MongoDB Search and Vector Search Settings

Example Resource Specification

The following example shows the settings inside the spec object for MongoDB Search and Vector Search deployment. To learn more about these settings, see the Required Settings and Optional Settings.

1
spec:
2
  source:
3
    mongodbResourceRef: 
4
      name: mdb
5
    external: 
6
      hostAndPorts:
7
        - mdb-rs-external-0.example.com:27017
8
        - mdb-rs-external-1.example.com:27017
9
        - mdb-rs-external-2.example.com:27017
10
      keyfileSecretRef:
11
        name: mdbc-rs-keyfile
12
        key: keyfile
13
      tls:
14
        ca:
15
          name: mdbc-rs-ca            
16
    username: search-sync-source
17
    passwordSecretRef:
18
      name: mdbc-rs-search-sync-source-password
19
      key: password
20
  security:
21
    tls:
22
      certificateKeySecretRef:
23
        name: mdbs-tls-secret        
24
  resourceRequirements:
25
    limits:
26
      cpu: "3"
27
      memory: 5Gi
28
    requests:
29
      cpu: "2"
30
      memory: 3Gi

Required Settings

This section describes the settings that are required for deploying the MongoDB Search and Vector Search resource. If you define only the required settings in the Custom Resource Definition (CRD), the MongoDB Controllers for Kubernetes Operator uses the defaults for all optional settings to configure MongoDBSearch.

apiVersion

Type: string

Version of the MongoDB Kubernetes resource schema. Set the value to mongodb.com/v1.

kind

Type: string

Kind of MongoDB Kubernetes resource to create. Set this to MongoDBSearch.

metadata.namespace

Type: string

Namespace where the MongoDBSearch resource should be created. To leverage automatic configuration of MongoDBSearch and MongoDB or MongoDBCommunity resources, the MongoDBSearch resource should be created in the same namespace as the MongoDB or MongoDBCommunity resource.

metadata.name

Type: string

Unique identifier of the MongoDBSearch resource. The resource name can be a maximum of 44 characters in length.

Optional Settings

This section describes the optional settings for the MongoDB Search and Vector Search resource. If you omit the optional settings and define only the required settings in the CRD, the MongoDB Controllers for Kubernetes Operator uses the defaults for all optional settings to configure MongoDBSearch.

spec.source

Type: object

Setting that describes the MongoDB source replica set for mongot. This is required if:

• MongoDB is external

• MongoDB has a different name from MongoDBSearch

The MongoDBSearch resource must always be connected to the replica set. If you deployed the replica set using the Kubernetes Operator with MongoDB or MongoDBCommunity CRD, and if spec.source is empty, the Kubernetes Operator uses the following based on the metadata.name to look for the database in Kubernetes:

• Find MongoDB or MongoDBCommunity resources with the same name as set for metadata.name in MongoDBSearch, in the same namespace.

• Find the password secret for the mongot user from the search-sync-source-user-password secret.

spec.source.mongodbResourceRef.name

Type: string

Name of the MongoDB or MongoDBCommunity resource to associate with this MongoDB Search and Vector Search resource. You can't have more than one MongoDBSearch resource referencing the same MongoDB or MongoDBCommunity resource. If you specify a different name, you must explicitly point to the MongoDB or MongoDBCommunity where you want to enable MongoDB Search and Vector Search.

Use this field only if your MongoDB or MongoDBCommunity resource is deployed in the same Kubernetes cluster and is in the same namespace as your MongoDBSearch resource. Setting this field allows the Kubernetes Operator to automatically:

• Set proper connection strings to the database.

• Reconfigure MongoDB database deployments by setting necessary parameters to enable search functionality and configure the addresses of the search pods.

If your database is deployed outside of Kubernetes or is in a different namespace, use spec.external to configure connection to the database. This field is mutually exclusive with spec.external.

If omitted, the Kubernetes Operator will look for MongoDB or MongoDBCommunity resource with the same name as this MongoDBSearch resource.

spec.source.external

Type: object

Settings that describe the external data source. This object describes the settings for the MongoDB Search and Vector Search resource to connect to an external MongoDB. These settings should be specified only if you want to connect to an external MongoDB that wasn't deployed using the Kubernetes Operator. If specified, these settings override settings for spec.source.mongodbResourceRef.name. If you used the Kubernetes Operator to install MongoDB in the same cluster, these settings are optional.

spec.source.external.hostAndPorts

Type: array of strings

List of hostnames and ports of the external replica set. This is a host seed list to the MongoDB replica set. The mongot connects to the database in a replica set mode and gets the list of all other nodes using db.hello().

Example

hostAndPorts:
  - mdbc-rs-0.my-external-domain.example.com:27017
  - mdbc-rs-1.my-external-domain.example.com:27017
  - mdbc-rs-2.my-external-domain.example.com:27017

spec.source.external.keyfileSecretRef

Type: object

Reference to the Kubernetes secret that contains the keyfile for internal cluster authentication.

spec.source.external.keyfileSecretRef.name

Type: string

Name of keyfile used to authenticate mongod to mongot. The specified secret name must contain the same keyfile that is used by the MongoDB replica set members for internal communication.

spec.source.external.keyfileSecretRef.key

Type: string

Contents of the keyfile as string.

