The MongoDBCommunity custom resource lets you deploy and manage
MongoDB Community Edition replica sets in Kubernetes. The Kubernetes Operator
uses this resource to create statefulSets, services, and other
Kubernetes resources required to run MongoDB Community deployments.
To learn more, see the MongoDB Community Operator documentation.
Example
The following example shows a resource specification for a
MongoDBCommunity custom resource:
1 apiVersion: mongodbcommunity.mongodb.com/v1 2 kind: MongoDBCommunity 3 metadata: 4 name: my-mongodb-community 5 spec: 6 version: "8.0.0" 7 type: ReplicaSet 8 members: 3 9 security: 10 tls: 11 enabled: true 12 certificateKeySecretRef: 13 name: mongodb-tls-cert 14 caConfigMapRef: 15 name: mongodb-ca 16 authentication: 17 ignoreUnknownUsers: true 18 modes: 19 - SCRAM 20 agent: 21 logLevel: DEBUG 22 statefulSet: 23 spec: 24 template: 25 spec: 26 containers: 27 - name: mongod 28 resources: 29 limits: 30 cpu: "2" 31 memory: 2Gi 32 requests: 33 cpu: "1" 34 memory: 1Gi 35 - name: mongodb-agent 36 resources: 37 limits: 38 cpu: "1" 39 memory: 2Gi 40 requests: 41 cpu: "0.5" 42 memory: 1Gi 43 users: 44 - name: mdb-admin 45 db: admin 46 passwordSecretRef: 47 name: mdb-admin-user-password 48 scramCredentialsSecretName: mdb-admin-user 49 roles: 50 - name: root 51 db: admin
Required MongoDBCommunity Resource Settings
This section describes settings that you must use for all
MongoDBCommunity resources.
apiVersionType: string
Version of the MongoDB Kubernetes resource schema. Set the value to
mongodbcommunity.mongodb.com/v1.
kindType: string
Kind of MongoDB Kubernetes resource to create. Set this to
MongoDBCommunity.
metadata.nameType: string
Human-readable name so you can identify this particular
MongoDBCommunityresource.Resource names must be 44 characters or less.
spec.versionType: string
Version of MongoDB Community to deploy. For example,
"8.0.0".
spec.typeType: string
Type of MongoDB deployment to create. The accepted value is
ReplicaSet.
spec.membersType: integer
Number of replica set members. This determines how many
mongodpods the Kubernetes Operator creates in the StatefulSet.
Optional MongoDBCommunity Resource Settings
The MongoDBCommunity custom resource can use the following settings:
Security Settings
spec.securityType: object
Security configuration for the
MongoDBCommunityresource. Contains TLS and authentication settings.
spec.security.tlsType: object
TLS settings for the MongoDB deployment.
spec.security.tls.enabledType: boolean
Flag to enable or disable TLS for the MongoDB deployment. Set to
trueto enable TLS-encrypted connections.
spec.security.tls.certificateKeySecretRef.nameType: string
Name of the Kubernetes secret that contains the TLS server certificate and private key for the MongoDB deployment.
spec.security.tls.caConfigMapRef.nameType: string
Name of the Kubernetes ConfigMap that contains the Certificate Authority (CA) certificate used to verify TLS connections.
spec.security.authenticationType: object
Authentication configuration for the MongoDB deployment.
spec.security.authentication.modesType: array of strings
List of authentication mechanisms to enable on the MongoDB deployment. Accepted values include:
SCRAM
spec.security.authentication.ignoreUnknownUsersType: boolean
If
true, the Kubernetes Operator doesn't report an error for users that exist in the MongoDB deployment but are not defined in theMongoDBCommunityresource specification.Default:
false.
Agent Settings
spec.agentType: object
Configuration settings for the MongoDB Agent.
spec.agent.logLevelType: string
Verbosity level of the MongoDB Agent logs. Accepted values include:
DEBUGINFOWARNERROR
StatefulSet Settings
spec.statefulSetType: object
Specification for the StatefulSet created by the Kubernetes Operator for your
MongoDBCommunityresource. Use this to override default container resource requests and limits.
spec.statefulSet.specType: object
StatefulSet specification that the Kubernetes Operator merges with generated defaults. Follows the standard Kubernetes StatefulSet spec.
spec.statefulSet.spec.template.spec.containersType: array of objects
List of container overrides. You can override resource requests and limits for the following containers:
mongod— The MongoDB database container.mongodb-agent— The MongoDB Agent sidecar container.
containers: - name: mongod resources: limits: cpu: "2" memory: 2Gi requests: cpu: "1" memory: 1Gi - name: mongodb-agent resources: limits: cpu: "1" memory: 2Gi requests: cpu: "0.5" memory: 1Gi
User Settings
spec.usersType: array of objects
List of MongoDB database users to create for this deployment. Each user object defines the credentials and roles for a database user.
spec.users[*].nameType: string
Username for the MongoDB database user.
spec.users[*].dbType: string
Authentication database for the user. The default is
admin.
spec.users[*].passwordSecretRef.nameType: string
Name of the Kubernetes secret that contains the password for this database user.
spec.users[*].scramCredentialsSecretNameType: string
Name of the secret where the Kubernetes Operator stores the generated SCRAM credentials for this user.
spec.users[*].rolesType: array of objects
List of roles to assign to this database user.
spec.users[*].roles[*].nameType: string
Name of the role to assign. For example,
root,readWrite,readAnyDatabase, orsearchCoordinator.
spec.users[*].roles[*].dbType: string
Database on which the role applies. For example,
admin.
Integration with MongoDBSearch
You can deploy MongoDB Search and Vector Search alongside a
MongoDBCommunity resource using the MongoDBSearch CRD.
To enable search functionality, create a search-sync-source user
with the searchCoordinator role:
users: - name: search-sync-source db: admin passwordSecretRef: name: my-resource-search-sync-source-password scramCredentialsSecretName: my-resource-search-sync-source roles: - name: searchCoordinator db: admin
Note
For MongoDB 8.2 and later, searchCoordinator is a built-in role.
For earlier versions, the Kubernetes Operator creates the
searchCoordinator custom role automatically.
To learn more, see Deploy MongoDB Search and Vector Search.