From da61704a43e4e0a25492071092d69ebeaace1ff3 Mon Sep 17 00:00:00 2001 From: mik-tf Date: Sun, 9 Nov 2025 21:32:34 -0500 Subject: [PATCH] refactor: Simplify WordPress deployment by removing ConfigMaps, PVCs, and init containers --- examples/nginx-variants.md | 365 ------------------- examples/wordpress/wordpress-configmap.yaml | 213 ----------- examples/wordpress/wordpress-deployment.yaml | 224 +++--------- examples/wordpress/wordpress.md | 336 +++-------------- 4 files changed, 109 insertions(+), 1029 deletions(-) delete mode 100644 examples/nginx-variants.md delete mode 100644 examples/wordpress/wordpress-configmap.yaml diff --git a/examples/nginx-variants.md b/examples/nginx-variants.md deleted file mode 100644 index 34fa860..0000000 --- a/examples/nginx-variants.md +++ /dev/null @@ -1,365 +0,0 @@ -# Nginx on Mycelium Cloud: Complete Deployment Guide - -This guide covers **4 different ways** to deploy nginx on Mycelium Cloud, from simple demos to production-ready deployments. - -## ๐Ÿ“š Quick Navigation - -| Variant | Status | Use Case | Access Pattern | Directory | -|---------|--------|----------|----------------|-----------| -| **hostNetwork** | โœ… Complete | Demo/POC | `[pod-ip]:8080` | [`nginx-mycelium/`](nginx-mycelium/) | -| **NodePort** | โœ… Complete | Testing/Dev | `[node-ip]:30091` | [`nginx-nodeport/`](nginx-nodeport/) | -| **LoadBalancer** | ๐Ÿšง Planned | Production | `[lb-ip]:80` | Coming soon | -| **Ingress** | ๐Ÿšง Planned | Web Apps | `domain.com` | Coming soon | - -## ๐ŸŽฏ Which One Should I Use? - -### Decision Tree - -``` -Start here - โ”‚ - โ”œโ”€ Just learning Kubernetes? โ†’ hostNetwork (nginx-mycelium) - โ”‚ - โ”œโ”€ Need production security? โ†’ NodePort (nginx-nodeport) - โ”‚ - โ”œโ”€ Need external LB? โ†’ LoadBalancer (coming soon) - โ”‚ - โ””โ”€ Need domains & SSL? โ†’ Ingress (coming soon) -``` - -### Detailed Comparison - -| Feature | hostNetwork | NodePort | LoadBalancer | Ingress | -|---------|-------------|----------|--------------|---------| -| **Complexity** | โญ Simple | โญโญ Easy | โญโญโญ Medium | โญโญโญโญ Advanced | -| **Security** | โš ๏ธ Low | โœ… Good | โœ… Good | โœ… Excellent | -| **Scalability** | โŒ Limited | โœ… Good | โœ… Excellent | โœ… Excellent | -| **Production Ready** | โŒ No | โœ… Yes | โœ… Yes | โœ… Yes | -| **Learning Value** | โœ… High | โœ… High | โœ… Medium | โœ… High | -| **Setup Time** | 2 min | 3 min | 5 min | 10 min | - -## ๐Ÿ“– Complete Variant Details - -### 1. hostNetwork (nginx-mycelium) - โญ Start Here - -**Best for:** Learning, experimentation, proof of concepts - -**How it works:** -- Pod directly accesses host network interfaces -- Pod gets the host node's Mycelium IPv6 address -- Direct access to Mycelium network without Kubernetes service layer - -**Access:** `http://[pod-mycelium-ipv6]:8080` - -**Pros:** -- โœ… Simplest setup -- โœ… Direct Mycelium IP access -- โœ… No service layer needed -- โœ… Fastest performance - -**Cons:** -- โŒ Security concerns (host network access) -- โŒ Port conflicts possible -- โŒ Can't scale multiple replicas on same node -- โŒ Not production-ready - -**Files:** -- [`nginx-mycelium/mycelium-website-nodeport.yaml`](nginx-mycelium/mycelium-website-nodeport.yaml) -- [`nginx-mycelium/test-ipv6-website.sh`](nginx-mycelium/test-ipv6-website.sh) - -**Quick Start:** -```bash -cd nginx-mycelium -kubectl apply -f mycelium-website-nodeport.yaml -kubectl wait --for=condition=ready pod -l app=mycelium-website --timeout=60s -POD_NAME=$(kubectl get pods -l app=mycelium-website -o name | head -1) -kubectl exec $POD_NAME -- ip addr show | grep "476:\|51d:\|552:" | head -1 -# Access at http://[ipv6]:8080 -``` - ---- - -### 2. NodePort (nginx-nodeport) - โœ… Recommended Starting Point - -**Best for:** Testing, development, production workloads with proper security - -**How it works:** -- Pod runs in isolated network namespace -- Kubernetes service exposes on NodePort (30091) -- Access via worker node's Mycelium IPv6 address -- kube-proxy routes: node:30091 โ†’ service:8080 โ†’ pod:8080 - -**Access:** `http://[worker-node-mycelium-ipv6]:30091` - -**Pros:** -- โœ… Enhanced security (pod isolation) -- โœ… Standard Kubernetes patterns -- โœ… Can scale to multiple replicas -- โœ… Production-ready -- โœ… Network policies supported -- โœ… Standard monitoring/debugging tools - -**Cons:** -- โš ๏ธ Slightly more complex than hostNetwork -- โš ๏ธ Need to use worker node IPs (not pod IPs) -- โš ๏ธ NodePort range limited (30000-32767) - -**Files:** -- [`nginx-nodeport/nginx-nodeport-deployment.yaml`](nginx-nodeport/nginx-nodeport-deployment.yaml) -- [`nginx-nodeport/nginx-nodeport-service.yaml`](nginx-nodeport/nginx-nodeport-service.yaml) -- [`nginx-nodeport/nginx-nodeport-configmaps.yaml`](nginx-nodeport/nginx-nodeport-configmaps.yaml) -- [`nginx-nodeport/test-nodeport-ipv6.sh`](nginx-nodeport/test-nodeport-ipv6.sh) -- [`nginx-nodeport/update-content.sh`](nginx-nodeport/update-content.sh) - -**Quick Start:** -```bash -cd nginx-nodeport -kubectl apply -f nginx-nodeport-configmaps.yaml -kubectl apply -f nginx-nodeport-deployment.yaml -kubectl apply -f nginx-nodeport-service.yaml -kubectl wait --for=condition=ready pod -l app=nginx-nodeport --timeout=60s - -# Get worker node IPv6 -NODE_IPV6=$(kubectl get nodes -o jsonpath='{.items[0].status.addresses[?