Using draw.io for the reference AWS diagram, select “More Shapes” in the icon menu, and add AWS and/or AWS 3D for easy access.

Screen Shot 2017-04-30 at 01.05.24

Screen Shot 2017-04-30 at 00.41.30

  1. Go to Identity and Access Management (IAM) and create a Role
    1. Create a role for s3 with “AmazonS3FullAccess” Policy, the role can be assigned to EC2 instances when created.
    2. Screen Shot 2017-04-30 at 00.58.56
  2. Go to VPC and set up two Security Groups Web-SG and rds-SG
    1. Screen Shot 2017-04-30 at 01.07.58
    2. Screen Shot 2017-04-30 at 01.08.58
  3. Create a word press code bucket, in the same region as your security group(s)
    1. Screen Shot 2017-04-30 at 01.12.54.png
    2. Both buckets created ( buckets need unique names I added 23 as an example)
    3. Screen Shot 2017-04-30 at 01.17.58.png
  4. Create a new Distribution using Cloud Front CDN
    1. Screen Shot 2017-04-30 at 01.23.51.png
    2. Use a Web Distribution; use the web media bucket for the origin domain, restrict bucket access, create a new identity, select “Yes Update bucket policy”  – always have read permissions for the rest of the public.
    3. Screen Shot 2017-04-30 at 01.28.39.png
  5. Click “Distributions” link to get the status, and save the “Domain Name” for later reference (i.e. d209gkpw5ig67u.cloudfront.net  – media bucket CDN).  This takes a while to complete.
  6. Create a MySQL RDS instance.
    1. Screen Shot 2017-04-30 at 01.33.17.png
    2. Used t2.micro
      1. Screen Shot 2017-04-30 at 01.35.52.png
    3. Place in the RDS security Group, publicly accessible -no.  Only things that will be able to access databases are our web servers and EC2 instances.
      1. Screen Shot 2017-04-30 at 01.41.04.png
  7. Go to EC2, and provision a load balancer, give it a name, leave it in Default VPC and assign the Web-SG created earlier.
    1. Set the IAM role to the S3 role created earlier.  Configure Health checks, rename the ping path to something suitable.  Health check interval can be lowered to 10 seconds,  and health threshold to 3, hence any instance behind this load balancer has to be available within 30 seconds.
    2. Set the server to the web-SG security group.
    3. A zone apex record – an alias, that can be created in Route53 to target the load balancer for your domain name.
    4. Screen Shot 2017-04-30 at 01.46.13.png
  8. Create an EC2 instance, using the t2.micro and Amazon Linux ami.  In the configuration section, you can optionally add bash commands to the user data, to skip manual steps below, ssh using the existing private key or one generated when creating the EC2 instance ssh -i some.pem “public/private ip”:
    1. Update your OS patches
      yum update -y
    2. Install httpd, php, php-mysql and stress
      yum install httpd php php-mysql stress -y
    3. cd to the config folder
      cd /etc/httpd/conf
    4. backup the conf file
      cp httpd.conf httpdconfbackup.conf
    5. Edit it and change “AllowOverride None” to all.  This enables URL re-writes – large image files should be distributed by Cloudfront – to speed things up.  When users browse to URL they browse to image resources served up by Cloud Front.
      sed ‘s/AllowOveride None/AllowOveride All/’ httpd.conf
    6. Cd to the HTML directory to add the health check HTML
      cd /var/www/html
      echo “healthy” > healthy.html
    7. Get the latest WordPress and isntall, move contents to HTML directory
      wget https://wordpress.org/latest.tar.gz
      tar -xzf latest.tar.gz
      cp -r wordpress/* /var/www/html/
      rm -rf wordpress
      rm -rf latest.tar.gz
    8. Change permissions to allow upload media files to WordPress install
      chmod -R 755 wp-content
      chown -R apache.apache wp-content
    9. Start the service and ensure its configured to restart on server reboot.
      service httpd start
      chkconfig httpd on
    10. Screen Shot 2017-04-30 at 02.05.11
  9. Add public IP/Instance to load balancer.  Status appears as out of service, give it a while and it should change status.  Ensure your Web security group has http(80) open for your IP, or all.  http://<the public ip of your EC2>/wp-admin/setup-config.php, should allow you to configure your web page.
  10. Screen Shot 2017-04-30 at 02.42.56.png
  11. Add the username, database name, and password for the MySQL instance.  The Database host is the Endpoint of your RDS instance.
  12. Cut and paste the wp-config.php file in the html directory.
  13. Screen Shot 2017-04-30 at 02.52.11
  14. after this step you can log into the wordpress dashboard.
  15. Take a look at your buckets from the webserver
    1. [root@ip-xx-xx-xx-xx html]# aws s3 ls

