Custom Resource options¶

The operator is configured via the spec section of the deploy/cr.yaml file.

`metadata`¶

The metadata part of this file contains the following keys:

name (my-cluster-name by default) sets the name of your Percona Server for MongoDB Cluster; it should include only URL-compatible characters , not exceed 22 characters, start with an alphabetic character, and end with an alphanumeric character
finalizers subsection:
- percona.com/delete-psmdb-pods-in-order if present, activates the Finalizer which controls the proper Pods deletion order in case of the cluster deletion event (on by default)
- percona.com/delete-psmdb-pvc if present, activates the Finalizer which deletes appropriate Persistent Volume Claims after the cluster deletion event (off by default)
- percona.com/delete-pitr-chunks if present, activates the Finalizer which deletes all point-in-time recovery chunks from the cloud storage on cluster deletion (off by default)

Toplevel `spec` elements¶

The spec part of the deploy/cr.yaml file contains the following keys and sections:

`platform`¶

Override/set the Kubernetes platform: kubernetes or openshift.

Value type	Example
string	`kubernetes`

`pause`¶

Pause/resume: setting it to true gracefully stops the cluster, and setting it to false after shut down starts the cluster back.

Value type	Example
boolean	`false`

`unmanaged`¶

Setting it to true instructs the Operator to run the cluster in unmanaged state - the Operator does not form replica sets, and does not generate TLS certificates or user credentials. This can be useful for migration scenarios and for cross-site replication.

Value type	Example
boolean	`false`

`enableVolumeExpansion`¶

Enables or disables automatic storage scaling / volume expansion.

Value type	Example
boolean	`false`

`crVersion`¶

Version of the Operator the Custom Resource belongs to.

Value type	Example
string	`1.19.1`

`image`¶

The Docker image of Percona Server for MongoDB to deploy (actual image names can be found in the list of certified images).

Value type	Example
string	`percona/percona`-`server`-`mongodb:6.0.18-15`

`imagePullPolicy`¶

The policy used to update images .

Value type	Example
string	`Always`

`imagePullSecrets.name`¶

The Kubernetes ImagePullSecret to access the custom registry.

Value type	Example
string	`private`-`registry`-`credentials`

`initImage`¶

An alternative image for the initial Operator installation.

Value type	Example
string	`percona/percona-server-mongodb-operator:1.19.1`

`initContainerSecurityContext`¶

A custom Kubernetes Security Context for a Container for the initImage (image, which can be used instead of the default one while the initial Operator installation).

Value type	Example
subdoc	`{}`

`ClusterServiceDNSSuffix`¶

The (non-standard) cluster domain to be used as a suffix of the Service name.

Value type	Example
string	`svc.cluster.local`

`clusterServiceDNSMode`¶

Can be internal (local fully-qualified domain names will be used in replset configuration even if the replset is exposed - the default value), external (exposed MongoDB instances will use ClusterIP addresses, should be applied with caution) or ServiceMesh (use a special FQDN based on the Pod name). Being set, ServiceMesh value suprecedes multiCluster settings, and therefore these two modes cannot be combined together.

Value type	Example
string	`Internal`

`allowUnsafeConfigurations`¶

Prevents users from configuring a cluster with unsafe parameters: starting it with less than 3 replica set instances, with an even number of replica set instances without additional arbiter, or without TLS/SSL certificates, or running a sharded cluster with less than 3 config server Pods or less than 2 mongos Pods (if false, the Operator will automatically change unsafe parameters to safe defaults). After switching to unsafe configurations permissive mode you will not be able to switch the cluster back by setting spec.allowUnsafeConfigurations key to false, the flag will be ignored. This option is deprecated and will be removed in future releases. Use unsafeFlags subsection instead

Value type	Example
boolean	`false`

`updateStrategy`¶

A strategy the Operator uses for upgrades. Possible values are SmartUpdate, RollingUpdate and OnDelete .

Value type	Example
string	`SmartUpdate`

`ignoreAnnotations`¶

The list of annotations to be ignored by the Operator.

Value type	Example
subdoc	`service.beta.kubernetes.io/aws-load-balancer-backend-protocol`

`ignoreLabels`¶

The list of labels to be ignored by the Operator.

Value type	Example
subdoc	`rack`

`multiCluster.enabled`¶

Multi-cluster Services (MCS): setting it to true enables MCS cluster mode .

Value type	Example
boolean	`false`

`multiCluster.DNSSuffix`¶

The cluster domain to be used as a suffix for multi-cluster Services used by Kubernetes (svc.clusterset.local by default ).

Value type	Example
string	`svc.clusterset.local`

Unsafe flags section¶

The unsafeFlags section in the deploy/cr.yaml file contains various configuration options to prevent users from configuring a cluster with unsafe parameters. After switching to unsafe configurations permissive mode you will not be able to switch the cluster back by setting same keys to false, the flags will be ignored.

`unsafeFlags.tls`¶

Prevents users from configuring a cluster without TLS/SSL certificates (if false, the Operator will automatically change unsafe parameters to safe defaults).

Value type	Example
boolean	`false`

`unsafeFlags.replsetSize`¶

Prevents users from configuring a cluster with unsafe parameters: starting it with less than 3 replica set instances or with an even number of replica set instances without additional arbiter (if false, the Operator will automatically change unsafe parameters to safe defaults).

Value type	Example
boolean	`false`

`unsafeFlags.mongosSize`¶

Prevents users from configuring a sharded cluster with less than 3 config server Pods or less than 2 mongos Pods (if false, the Operator will automatically change unsafe parameters to safe defaults).

Value type	Example
boolean	`false`

`unsafeFlags.terminationGracePeriod`¶

Prevents users from configuring a sharded cluster without termination grace period for replica set, config servers and mongos Pods.

Value type	Example
boolean	`false`

`unsafeFlags.backupIfUnhealthy`¶

Prevents running backup on a cluster with failed health checks .

Value type	Example
boolean	`false`

TLS (extended cert-manager configuration section)¶

The tls section in the deploy/cr.yaml file contains various configuration options for additional customization of the Transport Layer Security.

`tls.mode`¶

Controls if the TLS encryption should be used and/or enforced. Can be disabled, allowTLS, preferTLS, or requireTLS. If set to disabled, it also requires setting unsafeFlags.tls option totrue`.

Value type	Example
string	`preferTLS`

`tls.certValidityDuration`¶

The validity duration of the external certificate for cert manager (90 days by default). This value is used only at cluster creation time and can’t be changed for existing clusters.

Value type	Example
string	`2160h`

`tls.allowInvalidCertificates`¶

If true, the mongo shell will not attempt to validate the server certificates. Should be true (default variant) to use self-signed certificates generated by the Operator when there is no cert-manager.

Value type	Example
boolean	`true`

‘tls.issuerConf.name’¶

A cert-manager issuer name .

Value type	Example
string	`special-selfsigned-issuer`

‘tls.issuerConf.kind’¶

A cert-manager issuer type .

‘tls.issuerConf.group’¶

A cert-manager issuer group . Should be cert-manager.io for built-in cert-manager certificate issuers.

Value type	Example
string	`cert-manager.io`

Upgrade Options Section¶

The upgradeOptions section in the deploy/cr.yaml file contains various configuration options to control Percona Server for MongoDB upgrades.

`upgradeOptions.versionServiceEndpoint`¶

The Version Service URL used to check versions compatibility for upgrade.

Value type	Example
string	`https://check.percona.com`

`upgradeOptions.apply`¶

Specifies how updates are processed by the Operator. Never or Disabled will completely disable automatic upgrades, otherwise it can be set to Latest or Recommended or to a specific version stringof Percona Server for MongoDB (e.g. 6.0.18-15) that is wished to be version-locked (so that the user can control the version running, but use automatic upgrades to move between them).

Value type	Example
string	`disabled`

`upgradeOptions.schedule`¶

Scheduled time to check for updates, specified in the crontab format .

Value type	Example
string	`0 2 \* \* \*`

`upgradeOptions.setFCV`¶

If enabled, FeatureCompatibilityVersion (FCV) will be set to match the version during major version upgrade.

Value type	Example
boolean	`false`

Secrets section¶

Each spec in its turn may contain some key-value pairs. The secrets one has only two of them:

`secrets.keyFile`¶

The secret name for the MongoDB Internal Auth Key file . This secret is auto-created by the operator if it doesn’t exist.

Value type	Example
string	`my-cluster-name-mongodb-keyfile`

`secrets.users`¶

The name of the Secrets object for the MongoDB users required to run the operator.

Value type	Example
string	`my-cluster-name-secrets`

`secrets.sse`¶

The name of the Secrets object for server side encryption credentials

Value type	Example
string	`my-cluster-name-sse`

`secrets.ssl`¶

A secret with TLS certificate generated for external communications, see Transport Layer Security (TLS) for details.

