apiVersion: apps/v1
kind: StatefulSet
metadata:
name: synapse
labels:
app: synapse
component: web
app.kubernetes.io/name: synapse
app.kubernetes.io/instance: synapse
spec:
serviceName: synapse
selector:
matchLabels:
app: synapse
component: web
template:
metadata:
labels:
app: synapse
component: web
app.kubernetes.io/name: synapse
app.kubernetes.io/instance: synapse
annotations:
prometheus.io/port: "9000"
prometheus.io/scrape: "true"
prometheus.io/path: /_synapse/metrics
spec:
securityContext:
fsGroup: 991
runAsUser: 991
runAsGroup: 991
containers:
- image: matrixdotorg/synapse:latest
imagePullPolicy: Always
name: synapse
ports:
- name: http
protocol: TCP
containerPort: 8008
env:
- name: SYNAPSE_CONFIG_DIR
value: /config
volumeMounts:
- mountPath: /tmp
name: tmp
- mountPath: /data
name: data
- mountPath: /config/homeserver.yaml
subPath: homeserver.yaml
name: config
- mountPath: /config/signing.key
subPath: signing.key
name: config
- mountPath: /config/log.config
subPath: log.config
name: config
resources:
requests:
memory: 256Mi
cpu: 250m
limits:
memory: 768Mi
cpu: 2000m
securityContext:
readOnlyRootFilesystem: true
livenessProbe:
httpGet:
path: /health
port: 8008
scheme: HTTP
failureThreshold: 5
initialDelaySeconds: 60
periodSeconds: 20
successThreshold: 1
timeoutSeconds: 5
volumes:
- name: tmp
emptyDir: {}
- name: data
persistentVolumeClaim:
claimName: synapse-data
- name: config
secret:
secretName: synapse-config
defaultMode: 0600
volumeClaimTemplates:
- metadata:
name: data
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi