Deploy the Wordpress application on Kubernetes and AWS using Terraform

4 min readOct 19, 2020

Task Description

Write an Infrastructure as code using terraform, which automatically deploy the Wordpress application
On AWS, use RDS service for the relational database for Wordpress application.
Deploy the Wordpress as a container either on top of Minikube or EKS or Fargate service on AWS
The Wordpress application should be accessible from the public world if deployed on AWS or through workstation if deployed on Minikube.

Terraform Code

1. Give provider details for aws and kubernetes

// AWS Provider
provider “aws” {
profile = “aditya”
region = “ap-south-1”
}
// Kubernetes Provider
provider “kubernetes” {
config_context_cluster = “minikube”
}

2. Create the VPC

resource “aws_vpc” “main” {
cidr_block = “10.10.0.0/16”
enable_dns_hostnames=true
enable_dns_support =true
tags = {
Name = “db_vpc”
}
}

3. Create the subnetes

resource “aws_subnet” “db_subnet1” {
vpc_id = aws_vpc.main.id
cidr_block = “10.10.0.0/24”
map_public_ip_on_launch = true
availability_zone = “ap-south-1a”
tags = {
Name = “subnet_db”
}
}
resource “aws_subnet” “db_subnet2” {
vpc_id = aws_vpc.main.id
cidr_block = “10.10.1.0/24”
map_public_ip_on_launch = true
availability_zone = “ap-south-1b”
tags = {
Name = “subnet_db”
}
}

4. Create the Internet Gateway

resource “aws_internet_gateway” “gw” {
vpc_id = aws_vpc.main.id
tags = {
Name = “mygw1”
}
}

5. Create the Route Table

resource “aws_route_table” “r” {
vpc_id = aws_vpc.main.id
route {
cidr_block = “0.0.0.0/0”
gateway_id = aws_internet_gateway.gw.id
}
tags = {
Name = “route1”
}
}

6. Connect Route Table to subnets

resource “aws_route_table_association” “a” {
subnet_id = aws_subnet.db_subnet1.id
route_table_id = aws_route_table.r.id
}
resource “aws_route_table_association” “b” {
subnet_id = aws_subnet.db_subnet2.id
route_table_id = aws_route_table.r.id
}

7. Create the Subnet Group for DB

resource “aws_db_subnet_group” “sub_ids” {
name = “main”
subnet_ids = [ “${aws_subnet.db_subnet1.id}”, “${aws_subnet.db_subnet2.id}” ]
tags = {
Name = “DB subnet group”
}
}

8. Create Security Group for DB

resource “aws_security_group” “db_sg” {
name = “allow_db”
description = “Allow WP to put data in DB”
vpc_id = aws_vpc.main.id
ingress {
description = “MySQL”
from_port = 3306
to_port = 3306
protocol = “tcp”
cidr_blocks = [“0.0.0.0/0”]
}
egress {
from_port = 0
to_port = 0
protocol = “-1”
cidr_blocks = [“0.0.0.0/0”]
}
tags = {
Name = “db-security”
}
}

9. Launch the Database instance

resource “aws_db_instance” “rdsWP” {
engine = “mysql”
engine_version = “5.7”
identifier = “wordpress-db”
username = “aditya”
password = “redhat123”
instance_class = “db.t2.micro”
storage_type = “gp2”
allocated_storage = 20
db_subnet_group_name = aws_db_subnet_group.sub_ids.id
vpc_security_group_ids = [aws_security_group.db_sg.id]
publicly_accessible = true
name = “wpdb”
parameter_group_name = “default.mysql5.7”
skip_final_snapshot = true
}

10. Launch the wordpress deployment

resource “kubernetes_deployment” “wpDeploy” {
depends_on = [
aws_db_instance.rdsWP
]
metadata {
name = “wordpress”
labels = {
app = “wordpress”
}
}
spec {
selector {
match_labels = {
app = “wordpress”
}
}
template {
metadata {
labels = {
app = “wordpress”
}
}
spec {
container {
image = “wordpress”
name = “wordpress-pod”
env {
name = “WORDPRESS_DB_HOST”
value = aws_db_instance.rdsWP.endpoint
}
env {
name = “WORDPRESS_DB_DATABASE”
value = aws_db_instance.rdsWP.name
}
env {
name = “WORDPRESS_DB_USER”
value = aws_db_instance.rdsWP.username
}
env {
name = “WORDPRESS_DB_PASSWORD”
value = aws_db_instance.rdsWP.password
}
port {
container_port = 80
}
}
}
}
}
}

11. Create service for wordpress

resource “kubernetes_service” “wpservice” {
depends_on = [
kubernetes_deployment.wpDeploy,
]
metadata {
name = “wp-service”
}
spec {
selector = {
app = “wordpress”
}
port {
port = 80
target_port = 80
node_port = 31002
}
type = “NodePort”
}
}