Value type	Example
string	`my-custom-ssl`

`secrets.sslInternal`¶

A secret with TLS certificate generated for internal communications, see Transport Layer Security (TLS) for details.

Value type	Example
string	`my-custom-ssl-internal`

`secrets.encryptionKey`¶

Specifies a secret object with the encryption key .

Value type	Example
string	`my-cluster-name-mongodb-encryption-key`

`secrets.vault`¶

Specifies a secret object to provide integration with HashiCorp Vault.

Value type	Example
string	`my-cluster-name-vault`

`secrets.ldapSecret`¶

Specifies a secret object for LDAP over TLS connection between MongoDB and OpenLDAP server.

Value type	Example
string	`my-ldap-secret`

Replsets Section¶

The replsets section controls the MongoDB Replica Set.

`replsets.name`¶

The name of the MongoDB Replica Set .

Value type	Example
string	`rs 0`

`replsets.size`¶

The size of the MongoDB Replica Set, must be >= 3 for High-Availability .

Value type	Example
int	`3`

`replsets.terminationGracePeriodSeconds`¶

The amount of seconds Kubernetes will wait for a clean replica set Pods termination.

Value type	Example
int	`300`

‘replsets.serviceAccountName’¶

Name of the separate privileged service account for Replica Set Pods.

Value type	Example
string	`default`

`replsets.topologySpreadConstraints.labelSelector.matchLabels`¶

The label selector for the Kubernetes Pod Topology Spread Constraints .

Value type	Example
label	`app.kubernetes.io/name: percona-server-mongodb`

`replsets.topologySpreadConstraints.maxSkew`¶

The degree to which Pods may be unevenly distributed under the Kubernetes Pod Topology Spread Constraints .

Value type	Example
int	`1`

`replsets.topologySpreadConstraints.topologyKey`¶

The key of node labels for the Kubernetes Pod Topology Spread Constraints .

Value type	Example
string	`kubernetes.io/hostname`

`replsets.topologySpreadConstraints.whenUnsatisfiable`¶

What to do with a Pod if it doesn’t satisfy the Kubernetes Pod Topology Spread Constraints .

Value type	Example
string	`DoNotSchedule`

`replsets.replsetOverrides.MEMBER-NAME.host`¶

Use if you need to override the replica set members FQDNs with custom host names. Each key (MEMBER-NAME) under replsetOverrides should be name of a Pod. The Operator won’t perform any validation for hostnames, so it’s the user’s responsibility to ensure connectivity.

Value type	Example
string	`my-cluster-name-rs0-0.example.net:27017`

`replsets.replsetOverrides.MEMBER-NAME.priority`¶

Use if you need to override the replica set members priorities .

Value type	Example
int	`3`

`replsets.replsetOverrides.MEMBER-NAME.tags`¶

Optional custom tags which can be added to the replset members to make their identication easier.

Value type	Example
label	`key: value-0`

`replsets.externalNodes.host`¶

The URL or IP address of the external replset instance.

Value type	Example
string	`34.124.76.90`

`replsets.externalNodes.port`¶

The port number of the external replset instance.

Value type	Example
string	`27017`

`replsets.externalNodes.votes`¶

The number of votes of the external replset instance.

Value type	Example
string	`0`

`replsets.externalNodes.priority`¶

The priority of the external replset instance.

Value type	Example
string	`0`

`replsets.configuration`¶

Custom configuration options for mongod. Please refer to the official manual for the full list of options, and specific Percona Server for MongoDB docs .

Value type

Example

subdoc

|
operationProfiling:
  mode: slowOp
systemLog:
  verbosity: 1
storage:
  engine: wiredTiger
  wiredTiger:
    engineConfig:
      directoryForIndexes: false
      journalCompressor: snappy
    collectionConfig:
      blockCompressor: snappy
    indexConfig:
      prefixCompression: true

`replsets.affinity.antiAffinityTopologyKey`¶

The Kubernetes topologyKey node affinity constraint for the Replica Set nodes.

Value type	Example
string	`kubernetes.io/hostname`

`replsets.affinity.advanced`¶

In cases where the pods require complex tuning the advanced option turns off the topologykey effect. This setting allows the standard Kubernetes affinity constraints of any complexity to be used.

Value type	Example
subdoc

`replsets.tolerations.key`¶

The Kubernetes Pod tolerations key for the Replica Set nodes.

Value type	Example
string	`node.alpha.kubernetes.io/unreachable`

`replsets.tolerations.operator`¶

The Kubernetes Pod tolerations operator for the Replica Set nodes.

Value type	Example
string	`Exists`

`replsets.tolerations.effect`¶

The Kubernetes Pod tolerations effect for the Replica Set nodes.

Value type	Example
string	`NoExecute`

`replsets.tolerations.tolerationSeconds`¶

The Kubernetes Pod tolerations time limit for the Replica Set nodes.

Value type	Example
int	`6000`

`replsets.primaryPreferTagSelector.region`¶

Ensures the MongoDB instance is selected as Primary based on specified region

Value type	Example
string	`us-west-2`

`replsets.primaryPreferTagSelector.zone`¶

Ensures the MongoDB instance is selected as Primary based on specified zone

Value type	Example
string	`us-west-2c`

`replsets.priorityClassName`¶

The Kuberentes Pod priority class for the Replica Set nodes.

Value type	Example
string	`high priority`

`replsets.annotations`¶

The Kubernetes annotations metadata for the Replica Set nodes.

Value type	Example
string	`iam.amazonaws.com/role: role-arn`

`replsets.labels`¶

The Kubernetes affinity labels for the Replica Set nodes.

Value type	Example
label	`rack: rack-22`

`replsets.nodeSelector`¶

The Kubernetes nodeSelector affinity constraint for the Replica Set nodes.

Value type	Example
label	`disktype: ssd`

`replsets.storage.engine`¶

Sets the storage.engine option https://docs.mongodb.com/manual/reference/configuration-options/#storage.engine`_ for the Replica Set nodes.

Value type	Example
string	`wiredTiger`

`replsets.storage.wiredTiger.engineConfig.cacheSizeRatio`¶

The ratio used to compute the storage.wiredTiger.engineConfig.cacheSizeGB option for the Replica Set nodes.

Value type	Example
float	`0.5`

`replsets.storage.wiredTiger.engineConfig.directoryForIndexes`¶

Sets the storage.wiredTiger.engineConfig.directoryForIndexes option for the Replica Set nodes.

Value type	Example
boolean	`false`

`replsets.storage.wiredTiger.engineConfig.journalCompressor`¶

Sets the storage.wiredTiger.engineConfig.journalCompressor option for the Replica Set nodes.

Value type	Example
string	`snappy`

`replsets.storage.wiredTiger.collectionConfig.blockCompressor`¶

Sets the storage.wiredTiger.collectionConfig.blockCompressor option for the Replica Set nodes.

Value type	Example
string	`snappy`

`replsets.storage.wiredTiger.indexConfig.prefixCompression`¶

Sets the storage.wiredTiger.indexConfig.prefixCompression option for the Replica Set nodes.

Value type	Example
boolean	`true`

`replsets.storage.inMemory.engineConfig.inMemorySizeRatio`¶

The ratio used to compute the storage.engine.inMemory.inMemorySizeGb option for the Replica Set nodes.

Value type	Example
float	`0.9`

`replsets.livenessProbe.failureThreshold`¶

Number of consecutive unsuccessful tries of the liveness probe to be undertaken before giving up.

Value type	Example
int	`4`

`replsets.livenessProbe.initialDelaySeconds`¶

Number of seconds to wait after the container start before initiating the liveness probe .

Value type	Example
int	`60`

`replsets.livenessProbe.periodSeconds`¶

How often to perform a liveness probe (in seconds).

Value type	Example
int	`30`

`replsets.livenessProbe.timeoutSeconds`¶

Number of seconds after which the liveness probe times out.

Value type	Example
int	`10`

`replsets.livenessProbe.startupDelaySeconds`¶

Time after which the liveness probe is failed if the MongoDB instance didn’t finish its full startup yet.

Value type	Example
int	`7200`

`replsets.readinessProbe.failureThreshold`¶

Number of consecutive unsuccessful tries of the readiness probe to be undertaken before giving up.

Value type	Example
int	`8`

`replsets.readinessProbe.initialDelaySeconds`¶

Number of seconds to wait after the container start before initiating the readiness probe .

Value type	Example
int	`10`

`replsets.readinessProbe.periodSeconds`¶

How often to perform a readiness probe (in seconds).

Value type	Example
int	`3`

`replsets.readinessProbe.successThreshold`¶

Minimum consecutive successes for the readiness probe to be considered successful after having failed.

Value type	Example
int	`1`

`replsets.readinessProbe.timeoutSeconds`¶

Number of seconds after which the readiness probe times out.

