How to setup WordPress in AWS Eks using Helm

You are currently viewing How to setup WordPress in AWS Eks using Helm

Setting up WordPress on Amazon Web Services (AWS) using the Kubernetes package manager, Helm, is straightforward. This guide will walk you through the steps to launch a highly available, scalable WordPress installation in minutes.

Create EKS Cluster

Create an Amazon Elastic Kubernetes Service (EKS) cluster. This can be done via the “eksctl” command line tool.

curl --silent --location "https://github.com/weaveworks/eksctl/releases/latest/download/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp
sudo mv /tmp/eksctl /usr/local/bin
eksctl create cluster 

Install Helm

Helm is a package manager for Kubernetes, and it is used to deploy and manage applications on a Kubernetes cluster. You can install Helm by following the official Helm installation guide.

sudo yum install openssl -y
curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 > get_helm.sh
chmod 700 get_helm.sh
./get_helm.sh

Set Up EBS CSI addon for EKS

First, create an IAM OIDC provider for your cluster.

oidc_id=$(aws eks describe-cluster --name my-cluster --query "cluster.identity.oidc.issuer" --output text | cut -d '/' -f 5)
aws iam list-open-id-connect-providers | grep $oidc_id | cut -d "/" -f4
eksctl utils associate-iam-oidc-provider --cluster my-cluster --approve

Add IAM Role using eksctl

eksctl create iamserviceaccount \
--name ebs-csi-controller-sa \
--namespace kube-system \
--cluster my-cluster \
--attach-policy-arn arn:aws:iam::aws:policy/service-role/AmazonEBSCSIDriverPolicy \
--approve \
--role-only \
--role-name AmazonEKS_EBS_CSI_DriverRole

Then add EBS CSI to EKS by running the following command

eksctl create addon --name aws-ebs-csi-driver --cluster my-cluster --service-account-role-arn arn:aws:iam::111122223333:role/AmazonEKS_EBS_CSI_DriverRole --force

Install WordPress using Helm

Install the WordPress chart: To install the WordPress chart, run the following command:

helm repo add bitnami https://charts.bitnami.com/bitnami

Once the chart is added then install WordPress using the below command.

helm install my-wp2 oci://registry-1.docker.io/bitnamicharts/wordpress \
  --set service.type=LoadBalancer \
  --set service.annotations."service\.beta\.kubernetes\.io/aws-load-balancer-type"=nlb \
  --set wordpressUsername=admin \
  --set wordpressPassword=defaultpass \
  --set wordpressScheme=https

This will install the latest version of the WordPress chart from the official Bitnami repository. A default user is created with the username “admin” and the password is set to “defaultpass”.

Horizontal pod auto scaler ( HPA )

Creating a Horizontal Pod Autoscaler (HPA) for your deployment in Kubernetes, such as a WordPress deployment named my-release, involves using kubectl, the command-line tool for Kubernetes. Here’s a step-by-step guide to do this:

Metrics Server: The HPA feature requires the source of a metric, typically the Metrics Server in a Kubernetes cluster. Make sure it’s deployed in your cluster. You can install it via:

kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml

Creating HPA: Use the kubectl autoscale command to create an HPA. This command will create an HPA that automatically scales your deployment based on specified metrics like CPU or memory usage.

For example, to create an HPA for your my-release deployment that targets an average CPU usage of 50%, use:

kubectl autoscale deployment my-release --cpu-percent=50 --min=1 --max=10

In this command:

  • --cpu-percent=50 specifies the target average CPU utilization.
  • --min=1 specifies the minimum number of pods.
  • --max=10 specifies the maximum number of pods.

Verify HPA Creation: After creating the HPA, you can check its status using:

kubectl get hpa

It’s important to monitor the HPA to ensure it’s operating as expected. You can watch the HPA’s behavior over time with:

kubectl get hpa -w

Adjusting HPA (Optional): If you need to modify the HPA parameters, you can use the kubectl edit HPA command:

kubectl edit hpa my-release

This will open the HPA configuration in a text editor where you can change parameters like min and max replicas, or CPU utilization targets.

Node Auto-scaling

Achieving node autoscaling in AWS Elastic Kubernetes Service (EKS) is typically done using AWS Auto Scaling Groups (ASGs). Here’s how you can set it up.

Enable EC2 Auto Scaling

  • In the AWS Management Console, navigate to the EC2 Auto Scaling section
  • Then select the auto scaling group which needs automatic scaling.
  • Then go to “Auto matic scaling” Tab and create a dynamic scaling policy.

Here is one screenshot given on how to create a dynamic scaling policy.

Click the Create button to create the Dynamic Scaling policy.

SSL Setup

Setting up an SSL certificate for an AWS Classic Load Balancer involves a few steps, including obtaining a certificate, uploading it to AWS, and configuring the load balancer to use it. Here’s a general guide on how to do it:

Obtain an SSL Certificate

First, you need to have an SSL certificate. You can obtain an SSL certificate from a Certificate Authority (CA) like Let’s Encrypt, VeriSign, or any other trusted provider. AWS also provides AWS Certificate Manager (ACM), which can be used to create and manage SSL/TLS certificates.

Using AWS Certificate Manager (ACM)

  • Request a Certificate: Go to ACM in the AWS Management Console and request a certificate. You will need to specify the domain names that you want to include in the certificate.
  • Validate the Certificate: After requesting a certificate, you need to validate domain ownership. This can be done either through email validation or DNS validation.
  • Certificate Issued: Once validated, ACM will issue the certificate.

Set up the Load Balancer

Open the EC2 Console: Go to the Amazon EC2 console.
Select Load Balancers: Under the “Load Balancing” section, select “Load Balancers”.
Choose Your Load Balancer: Select the Classic Load Balancer you want to configure.
Add an HTTPS Listener: In the Listeners configuration for your load balancer, add a new listener for HTTPS (port 443). The instance port chooses the HTTP port 31047


Select SSL Certificate: Choose the SSL certificate you uploaded to IAM or ACM.

Save: Save your configurations.

Update DNS Records
If needed, update your DNS records to point to the load balancer.

Access the WordPress site

After the installation, you can access the WordPress site using the URL provided by the output of the install command. Alternatively, you can go to EC2->Load Balancer and grab the Load Balancer URL from there.

Conclusion

With these steps, you have successfully deployed a highly available and scalable WordPress installation on AWS using Helm. This setup can be easily managed, scaled, and maintained, making it ideal for hosting a WordPress site.

Atiqur Rahman

I am MD. Atiqur Rahman graduated from BUET and is an AWS-certified solutions architect. I have successfully achieved 6 certifications from AWS including Cloud Practitioner, Solutions Architect, SysOps Administrator, and Developer Associate. I have more than 8 years of working experience as a DevOps engineer designing complex SAAS applications.

This Post Has 2 Comments

Leave a Reply