Helm Charts Quick Start
On this page
- Prerequisites
- Procedure
- Register for an Atlas account or log in.
- Create API keys for your organization.
- Deploy Atlas Kubernetes Operator.
- Deploy the Atlas database deployment.
- Check the status of your database user.
- Retrieve the secret that Atlas Kubernetes Operator created to connect to the database deployment.
You can use Atlas Kubernetes Operator to manage resources in Atlas without leaving Kubernetes. This tutorial demonstrates how to create your first cluster in Atlas from Helm Charts with Atlas Kubernetes Operator.
Note
Would you prefer to start without Helm?
To create your first cluster in Atlas from Kubernetes configuration files with Atlas Kubernetes Operator, see Quick Start.
Prerequisites
This tutorial requires:
A running Kubernetes cluster with nodes running processors with the x86-64, AMD64, or ARM64 architecture.
You can access the Atlas Kubernetes Operator project on GitHub:
Procedure
Important
Custom Resources No Longer Delete Objects by Default
Atlas Kubernetes Operator uses custom resource configuration
files to manage your Atlas configuration, but as of Atlas Kubernetes Operator 2.0,
custom resources you delete in Kubernetes are no longer deleted in
Atlas. Instead, Atlas Kubernetes Operator simply stops managing those resources.
For example, if you delete an AtlasProject
Custom Resource
in Kubernetes, Atlas Kubernetes Operator no longer automatically deletes the corresponding project
from Atlas, preventing accidental or unexpected deletions. To learn more,
including how to revert this behavior to
the default used prior to Atlas Kubernetes Operator 2.0, see New Default: Deletion Protection in Atlas Kubernetes Operator 2.0.
Register for an Atlas account or log in.
Register a new Atlas Account or Log in to Your Atlas Account.
Create API keys for your organization.
Note
You need the following public API key, private API key, and the organization ID information to configure Atlas Kubernetes Operator access to Atlas.
Create an API (Application Programming Interface) Key in an Organization and configure the API Access List.
You need the following public API key, private API key, and the organization ID information to configure Atlas Kubernetes Operator access to Atlas.
If you want Atlas Kubernetes Operator to create a new Atlas project, Create an API (Application Programming Interface) Key in an Organization. If your organization requires an IP access list for the Atlas Administration API, you must also configure the API access list.
Important
You must assign the API key the Organization Project Creator organization role or higher.
If you want to work with an existing Atlas project, Create an API (Application Programming Interface) Key for a Project. If your organization requires an IP access list for the Atlas Administration API, you must also configure the API access list.
Important
You must assign the API key the Project Owner project role.
Deploy Atlas Kubernetes Operator.
Run one of the following sets of commands:
If you want Atlas Kubernetes Operator to watch all namespaces in the Kubernetes cluster, run the following commands:
helm repo add mongodb https://mongodb.github.io/helm-charts helm install atlas-operator --namespace=atlas-operator --create-namespace mongodb/mongodb-atlas-operator If you want Atlas Kubernetes Operator to watch only its own namespace, set the
--watchNamespaces
flag to its own namespace, and run the following command:Note
helm install atlas-operator --namespace=atlas-operator --set watchNamespaces=atlas-operator --create-namespace mongodb/mongodb-atlas-operator
Deploy the Atlas database deployment.
Customize the Atlas project and its database users.
Create a file named
install-values.yaml
and paste the following example code, which does the following:Sets the project name to
My Project
.Allows all IP addresses (0.0.0.0) to access the project.
Creates a database user named
dbadmin
that has thedbAdmin
role.Creates a database user named
dbuser
that has thereadWrite
role.
project: # Project custom values atlasProjectName: "My Project" projectIpAccessList: - cidrBlock: "0.0.0.0/0" users: # Custom database users - username: dbadmin databaseName: admin roles: - databaseName: admin-role roleName: dbAdmin - username: dbuser databaseName: admin roles: - databaseName: user-role roleName: readWrite Run the following command.
The
--set
and--values
flags in the following command override theValues.yaml
file values and default Helm Charts values with your organization ID, API keys, and Atlas project configuration.Note
mongodb/atlas-deployment
references the name of a chart in the repository.helm install atlas-deployment \ mongodb/atlas-deployment \ --namespace=my-cluster \ --create-namespace \ --set atlas.secret.orgId='<orgid>' \ --set atlas.secret.publicApiKey='<publicKey>' \ --set atlas.secret.privateApiKey='<privateApiKey>' \ --values install-values.yaml To learn more about the available parameters, see
AtlasDeployment
Custom Resource.To create a serverless instance, see the serverless instance example.
Check the status of your database user.
Run the following command to wait for the dbadmin
database user to become ready:
kubectl wait --for=condition=ready --timeout=10m -n my-cluster atlasdatabaseusers/atlas-deployment-dbadmin
Note
The AtlasDatabaseUser
Custom Resource waits until the
database deployment is ready. Creating a new
database deployment can take up to 10 minutes.
Retrieve the secret that Atlas Kubernetes Operator created to connect to the database deployment.
Important
The following command requires jq
1.6 or higher.
Run the following command to retrieve the connection string
and password for the dbadmin
database user. Your connection
strings will differ from the example output.
kubectl get secret -n my-cluster my-project-cluster-name-dbadmin -ojson | jq -r '.data | with_entries(.value |= @base64d)';
{ "connectionStringStandard": "mongodb://admin-user:%25SomeLong%25password$foradmin@atlas-cluster-shard-00-00.nlrvs.mongodb.net:27017,atlas-cluster-shard-00-01.nlrvs.mongodb.net:27017,atlas-cluster-shard-00-02.nlrvs.mongodb.net:27017/?ssl=true&authSource=admin&replicaSet=atlas-11q9bn-shard-0", "connectionStringStandardSrv": "mongodb+srv://admin-user:%25SomeLong%25password$foradmin@atlas-cluster.nlrvs.mongodb.net", "password": "%SomeLong%password$foradmin", "username": "dbadmin" }
You can use the following secret in your application:
containers: - name: test-app env: - name: "CONNECTION_STRING" valueFrom: secretKeyRef: name: my-project-cluster-name-dbadmin key: connectionStringStandardSrv