Value type	Example
int	`2`

‘replsets.containerSecurityContext’¶

A custom Kubernetes Security Context for a Container to be used instead of the default one.

Value type	Example
subdoc	`privileged: false`

‘replsets.podSecurityContext’¶

A custom Kubernetes Security Context for a Pod to be used instead of the default one.

Value type	Example
subdoc	runAsUser: 1001 runAsGroup: 1001 supplementalGroups: [1001]

`replsets.runtimeClassName`¶

Name of the Kubernetes Runtime Class for Replica Set Pods.

Value type	Example
string	`image-rc`

`replsets.sidecars.image`¶

Image for the custom sidecar container for Replica Set Pods.

Value type	Example
string	`busybox`

`replsets.sidecars.command`¶

Command for the custom sidecar container for Replica Set Pods.

Value type	Example
array	`["/bin/sh"]`

`replsets.sidecars.args`¶

Command arguments for the custom sidecar container for Replica Set Pods.

Value type	Example
array	`["-c", "while true; do echo echo $(date -u) 'test' >> /dev/null; sleep 5;done"]`

`replsets.sidecars.name`¶

Name of the custom sidecar container for Replica Set Pods.

Value type	Example
string	`rs-sidecar-1`

`replsets.sidecars.volumeMounts.mountPath`¶

Mount path of the custom sidecar container volume for Replica Set Pods.

Value type	Example
string	`/volume1`

`replsets.sidecars.volumeMounts.name`¶

Name of the custom sidecar container volume for Replica Set Pods.

Value type	Example
string	`sidecar-volume-claim`

`replsets.sidecarVolumes.name`¶

Name of the custom sidecar container volume for Replica Set Pods.

Value type	Example
string	`sidecar-config`

`replsets.sidecarVolumes.configMap.name`¶

Name of the ConfigMap for a custom sidecar container volume for Replica Set Pods.

Value type	Example
string	`myconfigmap`

`replsets.sidecarVolumes.secret.secretName`¶

Name of the Secret for a custom sidecar container volume for Replica Set Pods.

Value type	Example
string	`sidecar-secret`

`replsets.sidecarVolumes.nfs.server`¶

The hostname of the NFS server that will provide remote filesystem to the custom sidecar container volume for Replica Set Pods.

Value type	Example
string	`nfs-service.storage.svc.cluster.local`

`replsets.sidecarVolumes.nfs.path`¶

The path on the NFS server that will be provided as a remote filesystem to the custom sidecar container volume for Replica Set Pods.

Value type	Example
string	`/psmdb-some-name-rs0`

`replsets.sidecarPVCs`¶

Persistent Volume Claim for the custom sidecar container volume for Replica Set Pods.

Value type	Example
subdoc

`replsets.podDisruptionBudget.maxUnavailable`¶

The Kubernetes Pod distribution budget limit specifying the maximum value for unavailable Pods.

Value type	Example
int	`1`

`replsets.podDisruptionBudget.minAvailable`¶

The Kubernetes Pod distribution budget limit specifying the minimum value for available Pods.

Value type	Example
int	`1`

`replsets.splitHorizons.REPLICASET-POD-NAME.external`¶

External URI for Split-horizon for replica set Pods of the exposed cluster.

Value type	Example
string	`rs0-0.mycluster.xyz`

`replsets.splitHorizons.REPLICASET-POD-NAME.external-2`¶

External URI for Split-horizon for replica set Pods of the exposed cluster.

Value type	Example
string	`rs0-0.mycluster2.xyz`

`replsets.expose.enabled`¶

Enable or disable exposing MongoDB Replica Set nodes with dedicated IP addresses.

Value type	Example
boolean	`false`

`replsets.expose.type`¶

The IP address type to be exposed.

Value type	Example
string	`ClusterIP`

`replsets.expose.loadBalancerSourceRanges`¶

The range of client IP addresses from which the load balancer should be reachable (if not set, there is no limitations).

Value type	Example
string	`10.0.0.0/8`

`replsets.expose.annotations`¶

The Kubernetes annotations metadata for the MongoDB mongod daemon.

Value type	Example
string	`service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http`

`replsets.expose.labels`¶

The Kubernetes labels for the MongoDB Replica Set Service.

Value type	Example
string	`rack: rack-22`

`replsets.expose.internalTrafficPolicy`¶

Specifies whether Service for MongoDB instances should route internal traffic to cluster-wide or to node-local endpoints (it can influence the load balancing effectiveness).

Value type	Example
boolean	`Local`

`replsets.expose.externalTrafficPolicy`¶

Specifies whether Service for MongoDB instances should route external traffic to cluster-wide (Cluster) or to node-local (Local) endpoints. It can influence the load balancing effectiveness.

Value type	Example
string	`Local`

`replsets.nonvoting.enabled`¶

Enable or disable creation of Replica Set non-voting instances within the cluster.

Value type	Example
boolean	`false`

`replsets.nonvoting.size`¶

The number of Replica Set non-voting instances within the cluster.

Value type	Example
int	`1`

`replsets.nonvoting.podSecurityContext`¶

A custom Kubernetes Security Context for a Pod to be used instead of the default one.

Value type	Example
subdoc	`{}`

`replsets.nonvoting.containerSecurityContext`¶

A custom Kubernetes Security Context for a Container to be used instead of the default one.

Value type	Example
subdoc	`{}`

`replsets.nonvoting.afinity.antiAffinityTopologyKey`¶

The Kubernetes topologyKey node affinity constraint for the non-voting nodes.

Value type	Example
string	`kubernetes.io/hostname`

`replsets.nonvoting.affinity.advanced`¶

In cases where the pods require complex tuning the advanced option turns off the topologykey effect. This setting allows the standard Kubernetes affinity constraints of any complexity to be used.

Value type	Example
subdoc

`replsets.nonvoting.tolerations.key`¶

The Kubernetes Pod tolerations key for the non-voting nodes.

Value type	Example
string	`node.alpha.kubernetes.io/unreachable`

`replsets.nonvoting.tolerations.operator`¶

The Kubernetes Pod tolerations operator for the non-voting nodes.

Value type	Example
string	`Exists`

`replsets.nonvoting.tolerations.effect`¶

The Kubernetes Pod tolerations effect for the non-voting nodes.

Value type	Example
string	`NoExecute`

`replsets.nonvoting.tolerations.tolerationSeconds`¶

The Kubernetes Pod tolerations time limit for the non-voting nodes.

Value type	Example
int	`6000`

`replsets.nonvoting.priorityClassName`¶

The Kuberentes Pod priority class for the non-voting nodes.

Value type	Example
string	`high priority`

`replsets.nonvoting.annotations`¶

The Kubernetes annotations metadata for the non-voting nodes.

Value type	Example
string	`iam.amazonaws.com/role: role-arn`

`replsets.nonvoting.labels`¶

The Kubernetes affinity labels for the non-voting nodes.

Value type	Example
label	`rack: rack-22`

`replsets.nonvoting.nodeSelector`¶

The Kubernetes nodeSelector affinity constraint for the non-voting nodes.

Value type	Example
label	`disktype: ssd`

`replsets.nonvoting.podDisruptionBudget.maxUnavailable`¶

The Kubernetes Pod distribution budget limit specifying the maximum value for unavailable Pods among non-voting nodes.

Value type	Example
int	`1`

`replsets.nonvoting.podDisruptionBudget.minAvailable`¶

The Kubernetes Pod distribution budget limit specifying the minimum value for available Pods among non-voting nodes.

Value type	Example
int	`1`

`replsets.nonvoting.resources.limits.cpu`¶

Kubernetes CPU limit for MongoDB container.

Value type	Example
string	`300m`

`replsets.nonvoting.resources.limits.memory`¶

Kubernetes Memory limit for MongoDB container.

Value type	Example
string	`0.5G`

`replsets.nonvoting.resources.requests.cpu`¶

The Kubernetes CPU requests for MongoDB container.

Value type	Example
string	`300m`

`replsets.nonvoting.resources.requests.memory`¶

The Kubernetes Memory requests for MongoDB container.

Value type	Example
string	`0.5G`

`replsets.nonvoting.volumeSpec.emptyDir`¶

The Kubernetes emptyDir volume , i.e. the directory which will be created on a node, and will be accessible to the MongoDB Pod containers.

Value type	Example
string	`{}`

`replsets.nonvoting.volumeSpec.hostPath.path`¶

Kubernetes hostPath volume , i.e. the file or directory of a node that will be accessible to the MongoDB Pod containers.

Value type	Example
string	`/data`

`replsets.nonvoting.volumeSpec.hostPath.type`¶

The Kubernetes hostPath volume type .

Value type	Example
string	`Directory`

`replsets.nonvoting.volumeSpec.persistentVolumeClaim.annotations`¶

The Kubernetes annotations metadata for Persistent Volume Claim .

