Custom Resources
Atlas Kubernetes Operator supports the following custom resources:
Resource | Description |
|---|---|
Configuration of a project in Atlas. | |
Configuration of a cluster inside some project in Atlas. | |
Configuration of a database user inside some project in
Atlas. |
Atlas Kubernetes Operator Workflow
When you use Atlas Kubernetes Operator, you can create a new Atlas project, or you can work with an existing Atlas project.
You need the following public API key, private API key, and the organization ID information to configure Atlas Kubernetes Operator access to Atlas.
If you want Atlas Kubernetes Operator to create a new Atlas project, Create an API Key in an Organization and configure the API Access List.
ImportantYou must assign the API key the Organization Project Creator organization role or higher.
If you want to work with an existing Atlas project, Create an API Key for a Project and configure the API Access List.
ImportantYou must assign the API key the Project Owner project role.
To learn more, see Configure Access to Atlas.
Create and Update Process
Each time you change the spec field in any of the supported
custom resources, the following workflow begins in Atlas Kubernetes Operator:
- Atlas Kubernetes Operator receives an event about the changed custom resource.
Atlas Kubernetes Operator updates the
status.conditionsfield to reflect that the resource is not ready:conditions: - lastTransitionTime: "2021-03-13T16:26:17Z" status: "False" type: Ready - To connect to the Atlas Administration API, Atlas Kubernetes Operator reads the organization
ID and API keys from one of the following locations:
spec.connectionSecretRef.name(if specified in theAtlasProjectCustom Resource).globalAtlas Kubernetes Operator secret<operator-deployment-name>-api-key(ifspec.connectionSecretRef.nameis not specified).
- To create or update resources in Atlas, Atlas Kubernetes Operator uses the
connection information to make API calls to Atlas.NoteSometimes Atlas Kubernetes Operator makes multiple API calls in Atlas during the reconciliation of a custom resource. For example,
AtlasProjecthas an IP Access List configuration for calling the matching API. - If any errors occur during the reconciliation,
status.conditionsupdates to reflect the error.Example- lastTransitionTime: "2021-03-15T14:26:44Z" message: 'POST https://cloud.mongodb.com/api/atlas/v1.0/groups/604a47de73cd8cag77239021/accessList: 400 (request "INVALID_IP_ADDRESS_OR_CIDR_NOTATION") The address 192.0.2.1dfdfd5 must be in valid IP address or CIDR notation.' reason: ProjectIPAccessListNotCreatedInAtlas status: "False" type: IPAccessListReady If the update succeeds,
status.conditionsreflects that the resource is ready:conditions: - lastTransitionTime: "2021-03-13T16:26:17Z" status: "True" type: Ready
Delete Process
If you remove a custom resource from Kubernetes, Atlas Kubernetes Operator tries to clean the state in Atlas, and the following workflow begins:
- Atlas Kubernetes Operator receives an event about the deleted custom resource.
To connect to the Atlas Administration API, Atlas Kubernetes Operator reads the organization ID and API keys from one of the following locations:
spec.connectionSecretRef.name(if specified inAtlasProject).globalAtlas Kubernetes Operator secret<operator-deployment-name>-api-key(ifspec.connectionSecretRef.nameis not specified).
To delete the resource from Atlas, Atlas Kubernetes Operator uses the connection information to make API calls to Atlas.
NoteAtlas Kubernetes Operator removes any related objects created in Kubernetes. For example, if you remove
AtlasDatabaseUser, Atlas Kubernetes Operator removes the related connection secrets.