AWS Elastic Beanstalk
Developer Guide (API Version 2010-12-01)
AWS services or capabilities described in AWS documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon AWS.

Deploying a High-Availability WordPress Website with an External Amazon RDS Database to Elastic Beanstalk

This tutorial describes how you launch an Amazon RDS DB instance that is external to AWS Elastic Beanstalk. Then it describes how to configure a high-availability environment running a WordPress website to connect to it. Running a DB instance external to Elastic Beanstalk decouples the database from the lifecycle of your environment. This lets you connect to the same database from multiple environments, swap out one database for another, or perform a blue/green deployment without affecting your database.

Step 1: Launch a DB Instance in Amazon RDS

To use an external database with an application running in Elastic Beanstalk, first launch a DB instance with Amazon RDS. This DB instance is completely independent of Elastic Beanstalk and your Elastic Beanstalk environments, and will not be terminated or monitored by Elastic Beanstalk.

Use the Amazon RDS console to launch a Multi-AZ MySQL DB instance.

Under Engine options, choose MySQL. Under Use case, choose Production - MySQL to ensure that your database will failover and continue to be available if the master DB instance goes out of service.

For DB instance identifier, type wordpress-beanstalk, and for Master username, type not_wp_admin.

To launch an RDS DB instance in a default Amazon Virtual Private Cloud (Amazon VPC)

  1. Open the RDS console.

  2. Choose Instances in the navigation pane.

  3. Choose Launch DB instance.

  4. Under Engine options, choose the engine that will meet your needs, and then choose Next.

    If prompted to select Use case, choose Production for Multi-AZ deployment or choose Dev/Test to consume only Free Tier resources. Then choose Next.

  5. Under Specify DB details, for Instance specifications, choose the following and then keep the default settings for the remaining options:

    • DB instance class – Computation and memory capacity (if unsure, learn which option is right for you )

    • Multi-AZ deployment – For high availability, set to Create replica in different zone.

  6. Under Estimated monthly costs, review the total. Adjust Use case and DB instance class to fit your budget as needed.

  7. Under Settings, enter values for DB instance identifier, Master username, Master password, and Confirm password. Make a note of these settings because you'll use them later.

  8. Choose Next.

  9. Under Configure advanced settings, for Network & Security, choose the following:

    • Virtual Private Cloud (VPC) – Keep default value

    • Subnet groupDefault

    • Public accessibilityNo

    • Availability Zone No Preference

    • VPC security groupsCreate new VPC Security Group

  10. Under Database options, for Database name, type ebdb, and verify the default settings for the remaining options. Make a note of the Database port value for use later.

  11. Verify the default settings for the remaining options, and choose Launch DB instance.

Next, you modify the security group that is attached to your DB instance to allow inbound traffic on the appropriate port. This is the same security group that you will attach to your Elastic Beanstalk environment later, so the rule that you add will grant ingress permission to other resources in the same security group.

To modify the ingress rules on your RDS instance's security group

  1. Open the Amazon RDS console.

  2. Choose Instances.

  3. Choose the name of your recently created DB instance to view its details.

  4. Go to the Details section.

  5. In the Details section, note the Subnets, Security groups, and Endpoint shown on this page so you can use this information later.

    Note

    The security group name is the first value of the link text shown in Security groups, before the value in parentheses. This second value, in parentheses, is the security group ID.

  6. Under Security and network, you can see the security group associated with the DB instance. Open the link to view the security group in the Amazon EC2 console.

    
        Details section of a DB instance page in the Amazon RDS console
  7. In the security group details, choose the Inbound view.

  8. Choose Edit.

  9. Choose Add Rule.

  10. For Type, choose the DB engine that your application uses.

  11. For Source, choose Custom, and then type the group ID of the security group. This allows resources in the security group to receive traffic on the database port from other resources in the same group.

    
        Edit the inbound rules for a security group in the Amazon EC2 console
  12. Choose Save.

Creating a DB instance takes about 10 minutes. In the meantime, download WordPress and launch your Elastic Beanstalk environment.

Step 2: Download WordPress

To prepare to deploy WordPress using AWS Elastic Beanstalk, you must copy the WordPress files to your computer and provide some configuration information. AWS Elastic Beanstalk requires a source bundle, in the format of a .zip or .war file.

To download WordPress and create a source bundle

  1. Open http://wordpress.org/download/.

  2. Download the latest release.

  3. Extract the WordPress files from the download to a folder on your local computer, and rename the root folder to wordpress-beanstalk.

