A collection fo Kubernetes manifests
Deploys a Synapse server and a Postgresql database in a bare-metal cluster
Notes:
- homeserver.yaml is encrypted (
server-sealed-secrets.yaml) using Bitnami'ssealed-secretscontroller as it contains database credentials - as it is a bare-metal cluster, we use
openebsto provide with storage. The storage class used isopenebs-jiva-csi-sc - for networking, we have an Nginx ingress controller - bound to the VMs' host network - that reads the rule of
server-ingress.yamland route traffic to the server (Nginx ingress controller -> ingress -> service -> synapse server) - for federation, we cannot use port 8448 with the ingress controller, so we leverage delegation (see
nginx.ingress.kubernetes.io/configuration-snippetinserver-ingress.yaml) - a CronJob backs up the db to AWS s3 every day at midnight using this Docker image
- we need the name of a retained pvc in
postgres-pvc.yml. We do this so that if postgres app goes down, its pv featuring /var/lib/postgresql/data won't be lost. See how to retain the volume here: openebs/openebs#479 (comment))