tfgrid/myceliumcloud-examples
11
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: Simplify WordPress deployment by removing ConfigMaps, PVCs, and init containers

Browse Source
This commit is contained in:
mik-tf
2025-11-09 21:32:34 -05:00
parent a356271d8b
commit da61704a43
4 changed files with 109 additions and 1029 deletions
Download Patch File Download Diff File Expand all files Collapse all files

365
examples/nginx-variants.md
View File

@@ -1,365 +0,0 @@
# Nginx on Mycelium Cloud: Complete Deployment Guide
This guide covers **4 different ways** to deploy nginx on Mycelium Cloud, from simple demos to production-ready deployments.
## 📚 Quick Navigation
| Variant | Status | Use Case | Access Pattern | Directory |
|---------|--------|----------|----------------|-----------|
| **hostNetwork** | ✅ Complete | Demo/POC | `[pod-ip]:8080` | [`nginx-mycelium/`](nginx-mycelium/) |
| **NodePort** | ✅ Complete | Testing/Dev | `[node-ip]:30091` | [`nginx-nodeport/`](nginx-nodeport/) |
| **LoadBalancer** | 🚧 Planned | Production | `[lb-ip]:80` | Coming soon |
| **Ingress** | 🚧 Planned | Web Apps | `domain.com` | Coming soon |
## 🎯 Which One Should I Use?
### Decision Tree
```
Start here
├─ Just learning Kubernetes? → hostNetwork (nginx-mycelium)
├─ Need production security? → NodePort (nginx-nodeport)
├─ Need external LB? → LoadBalancer (coming soon)
└─ Need domains & SSL? → Ingress (coming soon)
```
### Detailed Comparison
| Feature | hostNetwork | NodePort | LoadBalancer | Ingress |
|---------|-------------|----------|--------------|---------|
| **Complexity** | ⭐ Simple | ⭐⭐ Easy | ⭐⭐⭐ Medium | ⭐⭐⭐⭐ Advanced |
| **Security** | ⚠️ Low | ✅ Good | ✅ Good | ✅ Excellent |
| **Scalability** | ❌ Limited | ✅ Good | ✅ Excellent | ✅ Excellent |
| **Production Ready** | ❌ No | ✅ Yes | ✅ Yes | ✅ Yes |
| **Learning Value** | ✅ High | ✅ High | ✅ Medium | ✅ High |
| **Setup Time** | 2 min | 3 min | 5 min | 10 min |
## 📖 Complete Variant Details
### 1. hostNetwork (nginx-mycelium) - ⭐ Start Here
**Best for:** Learning, experimentation, proof of concepts
**How it works:**
- Pod directly accesses host network interfaces
- Pod gets the host node's Mycelium IPv6 address
- Direct access to Mycelium network without Kubernetes service layer
**Access:** `http://[pod-mycelium-ipv6]:8080`
**Pros:**
- ✅ Simplest setup
- ✅ Direct Mycelium IP access
- ✅ No service layer needed
- ✅ Fastest performance
**Cons:**
- ❌ Security concerns (host network access)
- ❌ Port conflicts possible
- ❌ Can't scale multiple replicas on same node
- ❌ Not production-ready
**Files:**
- [`nginx-mycelium/mycelium-website-nodeport.yaml`](nginx-mycelium/mycelium-website-nodeport.yaml)
- [`nginx-mycelium/test-ipv6-website.sh`](nginx-mycelium/test-ipv6-website.sh)
**Quick Start:**
```bash
cd nginx-mycelium
kubectl apply -f mycelium-website-nodeport.yaml
kubectl wait --for=condition=ready pod -l app=mycelium-website --timeout=60s
POD_NAME=$(kubectl get pods -l app=mycelium-website -o name | head -1)
kubectl exec $POD_NAME -- ip addr show | grep "476:\|51d:\|552:" | head -1
# Access at http://[ipv6]:8080
```
---
### 2. NodePort (nginx-nodeport) - ✅ Recommended Starting Point
**Best for:** Testing, development, production workloads with proper security
**How it works:**
- Pod runs in isolated network namespace
- Kubernetes service exposes on NodePort (30091)
- Access via worker node's Mycelium IPv6 address
- kube-proxy routes: node:30091 → service:8080 → pod:8080
**Access:** `http://[worker-node-mycelium-ipv6]:30091`
**Pros:**
- ✅ Enhanced security (pod isolation)
- ✅ Standard Kubernetes patterns
- ✅ Can scale to multiple replicas
- ✅ Production-ready
- ✅ Network policies supported
- ✅ Standard monitoring/debugging tools
**Cons:**
- ⚠️ Slightly more complex than hostNetwork
- ⚠️ Need to use worker node IPs (not pod IPs)
- ⚠️ NodePort range limited (30000-32767)
**Files:**
- [`nginx-nodeport/nginx-nodeport-deployment.yaml`](nginx-nodeport/nginx-nodeport-deployment.yaml)
- [`nginx-nodeport/nginx-nodeport-service.yaml`](nginx-nodeport/nginx-nodeport-service.yaml)
- [`nginx-nodeport/nginx-nodeport-configmaps.yaml`](nginx-nodeport/nginx-nodeport-configmaps.yaml)
- [`nginx-nodeport/test-nodeport-ipv6.sh`](nginx-nodeport/test-nodeport-ipv6.sh)
- [`nginx-nodeport/update-content.sh`](nginx-nodeport/update-content.sh)
**Quick Start:**
```bash
cd nginx-nodeport
kubectl apply -f nginx-nodeport-configmaps.yaml
kubectl apply -f nginx-nodeport-deployment.yaml
kubectl apply -f nginx-nodeport-service.yaml
kubectl wait --for=condition=ready pod -l app=nginx-nodeport --timeout=60s
# Get worker node IPv6
NODE_IPV6=$(kubectl get nodes -o jsonpath='{.items[0].status.addresses[?(@.type=="InternalIP")].address}')
echo "Access at: http://[$NODE_IPV6]:30091"
```
**Testing:**
```bash
# Run comprehensive tests
./test-nodeport-ipv6.sh
# Update content dynamically
./update-content.sh
```
---
### 3. LoadBalancer (Coming Soon) - 🚧 In Development
**Best for:** Production deployments needing external IP addresses
**How it works:**
- Similar to NodePort but with cloud load balancer
- Gets external IP address from cloud provider
- Standard ports (80, 443)
**Access:** `http://[external-lb-ip]:80`
**Pros:**
- ✅ Standard ports (80/443)
- ✅ External IP address
- ✅ Cloud-native load balancing
- ✅ Production-ready
**Status:** Documentation and examples coming soon
---
### 4. Ingress (Coming Soon) - 🚧 In Development
**Best for:** Production web applications with custom domains and SSL
**How it works:**
- Uses Ingress controller (nginx-ingress, traefik, etc.)
