Web hosting on Aws cloud using Aws Eks
What is amazon elastic kubernetes service?
Amazon Elastic Kubernetes Service (Amazon EKS) is a fully managed Kubernetes service. Customers such as Intel, Snap, Intuit, GoDaddy, and Autodesk trust EKS to run their most sensitive and mission critical applications because of its security, reliability, and scalability.
EKS is deeply integrated with services such as Amazon CloudWatch, Auto Scaling Groups, AWS Identity and Access Management (IAM), and Amazon Virtual Private Cloud (VPC), providing you a seamless experience to monitor, scale, and load-balance your applications.
EKS integrates with AWS App Mesh and provides a Kubernetes native experience to consume service mesh features and bring rich observability, traffic controls and security features to applications.
Additionally, EKS provides a scalable and highly-available control plane that runs across multiple availability zones to eliminate a single point of failure.
Objective
Kubernetes also known as K8s, it is a system for automating deployment, scaling and management of containerized applications , in short it is a container Orchestration tool.
Wordpress is a common Content Management System for building websites and blogs. Scaling Wordpress can be difficult, especially in the cloud due to the shared file system requirement for uploads, plugins, and themes. AWS publishes a document with best practices for running highly scalable Wordpress installations on AWS. This blog follows Wordpress’ deployment for putting the entire Wordpress codebase in an Elastic File System (EFS) mount.
The principles of this document can be applied to any Kubernetes deployment on AWS.
here we are going to learn about aws EKS service and its usecases. In this post, we will walk through provisioning the Kubernetes cluster, setting up the Elastic File System (EFS), integrate EKS with other aws services like ELB, EFS and EBS. After doing Integration we can launch a pod that will be Wordpress with MySQL database
Tools Used:
Follow These steps to Integrate the EKS to EFS Service and Deploy the wordpress on EKS using mysql.
Step 1:
First we need to create an IAM user with administrator access and configure AWS CLI :
Step 2:-
To create an EKS cluster from CLI we need to write a YAML file containing all the details :
apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig
metadata:
name: eks-cluster
region: ap-south-1
nodeGroups:
- name: ng1
desiredCapacity: 2
instanceType: t2.micro
ssh:
publicKeyName: firstkey
- name: ng-mixed
minSize: 1
maxSize: 3
instancesDistribution:
maxPrice: 0.010
instanceTypes: ["t2.micro"] # At least one instance type should be specified
onDemandBaseCapacity: 0
onDemandPercentageAboveBaseCapacity: 50
spotInstancePools: 2
ssh:
publicKeyName: firstkeyThis cluster configuration file will create nodegroup namely ng-1 and ng-mixed.We also provide the option of SSH login with a .pem key.
To start creating the cluster, execute the eks-cluster.yml file, we use command as:
> eksctl create cluster -f eks-cluster.yml
it will take around 20 minutes to create cluster so wait until the cluster is launched successfully, after this check EKS cluster
it is done you can go and check the CloudFormation to check all the nodegroups
And the EC2 instances to see all the instances are running
The one thing we need to do install amazon-efs-utils in each of the nodes we have created by remote login or through gui. This can be done through the Instances section of AWS EC2 and executing the following command in each node:
#yum install amazon-efs-utils /(use root account)
Step 3:-
Update config file to allow kubectl to send instructions to master node and you can check nodes through command:
> aws eks update-kubeconfig --name eks-cluster
Step 4:-
Create EFS manually and create EFS with same vpc (eks-cluster vpc) and security group( CLuster ShareNode Security Group) used within cluster
give security group (wait till its is available):
Step 5:-
We create an EFS provisioner that allows us to mount EFS storage as PersistentVolumes in kubernetes. It consists of a container that has access to an AWS EFS resource. The container reads a configmap which contains the EFS filesystem ID, the AWS region and the name you want to use for your efs-provisioner. This name will be used later when you create a storage class.
kind: Deployment
apiVersion: apps/v1
metadata:
name: efs-provisioner
spec:
selector:
matchLabels:
app: efs-provisioner
replicas: 1
strategy:
type: Recreate
template:
metadata:
labels:
app: efs-provisioner
spec:
containers:
- name: efs-provisioner
image: quay.io/external_storage/efs-provisioner:v0.1.0
env:
- name: FILE_SYSTEM_ID
value: fs-0f58cdde
- name: AWS_REGION
value: ap-south-1
- name: PROVISIONER_NAME
value: eks-cluster/aws-efs
volumeMounts:
- name: pv-volume
mountPath: /persistentvolumes
volumes:
- name: pv-volume
nfs:
server: fs-0f58cdde.efs.ap-south-1.amazonaws.com
path: /Notice the file system id and the nfs server,Change it according to the EFS created by you. make sure efs created above is available check though gui.
EFS provisioner to be able to mount PVC to EFS or we can can that to create PVC in EFS.
After you are done run the command in CMD:
> kubectl create -f efs-provisioner.yml
To see updated config file, we use command:
> kubectl config view
After the config file is updated, we can create our namespace and set the current (working) namespace. The creation of a namespace is not mandatory; we can work within the current default namespace as well.
> kubectl create namespace <name-of-namespace>
> kubectl config set-context --current --namespace=<name-of-namespace>Step 6:-
The RBAC is used as a ClusterRoleBinder, where it grants permissions across the entire cluster.
The RBAC is created using a YAML file whose contents are given below.
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: nfs-provisioner-role-binding
subjects:
- kind: ServiceAccount
name: default
namespace: default
roleRef:
kind: ClusterRole
name: cluster-admin
apiGroup: rbac.authorization.k8s.iowe can create the RBAC using the following command:
> kubectl create -f rbac.yml
Step 7:-
We create a storage class so that we enable data persistent through EFS. Provision PVC for both MySQL and word press deployments.
The StorageClass is created using the following YAML file:
kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
name: aws-efs
provisioner: eks-cluster/aws-efs
---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: efs-wordpress
annotations:
volume.beta.kubernetes.io/storage-class: "aws-efs"
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 10Gi
---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: efs-mysql
annotations:
volume.beta.kubernetes.io/storage-class: "aws-efs"
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 10Giwe can create StorageClass using the following command:
kubectl create -f storageclass.yml
Step 8:-
Create secret box for mysql and wordpress .So some critical information can put inside it like login information.
We create a secret for mysql password using command:
> kubectl create secret generic mysql-pass --from-literal=password=mypass
Step 9:-
Now we create a ELB service to allow WordPress to access MySQL DB and deploy MySQL
The mysql file is created using the following YAML file:
apiVersion: v1
kind: Service
metadata:
name: wordpress-mysql
labels:
app: wordpress
spec:
ports:
- port: 3306
selector:
app: wordpress
tier: mysql
clusterIP: None
---
apiVersion: apps/v1 # for versions before 1.9.0 use apps/v1beta2
kind: Deployment
metadata:
name: wordpress-mysql
labels:
app: wordpress
spec:
selector:
matchLabels:
app: wordpress
tier: mysql
strategy:
type: Recreate
template:
metadata:
labels:
app: wordpress
tier: mysql
spec:
containers:
- image: mysql:5.6
name: mysql
env:
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: mysql-pass
key: password
ports:
- containerPort: 3306
name: mysql
volumeMounts:
- name: mysql-persistent-storage
mountPath: /var/lib/mysql
volumes:
- name: mysql-persistent-storage
persistentVolumeClaim:
claimName: efs-mysqlcreate mysql elb using the following command:
kubectl create -f mysql6.yml Step 10:-
We create a ELB service to allow clients to access WordPress and deploy WordPress.
The wordpress file is created using the following YAML file:
apiVersion: v1
kind: Service
metadata:
name: wordpress
labels:
app: wordpress
spec:
ports:
- port: 80
selector:
app: wordpress
tier: frontend
type: LoadBalancer
---
apiVersion: apps/v1 # for versions before 1.9.0 use apps/v1beta2
kind: Deployment
metadata:
name: wordpress
labels:
app: wordpress
spec:
selector:
matchLabels:
app: wordpress
tier: frontend
strategy:
type: Recreate
template:
metadata:
labels:
app: wordpress
tier: frontend
spec:
containers:
- image: wordpress:4.8-apache
name: wordpress
env:
- name: WORDPRESS_DB_HOST
value: wordpress-mysql
- name: WORDPRESS_DB_PASSWORD
valueFrom:
secretKeyRef:
name: mysql-pass
key: password
ports:
- containerPort: 80
name: wordpress
volumeMounts:
- name: wordpress-persistent-storage
mountPath: /var/www/html
volumes:
- name: wordpress-persistent-storage
persistentVolumeClaim:
claimName: efs-wordpresscreate mysql elb using the following command:
> kubectl create -f wordpress6.yml
check all the pods are running through command:
> kubectl get poFinal step :-
Wordpress can mount on MySQL database and store data inside it.After it ,we can access wordpress by LoadBlancer external ip .
To get external ip we use command:
> kubectl get all -o wideor
kubectl get svc
We use the external IP to view the WordPress page.
This is the integration of amazon Elastic Kubernates service with EFS,
you can delete entire cluster with single command:
> eksctl delete cluster -f <cluster-file-name> (delete EFS manually)
similarly wordpress you can use joomla, nextcloud, owncloud and many other application
So that was my first blog ever, about how to deploy wordpress service on AWS EKS Kubernetes. If you have any questions feel free to reach out to me, and thanks for reading if you made it this far!!
For more details visit my GitHub Repository: https://github.com/snehal3099/deploy-wordpress-on-aws-eks.git