(@.type=="InternalIP")].address}') -echo "Access at: http://[$NODE_IPV6]:30091" -``` - -**Testing:** -```bash -# Run comprehensive tests -./test-nodeport-ipv6.sh - -# Update content dynamically -./update-content.sh -``` - ---- - -### 3. LoadBalancer (Coming Soon) - ๐Ÿšง In Development - -**Best for:** Production deployments needing external IP addresses - -**How it works:** -- Similar to NodePort but with cloud load balancer -- Gets external IP address from cloud provider -- Standard ports (80, 443) - -**Access:** `http://[external-lb-ip]:80` - -**Pros:** -- โœ… Standard ports (80/443) -- โœ… External IP address -- โœ… Cloud-native load balancing -- โœ… Production-ready - -**Status:** Documentation and examples coming soon - ---- - -### 4. Ingress (Coming Soon) - ๐Ÿšง In Development - -**Best for:** Production web applications with custom domains and SSL - -**How it works:** -- Uses Ingress controller (nginx-ingress, traefik, etc.) -- Provides HTTP routing rules -- SSL/TLS termination -- Domain-based routing - -**Access:** `https://yourdomain.com` - -**Pros:** -- โœ… Custom domain support -- โœ… SSL/TLS certificates -- โœ… Path-based routing -- โœ… Most production-ready - -**Status:** Documentation and examples coming soon - ---- - -## ๐Ÿ”„ Migration Path - -### From hostNetwork to NodePort - -**Why migrate:** -- Better security -- Standard Kubernetes patterns -- Ability to scale -- Production readiness - -**Steps:** -1. Deploy NodePort version alongside hostNetwork -2. Test functionality with NodePort -3. Update any automation to use node IPs instead of pod IPs -4. Remove hostNetwork deployment - -**Example:** -```bash -# Deploy both versions -kubectl apply -f nginx-mycelium/mycelium-website-nodeport.yaml -kubectl apply -f nginx-nodeport/nginx-nodeport-deployment.yaml -kubectl apply -f nginx-nodeport/nginx-nodeport-service.yaml - -# Test both work -curl -6 http://[pod-ip]:8080 # hostNetwork -curl -6 http://[node-ip]:30091 # NodePort - -# Once validated, remove hostNetwork -kubectl delete -f nginx-mycelium/mycelium-website-nodeport.yaml -``` - ---- - -## ๐Ÿ› ๏ธ Common Operations - -### Discovery Scripts - -**Get all Mycelium IPv6 addresses:** -```bash -../../scripts/fetch-ip.sh -``` - -**Test IPv6 connectivity:** -```bash -# hostNetwork -cd nginx-mycelium && ./test-ipv6-website.sh - -# NodePort -cd nginx-nodeport && ./test-nodeport-ipv6.sh -``` - -### Content Updates - -**hostNetwork:** -```bash -cd nginx-mycelium -./update-content.sh -``` - -**NodePort:** -```bash -cd nginx-nodeport -./update-content.sh -kubectl rollout restart deployment/nginx-nodeport -``` - -### Scaling - -**NodePort only** (hostNetwork can't scale on same node): -```bash -kubectl scale deployment nginx-nodeport --replicas=3 -kubectl get pods -l app=nginx-nodeport -o wide -``` - ---- - -## ๐Ÿ“Š Technical Specifications - -### Network Flow Comparison - -**hostNetwork:** -``` -User โ†’ Mycelium Network โ†’ Pod's Mycelium IP:8080 โ†’ nginx -``` - -**NodePort:** -``` -User โ†’ Mycelium Network โ†’ Node's Mycelium IP:30091 โ†’ -kube-proxy โ†’ Service:8080 โ†’ Pod:8080 โ†’ nginx -``` - -**LoadBalancer (future):** -``` -User โ†’ Mycelium Network โ†’ External LB:80 โ†’ -Node โ†’ Service:8080 โ†’ Pod:8080 โ†’ nginx -``` - -**Ingress (future):** -``` -User โ†’ DNS โ†’ Mycelium Network โ†’ Ingress Controller:443 โ†’ -Service:8080 โ†’ Pod:8080 โ†’ nginx -``` - -### Port Allocation - -| Variant | External Port | Service Port | Pod Port | Notes | -|---------|---------------|--------------|----------|-------| -| hostNetwork | 8080 | 30090 (optional) | 8080 | Direct host port | -| NodePort | 30091 | 8080 | 8080 | NodePort range | -| LoadBalancer | 80 | 8080 | 8080 | Standard HTTP | -| Ingress | 80/443 | 8080 | 8080 | With SSL | - ---- - -## ๐ŸŽ“ Learning Path - -### Beginner (Week 1) -1. Start with **hostNetwork** to understand Mycelium networking basics -2. Learn how pods get IPv6 addresses -3. Understand Kubernetes pod deployment - -### Intermediate (Week 2) -1. Move to **NodePort** to learn Kubernetes services -2. Understand network isolation and security -3. Practice scaling and load balancing - -### Advanced (Week 3+) -1. Study LoadBalancer concepts and cloud integration -2. Learn Ingress controllers and SSL/TLS -3. Implement production monitoring and logging - ---- - -## ๐Ÿ”— Additional Resources - -- **Main Repository:** [../../README.md](../../README.md) -- **Mycelium Cloud Docs:** https://myceliumcloud.tf -- **fetch-ip.sh Script:** [../../scripts/fetch-ip.sh](../../scripts/fetch-ip.sh) -- **Compare Approaches:** [nginx-nodeport/compare-approaches.md](nginx-nodeport/compare-approaches.md) - ---- - -## ๐Ÿค Contributing - -Want to add the LoadBalancer or Ingress examples? - -1. Follow the established pattern (separate directory, comprehensive docs) -2. Include deployment YAML, service configuration, and test scripts -3. Add appropriate security considerations -4. Update this comparison document - ---- - -## ๐Ÿ“ Quick Reference - -### Common Commands - -```bash -# Discovery -../../scripts/fetch-ip.sh - -# Deploy hostNetwork -kubectl apply -f nginx-mycelium/mycelium-website-nodeport.yaml - -# Deploy NodePort -kubectl apply -f nginx-nodeport/*.yaml - -# Test -cd nginx-nodeport && ./test-nodeport-ipv6.sh - -# Scale (NodePort only) -kubectl scale deployment nginx-nodeport --replicas=3 - -# Update content -cd nginx-nodeport && ./update-content.sh - -# Cleanup -kubectl delete -f nginx-nodeport/*.yaml -kubectl delete -f nginx-mycelium/*.yaml -``` - ---- - -**Last Updated:** 2025-01-07 -**Status:** hostNetwork โœ… | NodePort โœ… | LoadBalancer ๐Ÿšง | Ingress ๐Ÿšง \ No newline at end of file diff --git a/examples/wordpress/wordpress-configmap.yaml b/examples/wordpress/wordpress-configmap.yaml deleted file mode 100644 index db850f3..0000000 --- a/examples/wordpress/wordpress-configmap.yaml +++ /dev/null @@ -1,213 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: wordpress-config -data: - # WordPress configuration - wp-config.php: | - - ServerAdmin webmaster@localhost - DocumentRoot /var/www/html - - # Directory configuration - - Options Indexes FollowSymLinks - AllowOverride All - Require all granted - - - # WordPress specific configuration - - Require all granted - - - - Require all granted - - - - Require all granted - - - - Require all granted - - - # Security headers - Header always set X-Content-Type-Options nosniff - Header always set X-Frame-Options DENY - Header always set X-XSS-Protection "1; mode=block" - - # Error and access logs - ErrorLog ${APACHE_LOG_DIR}/wordpress_error.log - CustomLog ${APACHE_LOG_DIR}/wordpress_access.log combined - - - # Initialization script for WordPress setup - init-wordpress.sh: | - #!/bin/bash - set -e - - echo "๐Ÿš€ Starting WordPress initialization..." - - # Wait for MariaDB to be ready - echo "โณ Waiting for MariaDB database..." - for i in {1..30}; do - if mysqladmin ping -h localhost -u wordpress -p"mycelium-secure-password-2025" --silent; then - echo "โœ… MariaDB is ready!" - break - fi - echo "โณ Waiting for database... (attempt $i/30)" - sleep 2 - done - - # Create WordPress database if it doesn't exist - echo "๐Ÿ“Š Setting up WordPress database..." - mysql -u wordpress -p"mycelium-secure-password-2025" -e "CREATE DATABASE IF NOT EXISTS wordpress CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;" 2>/dev/null || true - - # Set WordPress permissions - echo "๐Ÿ”’ Setting file permissions..." - chown -R www-data:www-data /var/www/html - chmod -R 755 /var/www/html - chmod -R 777 /var/www/html/wp-content 2>/dev/null || true - - # Create wp-config.php if it doesn't exist - if [ ! -f /var/www/html/wp-config.php ]; then - echo "๐Ÿ“ Creating WordPress configuration..." - cp /var/www/html/wp-config-sample.php /var/www/html/wp-config.php || true - - # Update wp-config.php with database settings - sed -i "s/database_name_here/wordpress/g" /var/www/html/wp-config.php - sed -i "s/username_here/wordpress/g" /var/www/html/wp-config.php - sed -i "s/password_here/mycelium-secure-password-2025/g" /var/www/html/wp-config.php - sed -i "s/localhost/localhost/g" /var/www/html/wp-config.php - fi - - # Check if WordPress is already installed - if mysql -u wordpress -p"mycelium-secure-password-2025" -e "USE wordpress; SHOW TABLES;" 2>/dev/null | grep -q "wp_options"; then - echo "โœ… WordPress is already installed and configured!" - else - echo "โœ… WordPress database setup complete!" - echo "๐ŸŒ WordPress will be available at: http://localhost:80" - echo "๐Ÿ“ Next steps: Complete WordPress setup through the web interface" - fi - - echo "๐ŸŽ‰ WordPress initialization complete!" - ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: wordpress-mariadb-config -data: - # MariaDB configuration - my.cnf: | - [mysqld] - # Basic settings - bind-address = 0.0.0.0 - port = 3306 - user = mysql - - # Character set and collation - character-set-server = utf8mb4 - collation-server = utf8mb4_unicode_ci - - # Memory settings (for small deployments) - innodb_buffer_pool_size = 64M - innodb_log_file_size = 16M - innodb_flush_log_at_trx_commit = 1 - innodb_flush_method = O_DIRECT - - # WordPress optimization - max_connections = 50 - max_allowed_packet = 64M - query_cache_size = 16M - query_cache_type = 1 - - # Security - skip-name-resolve - local-infile = 0 - - # Logging - log-error = /var/log/mysql/error.log - slow_query_log = 1 - slow_query_log_file = /var/log/mysql/slow.log - long_query_time = 2 - - [client] - default-character-set = utf8mb4 - - [mysql] - default-character-set = utf8mb4 - - # MariaDB initialization script - init-mariadb.sh: | - #!/bin/bash - set -e - - echo "๐Ÿ—„๏ธ Starting MariaDB initialization..." - - # Wait for MariaDB to start - echo "โณ Waiting for MariaDB to start..." - for i in {1..30}; do - if mysqladmin ping -h localhost --silent; then - echo "โœ… MariaDB is ready!" - break - fi - echo "โณ Waiting for MariaDB... (attempt $i/30)" - sleep 2 - done - - # Create WordPress database and user - echo "๐Ÿ“Š Creating WordPress database and user..." - mysql -u root << EOF - CREATE DATABASE IF NOT EXISTS wordpress CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci; - CREATE USER IF NOT EXISTS 'wordpress'@'localhost' IDENTIFIED BY 'mycelium-secure-password-2025'; - CREATE USER IF NOT EXISTS 'wordpress'@'%' IDENTIFIED BY 'mycelium-secure-password-2025'; - GRANT ALL PRIVILEGES ON wordpress.