- Provides HTTP routing rules
- SSL/TLS termination
- Domain-based routing
**Access:** `https://yourdomain.com`
**Pros:**
- ✅ Custom domain support
- ✅ SSL/TLS certificates
- ✅ Path-based routing
- ✅ Most production-ready
**Status:** Documentation and examples coming soon
---
## 🔄 Migration Path
### From hostNetwork to NodePort
**Why migrate:**
- Better security
- Standard Kubernetes patterns
- Ability to scale
- Production readiness
**Steps:**
1. Deploy NodePort version alongside hostNetwork
2. Test functionality with NodePort
3. Update any automation to use node IPs instead of pod IPs
4. Remove hostNetwork deployment
**Example:**
```bash
# Deploy both versions
kubectl apply -f nginx-mycelium/mycelium-website-nodeport.yaml
kubectl apply -f nginx-nodeport/nginx-nodeport-deployment.yaml
kubectl apply -f nginx-nodeport/nginx-nodeport-service.yaml
# Test both work
curl -6 http://[pod-ip]:8080 # hostNetwork
curl -6 http://[node-ip]:30091 # NodePort
# Once validated, remove hostNetwork
kubectl delete -f nginx-mycelium/mycelium-website-nodeport.yaml
```
---
## 🛠️ Common Operations
### Discovery Scripts
**Get all Mycelium IPv6 addresses:**
```bash
../../scripts/fetch-ip.sh
```
**Test IPv6 connectivity:**
```bash
# hostNetwork
cd nginx-mycelium && ./test-ipv6-website.sh
# NodePort
cd nginx-nodeport && ./test-nodeport-ipv6.sh
```
### Content Updates
**hostNetwork:**
```bash
cd nginx-mycelium
./update-content.sh
```
**NodePort:**
```bash
cd nginx-nodeport
./update-content.sh
kubectl rollout restart deployment/nginx-nodeport
```
### Scaling
**NodePort only** (hostNetwork can't scale on same node):
```bash
kubectl scale deployment nginx-nodeport --replicas=3
kubectl get pods -l app=nginx-nodeport -o wide
```
---
## 📊 Technical Specifications
### Network Flow Comparison
**hostNetwork:**
```
User → Mycelium Network → Pod's Mycelium IP:8080 → nginx
```
**NodePort:**
```
User → Mycelium Network → Node's Mycelium IP:30091 →
kube-proxy → Service:8080 → Pod:8080 → nginx
```
**LoadBalancer (future):**
```
User → Mycelium Network → External LB:80 →
Node → Service:8080 → Pod:8080 → nginx
```
**Ingress (future):**
```
User → DNS → Mycelium Network → Ingress Controller:443 →
Service:8080 → Pod:8080 → nginx
```
### Port Allocation
| Variant | External Port | Service Port | Pod Port | Notes |
|---------|---------------|--------------|----------|-------|
| hostNetwork | 8080 | 30090 (optional) | 8080 | Direct host port |
| NodePort | 30091 | 8080 | 8080 | NodePort range |
| LoadBalancer | 80 | 8080 | 8080 | Standard HTTP |
| Ingress | 80/443 | 8080 | 8080 | With SSL |
---
## 🎓 Learning Path
### Beginner (Week 1)
1. Start with **hostNetwork** to understand Mycelium networking basics
2. Learn how pods get IPv6 addresses
3. Understand Kubernetes pod deployment
### Intermediate (Week 2)
1. Move to **NodePort** to learn Kubernetes services
2. Understand network isolation and security
3. Practice scaling and load balancing
### Advanced (Week 3+)
1. Study LoadBalancer concepts and cloud integration
2. Learn Ingress controllers and SSL/TLS
3. Implement production monitoring and logging
---
## 🔗 Additional Resources
- **Main Repository:** [../../README.md](../../README.md)
- **Mycelium Cloud Docs:** https://myceliumcloud.tf
- **fetch-ip.sh Script:** [../../scripts/fetch-ip.sh](../../scripts/fetch-ip.sh)
- **Compare Approaches:** [nginx-nodeport/compare-approaches.md](nginx-nodeport/compare-approaches.md)
---
## 🤝 Contributing
Want to add the LoadBalancer or Ingress examples?
