Automation — WordPress Deployment on Kubernetes Multi-Node Cluster launched over AWS using Ansible
Deploying website using WordPress is an easy task but when it comes to high availability and Fast Deployment with Orchestration and Auto-Provisioning facility — We are referring MNA over Cloud….
Famous Website and blog building tool WordPress that we are going to deploy in pods over Kubernetes using Automation by Ansible. The question comes why we need this deployment and what is necessity of POD creation?
PODs are smallest unit of Kubernetes management cycle. If we see the official definition — Pods are the smallest, most basic deployable objects in Kubernetes. A Pod represents a single instance of a running process in your cluster. Pods contain one or more containers, such as Docker containers. When a Pod runs multiple containers, the containers are managed as a single entity and share the Pod’s resources.
And when we deploy our WordPress over our container to launch a website, deploying website using WordPress is an easy task but when it comes to high availability and Fast Deployment with Orchestration and Auto-Provisioning facility — We are referring MNA over Cloud flavored with automation to make a fantastic Agile Setup which take only few seconds for deployment and endpoint distribution.
Let me take you to the Technologies and their requirements, I have Written one blog a few days ago on “AUTOMATE KUBERNETES CLUSTER OVER AWS USING ANSIBLE”.
Kubernetes :
Kubernetes is an Orchestration Tool that monitor and manage the Containers. It was designed by Google in 2014 and is a Open-Source tool. Kubernetes is established for deployment, maintenance and scaling of containers to maintain a particular state and provide Continuous support to the environment by various features that include Pods, Labels, Selectors, Controller, Replication Controller, Deployment Controller, Replica Set and Services. Kubernetes uses declarative approach for Orchestration hence uses declarative language i.e. YAML or ….. (Refer my Previous Blog on Kubernetes)
Ansible :
Automation is there in the world of IT from decades but Ansible is mainly designed for “Configuration Management”, the tool come to market with High Scalability and ability to kick Start the business, without giving high wages to employees and just Making Scripts to keep on configuring each node started by the Load Balancers. Now the question arises what all Ansible is providing as automation, Can we rely on it for all the Steps of Configuration Management ?……(Refer my Previous Blog on Ansible)
AWS :
AWS (Amazon Web Services) provide a great level of services due to which it is the most preferred public cloud in world. According to recent Gartner report AWS Rank 1st in the World of Providing Resources and Services with greatest Availability and Security. AWS provides a set of fully managed services that you can use to build and run serverless applications. Serverless applications don’t require provisioning, maintaining, and administering servers for backend components such as compute, databases, storage, stream processing, message queueing, and more….(Refer my blog on AWS)
WordPress:
WordPress (WP) is a free and open-source content management system (CMS) written in PHP and paired with a MySQL or MariaDB database. It is incredibly flexible, with thousands of themes, plugins, and support option for website development to know more about WordPress visit!!
Let’s Brief our Plan before Proceeding further:
- In totality we have four EC2 instances here and one Local System which is a controller node (*RHEL OS at base OS) from where we will run the roles to setup everything just in one click.
- The instances are to be provisioned by “EC2 role”
- Mater Node Setup is next task that would take place by running “K8s_master”
- Slave nodes Setup and Registration with master is the next part that would deploy and get provisioned using “K8s_slave”
- Next the NFS-Server would launch for providing Directories.
- Then a kube_wordpress role for Wordpress pod setup and PVC claim.
- Lastly Setup file for running all the roles.
Step 1: Create Ansible Configuration file:
Ansible being Agentless Automation Tool need the inventory file at the Controller node which i have mentioned to be our local System. Inventory file could be created either globally inside controller node in the path (/etc/ansible/ansible.cfg) or could be created at the workspace where we are going to run our playbooks/roles.
Create Workspace for this Project:
# mkdir kube-ansible
# cd kube-ansible
# mkdir roles
# vim ansible.cfgFor explanations of the above file Visit!
Step 2: Create two files for AWS Login and Authenticating your instance:
- Ansible Vault file named
cred.ymlwhich contain IAM access and Secret Key for Authentication to your AWS Account. In your directory 'my-ws' create usingansible-vault create cred.yml(give password)
file format:
access_key: GUJGWDUYGUEWVVFEWGVFUYV
secret_key: huadub7635897^%&hdfqt57gvhg2. Create file named ansible.pem which is key-pair that we use to create the ec2-instance remotely over our AWS account.
Steps:
1. Go to AWS Management Console
2. EC2 dashboard
3. Key-pairs
4. Create new Key-Pair
5. Give name as
ansible6. Select ‘.PEM’ file format
7. Download the key to your local system
8. Transfer the key to Ansible Controller node in same directory where your role is
kube-ansible
Step 3: Creating Ansible Roles :
Next we will create five main Roles for automation, Firstly we will create NFS-server followed by Rest four EC2 instances with one master, two slave and one Client Kubernetes Setup.
# mkdir role
# cd role
# ansible-galaxy init ec2
# ansible-galaxy init k8s_master
# ansible-galaxy init k8s_slave
# ansible-galaxy init k8s_client
# ansible-galaxy init nfs-serverNow we have all the tasks, template, vars file other Ansible artifacts based on a known file structure that are pre-embedded in roles just we need to write the declaration/description (in YAML Language) of what all things we need by including Modules and jinja attribute annotations.
To know more about roles visit!
Step 4: Writing NFS-Server role for Storage Class Setup :
The main use of this server in our Kubernetes Multi-Node Setup is for Storage Class as PV is registered and PVC approval is done from this Storage only. We have given EBS Volume to this Server and further Volume Distribution is done by Network File System. This Role itself indicates it is meant to share storage as Directory and mount the shared folder later on PVC (Persistent Volume Claims).
🤔 What is the use of PVC?
Our WordPress depends on SQL storage as it provides database to client for login into WordPress. Also when we are guaranteeing No Downtime Setup we must have a Persistent Data Storage so that because of any kind of POD or Node SPOF, our data must not loose and client must not survive because of that. Now Question come how it works? How we can connect same PVC to another POD? — Answer to this is we have concept of Tagging in Kubernetes through which we could link to our Resource and Services. Just what we need to give is resource Kind and it’s metadata that underline managed and stored by etcd (internal Kubernetes Database). PVC is claim that client ask to approve and provide requested storage from local or external (Network) Storage.
# cd role/nfs-server/tasks
# vim main.ymlWe have variable file that contain the value which would be directly called / replaced at the time of role execution. It include “shared_dir” variable. Two directories named “/wp” and “/mysql” for WordPress and MySQL Pods respectively.
# cd role/nfs-server/vars
# vim main.yml
Step 5: Writing EC2 role for Setup :
For launching instances in AWS EC2 we have the following aws-ec2 role. For this we need some credentials for login into aws account. Then we will see how the roles are written:
# cd role/ec2/tasks
# vim main.ymlWe have eight tasks running in this EC2 role one for installing boto3 for AWS API to connect and then security group after that follows ec2 instance creation then creating dynamic inventory using ansible add_host module. Then lastly toggle for ssh connection with all the instances.
We have variable file that contain the value which would be directly called / replaced at the time of role execution. we have four instance_tags, two python_pkgs variable and sg_name, region_name, subnet_name, ami_id, keypair, instance_flavour and give values as per your account ARN (Amazon Resource Name) or Amazon-ID.
# cd role/ec2/vars
# vim main.yml
Step 5: Writing k8s_master role:
For Kubernetes Master Node Setup role describing How to configure in tasks folder of kube_master role. Also the vars folder contaning some of the variables values:
# cd role/k8s_master/tasks
# vim main.ymlWe have eleven tasks here which include installation of kubeadm, kubelet and kubectl command then pulling all the management images from dockerhub followed by their pod creation and network overlay and deamon driver setup lastly we create a registration key for slave node connectivity using flunnel CNI.
We have variable file that contain the value which would be directly called / replaced at the time of role execution. It include variable named service_name and contain following values:
Docker : Container Engine program that help in launching container and then POD manages the container by tagging and label selection methods. Docker needed to be installed in both master and slave nodes as kubelet program behind the scene connect to docker engine and get the container launched.
Kubelet: The kubelet is the primary “node agent” that runs on each node that manages the container running in the single node.
# cd role/k8s_master/vars
# vim main.yml
Step 6 : Writing k8s_slave role:
Now lets write plays for kube_slave role inside the tasks folder and than mentioning the variable values in the vars folder. Same as Kubernetes Master, Slave pre-requisites are the three software i.e. Docker, Kubeadm and ip-tables. We have to have updates for the ip table for which we have used /etc/sysctl.d/k8s.conf file in slave.
Registering / Joining of Slave node to master node could only be done via the key that is provided by the mater after the whole setup and initialization. We need to copy the key in slave nodes. For this purpose we have used tokens here.
# cd role/k8s_slave/tasks
# vim main.yml# cd role/k8s_master/vars
# vim main.yml
Step 7 : Writing kube_wordpress role:
Here we are copying the YAML codes for pod / service setup so we need three component of role here i.e. tasks, file & template (jinja2 format code files).
# cd role/kube_wordpress/tasks
# vim main.ymlWe have this template file for copying the Jinja2 file after processing to our slave nodes for requesting and mounting PV for our WordPress and MySQL nodes:
# cd role/k8s_master/vars
# vim storage.yml.j2We also have files for this role where 4 files named “kustomization.yml”, “mysql-deploy.yml”, “secret.yml”, “wordpress-deploy.yml” which will create pods.
Following are all the four files, basic concept of YAML code creation with reources, kind, apiVersion keywords of Kubernetes are written:
# cd role/kube_wordpress/files
# vim kustomization.yml
# vim mysql-deploy.yml
# vim secret.yml
# vim wordpress-deploy.ymlStep 8: Create Setup Playbook to run all the roles and Create the Cluster over AWS:
Finally Write our Setup.yml file that will automate all the tasks cumulatively by just calling those roles. We need to create the file inside our main workspace i.e kube_ansible:
# cd kube_ansible/
# vim setup.ymlStep 9: Running the Playbook Setup.yml
To run the playbook using ansible-playbook command and giving vault password to authenticate and login into AWS Account.
# ansible-playbook setup.yml -ask-vault-passHence we have achieved our target of “Automation — WordPress Deployment on Kubernetes Multi-Node Cluster launched over AWS using Ansible ”.
You can find this project over my GitHub, just fork and lets make the project more system independent and reliable to customers.
To contribute the Project, and for further query or opinion you may connect me over LinkedIN:
