OPS705 Assignment 2
In this assignment, you will install a WordPress blog in AWS using Elastic Beanstalk and RDS. You will construct this assignment in our AWS Academy Learner Lab classroom.
Unlike labs, assignments have minimal instructions. You are given specifications on what the assignment needs, and you must rely on your previous work in the course. If the assignment doesn't have the command you need, you can find it in your labs. As with Assignment 1, don't be afraid to do a little research!
Assignments in OPS705 are built as an assessment of your ability to meet the course objectives.
Contents
Task 1: Networking
In this task, you will create all the networking required for your new web application.
Virtual Private Cloud
Create a new VPC with the following settings:
- VPC only
- Name: Wordpress VPC
- IPv4 CIDR: 10.0.0.0/16
- Leave all other settings on default
Once created, modify this VPC (Edit VPC Settings) with the following actions:
- Enable DNS resolution: Checked
- Enable DNS hostnames: Checked
Subnets
Create two private IPv4 subnets in this VPC:
- Private Subnet 1 – 10.0.1.0/24 – us-east-1a
- Private Subnet 2 – 10.0.2.0/24 – us-east-1b
Create two public IPv4 subnets in this VPC:
- Public Subnet 1 – 10.0.11.0/24 – us-east-1a
- Public Subnet 2 – 10.0.12.0/24 – us-east-1b
Edit your public subnets (Edit subnet settings) with the following settings:
- Enable auto-assign public IPv4 address: Checked
- Enable resource name DNS A record on launch: Checked
Internet Gateway
Create a new Internet Gateway with the following:
- Name: Wordpress Gateway
- Once created, attach it to your Wordpress VPC.
Route Tables
Find your default route table for your Wordpress VPC and add the name: VPC-local Route Table
Create a second route table:
- Name: Wordpress Website Route Table
- VPC: Wordpress VPC
- Routes Entry 1:
- Destination: 10.0.0.0/16
- Target: local
- Routes Entry 2:
- Destination: 0.0.0.0/0
- Target: Internet Gateway – Wordpress Gateway
Security Groups
Create a security group with the following settings:
- Name: Wordpress Website SG
- Description: Allows HTTP traffic inbound
- VPC: Wordpress VPC
- Inbound Rule:
- Type: HTTP
- Source: Anywhere – IPv4 (0.0.0.0/0)
Create a security group with the following settings:
- Name: Wordpress Database SG
- Description: Allows MySQL traffic locally
- VPC: Wordpress VPC
- Inbound Rule:
- Type: MYSQL/Aurora
- Source: Custom (Select Wordpress Website SG in the search field)
Edit both public subnets’ route table associations to: Wordpress Website Route Table
Task 2: Database
Create a new RDS instance with the following settings:
- Engine type: MySQL
- Engine Version: MySQL 8.0.32 (or current latest version available)
- Templates: Free tier
- DB instance identifier: wordpress-db
- Master username: admin
- Auto generate a password: Checked
- DB instance class: db.t3.micro
- Allocated storage: 5
- Enable storage autoscaling: Unchecked
- Virtual private cloud (VPC): Wordpress VPC
- DB subnet group: Create new DB Subnet Group (if you're redoing your database creation, there will already be an entry here. Make sure you're using the Wordpress VPC in the setting above!)
- Public access: No
- VPC security group: Choose existing
- Existing VPC security groups: Remove default VPC, add Wordpress Database VPC (look to see that it's there below the dropdown after you select it)
- Availability Zone: us-east-1a
- Monitoring > Enable Enhanced monitoring: Unchecked
- Below the Monitoring section, Additional configuration > Initial database name: wordpress (Write the database name down! You will need this later.)
- Enable automated backups: Unchecked
- Enable encryption: Unchecked
Once the database has finished creating, click on the View connection details button by the green success message at the top of the page. This gives you your database password.
Store the Master username, Master password, and Endpoint in a saved document along with your Initial database name. You’ll need it later.