1. Follow the established pattern (separate directory, comprehensive docs)
2. Include deployment YAML, service configuration, and test scripts
3. Add appropriate security considerations
4. Update this comparison document
---
## 📝 Quick Reference
### Common Commands
```bash
# Discovery
../../scripts/fetch-ip.sh
# Deploy hostNetwork
kubectl apply -f nginx-mycelium/mycelium-website-nodeport.yaml
# Deploy NodePort
kubectl apply -f nginx-nodeport/*.yaml
# Test
cd nginx-nodeport && ./test-nodeport-ipv6.sh
# Scale (NodePort only)
kubectl scale deployment nginx-nodeport --replicas=3
# Update content
cd nginx-nodeport && ./update-content.sh
# Cleanup
kubectl delete -f nginx-nodeport/*.yaml
kubectl delete -f nginx-mycelium/*.yaml
```
---
**Last Updated:** 2025-01-07
**Status:** hostNetwork ✅ | NodePort ✅ | LoadBalancer 🚧 | Ingress 🚧

213
examples/wordpress/wordpress-configmap.yaml
View File

@@ -1,213 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: wordpress-config
data:
# WordPress configuration
wp-config.php: |
<?php
define('DB_NAME', 'wordpress');
define('DB_USER', 'wordpress');
define('DB_PASSWORD', 'mycelium-secure-password-2025');
define('DB_HOST', 'localhost');
define('DB_CHARSET', 'utf8mb4');
define('DB_COLLATE', '');
# Auth keys for security
define('AUTH_KEY', 'put your unique phrase here');
define('SECURE_AUTH_KEY', 'put your unique phrase here');
define('LOGGED_IN_KEY', 'put your unique phrase here');
define('NONCE_KEY', 'put your unique phrase here');
define('AUTH_SALT', 'put your unique phrase here');
define('SECURE_AUTH_SALT', 'put your unique phrase here');
define('LOGGED_IN_SALT', 'put your unique phrase here');
define('NONCE_SALT', 'put your unique phrase here');
# WordPress configuration
$table_prefix = 'wp_';
define('WP_DEBUG', false);
# Memory limits
ini_set('memory_limit', '256M');
@ini_set('upload_max_filesize', '64M');
@ini_set('post_max_size', '64M');
@ini_set('max_execution_time', 300);
# WordPress path
if (!defined('ABSPATH')) {
define('ABSPATH', __DIR__ . '/');
}
require_once ABSPATH . 'wp-settings.php';
# Apache configuration for WordPress
wordpress.conf: |
<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
# Directory configuration
<Directory /var/www/html>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
# WordPress specific configuration
<Directory /var/www/html/wp-admin>
Require all granted
</Directory>
<Directory /var/www/html/wp-includes>
Require all granted
</Directory>
<Directory /var/www/html/wp-content/plugins>
Require all granted
</Directory>
<Directory /var/www/html/wp-content/themes>
Require all granted
</Directory>
# Security headers
Header always set X-Content-Type-Options nosniff
Header always set X-Frame-Options DENY
Header always set X-XSS-Protection "1; mode=block"
# Error and access logs
ErrorLog ${APACHE_LOG_DIR}/wordpress_error.log
CustomLog ${APACHE_LOG_DIR}/wordpress_access.log combined
</VirtualHost>
# Initialization script for WordPress setup
init-wordpress.sh: |
#!/bin/bash
set -e
echo "🚀 Starting WordPress initialization..."
# Wait for MariaDB to be ready
echo "⏳ Waiting for MariaDB database..."
for i in {1..30}; do
if mysqladmin ping -h localhost -u wordpress -p"mycelium-secure-password-2025" --silent; then
echo "✅ MariaDB is ready!"
break
fi
echo "⏳ Waiting for database... (attempt $i/30)"
sleep 2
done
# Create WordPress database if it doesn't exist
echo "📊 Setting up WordPress database..."
mysql -u wordpress -p"mycelium-secure-password-2025" -e "CREATE DATABASE IF NOT EXISTS wordpress CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;" 2>/dev/null || true
# Set WordPress permissions
echo "🔒 Setting file permissions..."
chown -R www-data:www-data /var/www/html
chmod -R 755 /var/www/html
chmod -R 777 /var/www/html/wp-content 2>/dev/null || true
# Create wp-config.php if it doesn't exist
if [ ! -f /var/www/html/wp-config.php ]; then
echo "📝 Creating WordPress configuration..."
cp /var/www/html/wp-config-sample.php /var/www/html/wp-config.php || true
# Update wp-config.php with database settings
sed -i "s/database_name_here/wordpress/g" /var/www/html/wp-config.php
sed -i "s/username_here/wordpress/g" /var/www/html/wp-config.php
sed -i "s/password_here/mycelium-secure-password-2025/g" /var/www/html/wp-config.php
sed -i "s/localhost/localhost/g" /var/www/html/wp-config.php
fi
# Check if WordPress is already installed
if mysql -u wordpress -p"mycelium-secure-password-2025" -e "USE wordpress; SHOW TABLES;" 2>/dev/null | grep -q "wp_options"; then
echo "✅ WordPress is already installed and configured!"
else
echo "✅ WordPress database setup complete!"
echo "🌐 WordPress will be available at: http://localhost:80"
echo "📝 Next steps: Complete WordPress setup through the web interface"
fi
echo "🎉 WordPress initialization complete!"
