Deploy Lamp Stack on Kubernetes Cluster Task

Has anybody done “Deploy Lamp Stack on Kubernetes Cluster” task. its a 1200 point task and has very confusing instructions. The thing that is not clear to me in the statement “Please do not hardcode DB Credentials in any configuration file”. In this case it is wp-config.php file. When you setup the wordpress pod/container and setup a few env variables such as WORDPRESS_DB_HOST, WORDPRESS_DB_PASSWORD, those values are store in the wp-config.php when the container spins ups. Any ideas how the connection to the mysql-service be achieved without placing DB credentials in the wp-config.phi file

Task Details:

The Nautilus DevOps team want to deploy a WordPress website on Kubernetes cluster. They are going to use Apache as a web server and Mysql for database. The team had already gathered the requirements and now they want to make this website live. Below you can find more details:

  1. Create a persistent volume named lamp-pv, storage class must be standard, storage capacity must be 750Mi, access mode must be ReadWriteOnce, it must be of type hostPath, path must be /mnt/data and persistentVolumeReclaimPolicy must be Retain.

  2. Create a persistent volume claim named lamp-pv-claim , storage class name must be standard, access mode must be ReadWriteOnce and resources requests storage must be 550Mi

  3. Create a deployment named lamp-wp, use labels for the deployment app must be lamp, tier should be frontend. Further strategy type must be Recreate.

  4. Create two containers under it. httpd-php-wp-container from image wordpress:php7.4-apache and mysql-container from image mysql:5.6.

  5. Volume must be mounted on both containers name: lamp-persistent-storage mountPath: /var/www/html.

Create some secrets for mysql.

a) Create secret for mysql-root-pass

name: password and value: R00t

b) Create secret for mysql-user-pass

name: username, value: kodekloud_rin and name: password, value: TmPcZjtRQx

c) Create secret for mysql-db-url

name: database and value: kodekloud_db5

d) Create secret for mysql-host

name: host and value: mysql-service

Add some environment variables for both containers:

a) name: MYSQL_ROOT_PASSWORD and take it value from secret key reference name: mysql-root-pass and key: password

b) name: MYSQL_DATABASE and take it value from secret key reference name: mysql-db-url and key: database

c) name: MYSQL_USER, and take it value from secret key reference name: mysql-user-pass and key: username

d) name: MYSQL_PASSWORD and take it value from secret key reference name: mysql-user-pass and key: password

e ) name: MYSQL_HOST and take it value from secret key reference name: mysql-host and key: host

Create a service for lamp named lamp-service, port must be 80, nodePort must be 30008 and its type must be LoadBalancer

Create a service for mysql named mysql-service and its port must be 3306.

We already have a sql dump under /tmp/db.sql on jump_host server.

a) import the db.sql dump to the database which you are created in mysql-container.

b) Configure wordpress to make it work with the mysql db.

c) You must be able to run pre-configured WordPress website on node port 30008 at the end.

Note:

Please do not hardcode DB credentials in any configuration file.

The kubectl utility on jump_host has been configured to work with the kubernetes cluster.

1 Like

I also attempted this task but was confronted with the error " Mysql database must not be hardcoded in ‘wp-config.php’ " .I’m also facing problem with this specific instruction “Please do not hardcode DB Credentials in any configuration file”
@Inderpreet @Tej-Singh-Rana @Ayman @kodekloud-support3 @rahul456 Please let me know where I got this task wrong. Thanks.

1 Like

May we can use environment variables in the wp-config.php

<?php // ** MySQL settings - You can get this info from your web host ** // /** The name of the database for WordPress */ define( 'DB_NAME', getenv('DB_NAME') ); /** MySQL database username */ define( 'DB_USER', getenv('DB_USER') ); /** MySQL database password */ define( 'DB_PASSWORD', getenv('DB_PASSWORD') ); /** MySQL hostname */ define( 'DB_HOST', getenv('DB_HOST') );

I did try that. But it didn’t work out for me.
here are the changes that I made…

site was also working fine… but I got this 'Mysql database must not be hardcoded in ‘wp-config.php’

here is the screenshot of the site

That is strange. Makes zero sense to me. The database name is clearly not hardcoded and is read from an environment variable. Does the file wp-config.php needs to be protected with an .htaccess file? Also change file permission to read only by the owner and word press? Chmod 400. At this point I am not sure what is the right way

I think getenv() is a function which returns a value. From the validation message, l think when using getenv(), this value is stored in wp-config.php file in a clear text format. Therefore we should reference to database info in another way.

