Skip to content

The mongodb-kubernetes-appdb RBAC resources should be managed by CR instead #379

@chxxvi

Description

@chxxvi

What did you do to encounter the bug?

I was doing helm upgrade to set operator.watchNamespace=*, and some RBAC resource content are seem immutable, so i uninstall MCK and install again.

During uninstall, seem all RBAC resources are removed, including mongodb-kubernetes-appdb which is referenced by the StatefulSet of the existing MongoDBCommunity instance.

It makes :-

  1. the mongodb-agent fails on readiness probe
  2. the pod endpoints will be not ready (I have extra exposing services which will not function at time)
  3. the StatefulSet warns of the missing mongodb-kubernetes-appdb serviceaccount (if pods are restarted/deleted during this status, the new ones will not be scheduled)

p.s. although I install the MCK again very soon, above status still long for 30-60 minutes (I have no idea about this)

Also, if I apply a new MongoDBCommunity in another namespace, the mongodb-kubernetes-appdb resources will not be created in that namespace automatically so the pods will not be scheduled (same reason to point 3 above).

Operator Information

  • Operator Version: 1.2.0
  • MongoDB Image used: mongodb-community-server:8.0.12-ubi9
  • MongoDB Agent Image used: mongodb-agent-ubi:108.0.2.8729-1

Kubernetes Cluster Information

  • Distribution: Native K8s (on-premise, AlmaLinux 9.6)
  • Version: 1.32.7
  • Image Registry location: Quay

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions