mongodb · MaciejKaras · Oct 10, 2025
@@ -17,17 +17,17 @@ The [`/config/samples`](../config/samples) directory contains example MongoDBCom
 ## Deploy a Replica Set
 
 **Warning:** When you delete MongoDB resources, persistent volumes remain
-to help ensure that no unintended data loss occurs. If you create a new 
-MongoDB resource with the same name and persistent volumes, the 
+to help ensure that no unintended data loss occurs. If you create a new
+MongoDB resource with the same name and persistent volumes, the
 pre-existing data might cause issues if the new MongoDB resources have a
 different topology than the previous ones.
 
 To deploy your first replica set:
 
-1. Replace `<your-password-here>` in [mongodb-community-operator/config/samples/mongodb.com_v1_mongodbcommunity_cr.yaml](https://github.com/mongodb/mongodb-kubernetes/blob/master/mongodb-community-operator/config/samples/mongodb.com_v1_mongodbcommunity_cr.yaml) to the password you wish to use.
+1. Replace `<your-password-here>` in [public/samples/community/mongodb.com_v1_mongodbcommunity_cr.yaml](https://github.com/mongodb/mongodb-kubernetes/blob/master/public/samples/community/mongodb.com_v1_mongodbcommunity_cr.yaml) to the password you wish to use.
 2. Invoke the following `kubectl` command:
    ```
-   kubectl apply -f mongodb-community-operator/config/samples/mongodb.com_v1_mongodbcommunity_cr.yaml --namespace <my-namespace>
+   kubectl apply -f public/samples/community/mongodb.com_v1_mongodbcommunity_cr.yaml --namespace <my-namespace>
    ```
 3. Verify that the MongoDBCommunity resource deployed:
    ```
@@ -258,7 +258,7 @@ To upgrade this resource from `4.0.6` to `4.2.7`:
 
 To deploy the operator on OpenShift you will have to provide the environment variable `MANAGED_SECURITY_CONTEXT` set to `true` for the operator deployment.
 
-See [here](https://github.com/mongodb/mongodb-kubernetes/blob/master/mongodb-community-operator/config/samples/mongodb.com_v1_mongodbcommunity_openshift_cr.yaml) for
+See [here](https://github.com/mongodb/mongodb-kubernetes/blob/master/public/samples/community/mongodb.com_v1_mongodbcommunity_openshift_cr.yaml) for
 an example of how to provide the required configuration for a MongoDB
 replica set.
 
@@ -344,7 +344,7 @@ Under some circumstances it might be necessary to set your own custom values for
 the `ReadinessProbe` used by the MongoDB Community Operator. To do so, you
 should use the `statefulSet` attribute in `resource.spec`, as in the following
 provided example [yaml
-file](https://github.com/mongodb/mongodb-kubernetes/blob/master/mongodb-community-operator/config/samples/mongodb.com_v1_mongodbcommunity_readiness_probe_values.yaml).
+file](https://github.com/mongodb/mongodb-kubernetes/blob/master/public/samples/community/mongodb.com_v1_mongodbcommunity_readiness_probe_values.yaml).
 Only those attributes passed will be set, for instance, given the following structure:
 
 ```yaml
@@ -392,4 +392,4 @@ For ex:
 env:
   - name: CLUSTER_DOMAIN
     value: $CUSTOM_DOMAIN
-```
+```
@@ -37,7 +37,7 @@ kubectl create secret tls ca-key-pair  --cert=<path-to-ca.crt>  --key=<path-to-c
 
 ### Create the Cert Manager issuer and secret
 
-Edit the file [cert-manager-certificate.yaml](https://github.com/mongodb/mongodb-kubernetes/blob/master/mongodb-community-operator/config/samples/external_access/cert-manager-certificate.yaml) to replace ```<mongodb-name>``` with your MongoDB deployment name. Also replace ```<domain-rs-1>```, ```<domain-rs-2>```, and ```<domain-rs-3>``` with the external FQDNs of the MongoDB replicaset members. Please remember that you will have to add an equal number of entries for each member of the replicaset, for example:
+Edit the file [cert-manager-certificate.yaml](https://github.com/mongodb/mongodb-kubernetes/blob/master/public/samples/community/external_access/cert-manager-certificate.yaml) to replace ```<mongodb-name>``` with your MongoDB deployment name. Also replace ```<domain-rs-1>```, ```<domain-rs-2>```, and ```<domain-rs-3>``` with the external FQDNs of the MongoDB replicaset members. Please remember that you will have to add an equal number of entries for each member of the replicaset, for example:
 
 ```yaml
 ...
@@ -57,30 +57,30 @@ spec:
 Apply the manifests. Replace ```<your-namespace>``` with the namespace you are using for the deployment.
 
 ```sh
-kubectl apply -f mongodb-community-operator/config/samples/external_access/cert-manager-issuer.yaml --namespace <your-namespace>
-kubectl apply -f mongodb-community-operator/config/samples/external_access/cert-manager-certificate.yaml --namespace <your-namespace>
+kubectl apply -f public/samples/community/external_access/cert-manager-issuer.yaml --namespace <your-namespace>
+kubectl apply -f public/samples/community/external_access/cert-manager-certificate.yaml --namespace <your-namespace>
 ```
 
 ### Create the MongoDB deployment
 
-Edit [mongodb.com_v1_mongodbcommunity_cr.yaml](https://github.com/mongodb/mongodb-kubernetes/blob/master/mongodb-community-operator/config/samples/external_access/mongodb.com_v1_mongodbcommunity_cr.yaml). Replace <mongodb-name> with the desired MongoDB deployment name -- this should be the same as in the previous step. Replace ```<domain-rs-1>```, ```<domain-rs-2>```, and ```<domain-rs-3>``` with the external FQDNs of the MongoDB replicaset members. Please remember that you should have the same number of entries in this section as the number of your replicaset members. You can also edit the ports for external access to your preferred numbers in this section -- you will have to remember to change them in the next step too. Change ```<your-admin-password>``` to your desired admin password for MongoDB.
+Edit [mongodb.com_v1_mongodbcommunity_cr.yaml](https://github.com/mongodb/mongodb-kubernetes/blob/master/public/samples/community/external_access/mongodb.com_v1_mongodbcommunity_cr.yaml). Replace <mongodb-name> with the desired MongoDB deployment name -- this should be the same as in the previous step. Replace ```<domain-rs-1>```, ```<domain-rs-2>```, and ```<domain-rs-3>``` with the external FQDNs of the MongoDB replicaset members. Please remember that you should have the same number of entries in this section as the number of your replicaset members. You can also edit the ports for external access to your preferred numbers in this section -- you will have to remember to change them in the next step too. Change ```<your-admin-password>``` to your desired admin password for MongoDB.
 
 Apply the manifest.
 
 ```sh
-kubectl apply -f mongodb-community-operator/config/samples/external_access/mongodb.com_v1_mongodbcommunity_cr.yaml --namespace <your-namespace>
+kubectl apply -f public/samples/community/external_access/mongodb.com_v1_mongodbcommunity_cr.yaml --namespace <your-namespace>
 ```
 
 Wait for the replicaset to be available.
 
 ### Create the external NodePort services for accessing the MongoDB deployment from outside the Kubernetes cluster
 
-Edit [external_services.yaml](https://github.com/mongodb/mongodb-kubernetes/blob/master/mongodb-community-operator/config/samples/external_access/external_services.yaml) and replace ```<mongodb-name>``` with the MongoDB deployment name that you have used in the preceeding steps. You can change the ```nodePort``` and ```port``` to reflect the changes (if any) you have made in the previous steps.
+Edit [external_services.yaml](https://github.com/mongodb/mongodb-kubernetes/blob/master/public/samples/community/external_access/external_services.yaml) and replace ```<mongodb-name>``` with the MongoDB deployment name that you have used in the preceeding steps. You can change the ```nodePort``` and ```port``` to reflect the changes (if any) you have made in the previous steps.
 
