Navigation

Quick Start

On this page

You can use Atlas Kubernetes Operator to manage resources in Atlas without leaving Kubernetes. This tutorial demonstrates how to create your first cluster in Atlas from Kubernetes configuration files with Atlas Kubernetes Operator.

This tutorial requires:

  • A running Kubernetes cluster
1

Register a new Atlas Account or Login to Your Atlas Account.

2
Note

You need the following public API key, private API key, and the organization ID information to configure Atlas Kubernetes Operator access to Atlas.

Create One API Key in One Organization and configure the API Access List.

Important

For Atlas Kubernetes Operator to create a new Atlas project, you must assign the Organization Project Creator organization permission.

3

Run one of the following sets of commands:

  • If you want Atlas Kubernetes Operator to watch all the namespaces in the Kubernetes cluster, run the following command:

    kubectl apply -f https://raw.githubusercontent.com/mongodb/mongodb-atlas-kubernetes/main/deploy/all-in-one.yaml
  • If you want Atlas Kubernetes Operator to watch only its namespace, you must install the configuration files from the deploy/namespaced directory:

    kubectl apply -f https://raw.githubusercontent.com/mongodb/mongodb-atlas-kubernetes/main/deploy/namespaced/crds.yaml
    kubectl apply -f https://raw.githubusercontent.com/mongodb/mongodb-atlas-kubernetes/main/deploy/namespaced/namespaced-config.yaml
4

To create a secret, run the following command with your API keys and organization ID:

kubectl create secret generic mongodb-atlas-operator-api-key \
--from-literal="orgId=<atlas_organization_id>" \
--from-literal="publicApiKey=<atlas_api_public_key>" \
--from-literal="privateApiKey=<atlas_api_private_key>" \
-n mongodb-atlas-system
5

Run the following command:

Note

The following example does not specify spec.connectionSecretRef.name. If unspecified, Atlas Kubernetes Operator uses the default connection secret previously set with your API keys and organization ID.

cat <<EOF | kubectl apply -f -
apiVersion: atlas.mongodb.com/v1
kind: AtlasProject
metadata:
name: my-project
spec:
name: Test Atlas Operator Project
projectIpAccessList:
- ipAddress: "0.0.0.0/0"
comment: "Allowing access to database from everywhere (only for Demo!)"
EOF
Warning

The IP address in the example, 0.0.0.0/0, allows any client to connect to the Atlas cluster. Do not use this IP address in production.

6

Run the following command:

cat <<EOF | kubectl apply -f -
apiVersion: atlas.mongodb.com/v1
kind: AtlasCluster
metadata:
name: my-atlas-cluster
spec:
name: "Test-cluster"
projectRef:
name: my-project
providerSettings:
instanceSizeName: M10
providerName: AWS
regionName: US_EAST_1
EOF
7

Replace P@@ssword% with your password and run the following command:

kubectl create secret generic the-user-password --from-literal="password=P@@sword%"
8

Run the following command:

Note

spec.passwordSecretRef must reference the password that you created previously.

cat <<EOF | kubectl apply -f -
apiVersion: atlas.mongodb.com/v1
kind: AtlasDatabaseUser
metadata:
name: my-database-user
spec:
roles:
- roleName: "readWriteAnyDatabase"
databaseName: "admin"
projectRef:
name: my-project
username: theuser
passwordSecretRef:
name: the-user-password
EOF
9

Run the following command until you recieve a True response, which indicates the database user is ready:

Note

The AtlasDatabaseUser Custom Resource waits until the cluster is ready. Creating a new cluster can take up to 10 minutes.

kubectl get atlasdatabaseusers my-database-user -o=jsonpath='{.status.conditions[?(@.type=="Ready")].status}'
10

Run the following command:

Important

The following command requires jq 1.6 or higher.

kubectl get secret test-atlas-operator-project-test-cluster-theuser -o json | jq -r '.data | with_entries(.value |= @base64d)';
Note

Your connection strings will differ from the following example.

{
"connectionStringStandard": "mongodb://theuser:P%40%40sword%25@test-cluster-shard-00-00.peqtm.mongodb.net:27017,test-cluster-shard-00-01.peqtm.mongodb.net:27017,test-cluster-shard-00-02.peqtm.mongodb.net:27017/?ssl=true&authSource=admin&replicaSet=atlas-pk82fl-shard-0",
"connectionStringStandardSrv": "mongodb+srv://theuser:P%40%40sword%25@test-cluster.peqtm.mongodb.net",
"password": "P@@sword%",
"username": "theuser"
}

You can use this secret in your application:

containers:
- name: test-app
env:
- name: "CONNECTION_STRING"
valueFrom:
secretKeyRef:
name: test-atlas-operator-project-test-cluster-theuser
key: connectionStringStandardSrv
Give Feedback

On this page