Value type	Example
string	`service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http`

`replsets.nonvoting.volumeSpec.persistentVolumeClaim.labels`¶

The Kubernetes labels metadata for Persistent Volume Claim .

Value type	Example
string	`rack: rack-22`

`replsets.nonvoting.volumeSpec.persistentVolumeClaim.storageClassName`¶

The Kubernetes Storage Class to use with the MongoDB container Persistent Volume Claim for the non-voting nodes. Use Storage Class with XFS as the default filesystem if possible, [for better MongoDB performance ](https://dba.stackexchange.com/questions/190578/is-xfs-still-the-best-choice-for-mongodb.

Value type	Example
string	`standard`

`replsets.nonvoting.volumeSpec.persistentVolumeClaim.accessModes`¶

The Kubernetes Persistent Volume access modes for the MongoDB container for the non-voting nodes.

Value type	Example
array	`[ "ReadWriteOnce" ]`

`replsets.nonvoting.volumeSpec.persistentVolumeClaim.resources.requests.storage`¶

The Kubernetes Persistent Volume size for the MongoDB container for the non-voting nodes.

Value type	Example
string	`3Gi`

`replsets.arbiter.enabled`¶

Enable or disable creation of Replica Set Arbiter nodes within the cluster.

Value type	Example
boolean	`false`

`replsets.arbiter.size`¶

The number of Replica Set Arbiter instances within the cluster.

Value type	Example
int	`1`

`replsets.arbiter.afinity.antiAffinityTopologyKey`¶

The Kubernetes topologyKey node affinity constraint for the Arbiter.

Value type	Example
string	`kubernetes.io/hostname`

`replsets.arbiter.affinity.advanced`¶

In cases where the pods require complex tuning the advanced option turns off the topologykey effect. This setting allows the standard Kubernetes affinity constraints of any complexity to be used.

Value type	Example
subdoc

`replsets.arbiter.tolerations.key`¶

The Kubernetes Pod tolerations key for the Arbiter nodes.

Value type	Example
string	`node.alpha.kubernetes.io/unreachable`

`replsets.arbiter.tolerations.operator`¶

The Kubernetes Pod tolerations operator for the Arbiter nodes.

Value type	Example
string	`Exists`

`replsets.arbiter.tolerations.effect`¶

The Kubernetes Pod tolerations effect for the Arbiter nodes.

Value type	Example
string	`NoExecute`

`replsets.arbiter.tolerations.tolerationSeconds`¶

The Kubernetes Pod tolerations time limit for the Arbiter nodes.

Value type	Example
int	`6000`

`replsets.arbiter.priorityClassName`¶

The Kuberentes Pod priority class for the Arbiter nodes.

Value type	Example
string	`high priority`

`replsets.arbiter.annotations`¶

The Kubernetes annotations metadata for the Arbiter nodes.

Value type	Example
string	`iam.amazonaws.com/role: role-arn`

`replsets.arbiter.labels`¶

The Kubernetes affinity labels for the Arbiter nodes.

Value type	Example
label	`rack: rack-22`

`replsets.arbiter.nodeSelector`¶

The Kubernetes nodeSelector affinity constraint for the Arbiter nodes.

Value type	Example
label	`disktype: ssd`

`replsets.resources.limits.cpu`¶

Kubernetes CPU limit for MongoDB container.

Value type	Example
string	`300m`

`replsets.resources.limits.memory`¶

Kubernetes Memory limit for MongoDB container.

Value type	Example
string	`0.5G`

`replsets.resources.requests.cpu`¶

The Kubernetes CPU requests for MongoDB container.

Value type	Example
string	`300m`

`replsets.resources.requests.memory`¶

The Kubernetes Memory requests for MongoDB container.

Value type	Example
string	`0.5G`

`replsets.volumeSpec.emptyDir`¶

The Kubernetes emptyDir volume , i.e. the directory which will be created on a node, and will be accessible to the MongoDB Pod containers.

Value type	Example
string	`{}`

`replsets.volumeSpec.hostPath.path`¶

Kubernetes hostPath volume , i.e. the file or directory of a node that will be accessible to the MongoDB Pod containers.

Value type	Example
string	`/data`

`replsets.volumeSpec.hostPath.type`¶

The Kubernetes hostPath volume type .

Value type	Example
string	`Directory`

`replsets.volumeSpec.persistentVolumeClaim.annotations`¶

The Kubernetes annotations metadata for Persistent Volume Claim .

Value type	Example
string	`service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http`

`replsets.volumeSpec.persistentVolumeClaim.labels`¶

The Kubernetes labels metadata for Persistent Volume Claim .

Value type	Example
string	`rack: rack-22`

`replsets.volumeSpec.persistentVolumeClaim.storageClassName`¶

The Kubernetes Storage Class to use with the MongoDB container Persistent Volume Claim . Use Storage Class with XFS as the default filesystem if possible, for better MongoDB performance .

Value type	Example
string	`standard`

`replsets.volumeSpec.persistentVolumeClaim.accessModes`¶

The Kubernetes Persistent Volume access modes for the MongoDB container.

Value type	Example
array	`[ "ReadWriteOnce" ]`

`replsets.volumeSpec.persistentVolumeClaim.resources.requests.storage`¶

The Kubernetes Persistent Volume size for the MongoDB container.

Value type	Example
string	`3Gi`

`replsets.hostAliases.ip`¶

The IP address for Kubernetes host aliases for replica set Pods.

Value type	Example
string	`"10.10.0.2"`

`replsets.hostAliases.hostnames`¶

Hostnames for Kubernetes host aliases for replica set Pods.

Value type	Example
subdoc

PMM Section¶

The pmm section in the deploy/cr.yaml file contains configuration options for Percona Monitoring and Management.

`pmm.enabled`¶

Enables or disables monitoring Percona Server for MongoDB with PMM .

Value type	Example
boolean	`false`

`pmm.image`¶

PMM Client docker image to use.

Value type	Example
string	`percona/pmm-client:2.44.0`

`pmm.serverHost`¶

Address of the PMM Server to collect data from the Cluster.

Value type	Example
string	`monitoring-service`

`pmm.containerSecurityContext`¶

A custom Kubernetes Security Context for a Container to be used instead of the default one.

Value type	Example
subdoc	`{}`

`pmm.mongodParams`¶

Additional parameters which will be passed to the pmm-admin add mongodb command for mongod Pods.

Value type	Example
string	`--environment=DEV-ENV --custom-labels=DEV-ENV`

`pmm.mongosParams`¶

Additional parameters which will be passed to the pmm-admin add mongodb command for mongos Pods.

Value type	Example
string	`--environment=DEV-ENV --custom-labels=DEV-ENV`

Sharding Section¶

The sharding section in the deploy/cr.yaml file contains configuration options for Percona Server for MondoDB sharding.

`sharding.enabled`¶

Enables or disables Percona Server for MondoDB sharding .

Value type	Example
boolean	`true`

`sharding.configsvrReplSet.size`¶

The number of Config Server instances within the cluster.

Value type	Example
int	`3`

`sharding.configsvrReplSet.terminationGracePeriodSeconds`¶

The amount of seconds Kubernetes will wait for a clean config server Pods termination.

Value type	Example
int	`300`

‘sharding.configsvrReplSet.serviceAccountName’¶

Name of the separate privileged service account for Config Server Pods.

Value type	Example
string	`default`

`sharding.configsvrReplSet.topologySpreadConstraints.labelSelector.matchLabels`¶

The label selector for the Kubernetes Pod Topology Spread Constraints .

Value type	Example
label	`app.kubernetes.io/name: percona-server-mongodb`

`sharding.configsvrReplSet.topologySpreadConstraints.maxSkew`¶

The degree to which Pods may be unevenly distributed under the Kubernetes Pod Topology Spread Constraints .

Value type	Example
int	`1`

`sharding.configsvrReplSet.topologySpreadConstraints.topologyKey`¶

The key of node labels for the Kubernetes Pod Topology Spread Constraints .

Value type	Example
string	`kubernetes.io/hostname`

`sharding.configsvrReplSet.topologySpreadConstraints.whenUnsatisfiable`¶

What to do with a Pod if it doesn’t satisfy the Kubernetes Pod Topology Spread Constraints .

Value type	Example
string	`DoNotSchedule`

`sharding.configsvrReplSet.externalNodes.host`¶

The URL or IP address of the external config server instance.

Value type	Example
string	`34.124.76.90`

`sharding.configsvrReplSet.externalNodes.port`¶

The port number of the external config server instance.

Value type	Example
string	`27017`

`sharding.configsvrReplSet.externalNodes.votes`¶

The number of votes of the external config server instance.

Value type	Example
string	`0`

`sharding.configsvrReplSet.externalNodes.priority`¶

The priority of the external config server instance.

Value type	Example
string	`0`

`sharding.configsvrReplSet.configuration`¶

Custom configuration options for Config Servers. Please refer to the official manual for the full list of options.

