In this post,we’ll learn that how we can do Highly-Available WordPress Installation inside AWS VPC using Ansible, for this purpose we’ll be using Ubuntu 14.04 LTS EC2 Instances but you can modify it easily for RPM-based systems. If you don’t know about the Ansible, please check this link.
The purpose of Ansible AWS VPC Highly-Available WordPress(AAVHAW) is to create a fully operational AWS VPC infrastructure(subnets,routeing tables,igw etc), it will also create everything that need to be for creating EC2 and RDS instances (security key, security group, subnet group).
It will also create the Elastic Load Balancer and add the EC2 instance(s) automatically that were created using this playbook as well as creating the Route53 entry for this wordpress site and add the ELB alias to it.
Beside that, this playbook will also run the essential role(updating and patching the OS, configuring NTP,creating users etc) and deploy the wordpress on them, that will be fault tolerant and highly available.
NOTE: The part of the play, ‘webserver.yml‘, is not idempotent. Every time it run, will create a new EC2 instances.
These are the requirements for using the mentioned playbooks and roles:
- Ansible - boto - AWS admin access
Specifically, these are the versions of mentioned software that I am using:
Ansible uses python-boto library to call AWS API, and boto needs AWS credentials in order to perform all the functions. There are many ways to configure your AWS credentials. The easiest way is to crate a .boto file under your user home directory:
If you don’t know how to get the AWS Security Credentials, then please read this.
After doing/verifying all the above things, download this Repository from the GitHub:
git clone https://github.com/arbabnazar/ansible-aws-vpc-ha-wordpress.git
cd ansible-aws-vpc-ha-wordpress
Ansible AWS VPC Highly-Available WordPress Playbooks will perform the following tasks:
– Create 1 x VPC with 3 x VPC subnets(2 x public and 1 x private) in differrent AZ zones one AWS region
– Create the AWS key pair with the ansible host’s login user’s public key
– Create 1 x security group for each(Webservers,RDS and ELB)
– Provision 2 x EC2 instances(Ubuntu 14.04 LTS) in 2 different AZ
– Provision 1 x RDS instance in private subnet
– Launch and configure public facing VPC ELB (cross_az_load_balancing) and attach VPC subnets
– Register EC2 instances on ELB
– Install essential and webservers role on both instances
– Take the ELB dnsname and register/create dns entry in Route53
All informations about VPC, Webserver, RDS, ELB, Route53 are defined in their respective files (vpc.yml,webserver.yml,rds.yml,elb.yml,route53 etc) for both variables and tasks.
Move inside the aws/vars directory and edit all the variables file as per your requirement.
cd aws/vars
Edit the tags.yml to define whether this environment is stage,development or production and other related tags:
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Edit the vpc.yml file to define the name of VPC, number of subnets that need to be public/private and their CIDR:
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Edit the rds.yml file for the RDS instance type,Security Group parameters, MySQL User & Password that will use for wordpress installation:
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Edit the webserver.yml for EC2 instance(s) type, Ubuntu AMI and Security Group parameters:
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
If you are using the Route53, then edit the route53.yml file to mentioned your domain name there:
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
After Editing all the variables files, please edit the site.yml file, remove the route53.yml from the tasks, if you are not using this service and add or remove the role(s) as per your requirements:
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Hey. First of all – great work with this. I am looking to use this for my own application. Is there an easy way to deploy new versions of the application? I want to have continuous integration and refresh the dockerhub image easily.
Hey. First of all – great work with this. I am looking to use this for my own application. Is there an easy way to deploy new versions of the application? I want to have continuous integration and refresh the dockerhub image easily.
Pingback: Links of Interest: Serving WordPress - @mwender