      2017-04-30 06:47:10 cf-templates-j85gw23nh6fz-us-east-1

      2017-04-30 08:13:34 wordpressbucket23

      2017-04-30 08:14:08 wordpressnediabucket23

  16. Copy wordpress code to s3 recursively
    1. aws s3 cp –recursive /var/www/html s3://wordpressbucket23

      ……….upload: wp-includes/widgets/class-wp-widget-text.php to s3://wordpressbucket23/wp-includes/widgets/class-wp-widget-text.php

      upload: ./wp-settings.php to s3://wordpressbucket23/wp-settings.php

      upload: ./xmlrpc.php to s3://wordpressbucket23/xmlrpc.php       

      upload: ./wp-signup.php to s3://wordpressbucket23/wp-signup.php

  17. [root@ip-172-31-11-221 html]# aws s3 ls wordpressbucket23

                               PRE wp-admin/

                               PRE wp-content/

                               PRE wp-includes/

    2017-04-30 09:53:03          8 healthy.html

    …………………….

    2017-04-30 09:53:12       3065 xmlrpc.php

  18. If you need to recover if you lose the index directory (failure)
    1. aws s3 cp –recursive s3://wordpressbucket23  /var/www/html
    2. website content will be recovered, change the permissions again so you can write media assets to the wp-content directory.
  19. adding an image to the website add the file to the local storage on the EC2 instance.
    1. cd /var/www/html/wp-content/uploads

    2. # ls
      2017

    3. # ll 2017/04/dad_bae.jpg

      -rw-r–r– 1 apache apache 474971 Apr 30 10:01 2017/04/dad_bae.jpg

    4. Screen Shot 2017-04-30 at 03.07.49.png
    5. sync and serve the content to S3 so CDN can serve the content:
      1. aws s3 cp –recursive /var/www/html/wp-content/uploads/ s3://wordpressnediabucket23
      2. upload: 2017/04/dad_bae.jpg to s3://wordpressnediabucket23/2017/04/dad_bae.jpg

    6. Sync with dryryn
      1. aws s3 sync /var/www/html/wp-content/uploads/ s3://wordpressnediabucket23 –delete –dryrun

    7. [root@ip-172-31-11-221 uploads]# aws s3 sync /var/www/html/wp-content/uploads/ s3://wordpressnediabucket23 –delete –dryrun

      (dryrun) upload: 2017/04/ali-beach-walk.jpg to s3://wordpressnediabucket23/2017/04/ali-beach-walk.jpg

      [root@ip-172-31-11-221 uploads]# aws s3 sync /var/www/html/wp-content/uploads/ s3://wordpressnediabucket23 –delete

      upload: 2017/04/ali-beach-walk.jpg to s3://wordpressnediabucket23/2017/04/ali-beach-walk.jpg

    8. You need to create a rewrite rule in the .htaccess file, replace the URL with your cloudfront URL.

      html]# vi .htaccess

      1. Options +FollowSymlinks

        RewriteEngine on

        rewriterule ^wp-content/uploads/(.*)$ http://d209gkpw5ig67u.cloudfront.net/$1 [r=301,nc]

      2. Copy the image URL and enter into a page and refresh, the URL should reflect your cloud front URL
        1. http://d209gkpw5ig67u.cloudfront.net/2017/04/a..jpeg
      3. Use Cron to sync your files to the media bucket and the code
        1. */2 * * * * root aws s3 sync –delete /var/www/html /wp-content/uploads/ s3://wordpressnediabucket23/
        2. */2 * * * * root aws s3 sync –delete /var/www/html s3://wordpressbucket23/
Advertisements