Value type	Example
string	\| operationProfiling: mode: slowOp systemLog: verbosity: 1

`sharding.configsvrReplSet.livenessProbe.failureThreshold`¶

Number of consecutive unsuccessful tries of the liveness probe to be undertaken before giving up.

Value type	Example
int	`4`

`sharding.configsvrReplSet.livenessProbe.initialDelaySeconds`¶

Number of seconds to wait after the container start before initiating the liveness probe .

Value type	Example
int	`60`

`sharding.configsvrReplSet.livenessProbe.periodSeconds`¶

How often to perform a liveness probe (in seconds).

Value type	Example
int	`30`

`sharding.configsvrReplSet.livenessProbe.timeoutSeconds`¶

Number of seconds after which the liveness probe times out.

Value type	Example
int	`10`

`sharding.configsvrReplSet.livenessProbe.startupDelaySeconds`¶

Time after which the liveness probe is failed if the MongoDB instance didn’t finish its full startup yet.

Value type	Example
int	`7200`

`sharding.configsvrReplSet.readinessProbe.failureThreshold`¶

Number of consecutive unsuccessful tries of the readiness probe to be undertaken before giving up.

Value type	Example
int	`3`

`sharding.configsvrReplSet.readinessProbe.initialDelaySeconds`¶

Number of seconds to wait after the container start before initiating the readiness probe .

Value type	Example
int	`10`

`sharding.configsvrReplSet.readinessProbe.periodSeconds`¶

How often to perform a readiness probe (in seconds).

Value type	Example
int	`3`

`sharding.configsvrReplSet.readinessProbe.successThreshold`¶

Minimum consecutive successes for the readiness probe to be considered successful after having failed.

Value type	Example
int	`1`

`sharding.configsvrReplSet.readinessProbe.timeoutSeconds`¶

Number of seconds after which the readiness probe times out.

Value type	Example
int	`2`

‘sharding.configsvrReplSet.containerSecurityContext’¶

A custom Kubernetes Security Context for a Container to be used instead of the default one.

Value type	Example
subdoc	`privileged: false`

‘sharding.configsvrReplSet.podSecurityContext’¶

A custom Kubernetes Security Context for a Pod to be used instead of the default one.

Value type	Example
subdoc	runAsUser: 1001 runAsGroup: 1001 supplementalGroups: [1001]

`sharding.configsvrReplSet.runtimeClassName`¶

Name of the Kubernetes Runtime Class for Config Server Pods.

Value type	Example
string	`image-rc`

`sharding.configsvrReplSet.sidecars.image`¶

Image for the custom sidecar container for Config Server Pods.

Value type	Example
string	`busybox`

`sharding.configsvrReplSet.sidecars.command`¶

Command for the custom sidecar container for Config Server Pods.

Value type	Example
array	`["/bin/sh"]`

`sharding.configsvrReplSet.sidecars.args`¶

Command arguments for the custom sidecar container for Config Server Pods.

Value type	Example
array	`["-c", "while true; do echo echo $(date -u) 'test' >> /dev/null; sleep 5;done"]`

`sharding.configsvrReplSet.sidecars.name`¶

Name of the custom sidecar container for Config Server Pods.

Value type	Example
string	`rs-sidecar-1`

`sharding.configsvrReplSet.sidecarVolumes.name`¶

Name of the custom sidecar container volume for Config Server Pods.

Value type	Example
string	`sidecar-config`

`sharding.configsvrReplSet.sidecarVolumes.nfs.server`¶

The hostname of the NFS server that will provide remote filesystem to the custom sidecar container volume for Config Server Pods.

Value type	Example
string	`nfs-service.storage.svc.cluster.local`

`sharding.configsvrReplSet.sidecarVolumes.nfs.path`¶

The path on the NFS server that will be provided as a remote filesystem to the custom sidecar container volume for Config Server Pods.

Value type	Example
string	`/psmdb-some-name-rs0`

`sharding.configsvrReplSet.limits.cpu`¶

Kubernetes CPU limit for Config Server container.

Value type	Example
string	`300m`

`sharding.configsvrReplSet.limits.memory`¶

Kubernetes Memory limit for Config Server container.

Value type	Example
string	`0.5G`

`sharding.configsvrReplSet.resources.requests.cpu`¶

The Kubernetes CPU requests for Config Server container.

Value type	Example
string	`300m`

`sharding.configsvrReplSet.requests.memory`¶

The Kubernetes Memory requests for Config Server container.

Value type	Example
string	`0.5G`

`sharding.configsvrReplSet.expose.enabled`¶

Enable or disable exposing Config Server nodes with dedicated IP addresses.

Value type	Example
boolean	`false`

`sharding.configsvrReplSet.expose.type`¶

The IP address type to be exposed.

Value type	Example
string	`ClusterIP`

`sharding.configsvrReplSet.expose.loadBalancerSourceRanges`¶

The range of client IP addresses from which the load balancer should be reachable (if not set, there is no limitations).

Value type	Example
string	`10.0.0.0/8`

`sharding.configsvrReplSet.expose.annotations`¶

The Kubernetes annotations metadata for the Config Server daemon.

Value type	Example
string	`service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http`

`sharding.configsvrReplSet.expose.labels`¶

The Kubernetes labels for the Config Server Service.

Value type	Example
string	`rack: rack-22`

`sharding.configsvrReplSet.expose.internalTrafficPolicy`¶

Specifies whether Service for config servers should route internal traffic to cluster-wide or to node-local endpoints (it can influence the load balancing effectiveness).

Value type	Example
boolean	`Local`

`sharding.configsvrReplSet.expose.externalTrafficPolicy`¶

Specifies whether Service for config servers should route external traffic to cluster-wide (Cluster) or to node-local (Local) endpoints. It can influence the load balancing effectiveness.

Value type	Example
string	`Local`

`sharding.configsvrReplSet.volumeSpec.emptyDir`¶

The Kubernetes emptyDir volume , i.e. the directory which will be created on a node, and will be accessible to the Config Server Pod containers.

Value type	Example
string	`{}`

`sharding.configsvrReplSet.volumeSpec.hostPath.path`¶

Kubernetes hostPath volume , i.e. the file or directory of a node that will be accessible to the Config Server Pod containers.

Value type	Example
string	`/data`

`sharding.configsvrReplSet.volumeSpec.hostPath.type`¶

The Kubernetes hostPath volume type .

Value type	Example
string	`Directory`

`sharding.configsvrReplSet.volumeSpec.persistentVolumeClaim.annotations`¶

The Kubernetes annotations metadata for Persistent Volume Claim .

Value type	Example
string	`service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http`

`sharding.configsvrReplSet.volumeSpec.persistentVolumeClaim.labels`¶

The Kubernetes labels metadata for Persistent Volume Claim .

Value type	Example
string	`rack: rack-22`

`sharding.configsvrReplSet.volumeSpec.persistentVolumeClaim.storageClassName`¶

The Kubernetes Storage Class to use with the Config Server container Persistent Volume Claim . Use Storage Class with XFS as the default filesystem if possible, for better MongoDB performance .

Value type	Example
string	`standard`

`sharding.configsvrReplSet.volumeSpec.persistentVolumeClaim.accessModes`¶

The Kubernetes Persistent Volume access modes for the Config Server container.

Value type	Example
array	`[ "ReadWriteOnce" ]`

`sharding.configsvrReplSet.volumeSpec.persistentVolumeClaim.resources.requests.storage`¶

The Kubernetes Persistent Volume size for the Config Server container.

Value type	Example
string	`3Gi`

`sharding.configsvrReplSet.hostAliases.ip`¶

The IP address for Kubernetes host aliases for replica set Pods.

Value type	Example
string	`"10.10.0.2"`

`sharding.configsvrReplSet.hostAliases.hostnames`¶

Hostnames for Kubernetes host aliases for config server Pods.

Value type	Example
subdoc

`sharding.mongos.size`¶

The number of mongos instances within the cluster.

Value type	Example
int	`3`

`sharding.mongos.terminationGracePeriodSeconds`¶

The amount of seconds Kubernetes will wait for a clean mongos Pods termination.

Value type	Example
int	`300`

‘sharding.mongos.serviceAccountName’¶

Name of the separate privileged service account for mongos Pods.

Value type	Example
string	`default`

`sharding.mongos.topologySpreadConstraints.labelSelector.matchLabels`¶

The label selector for the Kubernetes Pod Topology Spread Constraints .

Value type	Example
label	`app.kubernetes.io/name: percona-server-mongodb`

`sharding.mongos.topologySpreadConstraints.maxSkew`¶

The degree to which Pods may be unevenly distributed under the Kubernetes Pod Topology Spread Constraints .

Value type	Example
int	`1`

`sharding.mongos.topologySpreadConstraints.topologyKey`¶

The key of node labels for the Kubernetes Pod Topology Spread Constraints .