* TO 'wordpress'@'localhost'; - GRANT ALL PRIVILEGES ON wordpress.* TO 'wordpress'@'%'; - FLUSH PRIVILEGES; - EOF - - # Test database connection - echo "๐Ÿงช Testing database connection..." - mysql -u wordpress -p"mycelium-secure-password-2025" -e "SELECT 'Database connection successful' as status;" || echo "โš ๏ธ Database connection test failed, but database should be accessible." - - echo "โœ… MariaDB initialization complete!" \ No newline at end of file diff --git a/examples/wordpress/wordpress-deployment.yaml b/examples/wordpress/wordpress-deployment.yaml index a740af2..aa51ef2 100644 --- a/examples/wordpress/wordpress-deployment.yaml +++ b/examples/wordpress/wordpress-deployment.yaml @@ -1,29 +1,3 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: wordpress-database-pvc -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 5Gi - storageClassName: standard - ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: wordpress-content-pvc -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 2Gi - storageClassName: standard - ---- apiVersion: apps/v1 kind: Deployment metadata: @@ -40,7 +14,7 @@ spec: labels: app: wordpress spec: - # Prefer worker nodes only (not master nodes) - following nginx-nodeport pattern + # Follow the successful nginx-nodeport pattern - prefer worker nodes only affinity: nodeAffinity: preferredDuringSchedulingIgnoredDuringExecution: @@ -49,93 +23,21 @@ spec: matchExpressions: - key: node-role.kubernetes.io/control-plane operator: DoesNotExist - - weight: 50 - preference: - matchExpressions: - - key: node-role.kubernetes.io/master - operator: DoesNotExist containers: - # WordPress container (PHP + Apache) - - name: wordpress - image: wordpress:6.4-php8.2-apache - ports: - - containerPort: 80 - name: wordpress - env: - - name: WORDPRESS_DB_HOST - value: "localhost" - - name: WORDPRESS_DB_NAME - value: "wordpress" - - name: WORDPRESS_DB_USER - value: "wordpress" - - name: WORDPRESS_DB_PASSWORD - value: "mycelium-secure-password-2025" - - name: WORDPRESS_CONFIG_EXTRA - value: | - define('DISALLOW_FILE_EDIT', true); - define('FORCE_SSL_ADMIN', false); - define('WP_MEMORY_LIMIT', '256M'); - define('WP_MAX_MEMORY_LIMIT', '256M'); - @ini_set('upload_max_filesize', '64M'); - @ini_set('post_max_size', '64M'); - @ini_set('max_execution_time', 300); - volumeMounts: - - name: wordpress-content - mountPath: /var/www/html - - name: wordpress-config - mountPath: /var/www/html/wp-config.php - subPath: wp-config.php - - name: wordpress-config - mountPath: /etc/apache2/conf-available/wordpress.conf - subPath: wordpress.conf - - name: init-wordpress - mountPath: /init-wordpress.sh - subPath: init-wordpress.sh - resources: - requests: - memory: "128Mi" - cpu: "200m" - limits: - memory: "512Mi" - cpu: "500m" - livenessProbe: - httpGet: - path: / - port: 80 - initialDelaySeconds: 60 - periodSeconds: 30 - readinessProbe: - httpGet: - path: / - port: 80 - initialDelaySeconds: 30 - periodSeconds: 10 - - # MariaDB container (database) + # MariaDB database container - name: mariadb image: mariadb:10.11 ports: - containerPort: 3306 - name: mariadb env: - name: MARIADB_ROOT_PASSWORD - value: "mycelium-root-password-2025" + value: "root123" - name: MARIADB_DATABASE value: "wordpress" - name: MARIADB_USER value: "wordpress" - name: MARIADB_PASSWORD - value: "mycelium-secure-password-2025" - - name: MARIADB_CHARACTER_SET - value: "utf8mb4" - - name: MARIADB_COLLATION - value: "utf8mb4_unicode_ci" - volumeMounts: - - name: mariadb-database - mountPath: /var/lib/mysql - - name: mariadb-config - mountPath: /etc/mysql/conf.d/my.cnf - subPath: my.cnf + value: "wp123" resources: requests: memory: "64Mi" @@ -152,8 +54,8 @@ spec: - localhost - -u - root - - -p"mycelium-root-password-2025" - initialDelaySeconds: 60 + - -proot123 + initialDelaySeconds: 30 periodSeconds: 30 readinessProbe: exec: @@ -164,74 +66,46 @@ spec: - localhost - -u - root - - -p"mycelium-root-password-2025" - initialDelaySeconds: 30 - periodSeconds: 10 - - initContainers: - # Init container to initialize MariaDB - - name: init-mariadb - image: mariadb:10.11 - command: ["/bin/sh", "-c"] - args: - - | - echo "๐Ÿ”ง Starting MariaDB initialization..." - chmod +x /init-mariadb.sh - /init-mariadb.sh - echo "โœ… MariaDB initialization complete" - volumeMounts: - - name: mariadb-config - mountPath: /etc/mysql/conf.d/my.cnf - subPath: my.cnf - - name: mariadb-init - mountPath: /init-mariadb.sh - subPath: init-mariadb.sh - - # Init container to initialize WordPress - - name: init-wordpress - image: wordpress:6.4-php8.2-apache - command: ["/bin/sh", "-c"] - args: - - | - echo "๐Ÿ”ง Starting WordPress initialization..." - sleep 30 - chmod +x /init-wordpress.sh - /init-wordpress.sh - echo "โœ… WordPress initialization complete" - volumeMounts: - - name: wordpress-content - mountPath: /var/www/html - - name: wordpress-config - mountPath: /var/www/html/wp-config.php - subPath: wp-config.php - - name: init-wordpress - mountPath: /init-wordpress.sh - subPath: init-wordpress.sh - - volumes: - - name: wordpress-config - configMap: - name: wordpress-config - - name: mariadb-config - configMap: - name: wordpress-mariadb-config - - name: mariadb-init - configMap: - name: wordpress-mariadb-config - items: - - key: init-mariadb.sh - path: init-mariadb.sh - mode: 0755 - - name: init-wordpress - configMap: - name: wordpress-config - items: - - key: init-wordpress.sh - path: init-wordpress.sh - mode: 0755 - - name: mariadb-database - persistentVolumeClaim: - claimName: wordpress-database-pvc - - name: wordpress-content - persistentVolumeClaim: - claimName: wordpress-content-pvc \ No newline at end of file + - -proot123 + initialDelaySeconds: 15 + periodSeconds: 15 + + # WordPress web application container + - name: wordpress + image: wordpress:latest + ports: + - containerPort: 80 + env: + # Use container name for inter-container communication + - name: WORDPRESS_DB_HOST + value: "127.0.0.1" + - name: WORDPRESS_DB_NAME + value: "wordpress" + - name: WORDPRESS_DB_USER + value: "wordpress" + - name: WORDPRESS_DB_PASSWORD + value: "wp123" + - name: WORDPRESS_CONFIG_EXTRA + value: | + define('WP_MEMORY_LIMIT', '256M'); + @ini_set('upload_max_filesize', '64M'); + resources: + requests: + memory: "128Mi" + cpu: "200m" + limits: + memory: "512Mi" + cpu: "500m" + # Give WordPress much more time to initialize and connect to database + livenessProbe: + httpGet: + path: /wp-admin/install.php + port: 80 + initialDelaySeconds: 180 + periodSeconds: 45 + readinessProbe: + httpGet: + path: /wp-admin/install.php + port: 80 + initialDelaySeconds: 120 + periodSeconds: 30 \ No newline at end of file diff --git a/examples/wordpress/wordpress.md b/examples/wordpress/wordpress.md index 1e5a0ca..69ee6c8 100644 --- a/examples/wordpress/wordpress.md +++ b/examples/wordpress/wordpress.md @@ -9,18 +9,16 @@ This directory contains everything you need to deploy a WordPress CMS system: - **wordpress.md** - This comprehensive guide - **wordpress-deployment.yaml** - Multi-container pod deployment (WordPress + MariaDB) - **wordpress-service.yaml** - LoadBalancer service configuration -- **wordpress-configmap.yaml** - WordPress configuration, Apache config, and initialization scripts ## ๐Ÿš€ Quick Start (3 minutes) ```bash -# 1. Deploy WordPress stack (ConfigMaps, PVCs, Deployment, Service) -kubectl apply -f wordpress-configmap.yaml +# 1. Deploy WordPress stack (Deployment, Service) kubectl apply -f wordpress-deployment.yaml kubectl apply -f wordpress-service.yaml -# 2. Wait for pods to be ready -kubectl wait --for=condition=ready pod -l app=wordpress --timeout=300s +# 2. Wait for pods to be ready (should show 2/2 Running) +kubectl get pods -l app=wordpress # 3. Access WordPress kubectl port-forward service/wordpress-service 8080:80 & @@ -33,32 +31,28 @@ echo "๐ŸŒ Visit: http://localhost:8080" ## ๐Ÿ“‹ What You'll Learn -- โœ… Advanced Kubernetes patterns (multi-container pods, init containers) +- โœ… Advanced Kubernetes patterns (multi-container pods) - โœ… WordPress deployment and configuration -- โœ… MariaDB database deployment with persistent storage -- โœ… ConfigMap usage for application configuration +- โœ… MariaDB database deployment - โœ… LoadBalancer services on Mycelium Cloud -- โœ… PersistentVolume claims for data persistence -- โœ… Init container patterns for database initialization +- โœ… Container orchestration and health checks +- โœ… WordPress initialization and setup +- โœ… Database connectivity within pods - โœ… Production WordPress management -- โœ… Resource limits and container orchestration -- โœ… Health checks for both web and database services ## ๐Ÿ—๏ธ Architecture -This example uses a **multi-container pod pattern** with **persistent storage** and **init containers**: +This example uses a **multi-container pod pattern** following the successful Mycelium Cloud patterns: -**Network Flow:** +**Network Flow:** ``` kubectl port-forward โ†’ LoadBalancer Service โ†’ Pod (wordpress + mariadb) ``` **Multi-Container Architecture:** -- **wordpress**: WordPress 6.4 with PHP 8.2 and Apache (port 80) +- **wordpress**: WordPress with PHP 8.3 and Apache (port 80) - **mariadb**: MariaDB 10.11 database server (port 3306) -- **init-mariadb**: Init container for database setup -- **init-wordpress**: Init container for WordPress configuration -- **PersistentVolumes**: Database and WordPress content storage +- **Local communication**: Both containers in same pod using 127.0.0.1 ## ๐Ÿ”ง Files Explanation @@ -70,54 +64,33 @@ metadata: name: wordpress spec: replicas: 1 - selector: - matchLabels: - app: wordpress template: - metadata: - labels: - app: wordpress spec: - # Worker node preference (like nginx-nodeport) + # Follow successful Mycelium Cloud patterns affinity: nodeAffinity: preferredDuringSchedulingIgnoredDuringExecution: - weight: 100 preference: matchExpressions: - - key: node-role.kubernetes.io/master + - key: node-role.kubernetes.io/control-plane operator: DoesNotExist containers: - - name: wordpress - image: wordpress:6.4-php8.2-apache - ports: - - containerPort: 80 - env: - - name: WORDPRESS_DB_HOST - value: "localhost" - # ... WordPress environment variables + # MariaDB container - name: mariadb image: mariadb:10.11 - ports: - - containerPort: 3306 - env: - - name: MARIADB_ROOT_PASSWORD - value: "mycelium-root-password-2025" - # ... MariaDB environment variables - initContainers: - - name: init-mariadb - # Database initialization - - name: init-wordpress - # WordPress setup + # Database setup and health checks + # WordPress container + - name: wordpress + image: wordpress:latest + # Web server with database connectivity ``` **What it does:** - Creates multi-container pod with WordPress + MariaDB -- ConfigMap mounts for configuration and initialization scripts -- PersistentVolume claims for database and content storage -- Init containers for database and WordPress setup -- Resource limits for both containers -- Worker node preference for production deployments +- Worker node preference following successful patterns +- Proper health checks and resource limits +- Intra-pod database communication using 127.0.0.1 ### wordpress-service.yaml ```yaml @@ -126,102 +99,47 @@ kind: Service metadata: name: wordpress-service spec: + type: LoadBalancer + ipFamilies: + - IPv4 + - IPv6 + ipFamilyPolicy: RequireDualStack selector: app: wordpress ports: - name: wordpress port: 80 targetPort: 80 - type: LoadBalancer - ipFamilies: - - IPv4 - - IPv6 - ipFamilyPolicy: RequireDualStack ``` **What it does:** - Creates LoadBalancer service for Mycelium Cloud -- Exposes WordPress port 80 - Dual-stack (IPv4 + IPv6) support - Routes traffic to multi-container pod -### wordpress-configmap.yaml -```yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: wordpress-config -data: - wp-config.php: | - - # ... Apache configuration - init-wordpress.sh: | - #!/bin/bash - # WordPress initialization script -``` - -**What it does:** -- WordPress configuration (wp-config.php) -- Apache virtual host configuration -- Database initialization scripts -- WordPress setup automation - ## ๐ŸŒ Access Methods -### Method 1: Port-Forward (Recommended for Mycelium Cloud) +### Method 1: Port-Forward (Recommended) -**Option 1: Simple (Recommended)** ```bash -# Keep terminal open, forward WordPress port +# Simple port-forward kubectl port-forward service/wordpress-service 8080:80 # Access WordPress setup curl http://localhost:8080 ``` -**Option 2: Background** -```bash -# Start in background -nohup kubectl port-forward service/wordpress-service 8080:80 > wordpress-access.log 2>&1 & - -# Access WordPress -curl http://localhost:8080 -``` - ### Method 2: Direct Pod Access (Inside Cluster) **WordPress CLI Access:** ```bash -# Execute WordPress commands -kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c wordpress -- wp --allow-root --info - -# Access WordPress shell kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c wordpress -- /bin/bash ``` **Database Access:** ```bash # Access MariaDB -kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c mariadb -- mysql -u root -p"mycelium-root-password-2025" - -# WordPress database access -kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c mariadb -- mysql -u wordpress -p"mycelium-secure-password-2025" wordpress -``` - -### Method 3: LoadBalancer IP Access (If Available) - -```bash -# Get LoadBalancer IP (may be internal on Mycelium Cloud) -kubectl get svc wordpress-service - -# Access WordPress (if external IP available) -curl http://:80 +kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c mariadb -- mysql -u wordpress -p"wp123" wordpress ``` ## ๐Ÿ“Š WordPress Management @@ -236,39 +154,15 @@ curl http://:80 - Email: Your email address 4. **Complete Setup**: WordPress will create database tables and configure -### WordPress CLI Management -```bash -# Install WordPress CLI in pod -kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c wordpress -- \ - curl -O https://raw.githubusercontent.com/wp-cli/wp-cli/master/phar/wp-cli.phar && \ - chmod +x wp-cli.phar - -# Basic WordPress operations -kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c wordpress -- \ - ./wp-cli.phar --allow-root --info - -# List plugins -kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c wordpress -- \ - ./wp-cli.phar --allow-root plugin list - -# Install theme -kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c wordpress -- \ - ./wp-cli.phar --allow-root theme install twentytwentyfour -``` - ### Database Operations ```bash # Access WordPress database kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c mariadb -- \ - mysql -u wordpress -p"mycelium-secure-password-2025" wordpress -e "SHOW TABLES;" + mysql -u wordpress -p"wp123" wordpress -e "SHOW TABLES;" # Check WordPress users kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c mariadb -- \ - mysql -u wordpress -p"mycelium-secure-password-2025" wordpress -e "SELECT * FROM wp_users;" - -# Database backup -kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c mariadb -- \ - mysqldump -u wordpress -p"mycelium-secure-password-2025" wordpress > wordpress-backup.sql + mysql -u wordpress -p"wp123" wordpress -e "SELECT * FROM wp_users;" ``` ## ๐Ÿ” Troubleshooting @@ -281,11 +175,10 @@ kubectl get pods -l app=wordpress # Check service details