In this post,we’ll learn that how we can do Highly-Available WordPress Installation inside AWS VPC using Ansible, for this purpose we’ll be using Ubuntu 14.04 LTS EC2 Instances but you can modify it easily for RPM-based systems. If you don’t know about the Ansible, please check this link.
The purpose of Ansible AWS VPC Highly-Available WordPress(AAVHAW) is to create a fully operational AWS VPC infrastructure(subnets,routeing tables,igw etc), it will also create everything that need to be for creating EC2 and RDS instances (security key, security group, subnet group).
It will also create the Elastic Load Balancer and add the EC2 instance(s) automatically that were created using this playbook as well as creating the Route53 entry for this wordpress site and add the ELB alias to it.
Beside that, this playbook will also run the essential role(updating and patching the OS, configuring NTP,creating users etc) and deploy the wordpress on them, that will be fault tolerant and highly available.
NOTE: The part of the play, ‘webserver.yml‘, is not idempotent. Every time it run, will create a new EC2 instances.
These are the requirements for using the mentioned playbooks and roles:
- AWS admin access
Specifically, these are the versions of mentioned software that I am using:
Ansible uses python-boto library to call AWS API, and boto needs AWS credentials in order to perform all the functions. There are many ways to configure your AWS credentials. The easiest way is to crate a .boto file under your user home directory:
Then add the following:
aws_access_key_id = <your_access_key_here>
aws_secret_access_key = <your_secret_key_here>
If you don’t know how to get the AWS Security Credentials, then please read this.
After doing/verifying all the above things, download this Repository from the GitHub:
git clone https://github.com/arbabnazar/ansible-aws-vpc-ha-wordpress.git
Ansible AWS VPC Highly-Available WordPress Playbooks will perform the following tasks:
– Create 1 x VPC with 3 x VPC subnets(2 x public and 1 x private) in differrent AZ zones one AWS region
– Create the AWS key pair with the ansible host’s login user’s public key
– Create 1 x security group for each(Webservers,RDS and ELB)
– Provision 2 x EC2 instances(Ubuntu 14.04 LTS) in 2 different AZ
– Provision 1 x RDS instance in private subnet
– Launch and configure public facing VPC ELB (cross_az_load_balancing) and attach VPC subnets
– Register EC2 instances on ELB
– Install essential and webservers role on both instances
– Take the ELB dnsname and register/create dns entry in Route53
All informations about VPC, Webserver, RDS, ELB, Route53 are defined in their respective files (vpc.yml,webserver.yml,rds.yml,elb.yml,route53 etc) for both variables and tasks.
Move inside the aws/vars directory and edit all the variables file as per your requirement.
Edit the tags.yml to define whether this environment is stage,development or production and other related tags:
Edit the vpc.yml file to define the name of VPC, number of subnets that need to be public/private and their CIDR:
Please refer to the below table for AWS Regions:
Edit the rds.yml file for the RDS instance type,Security Group parameters, MySQL User & Password that will use for wordpress installation:
Edit the webserver.yml for EC2 instance(s) type, Ubuntu AMI and Security Group parameters:
If you are using the Route53, then edit the route53.yml file to mentioned your domain name there:
After Editing all the variables files, please edit the site.yml file, remove the route53.yml from the tasks, if you are not using this service and add or remove the role(s) as per your requirements:
Then run this command:
ansible-playbook -i hosts site.yml
After successful completion of these tasks, it will show you the summary, something like this:
Navigate to the site in web browser using the fqdn(in my case, it is http://www.rbgeek.com), and verify that the wordpress is installed successfully:
Hope this will help you!
Please Remember me in your prayers!