 Apply the manifest.
 
 ```sh
-kubectl apply -f mongodb-community-operator/config/samples/external_access/external_services.yaml --namespace <your-namespace>
+kubectl apply -f public/samples/community/external_access/external_services.yaml --namespace <your-namespace>
 ```
 
 ### Retrieve the certificates from a MongoDB replicaset member

@@ -1,6 +1,6 @@
 # Enable X.509 Authentication
 
-You can use Helm or `kubectl` to enable X.509 authentication for the 
+You can use Helm or `kubectl` to enable X.509 authentication for the
 MongoDB Agent and client.
 
 ## Prerequisites
@@ -16,25 +16,25 @@ MongoDB Agent and client.
 1. Install `cert-manager`:
 
    ```
-   helm install cert-manager jetstack/cert-manager --namespace cert-manager \ 
+   helm install cert-manager jetstack/cert-manager --namespace cert-manager \
    --create-namespace --set installCRDs=true
    ```
 
 ## Use Helm to Enable X.509 Authentication
 
-You can use Helm to install and deploy the MongoDB Community Kubernetes 
-Operator with X.509 Authentication enabled for the MongoDB Agent and 
+You can use Helm to install and deploy the MongoDB Community Kubernetes
+Operator with X.509 Authentication enabled for the MongoDB Agent and
 client. To learn more, see [Install the Operator using Helm](https://github.com/mongodb/mongodb-kubernetes/blob/master/docs/install-upgrade.md#install-the-operator-using-helm).
 
-1. To deploy the MongoDB Community Kubernetes Operator, copy and paste 
-   the following command and replace the `<namespace>` variable with the 
+1. To deploy the MongoDB Community Kubernetes Operator, copy and paste
+   the following command and replace the `<namespace>` variable with the
    namespace:
 
    **Note:**
 
    The following command deploys a sample resource with X.509 enabled
    for both the MongoDB Agent and client authentication. It also creates
-   a sample X.509 user and the certificate that the user can use to 
+   a sample X.509 user and the certificate that the user can use to
    authenticate.
 
    ```
@@ -47,81 +47,81 @@ client. To learn more, see [Install the Operator using Helm](https://github.com/
 
 ## Use `kubectl` to Enable X.509 Authentication
 
-You can use Helm to install and deploy the MongoDB Community Kubernetes 
-Operator with X.509 Authentication enabled for the MongoDB Agent and 
+You can use Helm to install and deploy the MongoDB Community Kubernetes
+Operator with X.509 Authentication enabled for the MongoDB Agent and
 client.
 
-1. To install the MongoDB Community Kubernetes Operator, see 
+1. To install the MongoDB Community Kubernetes Operator, see
    [Install the Operator using kubectl](https://github.com/mongodb/mongodb-kubernetes/blob/master/docs/install-upgrade.md#install-the-operator-using-kubectl).
 
-1. To create a CA, ConfigMap, secrets, issuer, and certificate, see 
+2. To create a CA, ConfigMap, secrets, issuer, and certificate, see
    [Enable External Access to a MongoDB Deployment](https://github.com/mongodb/mongodb-kubernetes/blob/master/docs/external_access.md).
 
-1. Create a YAML file for the  MongoDB Agent certificate. For an example, 
-   see [agent-certificate.yaml](https://github.com/mongodb/mongodb-kubernetes/blob/master/mongodb-community-operator/config/samples/external_access/agent-certificate.yaml).
+3. Create a YAML file for the  MongoDB Agent certificate. For an example,
+   see [agent-certificate.yaml](https://github.com/mongodb/mongodb-kubernetes/blob/master/public/samples/community/external_access/agent-certificate.yaml).
 
    **Note:**
 
-   - For the `spec.issuerRef.name` parameter, specify the 
+   - For the `spec.issuerRef.name` parameter, specify the
      `cert-manager` issuer that you created previously.
-   - For the `spec.secretName` parameter, specify the same 
-     value as the `spec.security.authentication.agentCertificateSecretRef` 
-     parameter in your resource. This secret should contain a signed 
+   - For the `spec.secretName` parameter, specify the same
+     value as the `spec.security.authentication.agentCertificateSecretRef`
+     parameter in your resource. This secret should contain a signed
      X.509 certificate and a private key for the MongoDB agent.
 
