This documentation is a WIP
- k8s_om
- Table of Contents
- Compatability
- Description
- Steps to Deploy
- Prerequisites
- Set Up
- deploymentName
- tls.enabled
- opsManager.omVersion
- opsManager.replicas:
- opsManager.adminUserSecret:
- opsManager.binarySource
- opsManager.tlsSecretName
- opsManager.emailServerHostname
- opsManager.adminEmailAddress
- opsManager.fromEmailAddress
- opsManager.replyEmailAddress
- opsManager.emailPort
- opsManager.emailSecure
- opsManager.emailProtocol
- opsManager.podLimitCPU
- opsManager.podRequestsCPU
- opsManager.podLimitMemory
- opsManager.podRequestsMemory
- opsManager.initPodLimitCPU
- opsManager.initPodRequestsCPU
- opsManager.initPodLimitMemory
- opsManager.initPodRequestsMemory
- opsManager.localBinariesMountEnabled
- opsManager.localBinariesMountStorageClass
- opsManager.localBinariesMountStorageSize
- opsManager.extServiceEnabled
- opsManager.extServiceType
- opsManager.centralUrl
- opsManager.extServicePort
- appDB.replicas
- appDB.mdbVersion
- appDB.mongoDBAdminPasswdSecretName
- appDB.tlsSecretName
- appDB.CAConfigmapName
- appDB.podLimitCPU
- appDB.podRequestsCPU
- appDB.podLimitMemory
- appDB.podRequestsMemory
- appDB.initPodLimitCPU
- appDB.initPodRequestsCPU
- appDB.initPodLimitMemory
- appDB.initPodRequestsMemory
- appDB.storageClass
- appDB.storageSize
- backups.enabled
- backups.members
- backups.head.binariesMountEnabled
- backups.head.binariesStorageClass
- backups.head.binariesStorageSize
- backups.head.storageClass
- backups.head.storageSize
- backups.head.podLimitCPU
- backups.head.podRequestsCPU
- backups.head.podLimitMemory
- backups.head.podRequestsMemory
- backups.head.initPodLimitCPU
- backups.head.initPodRequestsCPU
- backups.head.initPodLimitMemory
- backups.head.initPodRequestsMemory
- backups.oplogStores[]
- backups.oplogStores.name
- backups.oplogStores.mdbResource
- backups.oplogStores.userResource
- backups.blockstores[]
- backups.blockstores[].name
- backups.blockstores[].mdbResource
- backups.blockstores[].userResource
- backups.s3stores[]
- backups.s3stores[].name
- backups.s3stores[].mdbResource
- backups.s3stores[].userResource
- backups.s3stores[].s3secret
- backups.s3stores[].pathStyleEnabled
- backups.s3stores[].bucketEndpoint
- backups.s3stores[].bucketName
- Run
This version of the Helm charts has been tested with MongoDB Kubernetes Operator version(s):
- 1.16.0
The following MongoDB versions have been tested functional as the AppDB:
- 5.0.5-ent
The following Ops Manager were tested successfully:
- 5.0.9
A series of Helm Charts to deploy MongoDB Ops Manager within Kubernetes with the MongoDB Kubernetes Operator.
- Ensure Prerequisites are met
- Create Ops Manager Access Token (Progammatic Access)
- Create Kubernetes
configmapfor Ops Manager X.509 Certificate Authority (CA) certificate chain - Create Kubernetes
configmapfor MongoDB deployments CA certificate chain - if requires - and seriously, this should just be a normal thing - Create Kubernets secrets for the MonogDB instances TLS and cluster authentication - once again this is "if requires", but should be just a normal thing.....look at your life choices if you are not doing this!
- Create a Kubernetes secret for the
rootuser of the MongoDB deployment - Create the
values.yamlfile for the deployment.
The MongoDB Enterprise Kubernetes Operator must be installed and operation. Instructions on installing the MongoDB Kubernetes Operator can be found in the MongoDB documentation. It is highly recommended that MongoDB Professional Services be engaged to deploy and configure Ops Manager to ensure the deployment is secure and reliable.
Helm is required to be installed and Helmfile is also highly recommended. If Helmfile is used you will also need Helm-Diff.
This is REQUIRED because your Ops Manager should be using TLS!
The certificate must include the whole certificate chain of the Certificate Authority that signed the X.509 certificate for Ops Manager.