---
apiVersion: v1
kind: ConfigMap
metadata:
name: wordpress-mariadb-config
data:
# MariaDB configuration
my.cnf: |
[mysqld]
# Basic settings
bind-address = 0.0.0.0
port = 3306
user = mysql
# Character set and collation
character-set-server = utf8mb4
collation-server = utf8mb4_unicode_ci
# Memory settings (for small deployments)
innodb_buffer_pool_size = 64M
innodb_log_file_size = 16M
innodb_flush_log_at_trx_commit = 1
innodb_flush_method = O_DIRECT
# WordPress optimization
max_connections = 50
max_allowed_packet = 64M
query_cache_size = 16M
query_cache_type = 1
# Security
skip-name-resolve
local-infile = 0
# Logging
log-error = /var/log/mysql/error.log
slow_query_log = 1
slow_query_log_file = /var/log/mysql/slow.log
long_query_time = 2
[client]
default-character-set = utf8mb4
[mysql]
default-character-set = utf8mb4
# MariaDB initialization script
init-mariadb.sh: |
#!/bin/bash
set -e
echo "🗄️ Starting MariaDB initialization..."
# Wait for MariaDB to start
echo "⏳ Waiting for MariaDB to start..."
for i in {1..30}; do
if mysqladmin ping -h localhost --silent; then
echo "✅ MariaDB is ready!"
break
fi
echo "⏳ Waiting for MariaDB... (attempt $i/30)"
sleep 2
done
# Create WordPress database and user
echo "📊 Creating WordPress database and user..."
mysql -u root << EOF
CREATE DATABASE IF NOT EXISTS wordpress CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
CREATE USER IF NOT EXISTS 'wordpress'@'localhost' IDENTIFIED BY 'mycelium-secure-password-2025';
CREATE USER IF NOT EXISTS 'wordpress'@'%' IDENTIFIED BY 'mycelium-secure-password-2025';
GRANT ALL PRIVILEGES ON wordpress.* TO 'wordpress'@'localhost';
GRANT ALL PRIVILEGES ON wordpress.* TO 'wordpress'@'%';
FLUSH PRIVILEGES;
EOF
# Test database connection
echo "🧪 Testing database connection..."
mysql -u wordpress -p"mycelium-secure-password-2025" -e "SELECT 'Database connection successful' as status;" || echo "⚠️ Database connection test failed, but database should be accessible."
echo "✅ MariaDB initialization complete!"

222
examples/wordpress/wordpress-deployment.yaml
View File

@@ -1,29 +1,3 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: wordpress-database-pvc
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 5Gi
storageClassName: standard
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: wordpress-content-pvc
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 2Gi
storageClassName: standard
---
apiVersion: apps/v1
kind: Deployment
metadata:
@@ -40,7 +14,7 @@ spec:
labels:
app: wordpress
spec:
# Prefer worker nodes only (not master nodes) - following nginx-nodeport pattern
# Follow the successful nginx-nodeport pattern - prefer worker nodes only
affinity:
nodeAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
@@ -49,93 +23,21 @@ spec:
matchExpressions:
- key: node-role.kubernetes.io/control-plane
operator: DoesNotExist
- weight: 50
preference:
matchExpressions:
- key: node-role.kubernetes.io/master
operator: DoesNotExist
containers:
# WordPress container (PHP + Apache)
- name: wordpress
image: wordpress:6.4-php8.2-apache
ports:
- containerPort: 80
name: wordpress
env:
- name: WORDPRESS_DB_HOST
value: "localhost"
- name: WORDPRESS_DB_NAME
value: "wordpress"
- name: WORDPRESS_DB_USER
value: "wordpress"
- name: WORDPRESS_DB_PASSWORD
value: "mycelium-secure-password-2025"
- name: WORDPRESS_CONFIG_EXTRA
value: |
define('DISALLOW_FILE_EDIT', true);
define('FORCE_SSL_ADMIN', false);
define('WP_MEMORY_LIMIT', '256M');
define('WP_MAX_MEMORY_LIMIT', '256M');
@ini_set('upload_max_filesize', '64M');
@ini_set('post_max_size', '64M');
@ini_set('max_execution_time', 300);
volumeMounts:
- name: wordpress-content
mountPath: /var/www/html
- name: wordpress-config
mountPath: /var/www/html/wp-config.php
subPath: wp-config.php
- name: wordpress-config
mountPath: /etc/apache2/conf-available/wordpress.conf
subPath: wordpress.conf
- name: init-wordpress
mountPath: /init-wordpress.sh
subPath: init-wordpress.sh
resources:
requests:
memory: "128Mi"
cpu: "200m"
limits:
memory: "512Mi"
cpu: "500m"
livenessProbe:
httpGet:
path: /
port: 80
initialDelaySeconds: 60
periodSeconds: 30
readinessProbe:
httpGet:
path: /
port: 80
initialDelaySeconds: 30
periodSeconds: 10
# MariaDB container (database)
# MariaDB database container
- name: mariadb
image: mariadb:10.11
ports:
- containerPort: 3306
name: mariadb
env:
- name: MARIADB_ROOT_PASSWORD
value: "mycelium-root-password-2025"
value: "root123"
- name: MARIADB_DATABASE
value: "wordpress"
- name: MARIADB_USER
value: "wordpress"
- name: MARIADB_PASSWORD
value: "mycelium-secure-password-2025"
- name: MARIADB_CHARACTER_SET
value: "utf8mb4"
- name: MARIADB_COLLATION
value: "utf8mb4_unicode_ci"
volumeMounts:
- name: mariadb-database
mountPath: /var/lib/mysql
- name: mariadb-config
mountPath: /etc/mysql/conf.d/my.cnf
subPath: my.cnf
value: "wp123"
resources:
requests:
memory: "64Mi"
@@ -152,8 +54,8 @@ spec:
- localhost
- -u
- root
- -p"mycelium-root-password-2025"
initialDelaySeconds: 60
- -proot123
initialDelaySeconds: 30
periodSeconds: 30
readinessProbe:
exec:
@@ -164,74 +66,46 @@ spec:
- localhost
- -u
- root
- -p"mycelium-root-password-2025"
initialDelaySeconds: 30
periodSeconds: 10
- -proot123
initialDelaySeconds: 15
periodSeconds: 15
initContainers:
# Init container to initialize MariaDB
- name: init-mariadb
image: mariadb:10.11
command: ["/bin/sh", "-c"]
args:
- |
echo "🔧 Starting MariaDB initialization..."
