In order to deploy multiple instances of MongoDB resources across multiple Kubernetes clusters, you first need to deploy the Kubernetes Operator to one of your Kubernetes clusters. Once the Kubernetes Operator is deployed to a central Kubernetes cluster, you can then create and manage all of your MongoDB resources across all of your Kubernetes clusters by applying updates to your central Kubernetes cluster.
Prerequisites
Before you begin the following procedure, perform the following actions:
- Install - kubectl.
- Install Helm. 
- Complete the GKE Clusters procedure or the equivalent. 
- Complete the TLS Certificates procedure or the equivalent. 
- Complete the Istio Service mesh procedure or the equivalent. 
- Install the - kubectl mongodbplugin. To install the- kubectl mongodbplugin:1- Download your desired Kubernetes Operator package version.- Download your desired Kubernetes Operator package version from the Release Page of the MongoDB Enterprise Kubernetes Operator Repository. - The package's name uses this pattern: - kubectl-mongodb_{{ .Version }}_{{ .Os }}_{{ .Arch }}.tar.gz.- Use one of the following packages: - kubectl-mongodb_{{ .Version }}_darwin_amd64.tar.gz
- kubectl-mongodb_{{ .Version }}_darwin_arm64.tar.gz
- kubectl-mongodb_{{ .Version }}_linux_amd64.tar.gz
- kubectl-mongodb_{{ .Version }}_linux_arm64.tar.gz
 23- Locate the- kubectl mongodbplugin binary and copy it to its desired destination.- Find the - kubectl-mongodbbinary in the unpacked directory and move it to its desired destination, inside the PATH for the Kubernetes Operator user, as shown in the following example:- mv kubectl-mongodb /usr/local/bin/kubectl-mongodb - Now you can run the - kubectl mongodbplugin using the following commands:- kubectl mongodb multicluster setup - kubectl mongodb multicluster recover - To learn more about the supported flags, see the MongoDB kubectl plugin Reference. 
- Update as needed and set the environment variables defined in the following - env_variables.shfile.- 1 - # Namespace in which Ops Manager and AppDB will be deployed - 2 - export OM_NAMESPACE="mongodb-om" - 3 - # Namespace in which the operator will be installed - 4 - export OPERATOR_NAMESPACE="mongodb-operator" - 5 - # Namespace in which MongoDB resources will be deployed - 6 - export MDB_NAMESPACE="mongodb" - 7 - 8 - # comma-separated key=value pairs for additional parameters passed to the helm-chart installing the operator - 9 - export OPERATOR_ADDITIONAL_HELM_VALUES="${OPERATOR_ADDITIONAL_HELM_VALUES:-""}" - 10 - 11 - export OFFICIAL_OPERATOR_HELM_CHART="mongodb/enterprise-operator" - 12 - export OPERATOR_HELM_CHART="${OPERATOR_HELM_CHART:-${OFFICIAL_OPERATOR_HELM_CHART}}" 
Source Code
You can find all included source code in the MongoDB Kubernetes Operator repository.
Procedure
Create namespaces for the Kubernetes Operator, MongoDB and Ops Manager in each of your Kubernetes clusters.
kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" create namespace "${OPERATOR_NAMESPACE}" kubectl --context "${K8S_CLUSTER_1_CONTEXT_NAME}" create namespace "${OPERATOR_NAMESPACE}" kubectl --context "${K8S_CLUSTER_2_CONTEXT_NAME}" create namespace "${OPERATOR_NAMESPACE}" kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" create namespace "${OM_NAMESPACE}" kubectl --context "${K8S_CLUSTER_1_CONTEXT_NAME}" create namespace "${OM_NAMESPACE}" kubectl --context "${K8S_CLUSTER_2_CONTEXT_NAME}" create namespace "${OM_NAMESPACE}" kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" create namespace "${MDB_NAMESPACE}" kubectl --context "${K8S_CLUSTER_1_CONTEXT_NAME}" create namespace "${MDB_NAMESPACE}" kubectl --context "${K8S_CLUSTER_2_CONTEXT_NAME}" create namespace "${MDB_NAMESPACE}" 
Create image pull secrets.