This can be a common configmap if more than one deployment is in a Kubernetes namespace and Ops Manager Organisation.
This is stored in a configMap is set in the relevant values.yaml as opsManager.caConfigMap. The name of the key in the configmap MUST be mms-ca.crt, this can be created via:
kubectl --kubeconfig=<CONFIG_FILE> -n <NAMESPACE> create configmap <name-of-configmap> \
--from-file=mms-ca.crtThis is most likely common in all MongoDB deployments.
This requires one Kubernetes TLS secret.
The secrets contain the X.509 key and certificate. A Subject Alternate Name (SAN) entry must exist for the service.
The certificate must include the name of FQDN external to Kubernetes as a Subject Alternate Name (SAN) if external access is required, as well as the internal service name.
The internal service name will be inform of:
<deploymentName>-svc.<namespace>.svc.cluster.local
The secret must be named as follows:
om-<deploymentName>-cert
The secret can be created as follows:
kubectl --kubeconfig=<CONFIG_FILE> -n <NAMESPACE> create secret tls om-<deploymentName>-cert \
--cert=<path-to-cert> \
--key=<path-to-key>REQUIRED if tls.enabled is true.
The certificate must include the whole certificate chain of the Certificate Authority that signed the X.509 certificate for pods.
This is stored in a configMap is set in the relevant values.yaml as tls.caConfigMap. The name of the key in the configmap MUST be ca-pem, this can be created via:
kubectl --kubeconfig=<CONFIG_FILE> -n <NAMESPACE> create configmap <name-of-configmap> \
--from-file=ca-pemThis is most likely common in all MongoDB deployments.
REQUIRED if tls.enabled is true.
This requires a Kubernetes TLS secert in a certain format.
The secrets contain the X.509 key and certificate. One key/certificate pair is used for all members of the replica set, therefore a Subject Alternate Name (SAN) entry must exist for each member of the replica set. The SANs will be in the form of:
<deploymentName>-db-<X>.<replicaSetName>-svc.<namespace>.svc.cluster.local
Where <deploymentName> is the deploymentName in the values.yaml for your deployment and <X> is the 0-based number of the pod.
The secret must be named as follows:
appdb-<deploymentName>-db-cert
The secret can be created as follows:
kubectl --kubeconfig=<CONFIG_FILE> -n <NAMESPACE> create secret tls appdb-<deploymentName>-db-cert \
--cert=<path-to-cert> \
--key=<path-to-key>REQUIRED if tls.enabled is true.
kubectl --kubeconfig=<CONFIG_FILE> -n <NAMESPACE> create secret generic <adminusercredentials> \
--from-literal=Username="<username>" \
--from-literal=Password="<password>" \
--from-literal=FirstName="<firstname>" \
--from-literal=LastName="<lastname>"A secret must exist for the admin user of the AppDB. The name of the secret must be set in the releveant values.yaml as mongoDBAdminPasswdSecretName value. The secret must contain a key called password that contains the password for the user. The username is set to mongodb-ops-manager by the Kubernetes Operator.
The secret can be create via kubectl as follows:
kubectl --kubeconfig=<CONFIG_FILE> -n <NAMESPACE> create secret generic <name-of-secret> \
--from-literal=password=<password>To enable the backup system within Ops Manager set the backups.enabled field to true. This will create a backup daemon, as well as a head database (which is no longer used in more modern MongoDB deployments). At least one of either a Blockstore or S3store must be selected as the snapshot store, and an oplog store is also required. The Blockstore and Oplog store are both MongoDB replica sets and need to be configured and deployed with the k8s_mdb Helm charts. This presents a chicken and egg situation, so Ops Manager should initially be deployed without backups enabled. The Blockstore(s) (if using Blockstores) and the Oplog store should be deployed, then the backup system should be enabled for Ops Manager. All options, including the Oplog store, require a MongoDB user that can be configured when deploying the actual MognoDB instance via the k8s_mdb Helm charts.
If the backup system is enabled, there is the choice to use S3-compatible devices as a snapshot store. This option requires another secret for the S3 credentials (accessKey and secretKey for the S3 endpoint).
The secret can be created as follows:
kubectl --kubeconfig=<CONFIG_FILE> -n <NAMESPACE> create secret generic <name-of-secret> \
--from-literal=accessKey="<AKIAIOSFODNN7EXAMPLE>" \
--from-literal=secretKey="<wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY>"Two environment variables are required, called ENV and NS (both case senstive). The first describes the selected Git environment for deployment and the second describes the Kubernetes namespace.