Tip

You can find keyfile in the auth.key field of the automation config for your Cloud Manager or Ops Manager instance.

spec.source.external.tls

Type: object

TLS Settings that mongot must use when connecting to the external MongoDB database.

spec.source.external.tls.ca.name

Type: string

Name of the Secret containing the trusted chain of the certificate authorities that issued the TLS certificate used by the mongod nodes.

Example

spec:
  source:
    external:
      tls:
        ca:
          name: trusted-ca

The certificate (or certificates if this is a chain of trusted CA certificates) must be specified under ca.crt key in this Secret.

Example

name: Secret
apiVersion: v1
metadata:
  name: trusted-ca
data:
  ca.crt: |
    -----BEGIN CERTIFICATE-----
    MIIDBTCCAe2gAwIBAgIIH3EOUAGAsx0wDQYJKoZIhvcNAQELBQAwFTETMBEGA1UE
    [...]
    U/4rN8Ias/FONYFRtGfs9uXHmo2MP04BF+9ED2dlbNDUbat+6XCozLJj98nI4VEi
    qaV3JrVFHTgN
    -----END CERTIFICATE-----

spec.source.username

Type: string

Username to use to authenticate mongot with mongod. The specified user must have the searchCoordinator role. If omitted, the Kubernetes Operator assumes the username is search-sync-source.

spec.source.passwordSecretRef

Type: object

Reference to a secret containing MongoDB Search's user password.

spec.source.passwordSecretRef.name

Type: string

Name of the secret that contains the password that mongot must use to authenticate with mongod. If omitted, defaults to <MongoDBSearch.metadata.name>-search-sync-source-password.

spec.source.passwordSecretRef.key

Type: string

Key under which the password value is stored in the secret. If omitted, defaults to password.

spec.security

Type: object

Security settings for mongot listen server.

spec.security.tls

Type: object

TLS settings for mongot. If omitted, mongot won't use TLS for incoming connections.

spec.security.tls.certificateKeySecretRef.name

Type: string

Name of a TLS secret in the same namespace containing private key (tls.key) and the certificate (tls.crt). The secret can be of type kubernetes.io/tls (that is issued by cert-manager) or can be created manually. This is required for enabling TLS in mongot.

spec.resourceRequirements

Type: core/v1/ResourceRequirements

CPU and memory that the mongodb-search container can request and be limited to. We recommend using this field to customize resource allocations instead of overriding it with spec.statefulSet.

If omitted, the Kubernetes Operator uses the following default values:

requests:
  cpu: 2
  memory: 2G

spec.resourceRequirements.limits

Type: object

Upper cap on the resource, CPU and memory, that the mongodb-search container can consume. By default, there are no limits set. If omitted, the pod isn't restricted and so, might use all the resources on the node. We recommend setting limits based on your workload.

spec.resourceRequirements.requests

Type: object

Amount of CPU and memory requested for the mongodb-search container. If omitted, the Kubernetes Operator uses the following default values:

requests:
  cpu: 2
  memory: 2G

spec.persistence.single

Type: object

Storage configuration for MongoDB Search and Vector Search persistence volume where MongoDB Search and Vector Search indexes are stored. Each search instance (pod) has its own independent storage to maintain indexes, which isn't shared with the MongoDB database. Only index metadata (definitions) are stored in the database itself.

Scalar	Data Type	Description
labelSelector	string	Tag used to bind mounted volumes to directories.
storage	string	Minimum size of Persistent Volume that should be mounted. This value is expressed as an integer followed by a unit of storage in JEDEC notation. Default value is 16Gi. For example, if replica set requires 60 gigabytes of storage space, set this value to 60Gi.
storageClass	string	Type of storage specified in a Persistent Volume Claim. You may create this storage type as a StorageClass object before using it in this object specification. Make sure to set the StorageClass reclaimPolicy to Retain. This ensures that data is retained when a Persistent Volume Claim is removed.

MongoDBSearch supports only single persistence field. If omitted, the Kubernetes Operator sets spec.persistence.single.storage to 10GB.

spec.version

Type: string

Version of mongodb-search docker image. If omitted, the Kubernetes Operator automatically chooses the newest version of MongoDBSearch. You can set it explicitly to prevent automatic upgrades when the Kubernetes Operator version is upgraded.

spec.statefulSet

Type: apps/v1/StatefulSet

Specification for the StatefulSet, created for deploying mongot pods, that overwrites the settings that the Kubernetes Operator applies. The overrides are always applied last. Supports both the spec.statefulSet.spec and spec.statefulSet.metadata fields.

Note

Don't set resource requirements or persistence settings using spec.statefulSet. Instead, use the spec.resourceRequirements and spec.persistence fields respectively.