Adding MongoDB cluster sample app

kubernetes/apps/mongodb-cluster/app/base/kustomization.yaml

@@ -0,0 +1,8 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+- mongodb-secret.yaml
+- mongodb-certificate.yaml
+- mongodb-cluster.yaml
+
+

kubernetes/apps/mongodb-cluster/app/base/mongodb-certificate.yaml

@@ -0,0 +1,26 @@
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: mongodb-certificate
+  namespace: mongodb
+spec:
+  isCA: false
+  duration: 2160h # 90d
+  renewBefore: 360h # 15d
+  dnsNames:
+    - mongodb-0.mongodb-svc.mongodb.svc.cluster.local
+    - mongodb-1.mongodb-svc.mongodb.svc.cluster.local
+    - mongodb-2.mongodb-svc.mongodb.svc.cluster.local
+    - db-node-1.homelab.ricsanfre.com
+    - db-node-2.homelab.ricsanfre.com
+    - db-node-3.homelab.ricsanfre.com
+  secretName: mongodb-cert
+  privateKey:
+    algorithm: RSA
+    encoding: PKCS1
+    size: 4096
+  issuerRef:
+    name: ca-issuer
+    kind: ClusterIssuer
+    group: cert-manager.io
+

kubernetes/apps/mongodb-cluster/app/base/mongodb-cluster.yaml

@@ -0,0 +1,65 @@
+apiVersion: mongodbcommunity.mongodb.com/v1
+kind: MongoDBCommunity
+metadata:
+  name: mongodb
+  namespace: mongodb
+spec:
+  members: 3
+  type: ReplicaSet
+  version: "6.0.11"
+  security:
+    tls:
+      enabled: true
+      certificateKeySecretRef:
+        name: mongodb-cert
+      caCertificateSecretRef:
+        name: mongodb-cert
+    authentication:
+      modes: ["SCRAM"]
+  users:
+    - name: admin
+      db: admin
+      passwordSecretRef: # a reference to the secret that will be used to generate the user's password
+        name: admin-user
+      roles:
+        - name: clusterAdmin
+          db: admin
+        - name: userAdminAnyDatabase
+          db: admin
+      scramCredentialsSecretName: my-scram
+  additionalMongodConfig:
+    storage.wiredTiger.engineConfig.journalCompressor: zlib
+  statefulSet:
+    spec:
+      template:
+        spec:
+          containers:
+            - name: mongod
+              resources:
+                limits:
+                  cpu: "1"
+                  memory: 2Gi
+                requests:
+                  cpu: 500m
+                  memory: 1Gi
+          # Add affinity rule to run pods only on amd64 nodes.
+          # ARM64 not properly supported by operator yet
+          # https://github.com/mongodb/mongodb-kubernetes-operator/issues/1514
+          affinity:
+            nodeAffinity:
+              requiredDuringSchedulingIgnoredDuringExecution:
+                nodeSelectorTerms:
+                - matchExpressions:
+                  - key: kubernetes.io/arch
+                    operator: In
+                    values:
+                    - amd64
+      volumeClaimTemplates:
+        - metadata:
+            name: data-volume
+          spec:
+            accessModes:
+              - ReadWriteOnce
+            resources:
+              requests:
+                storage: 5G

kubernetes/apps/mongodb-cluster/app/base/mongodb-secret.yaml

@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: admin-user
+  namespace: mongodb
+type: Opaque
+stringData:
+  password: s1cret0

kubernetes/apps/mongodb-cluster/app/overlays/dev/kustomization.yaml

@@ -0,0 +1,6 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: mongodb
+
+resources:
+  - ../../base

kubernetes/apps/mongodb-cluster/app/overlays/prod/kustomization.yaml

@@ -0,0 +1,6 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: mongodb
+
+resources:
+  - ../../base