save wp-content data to a separate volume #16
Conversation
|
@Vermyndax It shows up! Now just need to figure out what hooks to use for mounting/unmounting. |
|
\o/ Ok, so when you initially create this EBS volume (in the setup of the infrastructure), you'd want to attach it to an EC2 instance and make the file system on it: sudo mkfs -t ext4 /dev/xvdf ...this will make the filesystem. Next you'll want to mount it at a mount point. If wordpress is installed in /var/www/html/wordpress, then you would normally do: sudo mount /dev/xvdf /var/www/html/wordpress/wp-content The wp-content directory will still exist on the root volume, but it will become invisible because of the mounting of the volume in that directory. That's normal and fine, since the server's immutable anyway. Now, anything written to /var/www/html/wordpress/wp-content will go on the attached EBS volume. To make this EBS volume attached to the instance throughout it's lifespan, two things have to happen:
To preserve the mount as a permanent part of the instance's life, you would edit /etc/fstab as per the AWS documentation, but that's where I'm not sure what the best approach is... would it be better to do it this way, or would it be better to have terraform handle the attachment/detachment and folder mounting as part of infrastructure provisioning and modification? I suspect it's the latter. |
afeld
force-pushed
the
persistent-volume
branch
from
cb5c5d3 to
dee0c3a
Compare
|
It works! 🎉 Test steps (which we should get into code at some point):
Pulled a few smaller pull requests out of this one, so will rebase as soon as those are in. |
README.md
Outdated
| @@ -110,3 +110,13 @@ For initial or subsequent deployment: | |||
| ```sh | |||
| terraform apply | |||
| ``` | |||
|
|
|||
| Note that if the public IP address changes after you set up the site initially, you will need to [change the site URL](https://codex.wordpress.org/Changing_The_Site_URL#Changing_the_Site_URL) in WordPress. | |||
There was a problem hiding this comment.
I learned the hard way that WordPress saves the URL where it's accessed for the initial setup in the database, and therefore having the public IP change frequently was making parts of the site inaccessible. While a custom domain is what you'd actually use, an Elastic IP is good enough for now.
There was a problem hiding this comment.
You may want to look at installing the wp-cli to make changes like this easier to do from the machine itself in case you can't get in to the web interface.
There was a problem hiding this comment.
Good call! Added as follow-up task: #22.
terraform/volume.tf
Outdated
| @@ -0,0 +1,21 @@ | |||
| resource "aws_ebs_volume" "wp_content" { | |||
| # TODO deletion protection | |||
There was a problem hiding this comment.
@afeld Just a nit... When a "type" property isn't specified in this resource, it's created as a "standard" volume. Default for creating a volume in the console is "GP2" (General Purpose SSD). I'd recommend adding:
type = "gp2"
...just to keep things standardized I guess ;)
Ref: aws_ebs_volume
There was a problem hiding this comment.
Along with that, you'll want encryption at rest enabled as well.
Per https://help.ubuntu.com/community/WordPress, this is required to allow automatic updates.
WordPress needs its database to be updated anytime the hostname changes - this sidesteps the issue for the common case of the instance being replaced, by using an Elastic IP that will stay constant.
afeld
force-pushed
the
persistent-volume
branch
from
303da4d to
d7a6f1c
Compare
| owner: "{{ apache_user }}" | ||
| group: "{{ apache_group }}" | ||
| state: directory | ||
| recurse: true |
There was a problem hiding this comment.
Not positive that we want to allow automatic updates...? That would mean WordPress itself wouldn't be deployed immutably. Happy to take the conversation to an issue.
There was a problem hiding this comment.
If the upstream source that deploys Wordpress on the instance is in sync with the updates, it may not be too bad. Wordpress updates download into /wp-content/updates and then deploy into the main directory. Sometimes those updates contain schema updates for the database as well. Lots to consider.
There was a problem hiding this comment.
So, the way that I did this for our modified version of cf-ex-wordpress (deploying in cloud.gov) was to do some json in a particular schema, and feed that to wp-cli.
Relevant python bits here: cloud-gov/cf-ex-wordpress@25be580#diff-81085e34fc3ba4cf38cba76d477219bdR59 . I'm sure that could be turned into some ansible code.
There was a problem hiding this comment.
Let's worry about it separately, if that's ok with you both: #23.
Also, make it an SSD.
|
Rebased and addressed the comments - should be ready to go! |
| sudo mv $DEST $OLDDEST | ||
| sudo mkdir -p $DEST | ||
|
|
||
| echo "$devpath $DEST ext4 defaults,nofail,noatime,nodiratime,barrier=0,data=writeback 0 2" | sudo tee -a /etc/fstab > /dev/null |
There was a problem hiding this comment.
Should probably check that it doesn't exist before appending to fstab, yeah?
There was a problem hiding this comment.
Will look into the best way to do that. This script got complex enough that I'm considering changing it to Ansible (as a follow-up), which takes care of checks like that.
There was a problem hiding this comment.
(but let me know if you know of an example)
There was a problem hiding this comment.
Should be able to do with an egrep and regex:
if ! egrep "^${devpath}" /etc/fstab; then
echo "$devpath $DEST ... etc
fi
|
Ready for another look! |
Closes #7.