chmod +x /init-mariadb.sh
/init-mariadb.sh
echo "✅ MariaDB initialization complete"
volumeMounts:
- name: mariadb-config
mountPath: /etc/mysql/conf.d/my.cnf
subPath: my.cnf
- name: mariadb-init
mountPath: /init-mariadb.sh
subPath: init-mariadb.sh
# Init container to initialize WordPress
- name: init-wordpress
image: wordpress:6.4-php8.2-apache
command: ["/bin/sh", "-c"]
args:
- |
echo "🔧 Starting WordPress initialization..."
sleep 30
chmod +x /init-wordpress.sh
/init-wordpress.sh
echo "✅ WordPress initialization complete"
volumeMounts:
- name: wordpress-content
mountPath: /var/www/html
- name: wordpress-config
mountPath: /var/www/html/wp-config.php
subPath: wp-config.php
- name: init-wordpress
mountPath: /init-wordpress.sh
subPath: init-wordpress.sh
volumes:
- name: wordpress-config
configMap:
name: wordpress-config
- name: mariadb-config
configMap:
name: wordpress-mariadb-config
- name: mariadb-init
configMap:
name: wordpress-mariadb-config
items:
- key: init-mariadb.sh
path: init-mariadb.sh
mode: 0755
- name: init-wordpress
configMap:
name: wordpress-config
items:
- key: init-wordpress.sh
path: init-wordpress.sh
mode: 0755
- name: mariadb-database
persistentVolumeClaim:
claimName: wordpress-database-pvc
- name: wordpress-content
persistentVolumeClaim:
claimName: wordpress-content-pvc
# WordPress web application container
- name: wordpress
image: wordpress:latest
ports:
- containerPort: 80
env:
# Use container name for inter-container communication
- name: WORDPRESS_DB_HOST
value: "127.0.0.1"
- name: WORDPRESS_DB_NAME
value: "wordpress"
- name: WORDPRESS_DB_USER
value: "wordpress"
- name: WORDPRESS_DB_PASSWORD
value: "wp123"
- name: WORDPRESS_CONFIG_EXTRA
value: |
define('WP_MEMORY_LIMIT', '256M');
@ini_set('upload_max_filesize', '64M');
resources:
requests:
memory: "128Mi"
cpu: "200m"
limits:
memory: "512Mi"
cpu: "500m"
# Give WordPress much more time to initialize and connect to database
livenessProbe:
httpGet:
path: /wp-admin/install.php
port: 80
initialDelaySeconds: 180
periodSeconds: 45
readinessProbe:
httpGet:
path: /wp-admin/install.php
port: 80
initialDelaySeconds: 120
periodSeconds: 30

334
examples/wordpress/wordpress.md
View File

@@ -9,18 +9,16 @@ This directory contains everything you need to deploy a WordPress CMS system:
- **wordpress.md** - This comprehensive guide
- **wordpress-deployment.yaml** - Multi-container pod deployment (WordPress + MariaDB)
- **wordpress-service.yaml** - LoadBalancer service configuration
- **wordpress-configmap.yaml** - WordPress configuration, Apache config, and initialization scripts
## 🚀 Quick Start (3 minutes)
```bash
# 1. Deploy WordPress stack (ConfigMaps, PVCs, Deployment, Service)
kubectl apply -f wordpress-configmap.yaml
# 1. Deploy WordPress stack (Deployment, Service)
kubectl apply -f wordpress-deployment.yaml
kubectl apply -f wordpress-service.yaml
# 2. Wait for pods to be ready
kubectl wait --for=condition=ready pod -l app=wordpress --timeout=300s
# 2. Wait for pods to be ready (should show 2/2 Running)
kubectl get pods -l app=wordpress
# 3. Access WordPress
kubectl port-forward service/wordpress-service 8080:80 &
@@ -33,20 +31,18 @@ echo "🌐 Visit: http://localhost:8080"
## 📋 What You'll Learn
- ✅ Advanced Kubernetes patterns (multi-container pods, init containers)
- ✅ Advanced Kubernetes patterns (multi-container pods)
- ✅ WordPress deployment and configuration
- ✅ MariaDB database deployment with persistent storage
- ✅ ConfigMap usage for application configuration
- ✅ MariaDB database deployment
- ✅ LoadBalancer services on Mycelium Cloud
-PersistentVolume claims for data persistence
-Init container patterns for database initialization
-Container orchestration and health checks
-WordPress initialization and setup
- ✅ Database connectivity within pods
- ✅ Production WordPress management
- ✅ Resource limits and container orchestration
- ✅ Health checks for both web and database services
## 🏗️ Architecture
This example uses a **multi-container pod pattern** with **persistent storage** and **init containers**:
This example uses a **multi-container pod pattern** following the successful Mycelium Cloud patterns:
**Network Flow:**
```
@@ -54,11 +50,9 @@ kubectl port-forward → LoadBalancer Service → Pod (wordpress + mariadb)
```
**Multi-Container Architecture:**
- **wordpress**: WordPress 6.4 with PHP 8.2 and Apache (port 80)
- **wordpress**: WordPress with PHP 8.3 and Apache (port 80)
- **mariadb**: MariaDB 10.11 database server (port 3306)
- **init-mariadb**: Init container for database setup
- **init-wordpress**: Init container for WordPress configuration
- **PersistentVolumes**: Database and WordPress content storage
- **Local communication**: Both containers in same pod using 127.0.0.1
## 🔧 Files Explanation
@@ -70,54 +64,33 @@ metadata:
name: wordpress
spec:
replicas: 1
selector:
matchLabels:
app: wordpress
template:
metadata:
labels:
app: wordpress
spec:
# Worker node preference (like nginx-nodeport)
# Follow successful Mycelium Cloud patterns
affinity:
nodeAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
preference:
matchExpressions:
- key: node-role.kubernetes.io/master