Value type	Example
string	`kubernetes.io/hostname`

`sharding.mongos.topologySpreadConstraints.whenUnsatisfiable`¶

What to do with a Pod if it doesn’t satisfy the Kubernetes Pod Topology Spread Constraints .

Value type	Example
string	`DoNotSchedule`

`sharding.mongos.configuration`¶

Custom configuration options for mongos. Please refer to the official manual for the full list of options.

Value type	Example
string	\| systemLog: verbosity: 1

`sharding.mongos.afinity.antiAffinityTopologyKey`¶

The Kubernetes topologyKey node affinity constraint for mongos.

Value type	Example
string	`kubernetes.io/hostname`

`sharding.mongos.affinity.advanced`¶

In cases where the Pods require complex tuning the advanced option turns off the topologykey effect. This setting allows the standard Kubernetes affinity constraints of any complexity to be used.

Value type	Example
subdoc

`sharding.mongos.tolerations.key`¶

The Kubernetes Pod tolerations key for mongos instances.

Value type	Example
string	`node.alpha.kubernetes.io/unreachable`

`sharding.mongos.tolerations.operator`¶

The Kubernetes Pod tolerations operator for mongos instances.

Value type	Example
string	`Exists`

`sharding.mongos.tolerations.effect`¶

The Kubernetes Pod tolerations effect for mongos instances.

Value type	Example
string	`NoExecute`

`sharding.mongos.tolerations.tolerationSeconds`¶

The Kubernetes Pod tolerations time limit for mongos instances.

Value type	Example
int	`6000`

`sharding.mongos.priorityClassName`¶

The Kuberentes Pod priority class for mongos instances.

Value type	Example
string	`high priority`

`sharding.mongos.annotations`¶

The Kubernetes annotations metadata for the mongos instances.

Value type	Example
string	`iam.amazonaws.com/role: role-arn`

`sharding.mongos.labels`¶

The Kubernetes affinity labels for mongos instances.

Value type	Example
label	`rack: rack-22`

`sharding.mongos.nodeSelector`¶

The Kubernetes nodeSelector affinity constraint for mongos instances.

Value type	Example
label	`disktype: ssd`

`sharding.mongos.livenessProbe.failureThreshold`¶

Number of consecutive unsuccessful tries of the liveness probe to be undertaken before giving up.

Value type	Example
int	`4`

`sharding.mongos.livenessProbe.initialDelaySeconds`¶

Number of seconds to wait after the container start before initiating the liveness probe .

Value type	Example
int	`60`

`sharding.mongos.livenessProbe.periodSeconds`¶

How often to perform a liveness probe (in seconds).

Value type	Example
int	`30`

`sharding.mongos.livenessProbe.timeoutSeconds`¶

Number of seconds after which the liveness probe times out.

Value type	Example
int	`10`

`sharding.mongos.livenessProbe.startupDelaySeconds`¶

Time after which the liveness probe is failed if the MongoDB instance didn’t finish its full startup yet.

Value type	Example
int	`7200`

`sharding.mongos.readinessProbe.failureThreshold`¶

Number of consecutive unsuccessful tries of the readiness probe to be undertaken before giving up.

Value type	Example
int	`3`

`sharding.mongos.readinessProbe.initialDelaySeconds`¶

Number of seconds to wait after the container start before initiating the readiness probe .

Value type	Example
int	`10`

`sharding.mongos.readinessProbe.periodSeconds`¶

How often to perform a readiness probe (in seconds).

Value type	Example
int	`3`

`sharding.mongos.readinessProbe.successThreshold`¶

Minimum consecutive successes for the readiness probe to be considered successful after having failed.

Value type	Example
int	`1`

`sharding.mongos.readinessProbe.timeoutSeconds`¶

Number of seconds after which the readiness probe times out.

Value type	Example
int	`2`

‘sharding.mongos.containerSecurityContext’¶

A custom Kubernetes Security Context for a Container to be used instead of the default one.

Value type	Example
subdoc	`privileged: false`

‘sharding.mongos.podSecurityContext’¶

A custom Kubernetes Security Context for a Pod to be used instead of the default one.

Value type	Example
subdoc	runAsUser: 1001 runAsGroup: 1001 supplementalGroups: [1001]

`sharding.mongos.runtimeClassName`¶

Name of the Kubernetes Runtime Class for mongos Pods.

Value type	Example
string	`image-rc`

`sharding.mongos.sidecars.image`¶

Image for the custom sidecar container for mongos Pods.

Value type	Example
string	`busybox`

`sharding.mongos.sidecars.command`¶

Command for the custom sidecar container for mongos Pods.

Value type	Example
array	`["/bin/sh"]`

`sharding.mongos.sidecars.args`¶

Command arguments for the custom sidecar container for mongos Pods.

Value type	Example
array	`["-c", "while true; do echo echo $(date -u) 'test' >> /dev/null; sleep 5;done"]`

`sharding.mongos.sidecars.name`¶

Name of the custom sidecar container for mongos Pods.

Value type	Example
string	`rs-sidecar-1`

`sharding.mongos.limits.cpu`¶

Kubernetes CPU limit for mongos container.

Value type	Example
string	`300m`

`sharding.mongos.limits.memory`¶

Kubernetes Memory limit for mongos container.

Value type	Example
string	`0.5G`

`sharding.mongos.resources.requests.cpu`¶

The Kubernetes CPU requests for mongos container.

Value type	Example
string	`300m`

`sharding.mongos.requests.memory`¶

The Kubernetes Memory requests for mongos container.

Value type	Example
string	`0.5G`

`sharding.mongos.expose.type`¶

The IP address type to be exposed.

Value type	Example
string	`ClusterIP`

`sharding.mongos.expose.servicePerPod`¶

If set to true, a separate ClusterIP Service is created for each mongos instance.

Value type	Example
boolean	`true`

`sharding.mongos.expose.loadBalancerSourceRanges`¶

The range of client IP addresses from which the load balancer should be reachable (if not set, there is no limitations).

Value type	Example
string	`10.0.0.0/8`

`sharding.mongos.expose.annotations`¶

The Kubernetes annotations metadata for the MongoDB mongos daemon.

Value type	Example
string	`service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http`

`sharding.mongos.expose.labels`¶

The Kubernetes labels for the MongoDB mongos Service.

Value type	Example
string	`rack: rack-22`

‘sharding.mongos.expose.nodePort’¶

The Node port number to be allocated for the MongoDB mongos Service when the sharding.mongos.expose.type is set to the NodePort, and sharding.mongos.expose.servicePerPod is not turned on.

Value type	Example
int	`32017`

`sharding.mongos.internalTrafficPolicy`¶

Specifies whether Services for the mongos instances should route internal traffic to cluster-wide or to node-local endpoints (it can influence the load balancing effectiveness).

Value type	Example
boolean	`Local`

`sharding.mongos.externalTrafficPolicy`¶

Specifies whether Service for the mongos instances should route external traffic to cluster-wide (Cluster) or to node-local (Local) endpoints. It can influence the load balancing effectiveness.

Value type	Example
string	`Local`

`sharding.mongos.hostAliases.ip`¶

The IP address for Kubernetes host aliases for mongos Pods.

Value type	Example
string	`"10.10.0.2"`

`sharding.mongos.hostAliases.hostnames`¶

Hostnames for Kubernetes host aliases for mongos Pods.

Value type	Example
subdoc

Roles section¶

The roles section in the deploy/cr.yaml file contains various configuration options to configure custom MongoDB user roles via the Custom Resource.

`roles.role`¶

The cusom MongoDB role name.

Value type	Example
string	`myClusterwideAdmin`

`roles.db`¶

Database in which you want to store the user-defined role.

Value type	Example
string	`admin

`roles.authenticationRestrictions.clientSource`¶

List of the IP addresses or CIDR blocks from which users assigned this role can connect. MongoDB servers reject connection requests from users with this role if the requests come from a client that is not present in this array.

Value type	Example
subdoc	`127.0.0.1`

`roles.authenticationRestrictions.serverAddress`¶

List of the IP addresses or CIDR blocks to which users assigned this role can connect. MongoDB servers reject connection requests from users with this role if the client requests to connect to a server that is not present in this array.

Value type	Example
subdoc	`127.0.0.1`

`roles.privileges.actions`¶

List of custom role actions that users granted this role can perform: For a list of accepted values, see Privilege Actions in the MongoDB Manual.

Value type	Example
subdoc	`addShard`

`roles.privileges.resource.db`¶

Database for which the custom role actions apply. An empty string (“”) indicates that the privilege actions apply to all databases.

Value type	Example
string	`""`

`roles.privileges.resource.collection`¶

Collection for which the custom role actions apply. An empty string (“”) indicates that the privilege actions apply to all of the database’s collections.

