My first simple cloud infrastructure build with Google Cloud Platform
Note: During peer evaluation of this project, the hosted WordPress site will be accessible at https://rwengelbrecht.co.za/. However, this will not be the case after successful validation of the project.
- At least 2 running instances of website at all times.
- Evenly distribute traffic between active instances.
- Scale instances up or down depending on traffic.
- Logged in users will stay identified for the length of a normal session.
- CDN used to distribute static content.
- WordPress VM instance:
- Instantiate VM instance from Marketplace.
- Connect bucket to instance for media uploads:
- Create bucket on GCP console.
- Create service account and download keyfile related to account.
- SSH into WP instance.
Note: to change the following files, you need to be logged in as super user.
- Add the following to
wp-config.php
:define( 'AS3CF_SETTINGS', serialize( array('provider' => 'gcp', 'key-file-path' => '/etc/file.json',) ) );
- Create file according to 'key-file-path' and copy downloaded keyfile text into it.
- In a browser, navigate to external_ip_of_wordpress_instance/wp-admin, log in.
- Install and activate WP Offload Media Lite plugin.
- In the plugin settings, select the bucket you created.
- Connect SQL database to instance:
- Create SQL instance on GCP console, enabling private IP.
- Create new database for the instance, setting charset to 'utf8mb4' and collate to 'utfmb48_general_ci'.
- SSH into WP instance and add to
wp-config.php
:define( 'DB_NAME', '<SQL Database name>'); define( 'DB_USER', '<SQL Database username>'); define( 'DB_PASSWORD', '<SQL Database password>'); define( 'DB_HOST', '<Private IP of SQL instance>'); define( 'DB_CHARSET', 'utf8mb4'); define( 'DB_COLLATE', 'utfmb48_general_ci');
- Install W3 Total Cache plugin:
- Follow instructions regarding the
.htaccess
file. - Enable CDN.
- Follow instructions regarding the
- Forward HTTP traffic to HTTPS:
- Add the following to
wp-config.php
:define('FORCE_SSL_ADMIN', true); if (strpos($_SERVER['HTTP_X_FORWARDED_PROTO'], 'https') !== false) $_SERVER['HTTPS']='on';
- Add to
.htaccess
file:RewriteEngine On RewriteCond %{HTTP:X-Forwarded-Proto}=http RewriteRule .* https://%{HTTP:Host}%{REQUEST_URI} [L,R=permanent]
- Add the following to
- Create image from WordPress instance:
- STOP WordPress VM instance created in previous step.
- From Compute Engine > Storage > Images in GCP console, create image.
- Select created WP VM instance as source disk.
- Create instance template from image:
- From Compute Engine > Virtual machines > Instance templates, create instance template.
- Select custom image as boot disk, selecting created image.
- Allow both HTTP and HTTPS traffic.
- Create instance group from instance template:
- From Compute Engine > Instance groups > Instance groups, create instance group.
- Set instance template as template created in previous step.
- Turn on Autoscaling.
- Set minimum and maximum number of instances as required.
- Create new health check for group.
- Create firewall rule for external frontend access:
- From VPC Network > Firewall, create firewall rule.
- Set Direction to 'Ingress'.
- Allow Action on Match.
- Target all instances.
- Set Source Filter to IP Range.
- Set the range to
130.211.0.0./22
,35.191.0.0/16
. - Check TCP and set to port 80.
- Set up GCP managed SSL certificate:
- From Network services > Load balancing, follow the 'advanced menu' link.
- From Certificates tab, create ssl certificate.
- Check 'Google-managed certificate'.
- Add appropriate domain name/IP.
- Create HTTPS and HTTP Load balancer, making sure to redirect HTTP traffic to HTTPS, enable Cloud CDN and adding the SSL certificate created in the previous step.