OpenShift as your Kubernetes orchestrator, set this to true to allow OpenShift to manage the Security Context for the Kubernetes Operator.

Accepted values are: true, false.

Default value is: false.

Example

copy

helm template \
  --set registry.pullPolicy=IfNotPresent \
  --set managedSecurityContext=false \
  helm_chart > operator.yaml
kubectl apply -f operator.yaml

operator.podWaitSeconds

Time in seconds that the Operator waits for StatefulSets to start when MongoDB Kubernetes resources are being created or updated before retrying.

Default values depend upon operator.env:

If `operator.env` is	`operator.podWaitSeconds` is set to
`dev`	3
`prod`	5

Example

copy

helm template \
  --set registry.pullPolicy=IfNotPresent \
  --set operator.env=dev \
  --set operator.podWaitSeconds=10 \
  helm_chart > operator.yaml
kubectl apply -f operator.yaml

operator.podSetWaitRetries

Maximum number of retries that the Operator attempts when waiting for StatefulSets to start after MongoDB Kubernetes resources are created or updated.

Default values depend upon operator.env:

If `operator.env` is	`operator.podSetWaitRetries` is set to
`dev`	60
`prod`	180

Example

copy

helm template \
  --set registry.pullPolicy=IfNotPresent \
  --set operator.env=dev \
  --set operator.podWaitSeconds=10 \
  --set operator.podSetWaitRetries=20 \
  helm_chart > operator.yaml
kubectl apply -f operator.yaml