Value type	Example
string	`""`

`roles.privileges.resource.cluster`¶

If true, the custom role actions apply to all databases and collections in the MongoDB deployment. False by default. If set to true, values for roles.privileges.resource.db and roles.privileges.resource.collection shouldn’t be provided.

Value type	Example
boolean	`true`

`roles.roles`¶

An array of roles (with names of the role and the database) from which this role inherits privileges, if any.

Value type	Example
subdoc	role: read db: admin

Users section¶

The users section in the deploy/cr.yaml file contains various configuration options to configure custom MongoDB users via the Custom Resource.

`users.name`¶

The username of the MongoDB user.

Value type	Example
string	`my-user`

`users.db`¶

Database that the user authenticates against.

Value type	Example
string	`admin`

`users.passwordSecretRef.name`¶

Name of the secret that contains the user’s password. If passwordSecretRef is not present, password will be generated automatically.

Value type	Example
string	`my-user-password`

`users.passwordSecretRef.key`¶

Key in the secret that corresponds to the value of the user’s password (password by default).

Value type	Example
string	`password`

`users.roles.role.name`¶

Name of the MongoDB role assigned to the user. As built-in roles, so custom roles are supported.

Value type	Example
string	`clusterAdmin`

`users.roles.role.db`¶

Database that the MongoDB role applies to.

Value type	Example
string	`admin`

Backup Section¶

The backup section in the deploy/cr.yaml file contains the following configuration options for the regular Percona Server for MongoDB backups.

`backup.enabled`¶

Enables or disables making backups.

Value type	Example
boolean	`true`

`backup.image`¶

The Percona Server for MongoDB Docker image to use for the backup.

Value type	Example
string	`percona/percona-server-mongodb-operator:1.19.1-backup`

`backup.serviceAccountName`¶

Name of the separate privileged service account for backups; service account for backups is not used by the Operator any more, and the option is deprecated since the Operator version 1.16.0.

Value type	Example
string	`percona-server-mongodb-operator`

`backup.annotations`¶

The Kubernetes annotations metadata for the backup job.

Value type	Example
string	`sidecar.istio.io/inject: "false"`

`backup.resources.limits.cpu`¶

Kubernetes CPU limit for backups.

Value type	Example
string	`300m`

`backup.resources.limits.memory`¶

Kubernetes Memory limit for backups.

Value type	Example
string	`1.2G`

`backup.resources.requests.cpu`¶

The Kubernetes CPU requests for backups.

Value type	Example
string	`300m`

`backup.resources.requests.memory`¶

The Kubernetes Memory requests for backups.

Value type	Example
string	`1G`

‘backup.containerSecurityContext’¶

A custom Kubernetes Security Context for a Container to be used instead of the default one.

Value type	Example
subdoc	`privileged: false`

`backup.storages.STORAGE-NAME.type`¶

The cloud storage type used for backups. Only s3, azure, and filesystem types are supported.

Value type	Example
string	`s3`

`backup.storages.STORAGE-NAME.s3.insecureSkipTLSVerify`¶

Enable or disable verification of the storage server TLS certificate. Disabling it may be useful e.g. to skip TLS verification for private S3-compatible storage with a self-issued certificate.

Value type	Example
boolean	`true`

`backup.storages.STORAGE-NAME.s3.credentialsSecret`¶

The Kubernetes secret for backups. It should contain AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY keys.

Value type	Example
string	`my-cluster-name-backup-s3`

`backup.storages.STORAGE-NAME.s3.bucket`¶

The Amazon S3 bucket name for backups.

Value type	Example
string

`backup.storages.STORAGE-NAME.s3.prefix`¶

The path (sub-folder) to the backups inside the bucket .

Value type	Example
string	`""`

`backup.storages.STORAGE-NAME.s3.uploadPartSize`¶

The size of data chunks in bytes to be uploaded to the storage bucket (10 MiB by default).

Value type	Example
int	`10485760`

`backup.storages.STORAGE-NAME.s3.maxUploadParts`¶

The maximum number of data chunks to be uploaded to the storage bucket (10000 by default).

Value type	Example
int	`10000`

`backup.storages.STORAGE-NAME.s3.storageClass`¶

The storage class name of the S3 storage.

Value type	Example
string	`STANDARD`

`backup.storages.STORAGE-NAME.s3.retryer.numMaxRetries`¶

The maximum number of retries to upload data to S3 storage.

Value type	Example
int	`3`

`backup.storages.STORAGE-NAME.s3.retryer.minRetryDelay`¶

The minimum time in milliseconds to wait till the next retry.

Value type	Example
int	`10`

`backup.storages.STORAGE-NAME.s3.retryer.maxRetryDelay`¶

The maximum time in minutes to wait till the next retry.

Value type	Example
int	`5`

`backup.storages.STORAGE-NAME.s3.region`¶

The AWS region to use. Please note this option is mandatory for Amazon and all S3-compatible storages.

Value type	Example
string	`us-east-1`

`backup.storages.STORAGE-NAME.s3.endpointUrl`¶

The URL of the S3-compatible storage to be used (not needed for the original Amazon S3 cloud).

Value type	Example
string

`backup.storages.STORAGE-NAME.s3.serverSideEncryption.kmsKeyID`¶

The ID of the key stored in the AWS KMS used by the Operator for backups server-side encryption

Value type	Example
string	`""`

`backup.storages.STORAGE-NAME.s3.serverSideEncryption.sseAlgorithm`¶

The key management mode used for backups server-side encryption with the encryption keys stored in AWS KMS - aws:kms is the only supported value for now.

Value type	Example
string	`aws:kms`

`backup.storages.STORAGE-NAME.s3.serverSideEncryption.sseCustomerAlgorithm`¶

The key management mode for backups server-side encryption with customer-provided keys - AES256 is the only supported value for now.

Value type	Example
string	`AES256`

`backup.storages.STORAGE-NAME.s3.serverSideEncryption.sseCustomerKey`¶

The locally-stored base64-encoded custom encryption key used by the Operator for backups server-side encryption on S3-compatible storages.

Value type	Example
string	`""`

`backup.storages.STORAGE-NAME.azure.credentialsSecret`¶

The Kubernetes secret for backups. It should contain AZURE_STORAGE_ACCOUNT_NAME and AZURE_STORAGE_ACCOUNT_KEY |

Value type	Example
string	`my-cluster-azure-secret`

`backup.storages.STORAGE-NAME.azure.container`¶

Name of the container for backups.

Value type	Example
string	`my-container`

`backup.storages.STORAGE-NAME.azure.prefix`¶

The path (sub-folder) to the backups inside the container .

Value type	Example
string	`""`

‘backup.storages.STORAGE-NAME.azure.endpointUrl’¶

The private endpoint URL to use instead of the public endpoint.

Value type	Example
string	`https://accountName.blob.core.windows.net`

`backup.storages.STORAGE-NAME.filesystem.path`¶

The mount point for a remote filesystem configured to store backups.

Value type	Example
string	`/mnt/nfs/`

`backup.volumeMounts.mountPath`¶

Mount path for the remote backup storage.

Value type	Example
string	`/mnt/nfs/`

`backup.volumeMounts.name`¶

Name of the remote backup storage.

Value type	Example
string	`backup-nfs`

`backup.pitr.enabled`¶

Enables or disables point-in-time-recovery functionality.

Value type	Example
boolean	`false`

`backup.pitr.oplogOnly`¶

If true, Percona Backup for MongoDB saves oplog chunks even without the base logical backup snapshot (oplog chunks without a base backup can’t be used with logical backups to restore a backup by the Operator, but can still be useful for manual restore operations ).

Value type	Example
boolean	false

`backup.pitr.oplogSpanMin`¶

Number of minutes between the uploads of oplogs.

Value type	Example
int	`10`

`backup.pitr.compressionType`¶

The point-in-time-recovery chunks compression format, can be gzip, snappy, lz4, pgzip, zstd, s2, or none .

Value type	Example
string	`gzip`

`backup.pitr.compressionLevel`¶

The point-in-time-recovery chunks compression level (higher values result in better but slower compression ).

Value type	Example
int	`6`

`backup.configuration.backupOptions.priority`¶

The list of mongod nodes and their priority for making backups.

Value type	Example
subdoc	“localhost:28019”: 2.5 “localhost:27018”: 2.5

`backup.configuration.backupOptions.timeouts.startingStatus`¶

The wait time in seconds Percona Backup for MongoDB should use to start physical backups on all shards. The 0 (zero) value resets the timeout to the default 33 seconds.

Value type	Example
int	`33`

`backup.configuration.backupOptions.oplogSpanMin`¶

The duration (in minutes) of oplog slices saved by Percona Backup for MongoDB with the logical backup snapshot.

Value type	Example
int	`10`

`backup.configuration.restoreOptions.batchSize`¶

The number of documents Percona Backup for MongoDB should buffer.

