Deploying WordPress site using Kubernetes and integrating it with Amazon RDS using Terraform

What is Amazon RDS Service?

Amazon Relational Database Service (Amazon RDS) makes it easy to set up, operate, and scale a relational database in the cloud. It provides cost-efficient and resizable capacity while automating time-consuming administration tasks such as hardware provisioning, database setup, patching and backups. It frees you to focus on your applications so you can give them the fast performance, high availability, security and compatibility they need.

---------------------------------------------------------------------------------------------------------------

Task Description:

Deploy the WordPress application on Kubernetes and AWS using terraform including the following steps:

→Write an Infrastructure as code using terraform, which automatically deploy the WordPress application.

→On AWS, use RDS service for the relational database for WordPress application.

→Deploy the WordPress as a container either on top of Minikube or EKS or Fargate service on AWS.

→The WordPress application should be accessible from the public world if deployed on AWS or through workstation if deployed on Minikube.

So now let’s move towards Practical part:

Providers Setup and Data Collection :

provider "kubernetes" {}

provider "aws" {
  profile = "udit"
  region  = "ap-south-1"
}


data "aws_vpc" "default_vpc" {
    default = true
}



data "aws_subnet_ids" "default_subnet" {
  vpc_id = data.aws_vpc.default_vpc.id

}

• You can notice that we are selecting two providers, one is Kubernetes and another is AWS. Also inside AWS provider I setup my profile and region.
• Next using “data” I am collecting some information like default VPC and default Subnets because we will use them in future.

Security Group & Subnet Group :

resource "aws_security_group" "rds_sg" {
  name        = "rds security group"
  description = "Connection between WordPress and RDS"
  vpc_id      = data.aws_vpc.default_vpc.id

  ingress {
    description = "MySQL"
    from_port   = 3306
    to_port     = 3306
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  egress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }

  tags = {
    Name = "RDS-SG"
  }
}



resource "aws_db_subnet_group" "subnet_grp" {
  name       = "rds subnet group"
  subnet_ids = data.aws_subnet_ids.default_subnet.ids

}

• Here I are creating Security Group for the Instance of RDS. Here you can notice that we are creating this SG inside our default VPC.
• Next in ingress we have only allowed port no 3306 because MySQL works on that port. Also we have allowed traffic from anywhere because when my localhost WordPress will contact RDS then for RDS our traffic will be outside traffic.
• In egress we have allowed any IP because RDS might needs to download something from Internet. But you can restrict if you want.
• Next we are creating one Subnet Group for our Amazon RDS because I want RDS to be launched on any of the available Subnet under my default VPC.

RDS Instance :

resource "aws_db_instance" "rds" {

    depends_on = [
    aws_security_group.rds_sg,
    aws_db_subnet_group.subnet_grp,
  ]

  engine                 = "mysql"
  engine_version         = "5.7"
  identifier             = "wordpress-database"
  username               = ""
  password               = ""
  instance_class         = "db.t2.micro"
  storage_type           = "gp2"
  allocated_storage      = 20
  db_subnet_group_name   = aws_db_subnet_group.subnet_grp.id
  vpc_security_group_ids = [aws_security_group.rds_sg.id]
  publicly_accessible    = true
  name                   = "wpdb"
  parameter_group_name   = "default.mysql5.7"
  skip_final_snapshot    = true

}

• Here if you notice I have used depends on. It's because I want after those two resources create Terraform start creating RDS Instance because while creating RDS we need to provide those two resources.
• Next we have mentioned what database we want to use and which version. Here I choose MySQL version 5.7 because WordPress works with MySQL or MariaDB.
• Identifier is just a name of the AWS resource. Then username and password is the database username and password. Just note one thing that this username and password is case sensitive. Due to security reason I hide my username and Password.
• Then simple we told which flavor we want for our database instance. Also in RDS the minimum storage we can provide is 20GB. I choose gp2 storage but if you have other requirements then you can choose accordingly.
• Next we selected the VPC and Subnet, where we want to provision our Instance. Also as we are connecting to the database from outside of AWS so turn on Public Accessible.
• Finally name stands for the database name that you want to create and then “skip final snapshot” is true because when we will delete our Database we don't want to create snapshot. But in real industry this option is always disabled.

Kubernetes Deployment :

resource "kubernetes_deployment" "wp_deploy" {
    depends_on = [
    aws_db_instance.rds,
  ]
  metadata {
      name = "wordpress"
      labels = {
          app = "wordpress"
        }
    }
  spec {
      selector {
        match_labels = {
            app = "wordpress"
            }
        }
    template {
        metadata {
            labels = {
               app = "wordpress"
           }
        }
        spec {
            container {
                image = "wordpress"
                name  = "wordpress-pod"
                env {
                    name = "WORDPRESS_DB_HOST"
                    value = aws_db_instance.rds.endpoint
                }
                env {
                    name = "WORDPRESS_DB_DATABASE"
                    value = aws_db_instance.rds.name
                }
                env {
                    name = "WORDPRESS_DB_USER"
                    value = aws_db_instance.rds.username
                }
                env {
                    name = "WORDPRESS_DB_PASSWORD"
                    value = aws_db_instance.rds.password
                }
                port {
                container_port = 80
                }
            }
        }
     }
  }
}

This script is deploying WordPress Pod on Kubernetes. As we can see that this script is dependent on RDS Instance because I want as soon as my WordPress starts it gets the Database to store the Data.

Kubernetes Service :

resource "kubernetes_service" "wp_service" {
    depends_on = [
    kubernetes_deployment.wp_deploy,
  ]
  metadata {
    name = "wp-service"
  }
  spec {
    selector = {
      app = "wordpress"
    }
    port {
      port = 80
      target_port = 80
      node_port = 30050
    }

    type = "NodePort"
  }

}

This code is dependent on the Kubernetes Deployment as after deployment complete we usually expose our deployment so that clients can access the site.

Chrome Opening :

resource "null_resource" "ChromeOpen"  {
depends_on = [
    kubernetes_service.wp_service,
  ]

    provisioner "local-exec" {
        command = "minikube service ${kubernetes_service.wp_service.metadata[0].name}"
      }

}

Lastly this code is running at the end and this opening our localhost browser and directly taking us to the IP where WordPress is working.

# Now after we write all of the script,use terraform apply --auto-approve command to run the terraform code. but before you have to run terraform init for downloading provider in localhost this require internet. You have to run these command in terminal.

After completing all steps our RDS Successfully made.

These are the simple steps for writing your own article. Here I Just write few words but you can write more and all of your data will store and manage by RDS.

Thankyou for reading my article.

My Github link is given below.