OPS705 Assignment 2

From CDOT Wiki
Revision as of 21:13, 29 March 2023 by Chris.johnson (talk | contribs) (Modify Wordpress Configuration File)
Jump to: navigation, search

In this assignment, you will install a WordPress blog in AWS using Elastic Beanstalk and RDS. You will construct this assignment in our AWS Academy Learner Lab classroom.

Unlike labs, assignments have minimal instructions. You are given specifications on what the assignment needs, and you must rely on your previous work in the course. If the assignment doesn't have the command you need, you can find it in your labs. As with Assignment 1, don't be afraid to do a little research!

Assignments in OPS705 are built as an assessment of your ability to meet the course objectives.

Task 1: Networking

In this task, you will create all the networking required for your new web application.

Virtual Private Cloud

Create a new VPC with the following settings:

  1. VPC only
  2. Name: Wordpress VPC
  3. IPv4 CIDR: 10.0.0.0/16
  4. Leave all other settings on default

Once created, modify this VPC (Edit VPC Settings) with the following actions:

  1. Enable DNS resolution: Checked
  2. Enable DNS hostnames: Checked

Subnets

Create two private IPv4 subnets in this VPC:

  1. Private Subnet 1 – 10.0.1.0/24us-east-1a
  2. Private Subnet 2 – 10.0.2.0/24us-east-1b

Create two public IPv4 subnets in this VPC:

  1. Public Subnet 1 – 10.0.11.0/24us-east-1a
  2. Public Subnet 2 – 10.0.12.0/24us-east-1b

Edit your public subnets (Edit subnet settings) with the following settings:

  1. Enable auto-assign public IPv4 address: Checked
  2. Enable resource name DNS A record on launch: Checked

Internet Gateway

Create a new Internet Gateway with the following:

  1. Name: Wordpress Gateway
  2. Once created, attach it to your Wordpress VPC.

Route Tables

Find your default route table for your Wordpress VPC and add the name: VPC-local Route Table

Create a second route table:

  1. Name: Wordpress Website Route Table
  2. VPC: Wordpress VPC
  3. Routes Entry 1:
    1. Destination: 10.0.0.0/16
    2. Target: local
  4. Routes Entry 2:
    1. Destination: 0.0.0.0/0
    2. Target: Internet Gateway – Wordpress Gateway

Security Groups

Create a security group with the following settings:

  1. Name: Wordpress Website SG
  2. Description: Allows HTTP traffic inbound
  3. VPC: Wordpress VPC
  4. Inbound Rule:
    1. Type: HTTP
    2. Source: Anywhere – IPv4 (0.0.0.0/0)

Create a security group with the following settings:

  1. Name: Wordpress Database SG
  2. Description: Allows MySQL traffic locally
  3. VPC: Wordpress VPC
  4. Inbound Rule:
    1. Type: MYSQL/Aurora
    2. Source: Custom (Select Wordpress Website SG in the search field)

Edit both public subnets’ route table associations to: Wordpress Website Route Table

Task 2: Database

Create a new RDS instance with the following settings:

  1. Engine type: MySQL
  2. Engine Version: MySQL 8.0.32 (or current latest version available)
  3. Templates: Free tier
  4. DB instance identifier: wordpress-db
  5. Master username: admin
  6. Auto generate a password: Checked
  7. DB instance class: db.t3.micro
  8. Allocated storage: 5
  9. Enable storage autoscaling: Unchecked
  10. Virtual private cloud (VPC): Wordpress VPC
  11. DB subnet group: Create new DB Subnet Group (if you're redoing your database creation, there will already be an entry here. Make sure you're using the Wordpress VPC in the setting above!)
  12. Public access: No
  13. VPC security group: Choose existing
  14. Existing VPC security groups: Remove default VPC, add Wordpress Database VPC (look to see that it's there below the dropdown after you select it)
  15. Availability Zone: us-east-1a
  16. Monitoring > Enable Enhanced monitoring: Unchecked
  17. Below the Monitoring section, Additional configuration > Initial database name: wordpress (Write the database name down! You will need this later.)
  18. Enable automated backups: Unchecked
  19. Enable encryption: Unchecked

Once the database has finished creating, click on the View connection details button by the green success message at the top of the page. This gives you your database password.

Store the Master username, Master password, and Endpoint in a saved document along with your Initial database name. You’ll need it later.