  4. Download the configuration files from the following repository:

    https://github.com/awslabs/eb-php-wordpress/releases/download/v1.0/eb-php-wordpress-v1.zip
  5. Extract the configuration files into your wordpress-beanstalk folder.

  6. Verify that the structure of your wordpress-beanstalk folder is correct, as shown.

    ├── .ebextensions ├── wp-admin │ ├── css │ ├── images │ ├── includes │ ├── js │ ├── maint │ ├── network │ └── user ├── wp-content │ ├── plugins │ └── themes ├── wp-includes │ ├── certificates │ ├── css │ ├── customize │ ├── fonts │ ├── ID3 │ ├── images │ ├── js │ ├── pomo │ ├── random_compat │ ├── Requests │ ├── rest-api │ ├── SimplePie │ ├── Text │ ├── theme-compat │ └── widgets
  7. Modify the configuration files in the .ebextensions folder with the IDs of your default Amazon Virtual Private Cloud (Amazon VPC) and subnets, and your public IP address.

    Open the .ebextensions/efs-create.config file. This file creates an Amazon EFS file system and mount points in each Availability Zone or subnet in your Amazon VPC. Identify your default VPC and subnet IDs in the Amazon VPC console.

    1. Open the Amazon RDS console.

    2. Choose Instances.

    3. Choose the name of your recently created DB instance to view details.

    4. Go to Details.

    5. Under Security and network, copy the value for the VPC and the values for Subnets to the .ebextensions/efs-create.config file.

    The .ebextensions/dev.config file restricts access to your environment to your IP address to protect it during the WordPress installation process. Replace the placeholder IP address near the top of the file with your public IP address, followed by /32.

  8. Create a .zip file from the files and folders in the wordpress-beanstalk folder (not the parent directory), using one of the following methods, depending on your operating system:

    • Windows – In File Explorer, select the files and folders, right-click, and then choose Send to, Compressed (zipped) folder. Name the file wordpress-x.y.z.zip, where x.y.z is the version of WordPress.

    • Mac OS X and Linux – Use the following command, where x.y.z is the version of WordPress.

      zip -r ../wordpress-x.y.z.zip .
  9. Verify that the root structure of your .zip file is the same as in step 6.

Step 3: Launch an Elastic Beanstalk Environment

Use the AWS Management Console to launch an Elastic Beanstalk environment.

  1. Open the Elastic Beanstalk console with this preconfigured link: console.aws.amazon.com/elasticbeanstalk/home#/newApplication?applicationName=wordpress-beanstalk&environmentType=LoadBalanced

  2. Under Application Information, for Application name, type wordpress-beanstalk, and then choose Next.

  3. For New Environment, choose Create web server.

  4. Under Environment Type, for Predefined configuration, choose PHP.

    Note

    If you need to use a version of WordPress earlier than 4.0, your Elastic Beanstalk environment must use an earlier version of the PHP platform. Choose Change platform version, and then select the latest PHP 5.6 version from the drop-down menu.

  5. For Environment type, choose Load balancing, auto scaling, and then choose Next.

  6. Under Application Version, for Source, choose Upload your own.

  7. Choose Choose File and navigate to the .zip file you created for your WordPress files.

  8. For Deployment Preferences, leave the defaults for everything, and then choose Next.

  9. For Environment Information, customize if you want, or use defaults. Then choose Next.

  10. Under Additional Resources, choose Create this environment inside a VPC, and then choose Next.

  11. Under Configuration Details, review the options, and then choose Next.

  12. For Environment Tags, specify tags if you want, and then choose Next.

  13. Under VPC Configuration, select all of the subnets for both ELB and EC2.

  14. Under VPC Configuration, for VPC security group, select the security group for your RDS instance. Then choose Next.

  15. For Permissions, leave the default selected, and then choose Next.

  16. Review all the options you selected, and when you are satisfied with them, choose Launch.

Environment creation takes about 5 minutes.

Step 4: Configure Environment Properties

Next, pass the connection information to your environment by using environment properties. The sample application uses a default set of properties that match the ones that Elastic Beanstalk configures when you provision a database within your environment.

To configure environment properties for an Amazon RDS DB instance

  1. Open the Elastic Beanstalk console.

  2. Navigate to the management page for your environment.

  3. Choose Configuration.

  4. On the Software configuration card, choose Modify.

  5. In the Environment Properties section, define the variables that your application reads to construct a connection string. For compatibility with environments that have an integrated RDS DB instance, use the following. Choose the plus symbol (+) to add more properties.

