As the orginal MongoDB Atlas K8s Operator is not taking Atlas users into account, I thought about writing my own operator that handles this. And as there is already a lot of stuff out there for Golang, I decided to write it in Rust.
It is in a POC state so a lot of happy path and things that are not handled yet, like:
- What happens to the passwords (send encrypted via email, put into Vault?)
- All the error handling regarding Atlas API
- Update the Status of the k8s resource
- Create the CRD
kubectl create -f crds/atlasusers.yaml- Start the operator
In the context of your choice, start the operator with the following command. You need to provide atlas MongoDB API key credentials.
cargo run --public-key <public-key> --private-key <private>- Create a new MongoDB Atlas
AtlasUserK8s resource
kubectl create -f crds/examples/john_doe.yamlWhat basically deployes something like that:
apiVersion: moertel.com/v1
kind: AtlasUser
metadata:
name: johndoe
namespace: default
spec:
country: US
firstName: John
lastName: Doe
username: johndoe@example.com
roles:
- orgId: "4723423423"
roleName: "ORG_OWNER"- Check the created resource in your cluster
kubectl describe atlasusers johndoe