Open in app

Sign in

Write

Sign in

Configure WordPress Helm and push to ECS registry

Shobhit Singh Pal
7 min readAug 25, 2021

Here, you will see how you can create your helm chart and push to Amazon ECR .

I am creating the Helm chart for the WordPress application. A Helm chart usually composed of following:

Chart.yaml: contains the details of the chart.

templates folder: contains the configuration yaml manifests.

Values.yaml: contains the default input parameters for a Helm chart.

Starting with the installation of Helm and then step by step we will build the Helm Chart.

Install the Helm

*  curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3
*  chmod 700 get_helm.sh
*  ./get_helm.sh

Create the Helm Chart

helm create wordpress(example)

After creating Helm check the directory wordpress. In the wordpress directory there will be charts folder, tempates folder, Chart.yaml and values.yaml.

Chart.yaml

Inside the templates folder we will provide the yaml manifests. The yaml manifests include configmap.yaml, deployment.yaml, service.yaml, secret.yaml, persistentVolume.yaml and persistentVolumeClaim.yaml.

Configmap Manifest

Inside the {{ }} we specify the parameters or inputs define in the values.yaml. These parameters are those overloaded when we deploy application to different environments or different regions in cloud.

Deployment Manifest

WordPress websites require database for storing the user content, posts, comments etc. and query them when it requires. WordPress uses the MySQL database. MySQL is what enables the database to store information and provide you with access to it. When data needs to be stored, altered, or deleted, WordPress sends a MySQL ‘query’ to the database.

That’s why WordPress image have environmental variables such as WORDPRESS_DB_HOST, WORDPRESS_DB_USER WORDPRESS_DB_PASSWORD and WORDPRESS_DB_NAME.

RDS instance console

Most of guys create the MySQL database manifest and then use as database in the wordpress deployment. Instead of doing so giving AWS RDS instance url to the WORDPRESS_DB_HOST environment variable. AWS RDS is DBaaS of AWS. Using AWS RDS overcome the management overhead of database.

To login in the AWS RDS defined the parameters username and password. Make sure to create database with name wordpress in the RDS. By default wordpress image use the database with the wordpress name.

WordPress application requires the persistent storage for mounting the /var/www/html home directory of the WordPress container. This home directory contains the php modules of WordPress websites. So in case container stop or container delete login information of the users and other stuff does not remove.

For provisioning the persistent storage k8s has two resources PersistentVolumeClaim and PersistentVolume. The PersistentVolumeClaim resource is used for requesting the storage and the PersistentVolume is for provisioning the storage. In the deployment manifest wp-pv-claim is the persistent storage claim for mounting the /var/www/html directory. This claim will request by persistentVolumeClaim.yaml.

Persistent Volume Manifest

In the dynamic provisioning we don’t create the persistent volume object because the storageClass resource as soon as persistentVolumeClaim request comes up provision the persistent volume object. Here in this helm example using manual provisioning so will create the persistentVolume manifest. In the persistentVolume using the hostPath provisioner. A hostPath volume mounts a file or directory from the host node’s file system into your pod. A hostPath PersistentVolume must be used only in a single-node cluster. Doing this practical in minikube so good to go.

Persistent Storage Claim Manifest

This manifest will make request for persistent storage which is provisioned by by persistentVolume object.

persistentVolumeClaim.yaml

Service Manifest

For load balancing and allowing application accessible to public creating the service manifest. By default the service is ClusterIP type with which application is accessible within the cluster only. For public access will create service of type NodePort.

Service.yaml manifest

Secret Manifest

This manifest contains the credentials like password. Password like values store as encoded in the key value pair. This encoded form is further encrypted by secret.

Values Manifest

Values.yaml manifest is like the input file for the helm.

You can define the your namespace, image tag such type of things according to your development strategy and resources according to different types of environments like sandbox and production.

At the place of AWS_RDS_HOST_URL, AWS_RDS_USERNAME, AWS_RDS_PASSWORD and NODE_PUBLIC_IP your provisioned AWS RDS values will come as these values can not be default. This value can be updated while using chart or we can use values.yaml as a template for creating the environment respective values manifest like values-sandbox.yaml.

From our practical perspective in the hostPath section in the path parameter provided node file system for provisioning the storage. This /mnt/path is the directory created on the NodeFile System. So before using the helm make sure to create this direcotory or if you want to use different name directory then update in the path parameter of the hostPath section.

Package the chart

To create jar of the helm

helm package wordpress

Pushing the helm chart

Amazon ECR supports pushing Open Container Initiative (OCI) artifacts to your repositories. To push the helm chart to the ECR registry create the repository.

ECR console
Creating the repository

Creating the repository which has private visibility. To access this registry is managed by IAM and repository permissions.

To push the helm chart you should have AWS CLI installed. In the AWS CLI you can login with ROOT USER or IAM USER but the IAM USER should have AWSECRACCESS and IAM ACCESS policy permissions.

Enable OCI support in the Helm 3 client

export HELM_EXPERIMENTAL_OCI=1

Authenticate your Helm client to the Amazon ECR registry to which you intend to push your Helm chart. Authentication tokens must be obtained for each registry used, and the tokens are valid for 12 hours.

aws ecr get-login-password \
     --region us-west-2| helm registry login \
     --username AWS \
     --password-stdin aws_account_id.dkr.ecr.region.amazonaws.com

Above replace the bold words with your current region and AWS account id.

Save the chart locally and create an alias for the chart with your registry URI.

helm chart save . mychart
helm chart save . aws_account_id.dkr.ecr.us-west-2.amazonaws.com/artifact-test:mychart

Replace bold words as per your configuration like chart name and region.

saving chart locally

Make sure you are out of the helm chart directory and in the directory which contain helm chart directory.

Push the chart

helm chart push aws_account_id.dkr.ecr.region.amazonaws.com/artifact-test:mychart

Describe your Helm chart.

aws ecr describe-images \
     --repository-name artifact-test \
     --region us-west-2

Successfully pushed the chart

Pulling the Chart

You can go to new machine and login with ROOT USER or IAM USER have access to AWS ECR. I remove the local copy of the chart and then pulling.

Export the chart

This will create wordpress-deployment directory on your machine.

Create new values manifest with default values.yaml

Deploying the chart

Heading over to the WordPress

After completing the set up process

You can customize your wordpress site.

After setup process at 30036 port

Successfully pushed the Helm chart to the AWS ECR. You can create the public repository and then push the chart.

I hope this will be useful for you.

Code

GitHub - Shobhit-creator/wordpressHelm

Contribute to Shobhit-creator/wordpressHelm development by creating an account on GitHub.

github.com

Helm
WordPress
Aws Ecs

--

--

Shobhit Singh Pal

Written by Shobhit Singh Pal

2 Followers

Learning Practicing Exploring

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams