{"id":20113374,"url":"https://github.com/cloudacademy/eks-k8s-wordpress","last_synced_at":"2025-05-06T12:30:30.172Z","repository":{"id":77791485,"uuid":"376671054","full_name":"cloudacademy/eks-k8s-wordpress","owner":"cloudacademy","description":"EKS K8s Wordpress Deployment","archived":false,"fork":false,"pushed_at":"2021-07-22T21:18:55.000Z","size":22,"stargazers_count":3,"open_issues_count":1,"forks_count":4,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-04-09T12:11:44.886Z","etag":null,"topics":["eks","eksctl","kubernetes","wordpress"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cloudacademy.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-06-14T01:00:47.000Z","updated_at":"2023-01-23T11:19:40.000Z","dependencies_parsed_at":"2023-03-12T02:04:58.934Z","dependency_job_id":null,"html_url":"https://github.com/cloudacademy/eks-k8s-wordpress","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cloudacademy%2Feks-k8s-wordpress","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cloudacademy%2Feks-k8s-wordpress/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cloudacademy%2Feks-k8s-wordpress/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cloudacademy%2Feks-k8s-wordpress/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cloudacademy","download_url":"https://codeload.github.com/cloudacademy/eks-k8s-wordpress/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252683364,"owners_count":21788024,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["eks","eksctl","kubernetes","wordpress"],"created_at":"2024-11-13T18:24:12.210Z","updated_at":"2025-05-06T12:30:30.167Z","avatar_url":"https://github.com/cloudacademy.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# eks-k8s-wordpress\nEKS K8s Wordpress Deployment\n\n## Establish RDS secrets\n\n```\nRDS_DATABASE_HOSTNAME=database-2.cluster-abcdefg12345.us-west-2.rds.amazonaws.com\nkubectl create secret generic mysql-config --from-literal=host=$RDS_DATABASE_HOSTNAME --from-literal=password=password\n```\n\n## Create Cluster OIDC\n```\neksctl utils associate-iam-oidc-provider --cluster \u003ccluster_name\u003e --approve\n```\n\n## ALB - Install ALB Ingress Controller\n```\n#https://docs.aws.amazon.com/eks/latest/userguide/aws-load-balancer-controller.html\n\ncurl -o iam_policy.json https://raw.githubusercontent.com/kubernetes-sigs/aws-load-balancer-controller/v2.2.0/docs/install/iam_policy.json\n\naws iam create-policy \\\n --policy-name AWSLoadBalancerControllerIAMPolicy \\\n --policy-document file://iam_policy.json\n\neksctl create iamserviceaccount \\\n --cluster basic-cluster \\\n --namespace kube-system \\\n --name aws-load-balancer-controller \\\n --attach-policy-arn=arn:aws:iam::111122223333:policy/AWSLoadBalancerControllerIAMPolicy \\\n --override-existing-serviceaccounts \\\n --approve\n\nkubectl apply \\\n --validate=false \\\n -f https://github.com/jetstack/cert-manager/releases/download/v1.1.1/cert-manager.yaml\n\ncurl -o v2_2_0_full.yaml https://raw.githubusercontent.com/kubernetes-sigs/aws-load-balancer-controller/v2.2.0/docs/install/v2_2_0_full.yaml\n\n#update\n#replace your-cluster-name on line 797 in the Deployment spec section of the file with the name of your cluster.