Docs Home → MongoDB Enterprise Kubernetes Operator
Deploy a Sharded Cluster
Note
At any place on this page that says Ops Manager, you can substitute Cloud Manager.
Important
You can use the Kubernetes Operator to deploy MongoDB resources with Cloud Manager and with Ops Manager version 5.0.x or later.
You can use the Atlas Operator to deploy MongoDB resources to Atlas.
Warning
Kubernetes Operator doesn't support arbiter nodes.
Sharded clusters provide horizontal scaling for large data sets and enable high throughput operations by distributing the data set across a group of servers.
To learn more about sharding, see Sharding Introduction in the MongoDB manual.
Use this procedure to deploy a new sharded cluster that Ops Manager manages. Later, you can use Ops Manager to add shards and perform other maintenance operations on the cluster.
Considerations
Do Not Deploy Monitoring Agents Inside and Outside Kubernetes
Due to Kubernetes network translation, a monitoring agent outside Kubernetes cannot monitor MongoDB instances inside Kubernetes. For this reason, k8s and non-k8s deployments in the same project are not supported. Use separate projects.
Choose Whether to Encrypt Connections
When you deploy your sharded cluster via the Kubernetes Operator, you must choose whether to encrypt connections using TLS certificates.
The following procedure for TLS-Encrypted connections:
Establishes TLS-encrypted connections between cluster shards.
Establishes TLS-encrypted connections between client applications and MongoDB deployments.
Requires valid certificates for TLS encryption.
The following procedure for Non-Encrypted Connections:
Doesn't encrypt connections between cluster shards.
Doesn't encrypt connections between client applications and MongoDB deployments.
Has fewer setup requirements than a deployment with TLS-encrypted connections.
Note
You can't secure a Standalone Instance of MongoDB in a Kubernetes cluster.
To set up TLS encryption for a replica set, see Deploy a Replica Set.
Select the appropriate tab based on whether you want to encrypt your replica set connections with TLS.