The variables for each deployment are contained in the values.yaml. The values.yaml file for the selected environment must reside in a directory under values/<ENV> such as values/dev/values.yaml or values/production/values.yaml. Each <ENV> directory will be a different deployment. The examples directory contains an examples values.yaml file, plus there are examples under the charts/values directory so the reader can see the structure.
The following table describes the values required in the relevant values.yaml:
| Key | Purpose |
|---|---|
| deploymentName | The name for the Ops Manager deployment (becomes the Kubernetes resource name) |
| tls.enabled | Boolean value to determine if TLS is enabled for Ops Manager and AppDB |
| opsManager.omVersion | Version of Ops Manager to use |
| opsManager.replicas | Number of Ops Manager application servers to deploy |
| opsManager.adminUserSecret | The name of the Kubernetes secret containing the first user's password for Ops Manager |
| opsManager.binarySource | The source for the MongoDB binaries. Can be local, hybrid, or remote |
| opsManager.tlsSecretName | The Kubernetes TLS secret containing the X.509 certificate for Ops Manager application servers |
| opsManaer.centralUrl | The URL for the Ops Manager applications (possibly load balancer address), for external access. Optional |
| opsManager.emailServerHostname | The email server FQDN |
| opsManager.adminEmailAddress | The email address of the Admin user for Ops Manager |
| opsManager.fromEmailAddress | The fram email address used by Ops Manager when sending emails |
| opsManager.replyEmailAddress | The email address used as the reply-to address for emails sent by Ops Manager |
| opsManager.emailPort | The port used by the email server |
| opsManager.emailSecure | Boolean to determine if TLS is used for email communications |
| opsManager.emailProtocol | The protocol used by the email server. smtp or smtps |
| opsManager.podLimitCPU | The maximum CPUs that can be allocated to the Ops Manager application container |
| opsManager.podRequestsCPU | The initial CPUs allocated to the Ops Manager application application container |
| opsManager.podLimitMemory | The maximum memory that can be allocated to the Ops Manager application container |
| opsManager.podRequestsMemory | The initial memory allocated to the Ops Manager application container |
| opsManager.initPodLimitCPU | The maximum CPUs that can be allocated to the Ops Manager init container |
| opsManager.initPodRequestsCPU | The initial CPUs allocated to the Ops Manager application init container |
| opsManager.initPodLimitMemory | The maximum memory that can be allocated to the Ops Manager init container |
| opsManager.initPodRequestsMemory | The initial memory allocated to the Ops Manager init container |
| opsManager.localBinariesMountEnabled | Boolean to determine if a PVC is created to store the MongoDB binaries. Required if opsManager.binarySource is local |
| opsManager.localBinariesMountStorageClass | The name of the Kubernetes StorageClass that will be used as the local storage for MongoDB binaries, if required |
| opsManager.localBinariesMountStorageSize | The size of the storage to be allocated for the binaries if required |
| opsManager.extServiceEnabled | Boolean to determine if access to Ops Manager from clients/users external to Kubernetes is required |
| opsManager.extServiceType | The service type created for external access. Selection is NodePort or LoadBalancer |
| opsManager.extServicePort | The Kubernetes port number to use for the NodePort, if NodePort is selected for opsManager.extServiceType |
| appDB.replicas | Numer of members in the AppDB replica set. Should be 3 at the minimum |
| appDB.mdbVersion | The version of MongoDB to use for the AppDB. Must match a tag in the quay.io registry |
| appDB.mongoDBAdminPasswdSecretName | The name of the Kubernetes secret containing the admin user's password |
| appDB.tlsSecretName | The name of the Kubernetes TLS secret containing the X.509 key and certificate for the AppDB |
| appDB.CAConfigmapName | The Kubernetes configmap name containing the CA certificate for the TLS certificates |
| appDB.podLimitCPU | The maximum memory that can be allocated to the AppDB database container |
| appDB.podRequestsCPU | The initial CPUs allocated to the AppDB database container |
| appDB.podLimitMemory | The maximum memory that can be allocated to the AppDB database container |
| appDB.podRequestsMemory | The initial memory allocated to the AppDB database container |
| appDB.initPodLimitCPU | The maximum memory that can be allocated to the AppDB init database container |