    • RDS_HOSTNAME – The hostname of the DB instance.

      Amazon RDS console label – Endpoint (this is the hostname)

    • RDS_PORT – The port on which the DB instance accepts connections. The default value varies among DB engines.

      Amazon RDS console label – Port

    • RDS_DB_NAME – The database name, ebdb.

      Amazon RDS console label – DB Name

    • RDS_USERNAME – The user name that you configured for your database.

      Amazon RDS console label – Username

    • RDS_PASSWORD – The password that you configured for your database.

    
        Environment Properties section with RDS properties added
  6. Choose Save, and then choose Apply.

Step 5: Install WordPress

To complete your WordPress installation

  1. Open the Elastic Beanstalk console.

  2. Navigate to the management page for your environment.

  3. Choose the environment URL to open your site in a browser. You are redirected to a WordPress installation wizard because you haven't configured the site yet.

  4. Perform a standard installation. The wp-config.php file is already present in the source code and configured to read the database connection information from the environment. You shouldn't be prompted to configure the connection.

Installation takes about a minute to complete.

Step 6: Updating Keys and Salts

The WordPress configuration file wp-config.php also reads values for keys and salts from environment properties. Currently, these properties are all set to test by the wordpress.config file in the .ebextensions folder.

The hash salt can be any value, but you should not store it in source control. Use the Elastic Beanstalk console to set these properties directly on the environment.

To add environment properties

  1. Open the Elastic Beanstalk console.

  2. Navigate to the management page for your environment.

  3. On the navigation pane, choose Configuration.

  4. For Software Configuration, choose the gear icon.

  5. For Environment Properties, define the following authentication settings:

    • AUTH_KEY – The value chosen for AUTH_KEY.

    • SECURE_AUTH_KEY – The value chosen for SECURE_AUTH_KEY.

    • LOGGED_IN_KEY – The value chosen for LOGGED_IN_KEY.

    • NONCE_KEY – The value chosen for NONCE_KEY.

    • AUTH_SALT – The value chosen for AUTH_SALT.

    • SECURE_AUTH_SALT – The value chosen for SECURE_AUTH_SALT.

    • LOGGED_IN_SALT – The value chosen for LOGGED_IN_SALT.

    • NONCE_SALT — The value chosen for NONCE_SALT.

    Setting the properties on the environment directly overrides the values in wordpress.config.

Step 7: Update the Environment

If the security group uses the IP address, then this tutorial includes a configuration file (loadbalancer-sg.config) that creates a security group and assigns it to the environment's load balancer. The security group uses the IP address that you configured in dev.config. It restricts HTTP access over port 80 to connections from your network. This prevents an outside party from potentially connecting to your site before you complete your WordPress installation and configure your admin account. To remove this restriction from your load balancer configuration and open the site to the internet, you can use the following steps.

To remove the restriction and update your environment

  1. On your local computer, delete the .ebextensions/loadbalancer-sg-config file from the wordpress-beanstalk folder.

  2. Create a .zip file from the files and folders in the wordpress-beanstalk folder (not the parent directory), using one of the following methods, depending on your operating system:

    • Windows – In Windows Explorer, select the files and folders, right-click, and then choose Send to, Compressed (zipped) Folder. Name the file using the following format, where x.y.z is the version of WordPress.

      wordpress-x.y.z-v2.zip
    • Mac OS X and Linux – Use the following command, where x.y.z is the version of WordPress.

      zip -r ../wordpress-x.y.z-v2.zip .
  3. Open the Elastic Beanstalk console.

  4. Navigate to the management page for your environment.

  5. Choose Upload and Deploy.

  6. Choose Choose File, and then navigate to the .zip file you created for your WordPress files.

  7. Enter a Version label that distinguishes this updated version from your previous version.

  8. Choose Deploy.

Step 8: Configure Your Auto Scaling Group

Finally, configure your environment's Auto Scaling group with a higher minimum instance count. Run at least two instances at all times to prevent the web servers in your environment from being a single point of failure. This also allows you to deploy changes without taking your site out of service.

To configure your environment's Auto Scaling group for high availability

  1. Open the Elastic Beanstalk console.

  2. Navigate to the management page for your environment.

  3. Choose Configuration.

  4. On the Capacity configuration card, choose Modify.

  5. In the Auto Scaling Group section, set Min instances to 2 and Max instances to a value greater than 2.

  6. Choose Save, and then choose Apply.

Review

Launching an environment creates the following resources:

  • EC2 instance – An Amazon Elastic Compute Cloud (Amazon EC2) virtual machine configured to run web apps on the platform that you choose.

