You were redirected from a different version of the documentation. Click here to go back.

Configure Kubernetes for Deploying MongoDB Resource

You can use the Kubernetes Operator to deploy MongoDB resources such as a replica set, a sharded cluster, or a standalone instance using an object. Ops Manager can generate the YAML files you need to configure your Kubernetes environment for deploying a MongoDB Database resource.

To generate the YAML files:

Verify Permissions

You must have one of the following roles to access the Ops Manager UI for setting up Kubernetes:

Set Up Kubernetes for a MongoDB Resource

The MongoDB Enterprise Kubernetes Operator requires a Kubernetes ConfigMap to create or link your Ops Manager project.

Using the Kubernetes ConfigMap, you can either connect to a HTTPS-enabled Ops Manager that is using a custom CA or link to a Ops Manager project that isn’t using a custom CA.

You can use the Ops Manager Kubernetes Setup page to automatically generate the ConfigMap. The generated YAML file for the ConfigMap looks similar to the following:

apiVersion: v1
kind: ConfigMap
  name: my-project
  namespace: mongodb

  # Optional Parameters
  # projectName: <your-project-name>

  orgId: <your-org-id>

  sslMMSCAConfigMap: <root-ca-configmap-name>
  sslRequireValidMMSServerCertificates: ‘true’

You need to store your Programmatic API Key as a Kubernetes secret to create or update Kubernetes objects in your Ops Manager project. A Kubernetes secret stores authentication credentials so only Kubernetes can access them.

apiVersion: v1
kind: Secret
  name: organization-secret
  namespace: mongodb
  user: <private-key>
  publicApiKey: <public-api-key>

Setting up Template files and Configuration Parameters

To generate the YAML files, you must do the following:


Create a secret file with your API keys.

Create a YAML file that contains your Programmatic API Key in the /mongodb-ops-manager/ folder.


Configure the Ops Manager settings for Kubernetes.

In your server’s file, configure the following settings:

  • kubernetes.templates.credentialsFilePath
  • kubernetes.templates.projectFilePath

To learn more about these settings, see Kubernetes Setup.

Generating the YAML Files

To setup Kubernetes for a MongoDB resource:


In the Kubernetes Setup page, toggle the switch for Configure HTTPS-enabled Ops Manager Using a Custom CA from OFF to ON to generate a ConfigMap for HTTPS-enabled Ops Manager that is using a custom CA.


In the CA ConfigMap Name field, enter the name of your ConfigMap containing the root CA certificate in the same namespace as your database pods.


Optional: Select the Require Valid Server Certificate checkbox to force the MongoDB Enterprise Kubernetes Operator to require a valid TLS certificate from Ops Manager.


Specify the API keys for accessing your Ops Manager project.

  • Click Create New API Keys to generate new API keys.
  • Click Use Existing API Keys to specify your existing public and private keys.

Enter the IP addresses to add to your Ops Manager project’s IP access list to grant programmatic access from your Kubernetes environment.

If you disabled the mms.publicApi.whitelistEnabled setting in your Ops Manager configuration, the Access List Entry field is not visible in the UI.


Generate ConfigMap and Kubernetes secret YAML files.

To generate the ConfigMap and Kubernetes secret YAML files:

  • Click Generate Key and YAML if you are generating new API keys.
  • Click Generate YAML if you are using existing API keys.

Follow the steps in the Generated ConfigMap and Secret YAML file modal to apply the generated ConfigMap and Kubernetes secret YAML files to your Kubernetes environment.