| appDB.initPodRequestsCPU | The initial CPUs allocated to the AppDB init database container |
| appDB.initPodLimitMemory | The maximum memory that can be allocated to the AppDB init database container |
| appDB.initPodRequestsMemory | The initial memory allocated to the AppDB database init container |
| appDB.storageClass | The Kubernetes StorageClass name that will be used for VPCs for the AppDB instances |
| appDB.storageSize | The amount of storage to allocate for the AppDB mongod instances |
| backups.enabled | Boolean to determine if the backup system for Ops Manager is enabled |
| backups.members | Number of backup daemons to create. One is normally enough |
| backups.head.binariesMountEnabled | Boolean to determine if a PVC is created to store the MongoDB binaries. Required if opsManager.binarySource is local |
| backups.head.binariesStorageClass | The Kubernetes StorageClass to be used for the binaries mount |
| backups.head.binariesStorageSize | The size, including units, for the binaries mount |
| backups.head.storageClass | The Kubernetes StorageClass for the Head database. Required if backups.enabled is true |
| backups.head.storageSize | The size, including units, for the Head database storage |
| backups.head.podLimitCPU | The maximum CPUs that can be allocated to the Head database container |
| backups.head.podRequestsCPU | The initial CPUs allocated to the Head database container |
| backups.head.podLimitMemory | The maximum memory that can be allocated to the Head database container |
| backups.head.podRequestsMemory | The initial memory allocated to the Head database container |
| backups.head.initPodLimitCPU | The maximum CPUs that can be allocated to the Head init container |
| backups.head.initPodRequestsCPU | The initial CPUs allocated to the Head init container |
| backups.head.initPodLimitMemory | The maximum memory that can be allocated to the Head init container |
| backups.head.initPodRequestsMemory | The initial memory allocated to the Head init container |
| backups.oplogStores[] | An array of objects containing details on required Oplog Stores |
| backups.oplogStores[].name | The name to be used for the Oplog Store configuration within Ops Manager |
| backups.oplogStores[].mdbResource | The Kubernetes resource name of the Opolog Store MongoDB replica set (must be created in advance) |
| backups.oplogStores[].userResource | The Kubernetes resource name of the Opolog Store MongoDB User (must be created in advance) |
| backups.blockstores[] | An array of objects containing details on required Block Stores |
| backups.blockstores[].name | The name to be used for the Block Store configuration within Ops Manager |
| backups.blockstores[].mdbResource | The Kubernetes resource name of the Block Store MongoDB replica set (must be created in advance) |
| backups.blockstores[].userResource | The Kubernetes resource name of the Block Store MongoDB User (must be created in advance) |
| backups.s3stores[] | An array if objects containing details of S3 stores for backups |
| backups.s3stores[].name | The name given to the S3 store in Ops Manager |
| backups.s3stores[].mdbResource | The Kubernetes resource name of the MongoDB replica set used for metadata (must be created in advance) |
| backups.s3stores[].userResource | The Kubernetes resource name of the MongoDB User for the metadata database replica set (must be created in advance) |
| backups.s3stores[].s3secret | The Kubernetes Secert resource name that contains the access AWS access key and username |
| backups.s3stores[].pathStyleEnabled | Boolean to determine of path style is used (true) or virtual-host-style (false) URL endpoint are used |
| backups.s3stores[].bucketEndpoint | The URL of the S3 bucket endpoint |
| backups.s3stores[].bucketName | The name for the S3 bucket |
The name that will be used for the Ops Manager instance. Must be unique in the namespace.
Boolean to determine if TLS is enabled for both Ops Manager and the AppDB.
The version of Ops Manager to use.
The number of Ops Manager application servers to deploy. For high availability, this should be 2 or higher.
The name of the Kubernetes secret that holds the credentials for the first user in Ops Manager.
The secret must consist of the following keys:
- Username
- Password
- FirstName
- LastName
See the prerequisites on Ops Manager First User for further details.
Setting to determine if the MongoDB Automation Agents retrieve the mongod binaries from the Internet sources or from Ops Manager. The setting also determines if the Ops Manager retrieves the binaries from the Internet or is air-gapped.
