Deploy WordPress with MySQL Database Service on Container Engine for Kubernetes
Take advantage of the flexibility and cost benefits of hosting your WordPress web pages and blogs on Oracle Cloud Infrastructure (OCI).
- Container Engine for Kubernetes (OKE) to provide a highly scalable and available Wordpress deployment without the need to deploy or manage a Kubernetes cluster.
- MySQL Database Service to provide a high-performing database for your WordPress application without the need to provision or manage the database.
- File Storage service for shared persistence storage (required by WordPress) that is accessible to all instances of the application to make it highly available.
Architecture
This reference architecture shows a highly available and scalable WordPress deployment in an OKE cluster. This deployment uses the File Storage service as persistent storage and MySQL Database Service as the database. A Load Balancer with an external IP is allocated to provide access to the WordPress application.
The following diagram illustrates this reference architecture.
Description of the illustration oci-mysql-oke-wordpress-arch.png
oci-mysql-oke-wordpress-arch-oracle.zip
The following section describes this reference architecture:
In the OKE cluster, you can select the number of WordPress application pods for the deployment. Each pod requires access to persistent shared storage. To provide the storage, a storage-class resource that maps to an NFS share on File Storage is created in the cluster. A persistent-volume resource then makes the storage offered by the storage class consumable by resources within the cluster. A persistent-volume-claim (PVC) resource is created to indicate that pods want to utilize the storage. The PVC is mapped in the WordPress application pods to access the storage.
The database for the WordPress application uses MySQL Database Service. The MySQL Database Service instance is created and managed from the OKE cluster as a custom resource defined with the OCI Service Operator for Kubernetes (OSOK).
The MySQL Database Service is deployed with High Availability (HA) using three MySQL Database Service instances deployed across different availability domains or fault domains. The WordPress application connects to a single endpoint to read and write to the database. In the event of failure, the database system will automatically failover to a secondary instance without reconfiguration of the WordPress application.
A Load Balancer is created and managed from the OKE cluster as a service resource with the LoadBalancer type.
The architecture has the following components:
- Region
An Oracle Cloud Infrastructure region is a localized geographic area that contains one or more data centers, called availability domains. Regions are independent of other regions, and vast distances can separate them (across countries or even continents).
- Availability domains
Availability domains are standalone, independent data centers within a region. The physical resources in each availability domain are isolated from the resources in the other availability domains, which provides fault tolerance. Availability domains don’t share infrastructure such as power or cooling, or the internal availability domain network. So, a failure at one availability domain is unlikely to affect the other availability domains in the region.
- Fault domains
A fault domain is a grouping of hardware and infrastructure within an availability domain. Each availability domain has three fault domains with independent power and hardware. When you distribute resources across multiple fault domains, your applications can tolerate physical server failure, system maintenance, and power failures inside a fault domain.
- Virtual cloud network (VCN) and subnets
A VCN is a customizable, software-defined network that you set up in an Oracle Cloud Infrastructure region. Like traditional data center networks, VCNs give you complete control over your network environment. A VCN can have multiple non-overlapping CIDR blocks that you can change after you create the VCN. You can segment a VCN into subnets, which can be scoped to a region or to an availability domain. Each subnet consists of a contiguous range of addresses that don't overlap with the other subnets in the VCN. You can change the size of a subnet after creation. A subnet can be public or private.
- Container Engine for Kubernetes
Oracle Cloud Infrastructure Container Engine for Kubernetes is a fully managed, scalable, and highly available service that you can use to deploy your containerized applications to the cloud. You specify the compute resources that your applications require, and Container Engine for Kubernetes provisions them on Oracle Cloud Infrastructure in an existing tenancy. Container Engine for Kubernetes uses Kubernetes to automate the deployment, scaling, and management of containerized applications across clusters of hosts.
