Deployment of Serverless Containerized WordPress through AWS Fargate

July 18, 2022

Introduction: 

In this blog, we will create the infrastructure, which contains various services of AWS. One of the most interesting services of AWS is Fargate, the serverless compute. AWS Fargate service provides on demand scalability, elasticity, reliability, and security for your containerized applications. We will use AWS Fargate to deploy serverless containerized WordPress.  

Architecture of AWS Fargate: 

Fargate is a serverless service of AWS. It is a fully managed container service by AWS. In this blog we will install WordPress on Fargate Container. 

The architecture below can be used to containerize WordPress in AWS Fargate service. 

image001

These AWS services will be required for the WordPress deployment as prerequisites. 

AWS VPC 

  • Subnets  
  • Security Group 

AWS RDS 

  • Aurora Serverless DB 

AWS ALB 

  • Load Balancer 
  • Target Groups 

AWS EFS 

  • File System 

AWS ECS 

  • Cluster 
  • Task Definition 
  • Task 

AWS Virtual Private Cloud: 

VPC is a service of AWS which provides security to your resources. It’s just like a wall that protects your resources from anonymous attacks. 

Navigate to VPCs and create Virtual Private Cloud for your application security with a few clicks, the name of the VPC used in this blog is fargateVPC. 

Note: VPC is just like a wall, protecting your application from different anonymous attacks. 

In this VPC, we will create 2 subnets in different availability zones and enable them for auto assigning IPs, so that the subnets assign IPs to the services. 

  • 10.0.0.0/24 
  • 10.0.1.0/24 

Security Groups: 

We will use four security group rules for provisioning the WordPress in Fargate. 

  • albSG 

This security group allows the traffic from internet on port 80(HTTP) and 443(HTTPs). 

  • fargateSG 

This security group inherits the albSG rules and hide the WordPress IP from the internet. 

  • rdsSG 

This security group allows the traffic on port 3306.  

  • efsSG 

This security group allows the traffic on port 2049. 

Security Groups

AWS RDS: 

AWS RDS is a Relational Cloud Service, it supports PostgreSQL, MySQL, Maria DB, Oracle, SQL Server, and Amazon Aurora. 

The next step is to provide Aurora Serverless databases for our WordPress website. 

By following these steps, we can create databases (DB). 

1. Select the Aurora DB and select serverless. 

AWS RDS | Create database

2. Select your DB Identifier, the username and the hidden password. 

DB Identifier

In this section you must select connectivity for your databases. All applications must be in the same VPC to interconnect with each other, so we select the recently created fargateVPC. Select your desired configuration for the databases and click the create databases button.  

fargateVPC

Database Options

  • DB username: root 
  • DB password: ******** 
  • DB Name: wordpress 

AWS EFS: 

AWS EFS is a cloud-based storage file solution for applications and services running on the AWS. 

Our next step is to create the AWS EFS (file system), which will store the directories and files of a WordPress website. 

AWS EFS (file system)

AWS ALB & Target Groups: 

ALB: 

Application Load Balancer is an Elastic Load Balancing feature that allows a developer to configure and route incoming end-user traffic to AWS public cloud-based applications. 

Target Groups: 

Target Groups create a traffic route for load balancers. 

Application load balancer: The ALB gets request on port 80/443 and depending on the path (URL), it’ll redirect to the request to our application in the container. 

Create the ALB and Target Group so we can receive requests from the internet. 

Target type should be the IP address type. 

Target type should be the IP address type.

In between we can create Target Group by following these steps below. 

Target Group

Specify the health checks configuration so that your application runs smoothly. 

advance health clients' settings

Create two listeners for your load balancer for port 80 and 443 and select the target groups which we created and then create the load balancer. 

Listening and Routing

If you want your website to run securely on port 443, you must add a valid SSL Certificate here through the AWS ACM service. 

The AWS ACM is a service which allows you to import your SSL certificate or request a new one from AWS against your valid domain, which as a result, exchanges the DNS records. 

secure listener settings

AWS ECS: 

AWS Elastic Container Service is an orchestration service, which allows you to provide fully managed containers. It provides on demand scalability, reliability, and security. The ECS provides automated deployment solutions for the applications. 

The feature of ECS we are using in this blog is Fargate. 

AWS Fargate gives teams control over infrastructure management and scalability, allowing them to focus more on development. 

Navigate to AWS ECS and create cluster, by selecting cluster template. Choose the option of “Networking only” which will be used for Fargate service. 

cluster template

As we don’t have any service, task, or task definition after creating a cluster, we will need to create a new one.   

create a new one

Task Definition

Before we begin, we must know the difference between the Task Definition, Task, and Service. 

Task Definition: TD consists of container configurations such as container Image, databases, and the file system from which our application deals with. 

Task: The Task basically launches a container. 

Service: Services are typically used for long-running applications like web services. Services can be configured to use a load balancer for any specified containers so that it creates the tasks accordingly. 

Create a new task definition.

Select Linux as OS type. 

Select Linux as OS type

Select the EFS and specify the volume path. 

EFS and specify the volume path

For the container configuration, select your desired values for container memory and CPU. 

container configuration,

Add Container and insert your container image as (image:tag) wordpress:latestPort must be 80, as by default WordPress listens on port 80. 

Add Container

We can put our databases values here as specified in the image below. 

put our databases values

Select Mount Point or container path as /var/www/html/ for WordPress. 

container path

After creating task definition creation, we will create a service.  

create a service | Task Definition

The service type must be Fargate. There are multiple revisions you can create to update your service. Platform version should be 1.4.1, it contains Amazon Linux. 

service type | Create Service

At the network configuration of the container, you will select the VPC and respective subnets and the security group. 

VPC and security group

Now we can add a load balancer into our service for internet facing. 

load balancer

Add the https listener port so that your website runs on port 443 (HTTPS). 

Add the https listener port

Configure auto scaling for your container, it’s optional, and then create the service. 

After provisioning the service, it deploys the task as displayed in the image below. 

provisioning the service

Here’s our running container. 

running container.

You can access your container through your load balancer public DNS. If you have a valid domain available you can add your ALB DNS into domain DNS records as CNAME and add your valid SSL certificate so that it will run on port 443, currently our container runs on port 80. 

valid SSL certificate

Conclusion: 

Deployment of WordPress in AWS Fargate architecture is quite remarkable for hosting providers. You can easily create a Fargate architecture and host multiple websites at once. It also provides on demand scalability, elasticity, reliability, and security while hosting. We hope this blog helps you in deploying WordPress in AWS Fargate efficiently and effectively.Â