\n\nkubectl apply -f v2_2_0_full.yaml\n\nkubectl get deployment -n kube-system aws-load-balancer-controller\n```\n\n## EFS - Create FileSystem\n\n```\nVPC_ID=$(aws eks describe-cluster --name $CLUSTER_NAME --query \"cluster.resourcesVpcConfig.vpcId\" --output text)\nCIDR_BLOCK=$(aws ec2 describe-vpcs --vpc-ids $VPC_ID --query \"Vpcs[].CidrBlock\" --output text)\nMOUNT_TARGET_GROUP_NAME=\"eks-efs-group\"\nMOUNT_TARGET_GROUP_DESC=\"NFS access to EFS from EKS worker nodes\"\nMOUNT_TARGET_GROUP_ID=$(aws ec2 create-security-group --group-name $MOUNT_TARGET_GROUP_NAME --description \"$MOUNT_TARGET_GROUP_DESC\" --vpc-id $VPC_ID | jq --raw-output '.GroupId')\naws ec2 authorize-security-group-ingress --group-id $MOUNT_TARGET_GROUP_ID --protocol tcp --port 2049 --cidr $CIDR_BLOCK\nFILE_SYSTEM_ID=$(aws efs create-file-system | jq --raw-output '.FileSystemId')\naws efs describe-file-systems --file-system-id $FILE_SYSTEM_ID\n \naws efs create-mount-target --file-system-id $FILE_SYSTEM_ID --security-groups $MOUNT_TARGET_GROUP_ID --subnet-id K8S-NODE-SUBNET-ID-HERE\naws efs create-mount-target --file-system-id $FILE_SYSTEM_ID --security-groups $MOUNT_TARGET_GROUP_ID --subnet-id K8S-NODE-SUBNET-ID-HERE\naws efs create-mount-target --file-system-id $FILE_SYSTEM_ID --security-groups $MOUNT_TARGET_GROUP_ID --subnet-id K8S-NODE-SUBNET-ID-HERE\n\naws efs describe-file-systems --query \"FileSystems[*].FileSystemId\" --output text\naws efs describe-mount-targets --file-system-id $FILE_SYSTEM_ID | jq --raw-output '.MountTargets[].LifeCycleState'\n```\n\n## EFS - Install Driver\n\n```\nkubectl apply -k https://github.com/kubernetes-sigs/aws-efs-csi-driver/blob/master/deploy/kubernetes/overlays/stable/kustomization.yaml\n\ncurl -o iam-policy-example.json https://raw.githubusercontent.com/kubernetes-sigs/aws-efs-csi-driver/v1.2.0/docs/iam-policy-example.json\naws iam create-policy \\\n --policy-name AmazonEKS_EFS_CSI_Driver_Policy \\\n --policy-document file://iam-policy-example.json\n\neksctl create iamserviceaccount \\\n --cluster basic-cluster \\\n --namespace kube-system \\\n --name efs-csi-controller-sa \\ \n --attach-policy-arn arn:aws:iam::111122223333:policy/AmazonEKS_EFS_CSI_Driver_Policy \\\n --override-existing-serviceaccounts \\\n --approve\n\nkubectl kustomize \"github.com/kubernetes-sigs/aws-efs-csi-driver/deploy/kubernetes/overlays/stable/ecr?ref=release-1.2\" \u003e driver.yaml\nkubectl apply -f driver.yaml\n```\n\n## Diagnostics\n \n```\nkubectl get pods -o wide\nkubectl run multitool --image=praqma/network-multitool\nkubectl exec -it multitool -- sh\ncurl -I http://192.168.23.185/index.php\n```\n\n```\nkubectl run --rm -it --image=mysql:5.7 --restart=Never mysql-client -- bash\nmysql -h database-1.cluster-cvgfzwfzx0aa.us-west-2.rds.amazonaws.com -P 3306 -u admin -p\nmysql -h database-1.cluster-cvgfzwfzx0aa.us-west-2.rds.amazonaws.com -P 3306 --ssl-ca=aws-ca-bundle.pem --ssl-mode=VERIFY_IDENTITY -u admin -p\n```\n\n```\nkubectl logs wordpress-7df79f95df-f5n62 -c wordpress\nkubectl logs wordpress-7df79f95df-f5n62 -c nginx\n```\n\n```\nkubectl exec -it wordpress-7df79f95df-f5n62 -c nginx -- bash\nnginx -t\n```\n\n```\nkubectl exec -it wordpress-7df79f95df-f5n62 -c wordpress -- bash\n```\n\n\n```\ntcpdump -i eth0 -s 0 -l -w - dst port 3306 | strings\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcloudacademy%2Feks-k8s-wordpress","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcloudacademy%2Feks-k8s-wordpress","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcloudacademy%2Feks-k8s-wordpress/lists"}