Options:
remoteAutomation Agent gets the binaries from MognoDB on the InternethybridAutomation Agent have no Internet access and will retieve the binaries from Ops Manager, but Ops Manager retrieves the binaries via the InternetremoteAutomation Agent have no Internet access and will retieve the binaries from Ops Manager, but Ops Manager does NOT have Internet access and therefore the binaries are loaded onto the application servers (and backup daemons) manually. If this is selected also setopsManager.localBinariesMountEnabledtotrueso storage can be allocated for the binaries.
The name of the Kubernetes TLS secret that contains the TLS X.509 key and certificate for the Ops Manager application servers.
The certificates need to include a SAN of the LoadBalancer or NodePort service if access is required from external to Kubernetes. See the prerequisites on TLS Secret for Ops Manager Application Servers.
The Fully Qualified Domain Name (FQDN) of the email server for alerting and invitation purposes.
The email address for the admin user of Ops Manager.
The email address that will be used as the "from address" for emails sent by Ops Manager.
The email address used as the "reply address" for emails sent by Ops Manager.
The port, as an integer, that the email server uses for communications.
A boolean value to determine if TLS is used with email communications.
The protocol to use with the email server. Choices are smtp or smtps.
The CPU limit that can be assigned to each Ops Manager Application Server pod.
The initial CPUs assigned to each Ops Manager Application Server pod.
The maximum memory that can be assigned to each Ops Manager Application Server pod. The units suffix can be one of the following: E, P, T, G, M, K, Ei, Pi, Ti, Gi, Mi, Ki.
The initial memory assigned to each Ops Manager Application Server pod. The units suffix can be one of the following: E, P, T, G, M, K, Ei, Pi, Ti, Gi, Mi, Ki.
The CPU limit that can be assigned to each Ops Manager Application Server init pod.
The initial CPUs assigned to each Ops Manager Application Server init pod.
The maximum memory that can be assigned to each Ops Manager Application Server init pod. The units suffix can be one of the following: E, P, T, G, M, K, Ei, Pi, Ti, Gi, Mi, Ki.
The initial memory assigned to each Ops Manager Application Server init pod. The units suffix can be one of the following: E, P, T, G, M, K, Ei, Pi, Ti, Gi, Mi, Ki.
A bollean to determine if a VPC is created for the MongoDB binaries. This is requried when opsManager.binarySource is local mode.
The name of the Kubernetes StorageClass that will be used to create the PVC to storage the MongoDB binaries, ir required.
The size of the storage required for the MongoDB binaries, if needed. The units suffix can be one of the following: E, P, T, G, M, K, Ei, Pi, Ti, Gi, Mi, Ki.
A boolean value to determine if access to Ops Manager is required from external to Kubernetes (this includes other Kubernetes clusters).
The type of Kuberentes Service to create for the external access. Can be NodePort or LoadBlaancer.
Kubernetes documentation should be consulted on the best method for the environment.
Only required if opsManager.extServiceEnabled is set to true.
The protocol, FQDN and port number that will be used by clients to gain access to Ops Manager. This can be a CNAME that resolves to a work node or the load balancer (depends on the selection for opsManager.extServiceType)
If not provided the default is https://<deploymentName>-svc.<namespace>.svc.cluster.local
The worker node port to use for external access if NodePort is selected for opsManager.extServiceType. This port must be unique wthin the whole Kubernetes cluster and not in use. Ports normally start from 30000.
Only required if opsManager.extServiceType is set to NodePort
Number of replica members to create in the AppDB replica set, this should be at least 3 and an odd number.
The MongoDB version that will be deployed as the AppDB. This must aligned with a tag in the quay.io repository for mongodb-enterprise-appdb-database.
The name of the Kubernetes Secret for the MongoDB admin user (mongodb-ops-manager) for the AppDB. The key within th esecret must be called password.
See further information in the MongoDB Admin User section.
The name of the Kubernets TLS Secret that contains the X.509 key and certificate for the AppDB.
Details on this secret can be found in the TLS Secrets for AppDB section.
The name of the Kubernetes Configmap containing the CA X.509 certificate associated with the TLS certificates.
Further information can be found on this in the CA Certificate for AppDB section.
The CPU limit that can be assigned to each AppDB pod.
The initial CPUs assigned to each AppDB pod.
The maximum memory that can be assigned to each AppDB pod. The units suffix can be one of the following: E, P, T, G, M, K, Ei, Pi, Ti, Gi, Mi, Ki.