mkdir -p secrets kubectl create secret generic "image-registries-secret" \         --from-file=.dockerconfigjson="${HOME}/.docker/config.json" --type=kubernetes.io/dockerconfigjson \         --dry-run=client -o yaml > secrets/image-registries-secret.yaml kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OPERATOR_NAMESPACE}" apply -f secrets/image-registries-secret.yaml kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OM_NAMESPACE}" apply -f secrets/image-registries-secret.yaml kubectl --context "${K8S_CLUSTER_1_CONTEXT_NAME}" -n "${OM_NAMESPACE}" apply -f secrets/image-registries-secret.yaml kubectl --context "${K8S_CLUSTER_2_CONTEXT_NAME}" -n "${OM_NAMESPACE}" apply -f secrets/image-registries-secret.yaml kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${MDB_NAMESPACE}" apply -f secrets/image-registries-secret.yaml kubectl --context "${K8S_CLUSTER_1_CONTEXT_NAME}" -n "${MDB_NAMESPACE}" apply -f secrets/image-registries-secret.yaml kubectl --context "${K8S_CLUSTER_2_CONTEXT_NAME}" -n "${MDB_NAMESPACE}" apply -f secrets/image-registries-secret.yaml 
Configure your Kubernetes clusters.
Run the following command to configure your Kubernetes clusters.
1 kubectl mongodb multicluster setup \ 2   --central-cluster="${K8S_CLUSTER_0_CONTEXT_NAME}" \ 3   --member-clusters="${K8S_CLUSTER_0_CONTEXT_NAME},${K8S_CLUSTER_1_CONTEXT_NAME},${K8S_CLUSTER_2_CONTEXT_NAME}" \ 4   --member-cluster-namespace="${OM_NAMESPACE}" \ 5   --central-cluster-namespace="${OPERATOR_NAMESPACE}" \ 6   --create-service-account-secrets \ 7   --install-database-roles=true \ 8   --image-pull-secrets=image-registries-secret 9 10 kubectl mongodb multicluster setup \ 11   --central-cluster="${K8S_CLUSTER_0_CONTEXT_NAME}" \ 12   --member-clusters="${K8S_CLUSTER_0_CONTEXT_NAME},${K8S_CLUSTER_1_CONTEXT_NAME},${K8S_CLUSTER_2_CONTEXT_NAME}" \ 13   --member-cluster-namespace="${MDB_NAMESPACE}" \ 14   --central-cluster-namespace="${OPERATOR_NAMESPACE}" \ 15   --create-service-account-secrets \ 16   --install-database-roles=true \ 17   --image-pull-secrets=image-registries-secret 
Build: ,  Ensured namespaces exist in all clusters. creating operator cluster roles in cluster: gke_scratch-kubernetes-team_europe-central2-a_k8s-mdb-0-67d0389d75b70a0007e5894a created clusterrole: mongodb-enterprise-operator-multi-cluster-role-telemetry created clusterrolebinding: mongodb-enterprise-operator-multi-telemetry-cluster-role-binding created clusterrole: mongodb-enterprise-operator-multi-cluster-role-telemetry created clusterrolebinding: mongodb-enterprise-operator-multi-telemetry-cluster-role-binding creating member roles in cluster: gke_scratch-kubernetes-team_europe-central2-b_k8s-mdb-1-67d0389d75b70a0007e5894a created clusterrole: mongodb-enterprise-operator-multi-cluster-role-telemetry created clusterrolebinding: mongodb-enterprise-operator-multi-telemetry-cluster-role-binding created clusterrole: mongodb-enterprise-operator-multi-cluster-role-telemetry created clusterrolebinding: mongodb-enterprise-operator-multi-telemetry-cluster-role-binding creating member roles in cluster: gke_scratch-kubernetes-team_europe-central2-c_k8s-mdb-2-67d0389d75b70a0007e5894a created clusterrole: mongodb-enterprise-operator-multi-cluster-role-telemetry created clusterrolebinding: mongodb-enterprise-operator-multi-telemetry-cluster-role-binding created clusterrole: mongodb-enterprise-operator-multi-cluster-role-telemetry created clusterrolebinding: mongodb-enterprise-operator-multi-telemetry-cluster-role-binding Ensured ServiceAccounts and Roles. Creating KubeConfig secret mongodb-operator/mongodb-enterprise-operator-multi-cluster-kubeconfig in cluster gke_scratch-kubernetes-team_europe-central2-a_k8s-mdb-0-67d0389d75b70a0007e5894a Ensured database Roles in member clusters. Creating Member list Configmap mongodb-operator/mongodb-enterprise-operator-member-list in cluster gke_scratch-kubernetes-team_europe-central2-a_k8s-mdb-0-67d0389d75b70a0007e5894a Build: ,  Ensured namespaces exist in all clusters. creating operator cluster roles in cluster: gke_scratch-kubernetes-team_europe-central2-a_k8s-mdb-0-67d0389d75b70a0007e5894a created clusterrole: mongodb-enterprise-operator-multi-cluster-role-telemetry created clusterrolebinding: mongodb-enterprise-operator-multi-telemetry-cluster-role-binding created clusterrole: mongodb-enterprise-operator-multi-cluster-role-telemetry created clusterrolebinding: mongodb-enterprise-operator-multi-telemetry-cluster-role-binding creating member roles in cluster: gke_scratch-kubernetes-team_europe-central2-b_k8s-mdb-1-67d0389d75b70a0007e5894a created clusterrole: mongodb-enterprise-operator-multi-cluster-role-telemetry created clusterrolebinding: mongodb-enterprise-operator-multi-telemetry-cluster-role-binding created clusterrole: mongodb-enterprise-operator-multi-cluster-role-telemetry created clusterrolebinding: mongodb-enterprise-operator-multi-telemetry-cluster-role-binding creating member roles in cluster: gke_scratch-kubernetes-team_europe-central2-c_k8s-mdb-2-67d0389d75b70a0007e5894a created clusterrole: mongodb-enterprise-operator-multi-cluster-role-telemetry created clusterrolebinding: mongodb-enterprise-operator-multi-telemetry-cluster-role-binding created clusterrole: mongodb-enterprise-operator-multi-cluster-role-telemetry created clusterrolebinding: mongodb-enterprise-operator-multi-telemetry-cluster-role-binding Ensured ServiceAccounts and Roles. Creating KubeConfig secret mongodb-operator/mongodb-enterprise-operator-multi-cluster-kubeconfig in cluster gke_scratch-kubernetes-team_europe-central2-a_k8s-mdb-0-67d0389d75b70a0007e5894a Ensured database Roles in member clusters. Creating Member list Configmap mongodb-operator/mongodb-enterprise-operator-member-list in cluster gke_scratch-kubernetes-team_europe-central2-a_k8s-mdb-0-67d0389d75b70a0007e5894a 
Add the MongoDB Helm Charts for Kubernetes.
Add the MongoDB Helm Charts for Kubernetes repository to Helm.
1 helm repo add mongodb https://mongodb.github.io/helm-charts 2 helm repo update mongodb 3 helm search repo "${OFFICIAL_OPERATOR_HELM_CHART}" 
"mongodb" has been added to your repositories Hang tight while we grab the latest from your chart repositories... ...Successfully got an update from the "mongodb" chart repository Update Complete. ⎈Happy Helming!⎈ NAME                       	CHART VERSION	APP VERSION	DESCRIPTION                            mongodb/enterprise-operator	1.32.0       	           	MongoDB Kubernetes Enterprise Operator 
Deploy the Kubernetes Operator.
Use the MongoDB Helm Charts for Kubernetes to deploy the Kubernetes Operator.