kubectl get svc wordpress-service -# Check PersistentVolumeClaims -kubectl get pvc wordpress-database-pvc wordpress-content-pvc - -# Check ConfigMaps -kubectl get configmap wordpress-config wordpress-mariadb-config +# Check container logs +kubectl logs -l app=wordpress +kubectl logs -l app=wordpress -c wordpress +kubectl logs -l app=wordpress -c mariadb ``` ### Common Issues @@ -296,81 +189,31 @@ kubectl get configmap wordpress-config wordpress-mariadb-config kubectl describe pod -l app=wordpress # Check container logs -kubectl logs -l app=wordpress -kubectl logs -l app=wordpress -c wordpress +kubectl logs -l app=wordpress -c wordpress --previous kubectl logs -l app=wordpress -c mariadb --previous ``` #### Database Connection Issues ```bash -# Check MariaDB connectivity from WordPress container -kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c wordpress -- \ - mysqladmin ping -h localhost -u wordpress -p"mycelium-secure-password-2025" - -# Test database access +# Test database connectivity from WordPress container kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c mariadb -- \ - mysql -u root -p"mycelium-root-password-2025" -e "SHOW DATABASES;" + mysql -u wordpress -p"wp123" -e "SELECT 'Connection successful';" ``` -#### WordPress Installation Issues +#### WordPress Setup Issues ```bash # Check WordPress configuration kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c wordpress -- \ cat /var/www/html/wp-config.php - -# Check WordPress directory permissions -kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c wordpress -- \ - ls -la /var/www/html/ - -# Test WordPress initialization -kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c wordpress -- \ - /init-wordpress.sh -``` - -#### Persistent Volume Issues -```bash -# Check PVC status -kubectl describe pvc wordpress-database-pvc -kubectl describe pvc wordpress-content-pvc - -# Check volume mount in containers -kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c mariadb -- \ - ls -la /var/lib/mysql/ - -kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c wordpress -- \ - ls -la /var/www/html/ -``` - -#### Port Conflicts -```bash -# Check if port 8080 is in use -lsof -i :8080 - -# Check port 80 conflicts -kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c wordpress -- \ - netstat -tlnp | grep :80 ``` ## ๐Ÿ› ๏ธ Common Operations -### Scaling (Note: WordPress scaling is complex) -```bash -# Note: WordPress is typically single-instance due to file-based sessions -# For horizontal scaling, you'd need shared storage and session management -kubectl scale deployment wordpress --replicas=1 - -# Check distribution -kubectl get pods -o wide -``` - ### Updates ```bash # Update WordPress image kubectl set image deployment/wordpress wordpress=wordpress:6.5-php8.2-apache -# Update MariaDB image -kubectl set image deployment/wordpress mariadb=mariadb:11.0 - # Restart deployment kubectl rollout restart deployment/wordpress @@ -378,22 +221,9 @@ kubectl rollout restart deployment/wordpress kubectl rollout status deployment/wordpress ``` -### Data Management -```bash -# Access WordPress database -kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c mariadb -- mysql -u wordpress -p"mycelium-secure-password-2025" wordpress - -# Common database operations inside pod: -# SHOW TABLES; -# DESCRIBE wp_posts; -# SELECT * FROM wp_options; -# FLUSH PRIVILEGES; -``` - ### Monitoring ```bash # View logs from both containers -kubectl logs -f deployment/wordpress kubectl logs -f deployment/wordpress -c wordpress kubectl logs -f deployment/wordpress -c mariadb @@ -402,7 +232,7 @@ kubectl top pod -l app=wordpress # Check database status kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c mariadb -- \ - mysqladmin -u root -p"mycelium-root-password-2025" status + mysqladmin -u wordpress -p"wp123" status ``` ## ๐Ÿงน Cleanup @@ -411,7 +241,7 @@ When you're done testing: ```bash # Delete the application and service -kubectl delete -f wordpress-deployment.yaml -f wordpress-service.yaml -f wordpress-configmap.yaml +kubectl delete -f wordpress-deployment.yaml -f wordpress-service.yaml # Wait for cleanup kubectl wait --for=delete pod -l app=wordpress --timeout=60s @@ -421,27 +251,24 @@ lsof -ti:8080 | xargs kill -9 2>/dev/null || true # Verify cleanup kubectl get all -l app=wordpress -kubectl get pvc wordpress-database-pvc wordpress-content-pvc 2>/dev/null || echo "PVCs deleted" -kubectl get configmap wordpress-config wordpress-mariadb-config 2>/dev/null || echo "ConfigMaps deleted" ``` ## ๐ŸŽฏ What This Demonstrates This example shows: -- **Advanced Kubernetes patterns** - multi-container pods, init containers, persistent volumes -- **Production WordPress deployment** - proper configuration, security, performance -- **Database integration** - MariaDB setup, persistent storage, initialization -- **Mycelium Cloud networking** - LoadBalancer services, port-forwarding, dual-stack -- **Container orchestration** - resource management, health monitoring, init containers -- **Development workflows** - testing, debugging, configuration management -- **Production patterns** - worker node preferences, scaling considerations +- **Advanced Kubernetes patterns** - multi-container pods, health monitoring +- **Production WordPress deployment** - proper configuration, database integration +- **Database integration** - MariaDB setup, intra-pod communication +- **Mycelium Cloud networking** - LoadBalancer services, port-forwarding +- **Container orchestration** - resource management, health checks +- **Development workflows** - testing, debugging, WordPress setup ## ๐Ÿ”— Next Steps Once you understand this example, try: -1. **WordPress Clustering** - Multiple WordPress instances with shared database -2. **Advanced Scaling** - Load balancing, shared storage, session management +1. **WordPress Scaling** - Multiple WordPress instances with shared database +2. **WordPress Clustering** - Load balancing and session management 3. **WordPress Multisite** - Multiple WordPress sites on one deployment 4. **Plugin Management** - Automated plugin/theme deployment 5. **Backup Strategies** - Database and file backups @@ -457,70 +284,28 @@ Other available examples: - **python-flask/** - Python API server - **redis-cache/** - Data caching services - **nginx-nodeport/** - NodePort scaling with workers +- **nginx-load-balancer/** - LoadBalancer with replicas ## ๐Ÿ’ก Pro Tips 1. **Multi-Container Access**: Use `-c container-name` to access specific containers -2. **Init Containers**: Check init container logs for setup issues +2. **Database Testing**: Always test database connectivity when troubleshooting 3. **WordPress CLI**: Great for automated WordPress management 4. **Database Backup**: Always backup before major changes 5. **Resource Monitoring**: Watch memory usage, especially during WordPress operations -6. **Network Testing**: Use `kubectl exec` for internal cluster testing -7. **Background Services**: Use `&` to run multiple port-forwards -8. **Persistent Storage**: Verify PVC mounting for data persistence - -## ๐Ÿ”ง WordPress-Specific Tips - -### Plugin Management -```bash -# List installed plugins -kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c wordpress -- \ - ./wp-cli.phar --allow-root plugin list - -# Install popular plugins -kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c wordpress -- \ - ./wp-cli.phar --allow-root plugin install seo yoast-seo contact-form-7 -``` - -### Theme Management -```bash -# List installed themes -kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c wordpress -- \ - ./wp-cli.phar --allow-root theme list - -# Install and activate theme -kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c wordpress -- \ - ./wp-cli.phar --allow-root theme install twentytwentyfour --activate -``` - -### Content Management -```bash -# Create sample post -kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c wordpress -- \ - ./wp-cli.phar --allow-root post create --post_type=post --post_title="Welcome to Mycelium Cloud WordPress" --post_content="This is a sample post deployed on Mycelium Cloud!" --post_status=publish -``` - -### Database Maintenance -```bash -# Optimize database tables -kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c mariadb -- \ - mysql -u wordpress -p"mycelium-secure-password-2025" wordpress -e "OPTIMIZE TABLE wp_posts, wp_options;" - -# Check database size -kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c mariadb -- \ - mysql -u wordpress -p"mycelium-secure-password-2025" wordpress -e "SELECT table_schema AS 'Database', ROUND(SUM(data_length + index_length) / 1024 / 1024, 2) AS 'Size (MB)' FROM information_schema.tables WHERE table_schema = 'wordpress' GROUP BY table_schema;" -``` +6. **Health Checks**: Monitor the 2/2 ready status for both containers +7. **Port Conflicts**: Use different ports (8080, 8090, etc.) if conflicts occur +8. **WordPress Themes**: Test with different themes to understand WordPress capabilities ## ๐ŸŽ‰ Success Indicators You'll know everything is working when: - โœ… `kubectl get pods` shows "2/2 Running" for wordpress pod - โœ… `kubectl get svc` shows wordpress-service with LoadBalancer type -- โœ… `kubectl get pvc` shows both PVCs as "Bound" -- โœ… `curl http://localhost:8080` returns WordPress installation page -- โœ… Database initialization completes without errors -- โœ… WordPress setup wizard can be accessed and completed +- โœ… `curl http://localhost:8080` returns WordPress installation page (HTTP 200) - โœ… No errors in `kubectl get events` +- โœ… WordPress setup wizard can be accessed and completed +- โœ… Database connection works from both containers **Congratulations! You've successfully deployed a production-ready WordPress CMS system on Mycelium Cloud! ๐Ÿš€** @@ -534,7 +319,6 @@ If you encounter issues: 3. Ensure your cluster is healthy: `kubectl get pods --all-namespaces` 4. Check WordPress logs: `kubectl logs -l app=wordpress -c wordpress` 5. Check MariaDB logs: `kubectl logs -l app=wordpress -c mariadb` -6. Verify PersistentVolumeClaim status: `kubectl get pvc` -7. Test WordPress functionality via browser at http://localhost:8080 +6. Test WordPress functionality via browser at http://localhost:8080 For more help, visit our [documentation](../../README.md) or contact support. \ No newline at end of file