A secured and Managed Web Portal along with Database using AWS-RDS
Hello guys ,
In this blog we are going to create a great integration of AWS- EKS with AWS RDS using terraform code. By using AWS-EKS , we can get the Managed front-end and by AWS-RDS we get the Database connectivity. Here for front-end , we are going to use WordPress image.
Our main Agenda for this article, Deploy the Wordpress application on Kubernetes and AWS using terraform including the following steps:
1. Write an Infrastructure as code using terraform, which automatically deploy the Wordpress application.
2. On AWS, use RDS service for the relational database for Wordpress application.
3. Deploy the Wordpress as a container on EKS service on AWS
4. The Wordpress application would be accessible from the public world that is deployed on AWS.
Lets talk about some abbreviation and terminologies which are going to use in this article.
- Amazon Relational Database Service (Amazon RDS) : is a web service that makes it easier to set up, operate, and scale a relational database in the AWS Cloud. It provides cost-efficient, resizable capacity for an industry-standard relational database and manages common database administration tasks.
- Amazon EKS stands for Elastic Kubernetes Service, which is an Amazon offering that helps in running the Kubernetes on AWS without requiring the user to maintain their own Kubernetes control plane. It is a fully managed service by Amazon.
- Virtual Private Cloud (VPC) is a virtual network dedicated to your AWS account. It is logically isolated from other virtual networks in the AWS Cloud. You can launch your AWS resources, such as Amazon EC2 instances, into your VPC.
- IAM role is an entity that defines a set of permissions for making AWS service requests. IAM roles are not associated with a specific user or group. Instead, trusted entities assume roles, such as IAM users, applications, or AWS services such as EC2.
What does EKS do ?
Amazon EKS runs Kubernetes control plane instances across multiple Availability Zones to ensure high availability. Amazon EKS automatically detects and replaces unhealthy control plane instances, and it provides automated version upgrades and patching for them.
In this article, I am going to use a pre-created VPC for deploying the EKS cluster. For creating VPC , setting up Internet Gateway and creating Routing table, you can refer to the links below:
From Web-UI :
AWS EKS cluster for the Integration: OWNCLOUD with MySQL
A complete integration of OwnCloud with MySQL over AWS-EKS.
From CLI using Terraform :
Lets begin the integration here, we will complete this step by step :
Step 1 : Connect to the IAM user, with the code given below.
Step 2 : Configuring VPC for further use, with reference to the link above:
After successfully configuring this , we get the VPC ID , Subnet ID that will be used to deploy the Kubernetes cluster and for the setup of RDS within the same VPC.
Step 3 : Creating the Kubernetes cluster and deploying WordPress through kubectl, with the code below.
Now lets start creating our EKS cluster setup. For this cluster we are going to use the terraform code, where firstly we will create a IAM ROLE and then attach the required policies for our cluster. Then we will create our cluster named by “mycluster”.
- Creating IAM role policy:
2. Creating EKs cluster:
3. Attaching IAM role policy :
4. Creating Node Groups , here I am creating two node groups, one in each subnet or simply we can say in separate labs.
After this we need to deploy this code or need to apply this code in order to create the EKS cluster.
a). Initialize the terraform directory, using the command “terraform init” :
b). Now apply this terraform code, using command “terraform apply -auto-approve” :
After some seconds, we can check that cluster has been created or not ???
Yeah!!!!! it has been successfully created. Now we will move for the deployment of WordPress over this Kubernetes cluster.
One that need to be noticed is that in the terraform code for creating the cluster, we have used the VPC and subnets that we have created and not the default once i.e., we have created our own isolated cluster for running the EKS cluster.
Step 4 : Now update the kubeconfig file for managing our EKS cluster with the kubectl command, by using “ aws eks update-kubeconfig — — name < cluster name>” , here our cluster name is mycluster.
So guys, as we have successfully created the setup for our cluster, Now its time to create the deployments over these clusters without thinking about any downtime or any management issues beacause Kubernetes is a very intelligent and advanced tool for management. With the yml code we will make the deployments.
Step 5 : After this configuration we will deploy WordPress over this cluster, using kubectl and the yml code .
- Deploying WordPress over EKS cluster, using the code .
2. Apply this code to create the deployment with “kubectl apply -f wordpress-deployment.yml” command :
3. Get all the information about the deployment, using “kubectl get all -o wide” command :
Now after successful completion of wordpress deployment we can move to create a RDS database and connecting it to the EKS node group.
Step 6: Now i will Set up the VPC , internet gateway , Security group for the RDS service for storage, with the code below.
For creating and RDS , I am creating a separate VPC and then RDS will be setup , then i will create a peering connection from RDS VPC to EKS VPC.
Then routing tables need to be updated for both of VPCs. For the EKS routing table a new route should be created with a destination which corresponds to CIDR IP of RDS VPC, and the peering connection as a target. Similarly, we need to create a new route for the RDS routing table. This step, probably, is the most tricky one.
Since we are trying to connect the services from two different VPCs. For this I have created a peering connection between both the VPCs .
Adding security group for RDS :
Step 7 : Launching an RDS mysql storage using terraform code.
For this we will create a subnet group first :-
Now we will create the database ,
Finally we will apply this code , using “terraform apply -auto-aprove” command.
After some seconds, lets check that is it created or not ??
Yeah!!!! it is successfully created.
Step 8 : Finally we will move to the integration of WordPress that we have launched through Kubectl command on EKS cluster to the RDS database instance.
Firstly get the IP for WordPress instance that we have launched.
After providing username and password, we will install and launch the WordPress web site.
Finally, we have successfully created the integration of fully managed WordPress and MySQL database. Also, this is a fully secured website.