- key: node-role.kubernetes.io/control-plane
operator: DoesNotExist
containers:
- name: wordpress
image: wordpress:6.4-php8.2-apache
ports:
- containerPort: 80
env:
- name: WORDPRESS_DB_HOST
value: "localhost"
# ... WordPress environment variables
# MariaDB container
- name: mariadb
image: mariadb:10.11
ports:
- containerPort: 3306
env:
- name: MARIADB_ROOT_PASSWORD
value: "mycelium-root-password-2025"
# ... MariaDB environment variables
initContainers:
- name: init-mariadb
# Database initialization
- name: init-wordpress
# WordPress setup
# Database setup and health checks
# WordPress container
- name: wordpress
image: wordpress:latest
# Web server with database connectivity
```
**What it does:**
- Creates multi-container pod with WordPress + MariaDB
- ConfigMap mounts for configuration and initialization scripts
- PersistentVolume claims for database and content storage
- Init containers for database and WordPress setup
- Resource limits for both containers
- Worker node preference for production deployments
- Worker node preference following successful patterns
- Proper health checks and resource limits
- Intra-pod database communication using 127.0.0.1
### wordpress-service.yaml
```yaml
@@ -126,102 +99,47 @@ kind: Service
metadata:
name: wordpress-service
spec:
type: LoadBalancer
ipFamilies:
- IPv4
- IPv6
ipFamilyPolicy: RequireDualStack
selector:
app: wordpress
ports:
- name: wordpress
port: 80
targetPort: 80
type: LoadBalancer
ipFamilies:
- IPv4
- IPv6
ipFamilyPolicy: RequireDualStack
```
**What it does:**
- Creates LoadBalancer service for Mycelium Cloud
- Exposes WordPress port 80
- Dual-stack (IPv4 + IPv6) support
- Routes traffic to multi-container pod
### wordpress-configmap.yaml
```yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: wordpress-config
data:
wp-config.php: |
<?php
define('DB_NAME', 'wordpress');
define('DB_USER', 'wordpress');
define('DB_PASSWORD', 'mycelium-secure-password-2025');
# ... WordPress configuration
wordpress.conf: |
<VirtualHost *:80>
# ... Apache configuration
init-wordpress.sh: |
#!/bin/bash
# WordPress initialization script
```
**What it does:**
- WordPress configuration (wp-config.php)
- Apache virtual host configuration
- Database initialization scripts
- WordPress setup automation
## 🌐 Access Methods
### Method 1: Port-Forward (Recommended for Mycelium Cloud)
### Method 1: Port-Forward (Recommended)
**Option 1: Simple (Recommended)**
```bash
# Keep terminal open, forward WordPress port
# Simple port-forward
kubectl port-forward service/wordpress-service 8080:80
# Access WordPress setup
curl http://localhost:8080
```
**Option 2: Background**
```bash
# Start in background
nohup kubectl port-forward service/wordpress-service 8080:80 > wordpress-access.log 2>&1 &
# Access WordPress
curl http://localhost:8080
```
### Method 2: Direct Pod Access (Inside Cluster)
**WordPress CLI Access:**
```bash
# Execute WordPress commands
kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c wordpress -- wp --allow-root --info
# Access WordPress shell
kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c wordpress -- /bin/bash
```
**Database Access:**
```bash
# Access MariaDB
kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c mariadb -- mysql -u root -p"mycelium-root-password-2025"
# WordPress database access
kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c mariadb -- mysql -u wordpress -p"mycelium-secure-password-2025" wordpress
```
### Method 3: LoadBalancer IP Access (If Available)
```bash
# Get LoadBalancer IP (may be internal on Mycelium Cloud)
kubectl get svc wordpress-service
# Access WordPress (if external IP available)
curl http://<external-ip>:80
kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c mariadb -- mysql -u wordpress -p"wp123" wordpress
```
## 📊 WordPress Management
@@ -236,39 +154,15 @@ curl http://<external-ip>:80
- Email: Your email address
4. **Complete Setup**: WordPress will create database tables and configure
### WordPress CLI Management
```bash
# Install WordPress CLI in pod
kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c wordpress -- \
curl -O https://raw.githubusercontent.com/wp-cli/wp-cli/master/phar/wp-cli.phar && \
chmod +x wp-cli.phar
# Basic WordPress operations
kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c wordpress -- \
./wp-cli.phar --allow-root --info
# List plugins
kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c wordpress -- \
./wp-cli.phar --allow-root plugin list
# Install theme
kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c wordpress -- \
./wp-cli.phar --allow-root theme install twentytwentyfour
```
### Database Operations
```bash
# Access WordPress database
kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c mariadb -- \
mysql -u wordpress -p"mycelium-secure-password-2025" wordpress -e "SHOW TABLES;"
mysql -u wordpress -p"wp123" wordpress -e "SHOW TABLES;"
# Check WordPress users
kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c mariadb -- \
mysql -u wordpress -p"mycelium-secure-password-2025" wordpress -e "SELECT * FROM wp_users;"
# Database backup
kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c mariadb -- \