Task 3: Wordpress Source Code Modification

Download and Unzip - Local Computer

  1. On your local machine, download the current Wordpress source code from here: https://wordpress.org/latest.zip
  2. Unzip the file. You should end up with a wordpress directory. (Do not delete the original .zip file)

Modify Wordpress Configuration File

  1. In the local wordpress folder, find a file called: wp-config-sample.php
  2. Duplicate this file, and call it: wp-config.php
  3. Open wp-config.php in a plain text editor. I recommend Sublime. (https://www.sublimetext.com/download)

Adding Database Connector Info as Environment Variables

In this file (wp-config.php), you will be adding database connector information as environment variables, not the actual connector information. Find the following lines and add the bolded values:

  1. define('DB_NAME', getenv('DB_NAME'));
  2. define('DB_USER', getenv('DB_USER'));
  3. define('DB_PASSWORD', getenv('DB_PASSWORD'));
  4. define('DB_HOST', getenv('DB_HOST'));

= Adding Authentication Unique Keys and Salts as Environment Variables

In the same file (wp-config.php), you'll be adding the authentication keys and salts from the previous section as environment variables. Find the following lines and add the bolded values:

  1. define('AUTH_KEY', getenv('AUTH_KEY'));
  2. define('SECURE_AUTH_KEY', getenv('SECURE_AUTH_KEY'));
  3. define('LOGGED_IN_KEY', getenv('LOGGED_IN_KEY'));
  4. define('NONCE_KEY', getenv('NONCE_KEY'));
  5. define('AUTH_SALT', getenv('AUTH_SALT'));
  6. define('SECURE_AUTH_SALT', getenv('SECURE_AUTH_SALT'));
  7. define('LOGGED_IN_SALT', getenv('LOGGED_IN_SALT'));
  8. define('NONCE_SALT', getenv('NONCE_SALT'));

Task 4: Elastic Beanstalk

Create a new Elastic Beanstalk application with the following settings:

Environment Tier

Select: Web server environment

Main settings

  1. Application name: wordpress
  2. Environment name: Wordpress-env'
  3. Domain: yourSenecaUsername-assignment2 (Click on the Check availability button to verify the URL is free.)
  4. Platform: PHP
  5. Platform branch: PHP 8.1 (or current latest)
  6. Application code: Upload your code
  7. Choose file: Downloaded wordpress source code zip file (You can download the wordpress source code here: https://wordpress.org/latest.zip)
  8. Version label: wordpress-versionnumber (Example: wordpress-6.1.1)

Configure more options

Software

  1. Document root: /wordpress
  2. Environment properties
    1. DB_HOST: your RDS database URL
    2. DB_NAME: initial database name
    3. DB_USER: admin
    4. DB_PASSWORD: your auto-generated database password
    5. AUTH_KEY: (use gathered info from previous step)
    6. SECURE_AUTH_KEY: (use gathered info from previous step)
    7. LOGGED_IN_KEY: (use gathered info from previous step)
    8. NONCE_KEY: (use gathered info from previous step)
    9. AUTH_SALT: (use gathered info from previous step)
    10. SECURE_AUTH_SALT: (use gathered info from previous step)
    11. LOGGED_IN_SALT: (use gathered info from previous step)
    12. NONCE_SALT: (use gathered info from previous step)

Security

  1. Service role: LabRole
  2. EC2 key pair: vockey
  3. IAM instance profile: LabInstanceProfile

Monitoring

  1. System: Basic

Managed updates

  1. Enabled: Unchecked

Notifications

  1. Email: YourSenecaE-mailAddress

Network

  1. VPC: Wordpress VPC
  2. Public IP address: Checked
  3. Instance subnets: Public Subnet 1, Public Subnet 2 (both checked)
  4. Database subnets: Private Subnet 1, Private Subnet 2 (both checked)

Instances

  1. EC2 Security Groups: Wordpress Website SG (both checked)

Create the application.

While you wait for the creation to complete, check your e-mail to confirm your notification subscription.

Task 5: Site Configuration

Open the URL presented in the Wordpress EBS instance and begin the site setup:

Site Information

Set the following site information:

  1. Site Title: OPS705 Winter 2023 A2 - Full Name
  2. Username: yourSenecaUsername
  3. Password: Choose a strong password (do not reuse the DB password)
  4. Your Email: yourSenecaEmailAddress
  5. Search engine visibility: Unchecked

Task 5: Blog Posts

Delete the first template post. In your own words, answer the following questions in individual blog posts:

Blog Post: 1

How would you describe how you set up this Elastic Beanstalk+Database instance of Wordpress to a student who has just finished OPS705 Week 1?

Blog Post: 2

What was the most difficult part of this assignment for you?

Blog Post: 3

What parts of this assignment did you find easier compared to our IaaS version of Wordpress from Assignment 1?

Blog Post: 4

In the context of this assignment, briefly describe the function of the following: VPCs, subnets, security groups, route tables, internet gateways

Lab Submission

As with previous labs, your work will be evaluated by accessing your site directly. To formally submit, you must include the following:

  1. In the comment section of your submission, paste the URL of your new site.
  2. A single screenshot showing your active and complete Wordpress blog.

Once submitted, you can leave your resources running.