@Devops I also tried the following method in which I referenced the values from the server but with no avail and it also returned error to me:
Reading wp-config.php env vars in database settings · Issue #2365 · wp-cli/wp-cli · GitHub

If you do succeed in doing the task please let me know. Thanks

@satagrawal Yes Sir, clearly the values were referenced from the Environment Variables , at least that’s what I thought. In my opinion , there has to be some kind of error in the validation process.

i have got same error as you, task was failed " Mysql database must not be hardcoded in ‘wp-config.php’ ",

i was trying to inject variables in wordpress section in the forme bellow which permit to fill the ‘wp-config.php’ automatically with a plein text value.

  • env:
    - name: WORDPRESS_DB_NAME
    valueFrom:
    secretKeyRef:
    key: database
    name: mysql-db-url
    - name: WORDPRESS_DB_USER
    valueFrom:
    secretKeyRef:
    key: username
    name: mysql-user-pass
    - name: WORDPRESS_DB_PASSWORD
    valueFrom:
    secretKeyRef:
    key: password
    name: mysql-user-pass
    - name: WORDPRESS_DB_HOST
    valueFrom:
    secretKeyRef:
    key: host
    name: mysql-host
    image: wordpress:php7.4-apache
    name: httpd-php-wp-container

@mouador could you give us a sign especially you have already completed this task, tahnks in advance.

@yelmir

You explicitly write the name of database in wp-config.php file

The task should notify clearly about this.

1 Like

Hello Yassine, I’ve just try to test in my local lab, I’ve not got that task before ^^

I read an answer that is works like that : (I’m not sure)

define('DB_NAME', $_SERVER['MYSQL_DATABASE']);
define('DB_USER', $_SERVER['MYSQL_USER']);
define('DB_PASSWORD', $_SERVER['MYSQL_ROOT_PASSWORD']);
define('DB_HOST', $_SERVER['MYSQL_HOST']);

or trying to parse a cmd like that in wp container

wp core config --dbname=${MYSQL_DATABASE} --dbuser=${MYSQL_USER} --dbpass=${MYSQL_ROOT_PASSWORD}```
1 Like

variables must be set in /etc/httpd/conf/httpd.conf
link : Wordpress + Heroku + PostgreSQL + Amazon S3 = ¥0 / 無料でサイト運営 - Qiita

1 Like

@yelmir, sorry for the issue, this is marked success for you.

2 Likes

@Narendra096 Check with @rahul456 to see if he can mark this task as a success for you?

1 Like

@Narendra096, sorry for the issue, this is marked success for you.

@Narendra096 I just tried this task and it succeeded. The only other additional steps I did was besides providing the database settings as environment variables, I moved the wp-config.php file to a level above i.e. from /var/www/html to var/www and changed the file permissions to 400 i.e. chmod 400 wp-config.php. Site came up without issues. Hope this helps for future tasks Thanks for you input

In my case, I tried to configure the parameter from the UI (port 30008), and it showed no error message. It’s expected to explicitly write the wp-config.php through environment variable?

thanks assi Mouad for your availability, and your help.

1 Like

U’re welcome brother

1 Like

KIndly let me know what wrong i did.
thor@jump_host /$ kubectl exec -it lamp-wp-b84f6db5c-5pf76 -c mysql-container – mysql -uroot -pR00t kodekloud_db3 < /tmp/db.sql
Unable to use a TTY - input is not a terminal or the right kind of file
Warning: Using a password on the command line interface can be insecure.
ERROR 1045 (28000): Access denied for user ‘root’@‘10.44.0.0’ (using password: YES)
command terminated with exit code 1