mysqldump -u wordpress -p"mycelium-secure-password-2025" wordpress > wordpress-backup.sql
mysql -u wordpress -p"wp123" wordpress -e "SELECT * FROM wp_users;"
```
## 🔍 Troubleshooting
@@ -281,11 +175,10 @@ kubectl get pods -l app=wordpress
# Check service details
kubectl get svc wordpress-service
# Check PersistentVolumeClaims
kubectl get pvc wordpress-database-pvc wordpress-content-pvc
# Check ConfigMaps
kubectl get configmap wordpress-config wordpress-mariadb-config
# Check container logs
kubectl logs -l app=wordpress
kubectl logs -l app=wordpress -c wordpress
kubectl logs -l app=wordpress -c mariadb
```
### Common Issues
@@ -296,81 +189,31 @@ kubectl get configmap wordpress-config wordpress-mariadb-config
kubectl describe pod -l app=wordpress
# Check container logs
kubectl logs -l app=wordpress
kubectl logs -l app=wordpress -c wordpress
kubectl logs -l app=wordpress -c wordpress --previous
kubectl logs -l app=wordpress -c mariadb --previous
```
#### Database Connection Issues
```bash
# Check MariaDB connectivity from WordPress container
kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c wordpress -- \
mysqladmin ping -h localhost -u wordpress -p"mycelium-secure-password-2025"
# Test database access
# Test database connectivity from WordPress container
kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c mariadb -- \
mysql -u root -p"mycelium-root-password-2025" -e "SHOW DATABASES;"
mysql -u wordpress -p"wp123" -e "SELECT 'Connection successful';"
```
#### WordPress Installation Issues
#### WordPress Setup Issues
```bash
# Check WordPress configuration
kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c wordpress -- \
cat /var/www/html/wp-config.php
# Check WordPress directory permissions
kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c wordpress -- \
ls -la /var/www/html/
# Test WordPress initialization
kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c wordpress -- \
/init-wordpress.sh
```
#### Persistent Volume Issues
```bash
# Check PVC status
kubectl describe pvc wordpress-database-pvc
kubectl describe pvc wordpress-content-pvc
# Check volume mount in containers
kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c mariadb -- \
ls -la /var/lib/mysql/
kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c wordpress -- \
ls -la /var/www/html/
```
#### Port Conflicts
```bash
# Check if port 8080 is in use
lsof -i :8080
# Check port 80 conflicts
kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c wordpress -- \
netstat -tlnp | grep :80
```
## 🛠️ Common Operations
### Scaling (Note: WordPress scaling is complex)
```bash
# Note: WordPress is typically single-instance due to file-based sessions
# For horizontal scaling, you'd need shared storage and session management
kubectl scale deployment wordpress --replicas=1
# Check distribution
kubectl get pods -o wide
```
### Updates
```bash
# Update WordPress image
kubectl set image deployment/wordpress wordpress=wordpress:6.5-php8.2-apache
# Update MariaDB image
kubectl set image deployment/wordpress mariadb=mariadb:11.0
# Restart deployment
kubectl rollout restart deployment/wordpress
@@ -378,22 +221,9 @@ kubectl rollout restart deployment/wordpress
kubectl rollout status deployment/wordpress
```
### Data Management
```bash
# Access WordPress database
kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c mariadb -- mysql -u wordpress -p"mycelium-secure-password-2025" wordpress
# Common database operations inside pod:
# SHOW TABLES;
# DESCRIBE wp_posts;
# SELECT * FROM wp_options;
# FLUSH PRIVILEGES;
```
### Monitoring
```bash
# View logs from both containers
kubectl logs -f deployment/wordpress
kubectl logs -f deployment/wordpress -c wordpress
kubectl logs -f deployment/wordpress -c mariadb
@@ -402,7 +232,7 @@ kubectl top pod -l app=wordpress
# Check database status
kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c mariadb -- \
mysqladmin -u root -p"mycelium-root-password-2025" status
mysqladmin -u wordpress -p"wp123" status
```
## 🧹 Cleanup
@@ -411,7 +241,7 @@ When you're done testing:
```bash
# Delete the application and service
kubectl delete -f wordpress-deployment.yaml -f wordpress-service.yaml -f wordpress-configmap.yaml
kubectl delete -f wordpress-deployment.yaml -f wordpress-service.yaml
# Wait for cleanup
kubectl wait --for=delete pod -l app=wordpress --timeout=60s
@@ -421,27 +251,24 @@ lsof -ti:8080 | xargs kill -9 2>/dev/null || true
# Verify cleanup
kubectl get all -l app=wordpress
kubectl get pvc wordpress-database-pvc wordpress-content-pvc 2>/dev/null || echo "PVCs deleted"
kubectl get configmap wordpress-config wordpress-mariadb-config 2>/dev/null || echo "ConfigMaps deleted"
```
## 🎯 What This Demonstrates
This example shows:
- **Advanced Kubernetes patterns** - multi-container pods, init containers, persistent volumes
- **Production WordPress deployment** - proper configuration, security, performance
- **Database integration** - MariaDB setup, persistent storage, initialization
- **Mycelium Cloud networking** - LoadBalancer services, port-forwarding, dual-stack
- **Container orchestration** - resource management, health monitoring, init containers
- **Development workflows** - testing, debugging, configuration management
- **Production patterns** - worker node preferences, scaling considerations
- **Advanced Kubernetes patterns** - multi-container pods, health monitoring
- **Production WordPress deployment** - proper configuration, database integration
- **Database integration** - MariaDB setup, intra-pod communication
- **Mycelium Cloud networking** - LoadBalancer services, port-forwarding
- **Container orchestration** - resource management, health checks
- **Development workflows** - testing, debugging, WordPress setup
## 🔗 Next Steps
Once you understand this example, try:
1. **WordPress Clustering** - Multiple WordPress instances with shared database
2. **Advanced Scaling** - Load balancing, shared storage, session management
1. **WordPress Scaling** - Multiple WordPress instances with shared database
2. **WordPress Clustering** - Load balancing and session management
3. **WordPress Multisite** - Multiple WordPress sites on one deployment
4. **Plugin Management** - Automated plugin/theme deployment
5. **Backup Strategies** - Database and file backups
@@ -457,70 +284,28 @@ Other available examples:
- **python-flask/** - Python API server
- **redis-cache/** - Data caching services
- **nginx-nodeport/** - NodePort scaling with workers
- **nginx-load-balancer/** - LoadBalancer with replicas
## 💡 Pro Tips
1. **Multi-Container Access**: Use `-c container-name` to access specific containers
2. **Init Containers**: Check init container logs for setup issues
2. **Database Testing**: Always test database connectivity when troubleshooting
3. **WordPress CLI**: Great for automated WordPress management
4. **Database Backup**: Always backup before major changes
5. **Resource Monitoring**: Watch memory usage, especially during WordPress operations
6. **Network Testing**: Use `kubectl exec` for internal cluster testing
7. **Background Services**: Use `&` to run multiple port-forwards
8. **Persistent Storage**: Verify PVC mounting for data persistence
## 🔧 WordPress-Specific Tips
### Plugin Management
```bash
# List installed plugins
kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c wordpress -- \
./wp-cli.phar --allow-root plugin list
# Install popular plugins
kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c wordpress -- \
./wp-cli.phar --allow-root plugin install seo yoast-seo contact-form-7
```
### Theme Management
```bash
# List installed themes
kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c wordpress -- \
./wp-cli.phar --allow-root theme list
# Install and activate theme
kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c wordpress -- \
./wp-cli.phar --allow-root theme install twentytwentyfour --activate
```
### Content Management
```bash
# Create sample post
kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c wordpress -- \
./wp-cli.phar --allow-root post create --post_type=post --post_title="Welcome to Mycelium Cloud WordPress" --post_content="This is a sample post deployed on Mycelium Cloud!" --post_status=publish
```
### Database Maintenance
```bash
# Optimize database tables
kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c mariadb -- \
mysql -u wordpress -p"mycelium-secure-password-2025" wordpress -e "OPTIMIZE TABLE wp_posts, wp_options;"
# Check database size
kubectl exec -it $(kubectl get pod -l app=wordpress -o jsonpath='{.items[0].metadata.name}') -c mariadb -- \
mysql -u wordpress -p"mycelium-secure-password-2025" wordpress -e "SELECT table_schema AS 'Database', ROUND(SUM(data_length + index_length) / 1024 / 1024, 2) AS 'Size (MB)' FROM information_schema.tables WHERE table_schema = 'wordpress' GROUP BY table_schema;"
```
6. **Health Checks**: Monitor the 2/2 ready status for both containers
7. **Port Conflicts**: Use different ports (8080, 8090, etc.) if conflicts occur
8. **WordPress Themes**: Test with different themes to understand WordPress capabilities
## 🎉 Success Indicators
You'll know everything is working when:
-`kubectl get pods` shows "2/2 Running" for wordpress pod
-`kubectl get svc` shows wordpress-service with LoadBalancer type
-`kubectl get pvc` shows both PVCs as "Bound"
-`curl http://localhost:8080` returns WordPress installation page
- ✅ Database initialization completes without errors
- ✅ WordPress setup wizard can be accessed and completed
-`curl http://localhost:8080` returns WordPress installation page (HTTP 200)
- ✅ No errors in `kubectl get events`
- ✅ WordPress setup wizard can be accessed and completed
- ✅ Database connection works from both containers
**Congratulations! You've successfully deployed a production-ready WordPress CMS system on Mycelium Cloud! 🚀**
@@ -534,7 +319,6 @@ If you encounter issues:
3. Ensure your cluster is healthy: `kubectl get pods --all-namespaces`
4. Check WordPress logs: `kubectl logs -l app=wordpress -c wordpress`
5. Check MariaDB logs: `kubectl logs -l app=wordpress -c mariadb`
6. Verify PersistentVolumeClaim status: `kubectl get pvc`
7. Test WordPress functionality via browser at http://localhost:8080
6. Test WordPress functionality via browser at http://localhost:8080
For more help, visit our [documentation](../../README.md) or contact support.