- Oracle MySQL Database Service
Oracle MySQL Database Service is a fully managed Oracle Cloud Infrastructure (OCI) database service that lets developers quickly develop and deploy secure, cloud native applications. Optimized for and exclusively available in OCI, Oracle MySQL Database Service is 100% built, managed, and supported by the OCI and MySQL engineering teams.
Oracle MySQL Database Service has an integrated, high-performance analytics engine (HeatWave) to run sophisticated real-time analytics directly against an operational MySQL database.
- File storage
The Oracle Cloud Infrastructure File Storage service provides a durable, scalable, secure, enterprise-grade network file system. You can connect to a File Storage service file system from any bare metal, virtual machine, or container instance in a VCN. You can also access a file system from outside the VCN by using Oracle Cloud Infrastructure FastConnect and IPSec VPN.
- WordPress content management system (CMS)
WordPress CMS enables you to build a fully functional blog site or a general-purpose website.
- Network address translation (NAT) gateway
A NAT gateway enables private resources in a VCN to access hosts on the internet, without exposing those resources to incoming internet connections.
- Service gateway
The service gateway provides access from a VCN to other services, such as Oracle Cloud Infrastructure Object Storage. The traffic from the VCN to the Oracle service travels over the Oracle network fabric and never traverses the internet.
- Registry
Oracle Cloud Infrastructure Registry is an Oracle-managed registry that enables you to simplify your development-to-production workflow. Registry makes it easy for you to store, share, and manage development artifacts, like Docker images. The highly available and scalable architecture of Oracle Cloud Infrastructure ensures that you can deploy and manage your applications reliably.
- Load balancer
The Oracle Cloud Infrastructure Load Balancing service provides automated traffic distribution from a single entry point to multiple servers in the back end.
- Route table
Virtual route tables contain rules to route traffic from subnets to destinations outside a VCN, typically through gateways.
- Security list
For each subnet, you can create security rules that specify the source, destination, and type of traffic that must be allowed in and out of the subnet.
Recommendations
- VCN
When you create a VCN, determine the number of CIDR blocks required and the size of each block based on the number of resources that you plan to attach to subnets in the VCN. Use CIDR blocks that are within the standard private IP address space.
Select CIDR blocks that don't overlap with any other network (in Oracle Cloud Infrastructure, your on-premises data center, or another cloud provider) to which you intend to set up private connections.
After you create a VCN, you can change, add, and remove its CIDR blocks.
When you design the subnets, consider your traffic flow and security requirements. Attach all the resources within a specific tier or role to the same subnet, which can serve as a security boundary.
- Load balancer bandwidth
While creating the load balancer, you can either select a predefined shape that provides a fixed bandwidth, or specify a custom (flexible) shape where you set a bandwidth range and let the service scale the bandwidth automatically based on traffic patterns. With either approach, you can change the shape at any time after creating the load balancer.
- Security lists
Use security lists to define ingress and egress rules that apply to the entire subnet.
- Oracle MySQL Database Service
In this architecture, WordPress CMS stores the relational data in Oracle MySQL Database Service. We recommend using the latest version.
Considerations
When deploying WordPress in Oracle Cloud, consider the following for scalability and availability:
- Application availability
The WordPress application is deployed with multiple pods in the deployment to provide high-availability.
- My SQL Database Service availability and scalability
The MySQL Database Service displayed in the highly-available architecture makes use of the built-in MySQL High Availability option, which creates three instances and places them in different fault domains.
Deploy
This reference architecture can be deployed and managed from the OKE cluster without using the OCI console or CLI and automated with a Helm chart. The sample Helm chart for this reference architecture demonstrates how to bootstrap a WordPress deployment using a MySQL Database System as the database in a Kubernetes cluster deployed in OCI for HA or non-HA. You can download the code from GitHub, and customize it to suit your specific requirements.
- Go to GitHub - HA or GitHub - non-HA.
- Clone or download the repository to your local computer.
- Follow the instructions in the
READMEdocument.