Task 3: Wordpress Source Code Modification
Download and Unzip - Local Computer
- On your local machine, download the current Wordpress source code from here: https://wordpress.org/latest.zip
- Unzip the file. You should end up with a wordpress directory. (Do not delete the original .zip file)
Modify Wordpress Configuration File
- In the local wordpress folder, find a file called: wp-config-sample.php
- Duplicate this file, and call it: wp-config.php
- Open wp-config.php in a plain text editor. I recommend Sublime. (https://www.sublimetext.com/download)
Adding Database Connector Info as Environment Variables
In this file (wp-config.php), you will be adding database connector information as environment variables, not the actual connector information. Find the following lines and add the bolded values:
- define('DB_NAME', getenv('DB_NAME'));
- define('DB_USER', getenv('DB_USER'));
- define('DB_PASSWORD', getenv('DB_PASSWORD'));
- define('DB_HOST', getenv('DB_HOST'));
= Adding Authentication Unique Keys and Salts as Environment Variables
In the same file (wp-config.php), you'll be adding the authentication keys and salts from the previous section as environment variables. Find the following lines and add the bolded values:
- define('AUTH_KEY', getenv('AUTH_KEY'));
- define('SECURE_AUTH_KEY', getenv('SECURE_AUTH_KEY'));
- define('LOGGED_IN_KEY', getenv('LOGGED_IN_KEY'));
- define('NONCE_KEY', getenv('NONCE_KEY'));
- define('AUTH_SALT', getenv('AUTH_SALT'));
- define('SECURE_AUTH_SALT', getenv('SECURE_AUTH_SALT'));
- define('LOGGED_IN_SALT', getenv('LOGGED_IN_SALT'));
- define('NONCE_SALT', getenv('NONCE_SALT'));
Task 4: Elastic Beanstalk
Create a new Elastic Beanstalk application with the following settings:
Environment Tier
Select: Web server environment
Main settings
- Application name: wordpress
- Environment name: Wordpress-env'
- Domain: yourSenecaUsername-assignment2 (Click on the Check availability button to verify the URL is free.)
- Platform: PHP
- Platform branch: PHP 8.1 (or current latest)
- Application code: Upload your code
- Choose file: Downloaded wordpress source code zip file (You can download the wordpress source code here: https://wordpress.org/latest.zip)
- Version label: wordpress-versionnumber (Example: wordpress-6.1.1)
Configure more options
Software
- Document root: /wordpress
- Environment properties
- DB_HOST: your RDS database URL
- DB_NAME: initial database name
- DB_USER: admin
- DB_PASSWORD: your auto-generated database password
- AUTH_KEY: (use gathered info from previous step)
- SECURE_AUTH_KEY: (use gathered info from previous step)
- LOGGED_IN_KEY: (use gathered info from previous step)
- NONCE_KEY: (use gathered info from previous step)
- AUTH_SALT: (use gathered info from previous step)
- SECURE_AUTH_SALT: (use gathered info from previous step)
- LOGGED_IN_SALT: (use gathered info from previous step)
- NONCE_SALT: (use gathered info from previous step)
Security
- Service role: LabRole
- EC2 key pair: vockey
- IAM instance profile: LabInstanceProfile
Monitoring
- System: Basic
Managed updates
- Enabled: Unchecked
Notifications
- Email: YourSenecaE-mailAddress
Network
- VPC: Wordpress VPC
- Public IP address: Checked
- Instance subnets: Public Subnet 1, Public Subnet 2 (both checked)
- Database subnets: Private Subnet 1, Private Subnet 2 (both checked)
Instances
- EC2 Security Groups: Wordpress Website SG (both checked)
Create the application.
While you wait for the creation to complete, check your e-mail to confirm your notification subscription.
Task 5: Site Configuration
Open the URL presented in the Wordpress EBS instance and begin the site setup:
Site Information
Set the following site information:
- Site Title: OPS705 Winter 2023 A2 - Full Name
- Username: yourSenecaUsername
- Password: Choose a strong password (do not reuse the DB password)
- Your Email: yourSenecaEmailAddress
- Search engine visibility: Unchecked
Task 5: Blog Posts
Delete the first template post. In your own words, answer the following questions in individual blog posts:
Blog Post: 1
How would you describe how you set up this Elastic Beanstalk+Database instance of Wordpress to a student who has just finished OPS705 Week 1?
Blog Post: 2
What was the most difficult part of this assignment for you?
Blog Post: 3
What parts of this assignment did you find easier compared to our IaaS version of Wordpress from Assignment 1?
Blog Post: 4
In the context of this assignment, briefly describe the function of the following: VPCs, subnets, security groups, route tables, internet gateways
Lab Submission
As with previous labs, your work will be evaluated by accessing your site directly. To formally submit, you must include the following:
- In the comment section of your submission, paste the URL of your new site.
- A single screenshot showing your active and complete Wordpress blog.
Once submitted, you can leave your resources running.