    Each platform runs a specific set of software, configuration files, and scripts to support a specific language version, framework, web container, or combination thereof. Most platforms use either Apache or nginx as a reverse proxy that sits in front of your web app, forwards requests to it, serves static assets, and generates access and error logs.

  • Instance security group – An Amazon EC2 security group configured to allow ingress on port 80. This resource lets HTTP traffic from the load balancer reach the EC2 instance running your web app. By default, traffic isn't allowed on other ports.

  • Load balancer – An Elastic Load Balancing load balancer configured to distribute requests to the instances running your application. A load balancer also eliminates the need to expose your instances directly to the internet.

  • Load balancer security group – An Amazon EC2 security group configured to allow ingress on port 80. This resource lets HTTP traffic from the internet reach the load balancer. By default, traffic isn't allowed on other ports.

  • Auto Scaling group – An Auto Scaling group configured to replace an instance if it is terminated or becomes unavailable.

  • Amazon S3 bucket – A storage location for your source code, logs, and other artifacts that are created when you use Elastic Beanstalk.

  • Amazon CloudWatch alarms – Two CloudWatch alarms that monitor the load on the instances in your environment and are triggered if the load is too high or too low. When an alarm is triggered, your Auto Scaling group scales up or down in response.

  • AWS CloudFormation stack – Elastic Beanstalk uses AWS CloudFormation to launch the resources in your environment and propagate configuration changes. The resources are defined in a template that you can view in the AWS CloudFormation console.

  • Domain name – A domain name that routes to your web app in the form subdomain.region.elasticbeanstalk.com.

Elastic Beanstalk manages all of these resources. When you terminate your environment, Elastic Beanstalk terminates all the resources that it contains. The RDS DB instance that you launched is outside of your environment, so you are responsible for managing its lifecycle.

Note

The S3 bucket that Elastic Beanstalk creates is shared between environments and is not deleted during environment termination. For more information, see Using Elastic Beanstalk with Amazon Simple Storage Service.

Clean Up

When you finish working with Elastic Beanstalk, you can terminate your environment. Elastic Beanstalk terminates all AWS resources associated with your environment, such as Amazon EC2 instances, database instances, load balancers, security groups, and alarms.

To terminate your Elastic Beanstalk environment

  1. Open the Elastic Beanstalk console.

  2. Navigate to the management page for your environment.

  3. Choose Actions, and then choose Terminate Environment.

  4. In the Confirm Termination dialog box, type the environment name, and then choose Terminate.

In addition, you can terminate database resources that you created outside of your Elastic Beanstalk environment. When you terminate an Amazon RDS database instance, you can take a snapshot and restore the data to another instance later.

To terminate your RDS DB instance

  1. Open the Amazon RDS console.

  2. Choose Instances.

  3. Choose your DB instance.

  4. Choose Instance actions, and then choose Delete.

  5. Choose whether to create a snapshot, and then choose Delete.

To delete a DynamoDB table

  1. Open the Tables page in the DynamoDB console.

  2. Select a table.

  3. Choose Actions, and then choose Delete table.

  4. Choose Delete.

Next Steps

As you continue to develop your application, you'll probably want to manage environments and deploy your application without manually creating a .zip file and uploading it to the Elastic Beanstalk console. The Elastic Beanstalk Command Line Interface (EB CLI) provides easy-to-use commands for creating, configuring, and deploying applications to Elastic Beanstalk environments from the command line.

The sample application uses configuration files to configure PHP settings and create a table in the database, if it doesn't already exist. You can also use a configuration file to configure your instances' security group settings during environment creation to avoid time-consuming configuration updates. See Advanced Environment Customization with Configuration Files (.ebextensions) for more information.

For development and testing, you might want to use the Elastic Beanstalk functionality for adding a managed DB instance directly to your environment. For instructions on setting up a database inside your environment, see Adding a Database to Your Elastic Beanstalk Environment.

If you need a high-performance database, consider using Amazon Aurora. Amazon Aurora is a MySQL-compatible database engine that offers commercial database features at low cost. To connect your application to a different database, repeat the security group configuration steps and update the RDS-related environment properties.

If you plan on using your application in a production environment, configure a custom domain name for your environment.

If you want to enable HTTPS for secure connections, there are WordPress plugins available to assist. One example is the Really Simple SSL plugin.