Value type	Example
int	`500`

`backup.configuration.restoreOptions.numInsertionWorkers`¶

The number of workers that Percona Backup for MongoDB should use to add the documents to buffer.

Value type	Example
int	`10`

`backup.configuration.restoreOptions.numDownloadWorkers`¶

The number of workers that Percona Backup for MongoDB should use to request data chunks from the storage during the restore.

Value type	Example
int	`4`

`backup.configuration.restoreOptions.maxDownloadBufferMb`¶

The maximum size of the in-memory buffer that Percona Backup for MongoDB should use use when downloading files from the S3 storage.

Value type	Example
int	`0`

`backup.configuration.restoreOptions.downloadChunkMb`¶

The size of the data chunk in MB, that Percona Backup for MongoDB should use when downloading from the S3 storage.

Value type	Example
int	`32`

`backup.configuration.restoreOptions.mongodLocation`¶

The custom path to mongod binaries which Percona Backup for MongoDB should use during restore.

Value type	Example
string	`/usr/bin/mongo`

`backup.configuration.restoreOptions.mongodLocationMap`¶

The list of custom paths to mongod binaries on every node, which Percona Backup for MongoDB should use during restore.

Value type	Example
subdoc	“node01:2017”: /usr/bin/mongo “node03:27017”: /usr/bin/mongo

`backup.tasks.name`¶

The name of the backup.

Value type	Example
string

`backup.tasks.enabled`¶

Enables or disables this exact backup.

Value type	Example
boolean	`true`

`backup.tasks.schedule`¶

The scheduled time to make a backup, specified in the crontab format .

Value type	Example
string	`0 0 \* \* 6`

`backup.tasks.keep`¶

The amount of most recent backups to store. Older backups are automatically deleted. Set keep to zero or completely remove it to disable automatic deletion of backups.

Value type	Example
int	`3`

`backup.tasks.storageName`¶

The name of the S3-compatible storage for backups, configured in the storages subsection.

Value type	Example
string	`st-us-west`

`backup.tasks.compressionType`¶

The backup compression format, can be gzip, snappy, lz4, pgzip, zstd, s2, or none .

Value type	Example
string	`gzip`

`backup.tasks.compressionLevel`¶

The backup compression level (higher values result in better but slower compression ).

Value type	Example
int	`6`

`backup.tasks.type`¶

The backup type: (can be either logical (default) or physical; see the Operator backups official documentation for details.

Value type	Example
string	`physical`

Last update: 2025-04-16

Custom Resource options¶

metadata¶

Toplevel spec elements¶

platform¶

pause¶

unmanaged¶

enableVolumeExpansion¶

crVersion¶

image¶

imagePullPolicy¶

imagePullSecrets.name¶

initImage¶

initContainerSecurityContext¶

ClusterServiceDNSSuffix¶

clusterServiceDNSMode¶

allowUnsafeConfigurations¶

updateStrategy¶

ignoreAnnotations¶

ignoreLabels¶

multiCluster.enabled¶

multiCluster.DNSSuffix¶

Unsafe flags section¶

unsafeFlags.tls¶

unsafeFlags.replsetSize¶

unsafeFlags.mongosSize¶

unsafeFlags.terminationGracePeriod¶

unsafeFlags.backupIfUnhealthy¶

TLS (extended cert-manager configuration section)¶

tls.mode¶

tls.certValidityDuration¶

tls.allowInvalidCertificates¶

‘tls.issuerConf.name’¶

‘tls.issuerConf.kind’¶

‘tls.issuerConf.group’¶

Upgrade Options Section¶

upgradeOptions.versionServiceEndpoint¶

upgradeOptions.apply¶

upgradeOptions.schedule¶

upgradeOptions.setFCV¶

Secrets section¶

secrets.keyFile¶

secrets.users¶

secrets.sse¶

secrets.ssl¶

secrets.sslInternal¶

secrets.encryptionKey¶

secrets.vault¶

secrets.ldapSecret¶

Replsets Section¶

replsets.name¶

replsets.size¶

replsets.terminationGracePeriodSeconds¶

‘replsets.serviceAccountName’¶

replsets.topologySpreadConstraints.labelSelector.matchLabels¶

replsets.topologySpreadConstraints.maxSkew¶

replsets.topologySpreadConstraints.topologyKey¶

replsets.topologySpreadConstraints.whenUnsatisfiable¶

replsets.replsetOverrides.MEMBER-NAME.host¶

replsets.replsetOverrides.MEMBER-NAME.priority¶

replsets.replsetOverrides.MEMBER-NAME.tags¶

replsets.externalNodes.host¶

replsets.externalNodes.port¶

replsets.externalNodes.votes¶

replsets.externalNodes.priority¶

replsets.configuration¶

replsets.affinity.antiAffinityTopologyKey¶

replsets.affinity.advanced¶

replsets.tolerations.key¶

replsets.tolerations.operator¶

replsets.tolerations.effect¶

replsets.tolerations.tolerationSeconds¶

replsets.primaryPreferTagSelector.region¶

replsets.primaryPreferTagSelector.zone¶

replsets.priorityClassName¶

replsets.annotations¶

replsets.labels¶

replsets.nodeSelector¶

replsets.storage.engine¶

replsets.storage.wiredTiger.engineConfig.cacheSizeRatio¶

replsets.storage.wiredTiger.engineConfig.directoryForIndexes¶

`metadata`¶

Toplevel `spec` elements¶

`platform`¶

`pause`¶

`unmanaged`¶

`enableVolumeExpansion`¶

`crVersion`¶

`image`¶

`imagePullPolicy`¶

`imagePullSecrets.name`¶

`initImage`¶

`initContainerSecurityContext`¶

`ClusterServiceDNSSuffix`¶

`clusterServiceDNSMode`¶

`allowUnsafeConfigurations`¶

`updateStrategy`¶

`ignoreAnnotations`¶

`ignoreLabels`¶

`multiCluster.enabled`¶

`multiCluster.DNSSuffix`¶

`unsafeFlags.tls`¶

`unsafeFlags.replsetSize`¶

`unsafeFlags.mongosSize`¶

`unsafeFlags.terminationGracePeriod`¶

`unsafeFlags.backupIfUnhealthy`¶

`tls.mode`¶

`tls.certValidityDuration`¶

`tls.allowInvalidCertificates`¶

`upgradeOptions.versionServiceEndpoint`¶

`upgradeOptions.apply`¶

`upgradeOptions.schedule`¶

`upgradeOptions.setFCV`¶

`secrets.keyFile`¶

`secrets.users`¶

`secrets.sse`¶

`secrets.ssl`¶

`secrets.sslInternal`¶

`secrets.encryptionKey`¶

`secrets.vault`¶

`secrets.ldapSecret`¶

`replsets.name`¶

`replsets.size`¶

`replsets.terminationGracePeriodSeconds`¶

`replsets.topologySpreadConstraints.labelSelector.matchLabels`¶

`replsets.topologySpreadConstraints.maxSkew`¶

`replsets.topologySpreadConstraints.topologyKey`¶

`replsets.topologySpreadConstraints.whenUnsatisfiable`¶

`replsets.replsetOverrides.MEMBER-NAME.host`¶

`replsets.replsetOverrides.MEMBER-NAME.priority`¶

`replsets.replsetOverrides.MEMBER-NAME.tags`¶

`replsets.externalNodes.host`¶

`replsets.externalNodes.port`¶

`replsets.externalNodes.votes`¶

`replsets.externalNodes.priority`¶

`replsets.configuration`¶

`replsets.affinity.antiAffinityTopologyKey`¶

`replsets.affinity.advanced`¶

`replsets.tolerations.key`¶

`replsets.tolerations.operator`¶

`replsets.tolerations.effect`¶

`replsets.tolerations.tolerationSeconds`¶

`replsets.primaryPreferTagSelector.region`¶

`replsets.primaryPreferTagSelector.zone`¶

`replsets.priorityClassName`¶

`replsets.annotations`¶

`replsets.labels`¶

`replsets.nodeSelector`¶

`replsets.storage.engine`¶

`replsets.storage.wiredTiger.engineConfig.cacheSizeRatio`¶

`replsets.storage.wiredTiger.engineConfig.directoryForIndexes`¶

`replsets.storage.wiredTiger.engineConfig.journalCompressor`¶

`replsets.storage.wiredTiger.collectionConfig.blockCompressor`¶

`replsets.storage.wiredTiger.indexConfig.prefixCompression`¶

`replsets.storage.inMemory.engineConfig.inMemorySizeRatio`¶

`replsets.livenessProbe.failureThreshold`¶

`replsets.livenessProbe.initialDelaySeconds`¶

`replsets.livenessProbe.periodSeconds`¶

`replsets.livenessProbe.timeoutSeconds`¶

`replsets.livenessProbe.startupDelaySeconds`¶

`replsets.readinessProbe.failureThreshold`¶