-1. To apply the file, copy and paste the following command and replace 
-   the `<agent-certificate>` variable with the name of your MongoDB Agent 
+4. To apply the file, copy and paste the following command and replace
+   the `<agent-certificate>` variable with the name of your MongoDB Agent
    certificate and the `<namespace>` variable with the namespace:
 
    ```
    kubectl apply -f <agent-certificate>.yaml --namespace <namespace>
    ```
 
-1. Create a YAML file for your resource. For an example, see 
-   [mongodb.com_v1_mongodbcommunity_x509.yaml](https://github.com/mongodb/mongodb-kubernetes/blob/master/mongodb-community-operator/config/samples/mongodb.com_v1_mongodbcommunity_x509.yaml).
+5. Create a YAML file for your resource. For an example, see
+   [mongodb.com_v1_mongodbcommunity_x509.yaml](https://github.com/mongodb/mongodb-kubernetes/blob/master/public/samples/community/mongodb.com_v1_mongodbcommunity_x509.yaml).
 
    **Note:**
 
    - For the `spec.security.tls.certificateKeySecretRef.name` parameter,
      specify a reference to the secret that contains the private key and
-     certificate to use for TLS. The operator expects the PEM encoded key 
-     and certificate available at "tls.key" and "tls.crt". Use the same 
-     format used for the standard "kubernetes.io/tls" Secret type, but no 
-     specific type is required. Alternatively, you can provide 
-     an entry called "tls.pem" that contains the concatenation of the 
-     certificate and key. If all of "tls.pem", "tls.crt" and "tls.key" 
-     are present, the "tls.pem" entry needs to equal the concatenation 
+     certificate to use for TLS. The operator expects the PEM encoded key
+     and certificate available at "tls.key" and "tls.crt". Use the same
+     format used for the standard "kubernetes.io/tls" Secret type, but no
+     specific type is required. Alternatively, you can provide
+     an entry called "tls.pem" that contains the concatenation of the
+     certificate and key. If all of "tls.pem", "tls.crt" and "tls.key"
+     are present, the "tls.pem" entry needs to equal the concatenation
      of "tls.crt" and "tls.key".
 
    - For the `spec.security.tls.caConfigMapRef.name` parameter, specify
      the ConfigMap that you created previously.
 
    - For the `spec.authentication.modes` parameter, specify `X509`.
-   
-   - If you have multiple authentication modes, specify the 
+
+   - If you have multiple authentication modes, specify the
      `spec.authentication.agentMode` parameter.
 
    - The `spec.authentication.agentCertificateSecretRef` parameter
      defaults to `agent-certs`.
 
    - For the `spec.users.db` parameter, specify `$external`.
 
-   - Do not set the `spec.users.scramCredentialsSecretName` parameter 
+   - Do not set the `spec.users.scramCredentialsSecretName` parameter
      and the `spec.users.passwordSecretRef` parameters.
 
-1. To apply the file, copy and paste the following command and replace 
+6. To apply the file, copy and paste the following command and replace
    the `<replica-set>` variable with your resource and the `<namespace>`
    variable with the namespace:
 
    ```
    kubectl apply -f <replica-set>.yaml --namespace <namespace>
    ```
 
-1. Create a YAML file for the client certificate. For an example, see 
-   [cert-x509.yaml](https://github.com/mongodb/mongodb-kubernetes/blob/master/mongodb-community-operator/config/samples/external_access/cert-x509.yaml).
+7. Create a YAML file for the client certificate. For an example, see
+   [cert-x509.yaml](https://github.com/mongodb/mongodb-kubernetes/blob/master/public/samples/community/external_access/cert-x509.yaml).
 
-1. To apply the file, copy and paste the following command and replace 
-   the `<client-certificate>` variable with the name of your client 
+8. To apply the file, copy and paste the following command and replace
+   the `<client-certificate>` variable with the name of your client
    certificate and the `<namespace>` variable with the namespace:
 
    ```