The initial memory assigned to each AppDB pod. The units suffix can be one of the following: E, P, T, G, M, K, Ei, Pi, Ti, Gi, Mi, Ki.
The CPU limit that can be assigned to each AppDB init pod.
The initial CPUs assigned to each AppDB init pod.
The maximum memory that can be assigned to each AppDB init pod. The units suffix can be one of the following: E, P, T, G, M, K, Ei, Pi, Ti, Gi, Mi, Ki.
The initial memory assigned to each AppDB init pod. The units suffix can be one of the following: E, P, T, G, M, K, Ei, Pi, Ti, Gi, Mi, Ki.
The name of the Kubernetes StorageClass that will be used for persistent storage for the AppDB.
The size of the storage that will be allocated to the pods from the appDB.storageClass. The units suffix can be one of the following: E, P, T, G, M, K, Ei, Pi, Ti, Gi, Mi, Ki.
A boolean value to determine if the Ops Manager backup system is enable and deployed.
The number of backup daemons to deploy. As of Ops Manager 4.2 the Backup Daemon really only does cleaning/pruning of backups and is responsible for queryable backups.
Required if backups.enabled is true.
If opsManager.binarySource is set to local then this also should be true so the MongoDB binaries for the head database have a storage location.
The name of the Kubernetes StorageClass that will be used to create the PVC for the local binaries store.
Required only if backups.head.binariesMountEnabled is true.
The size of the storage to allocate for the MongoDB binaries.
Required only if opsManager.binarySource is set to local.
The name of the Kubernetes StorageClass that will be used to create the PVC for the head database. As of Ops Manager 4.2 backing up MongoDB 4.2 with FCV of 4.2 this is of limited value.
Is this is absent the default StorageClass will be used if configured in Kubernetes.
The size of the storage to allocate for the head database.
Required if backups.enabled is true.
The CPU limit that can be assigned to each head pod.
The initial CPUs assigned to each head pod.
The maximum memory that can be assigned to each head pod. The units suffix can be one of the following: E, P, T, G, M, K, Ei, Pi, Ti, Gi, Mi, Ki.
The initial memory assigned to each head pod. The units suffix can be one of the following: E, P, T, G, M, K, Ei, Pi, Ti, Gi, Mi, Ki.
The CPU limit that can be assigned to each head init pod.
The initial CPUs assigned to each head init pod.
The maximum memory that can be assigned to each head init pod. The units suffix can be one of the following: E, P, T, G, M, K, Ei, Pi, Ti, Gi, Mi, Ki.
The initial memory assigned to each head init pod. The units suffix can be one of the following: E, P, T, G, M, K, Ei, Pi, Ti, Gi, Mi, Ki.
An array of Oplog store resources.
The name that will be configured for the Oplog resource.
The name of the Kubernetes MongoDB resource that is selected as this particular Oplog Store.
The name of the Kubernetes MongoDB User resource that has the required privileges to be the backup user for the MongoDB resource.
An array of Blockstore resources for snapshots.
This or s3stores is required if backups.enabled is true.
The name that will be configured for the Blockstore resource.
The name of the Kubernetes MongoDB resource that is selected as this particular Blockstore.
The name of the Kubernetes MongoDB User resource that has the required privileges to be the backup user for the MongoDB resource.
An array of S3 resources for snapshots.
The name that will be configured for the S3 snapshot store resource.
The name of the Kubernetes MongoDB resource that is selected as the MongoDB replica set for metadata.
The name of the Kubernetes MongoDB User resource that has the required privileges to be the backup user for the MongoDB resource used as the metadata store.
The name of the Kubernetes secret that contains the various AWS keys and usernames for the S3 device.
A boolean determining if path style URL are used (if true) or virtual-host-style URL are used (if false).
The URL of the S3 endpoint.
Name of the S3 bucket that will host the snapshots.
To use the Helm charts via helmfile perform the following:
ENV=dev NS=mongodb KUBECONFIG=$PWD/kubeconfig helmfile applyThe kubeconfig is the config file to gain access to the Kubernetes cluster. The ENV=dev is the environment to use for the values.yaml, in this case an environment called dev.
To see what the actual YAML files will look like without applying them to Kubernetes use:
ENV=dev helmfile templateTo destroy the environment (the PersistentVolumes will remain) use the following command:
ENV=dev NS=mongodb KUBECONFIG=$PWD/kubeconfig helmfile destroy