1 helm upgrade --install \ 2   --debug \ 3   --kube-context "${K8S_CLUSTER_0_CONTEXT_NAME}" \ 4   mongodb-enterprise-operator-multi-cluster \ 5   "${OPERATOR_HELM_CHART}" \ 6   --namespace="${OPERATOR_NAMESPACE}" \ 7   --set namespace="${OPERATOR_NAMESPACE}" \ 8   --set operator.namespace="${OPERATOR_NAMESPACE}" \ 9   --set operator.watchNamespace="${OM_NAMESPACE}\,${MDB_NAMESPACE}" \ 10   --set operator.name=mongodb-enterprise-operator-multi-cluster \ 11   --set operator.createOperatorServiceAccount=false \ 12   --set operator.createResourcesServiceAccountsAndRoles=false \ 13   --set "multiCluster.clusters={${K8S_CLUSTER_0_CONTEXT_NAME},${K8S_CLUSTER_1_CONTEXT_NAME},${K8S_CLUSTER_2_CONTEXT_NAME}}" \ 14   --set "${OPERATOR_ADDITIONAL_HELM_VALUES:-"dummy=value"}" \ 15   --set operator.env=dev 
Release "mongodb-enterprise-operator-multi-cluster" does not exist. Installing it now. NAME: mongodb-enterprise-operator-multi-cluster LAST DEPLOYED: Tue Mar 11 13:36:49 2025 NAMESPACE: mongodb-operator STATUS: deployed REVISION: 1 TEST SUITE: None USER-SUPPLIED VALUES: dummy: value multiCluster:   clusters:   - gke_scratch-kubernetes-team_europe-central2-a_k8s-mdb-0-67d0389d75b70a0007e5894a   - gke_scratch-kubernetes-team_europe-central2-b_k8s-mdb-1-67d0389d75b70a0007e5894a   - gke_scratch-kubernetes-team_europe-central2-c_k8s-mdb-2-67d0389d75b70a0007e5894a namespace: mongodb-operator operator:   createOperatorServiceAccount: false   createResourcesServiceAccountsAndRoles: false   env: dev   mdbDefaultArchitecture: static   name: mongodb-enterprise-operator-multi-cluster   namespace: mongodb-operator   watchNamespace: mongodb-om,mongodb COMPUTED VALUES: agent:   name: mongodb-agent-ubi   version: 108.0.2.8729-1 database:   name: mongodb-enterprise-database-ubi   version: 1.32.0 dummy: value initAppDb:   name: mongodb-enterprise-init-appdb-ubi   version: 1.32.0 initDatabase:   name: mongodb-enterprise-init-database-ubi   version: 1.32.0 initOpsManager:   name: mongodb-enterprise-init-ops-manager-ubi   version: 1.32.0 managedSecurityContext: false mongodb:   appdbAssumeOldFormat: false   imageType: ubi8   name: mongodb-enterprise-server   repo: quay.io/mongodb mongodbLegacyAppDb:   name: mongodb-enterprise-appdb-database-ubi   repo: quay.io/mongodb multiCluster:   clusterClientTimeout: 10   clusters:   - gke_scratch-kubernetes-team_europe-central2-a_k8s-mdb-0-67d0389d75b70a0007e5894a   - gke_scratch-kubernetes-team_europe-central2-b_k8s-mdb-1-67d0389d75b70a0007e5894a   - gke_scratch-kubernetes-team_europe-central2-c_k8s-mdb-2-67d0389d75b70a0007e5894a   kubeConfigSecretName: mongodb-enterprise-operator-multi-cluster-kubeconfig   performFailOver: true namespace: mongodb-operator operator:   additionalArguments: []   affinity: {}   createOperatorServiceAccount: false   createResourcesServiceAccountsAndRoles: false   deployment_name: mongodb-enterprise-operator   enablePVCResize: true   env: dev   maxConcurrentReconciles: 1   mdbDefaultArchitecture: static   name: mongodb-enterprise-operator-multi-cluster   namespace: mongodb-operator   nodeSelector: {}   operator_image_name: mongodb-enterprise-operator-ubi   replicas: 1   resources:     limits:       cpu: 1100m       memory: 1Gi     requests:       cpu: 500m       memory: 200Mi   telemetry:     collection:       clusters: {}       deployments: {}       frequency: 1h       operators: {}     send:       frequency: 168h   tolerations: []   vaultSecretBackend:     enabled: false     tlsSecretRef: ""   version: 1.32.0   watchNamespace: mongodb-om,mongodb   watchedResources:   - mongodb   - opsmanagers   - mongodbusers   webhook:     installClusterRole: true     registerConfiguration: true opsManager:   name: mongodb-enterprise-ops-manager-ubi registry:   agent: quay.io/mongodb   appDb: quay.io/mongodb   database: quay.io/mongodb   imagePullSecrets: null   initAppDb: quay.io/mongodb   initDatabase: quay.io/mongodb   initOpsManager: quay.io/mongodb   operator: quay.io/mongodb   opsManager: quay.io/mongodb   pullPolicy: Always subresourceEnabled: true HOOKS: MANIFEST: --- # Source: enterprise-operator/templates/operator-roles.yaml kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata:   name: mongodb-enterprise-operator-mongodb-webhook rules:   - apiGroups:       - "admissionregistration.k8s.io"     resources:       - validatingwebhookconfigurations     verbs:       - get       - create       - update       - delete   - apiGroups:       - ""     resources:       - services     verbs:       - get       - list       - watch       - create       - update       - delete --- # Source: enterprise-operator/templates/operator-roles.yaml # Additional ClusterRole for clusterVersionDetection kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata:   name: mongodb-enterprise-operator-multi-cluster-cluster-telemetry rules:   # Non-resource URL permissions   - nonResourceURLs:       - "/version"     verbs:       - get   # Cluster-scoped resource permissions   - apiGroups:       - ''     resources:       - namespaces     resourceNames:       - kube-system     verbs:       - get   - apiGroups:       - ''     resources:       - nodes     verbs:       - list --- # Source: enterprise-operator/templates/operator-roles.yaml kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata:   name: mongodb-enterprise-operator-multi-cluster-mongodb-operator-webhook-binding roleRef:   apiGroup: rbac.authorization.k8s.io   kind: ClusterRole   name: mongodb-enterprise-operator-mongodb-webhook subjects:   - kind: ServiceAccount     name: mongodb-enterprise-operator-multi-cluster     namespace: mongodb-operator --- # Source: enterprise-operator/templates/operator-roles.yaml # ClusterRoleBinding for clusterVersionDetection kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata:   name: mongodb-enterprise-operator-multi-cluster-mongodb-operator-cluster-telemetry-binding roleRef:   apiGroup: rbac.authorization.k8s.io   kind: ClusterRole   name: mongodb-enterprise-operator-multi-cluster-cluster-telemetry subjects:   - kind: ServiceAccount     name: mongodb-enterprise-operator-multi-cluster     namespace: mongodb-operator --- # Source: enterprise-operator/templates/operator.yaml apiVersion: apps/v1 kind: Deployment metadata:   name: mongodb-enterprise-operator-multi-cluster   namespace: mongodb-operator spec:   replicas: 1   selector:     matchLabels:       app.kubernetes.io/component: controller       app.kubernetes.io/name: mongodb-enterprise-operator-multi-cluster       app.kubernetes.io/instance: mongodb-enterprise-operator-multi-cluster   template:     metadata:       labels:         app.kubernetes.io/component: controller         app.kubernetes.io/name: mongodb-enterprise-operator-multi-cluster         app.kubernetes.io/instance: mongodb-enterprise-operator-multi-cluster     spec:       serviceAccountName: mongodb-enterprise-operator-multi-cluster       securityContext:         runAsNonRoot: true         runAsUser: 2000       containers:         - name: mongodb-enterprise-operator-multi-cluster           image: "quay.io/mongodb/mongodb-enterprise-operator-ubi:1.32.0"           imagePullPolicy: Always           args:             - -watch-resource=mongodb             - -watch-resource=opsmanagers             - -watch-resource=mongodbusers             - -watch-resource=mongodbmulticluster           command:             - /usr/local/bin/mongodb-enterprise-operator           volumeMounts:             - mountPath: /etc/config/kubeconfig               name: kube-config-volume           