DEPLOY WORDPRESS WITH RDS BACKEND ON AWS USING TERRAFORM



Amazon Elastic Kubernetes Service

Amazon Elastic Kubernetes Service (Amazon EKS) is a fully managed Kubernetes service. Customers such as Intel, Snap, Intuit, GoDaddy, and Autodesk trust EKS to run their most sensitive and mission critical applications because of its security, reliability, and scalability.

Amazon Relational Database Service

Amazon Relational Database Service (or Amazon RDS) is a distributed relational database service by Amazon Web Services (AWS). It is a web service running “in the cloud” designed to simplify the setup, operation, and scaling of a relational database for use in applications.

Terraform

Terraform is an open-source infrastructure as code software tool created by HashiCorp. Users define and provision data center infrastructure using a declarative configuration language known as HashiCorp Configuration Language (HCL), or optionally JSON.

Wordpress

WordPress (WP, WordPress.org) is a free and open-source content management system (CMS) written in PHP and paired with a MySQL or MariaDB database.


Pre-requisites

  1. AWS Account

  2. Terraform installed

  3. AWS CLI configured


Process

1. First we need to specify the providers. For deploying the whole setup we need the aws and kubernetes providers.

provider "aws" 
{
region                  = "ap-south-1"
shared_credentials_file = "C:/Users/HP/.aws/credentials"
profile                 = "default"
}

provider "kubernetes" 
{
host                   = aws_eks_cluster.ekscluster.endpoint
cluster_ca_certificate = base64decode(aws_eks_cluster.ekscluster.certificate_authority[0].data)
token                  = data.aws_eks_cluster_auth.eksauth.token
load_config_file       = false
}

Terraform uses the aws provider to login to aws using the credentials file. The kubernetes provider on the other hand allows terraform to authenticate into the eks cluster and create the deployments, services etc.

2. Next part is creating the security groups.

resource "aws_security_group" "secure" 
{
name        = "secure"
description = "Allow TLS inbound traffic"
vpc_id      = "vpc-fa9a8792"

ingress 
{
description = "SSH"
from_port   = 22
to_port     = 22
protocol