resources:             limits:               cpu: 1100m               memory: 1Gi             requests:               cpu: 500m               memory: 200Mi           env:             - name: OPERATOR_ENV               value: dev             - name: MDB_DEFAULT_ARCHITECTURE               value: static             - name: NAMESPACE               valueFrom:                 fieldRef:                   fieldPath: metadata.namespace             - name: WATCH_NAMESPACE               value: "mongodb-om,mongodb"             - name: MDB_OPERATOR_TELEMETRY_COLLECTION_FREQUENCY               value: "1h"             - name: MDB_OPERATOR_TELEMETRY_SEND_FREQUENCY               value: "168h"             - name: CLUSTER_CLIENT_TIMEOUT               value: "10"             - name: IMAGE_PULL_POLICY               value: Always             # Database             - name: MONGODB_ENTERPRISE_DATABASE_IMAGE               value: quay.io/mongodb/mongodb-enterprise-database-ubi             - name: INIT_DATABASE_IMAGE_REPOSITORY               value: quay.io/mongodb/mongodb-enterprise-init-database-ubi             - name: INIT_DATABASE_VERSION               value: 1.32.0             - name: DATABASE_VERSION               value: 1.32.0             # Ops Manager             - name: OPS_MANAGER_IMAGE_REPOSITORY               value: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi             - name: INIT_OPS_MANAGER_IMAGE_REPOSITORY               value: quay.io/mongodb/mongodb-enterprise-init-ops-manager-ubi             - name: INIT_OPS_MANAGER_VERSION               value: 1.32.0             # AppDB             - name: INIT_APPDB_IMAGE_REPOSITORY               value: quay.io/mongodb/mongodb-enterprise-init-appdb-ubi             - name: INIT_APPDB_VERSION               value: 1.32.0             - name: OPS_MANAGER_IMAGE_PULL_POLICY               value: Always             - name: AGENT_IMAGE               value: "quay.io/mongodb/mongodb-agent-ubi:108.0.2.8729-1"             - name: MDB_AGENT_IMAGE_REPOSITORY               value: "quay.io/mongodb/mongodb-agent-ubi"             - name: MONGODB_IMAGE               value: mongodb-enterprise-server             - name: MONGODB_REPO_URL               value: quay.io/mongodb             - name: MDB_IMAGE_TYPE               value: "ubi9"             - name: PERFORM_FAILOVER               value: 'true'             - name: MDB_MAX_CONCURRENT_RECONCILES               value: "1"       volumes:         - name: kube-config-volume           secret:             defaultMode: 420             secretName: mongodb-enterprise-operator-multi-cluster-kubeconfig 
Check the status of your MongoDB Kubernetes Operator.
1 kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OPERATOR_NAMESPACE}" rollout status deployment/mongodb-enterprise-operator-multi-cluster 2 echo "Operator deployment in ${OPERATOR_NAMESPACE} namespace" 3 kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OPERATOR_NAMESPACE}" get deployments 4 echo; echo "Operator pod in ${OPERATOR_NAMESPACE} namespace" 5 kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OPERATOR_NAMESPACE}" get pods 
Waiting for deployment "mongodb-enterprise-operator-multi-cluster" rollout to finish: 0 of 1 updated replicas are available... deployment "mongodb-enterprise-operator-multi-cluster" successfully rolled out Operator deployment in mongodb-operator namespace NAME                                        READY   UP-TO-DATE   AVAILABLE   AGE mongodb-enterprise-operator-multi-cluster   1/1     1            1           9s Operator pod in mongodb-operator namespace NAME                                                         READY   STATUS    RESTARTS     AGE mongodb-enterprise-operator-multi-cluster-786c8fcd9b-9k465   2/2     Running   1 (3s ago)   10s