So this is the story of how you are reading this blog, technically speaking.
When thinking about creating this blog, I realized that already had available compute and storage capabilities in my home lab, so why not using it to be the home of my tech blog project?
The following steps are not challenging, I’m assuming you already have a running MicroK8s cluster on your home server (or servers). In my case as the time of this writing it’s running on a couple of Intel NUCs with some external NFS storage attached as described on a previous post.
In order to deploy WordPress, I’m using the Bitnami Helm charts. Bitnami does a great job of curated releases of software packages with great documentation, you can find the details of this specific one here.
To expose the site on the Internet, I decided to test Cloudflare Tunnels. Even having the chance to expose via a reverse tunnel as explained here, Cloudflare offers a robust tunnel solution integrated with its CDN and cache capabilities, for free!!!
First make sure to enable both the Helm and Metallb addons, will be using those on this deployment.
Enable the Bitnami repo for Helm:
$ microk8s helm repo add bitnami https://charts.bitnami.com/bitnami
As I want to customize my deployment, I created a values.yml file with the specific custom values to override the default chart ones:
global: storageClass: nfs-csi wordpressUsername: youruser wordpressPassword: yourpassword wordpressEmail: [email protected] wordpressFirstName: First Name wordpressLastName: Last Name wordpressBlogName: Blog Name replicaCount: 2 service: loadBalancerIP: XXX.XXX.XXX.XXX ingress: enabled: true hostname: hostname.lan persistence: storageClass: nfs-csi accessModes: - ReadWriteMany size: 20Gi mariadb: primary: persistence: storageClass: nfs-csi size: 10Gi auth: username: username password: password
First I define what storage class to use for all the required persistent volumes, in this case nfs-csi.
Then there are several WordPress specific values to define the blog data.
In my case I decided to have 2 replicas of WordPress, just for high availability.
Then I’m defining a value for loadBalancerIP, this is a specific IP address to be used by Melallb to expose the blog outside the cluster.
I’m also defining an ingress, which will be configured in my internal DNS for local LAN access.
Finally there are some definitions for persistent storage classes and sizes, and in the case of MariaDB also a user name and password.
With all this values defined in the values.yml file, you can deploy WordPress using Helm:
$ microk8s kubectl create namespace wordpress $ microk8s helm install -f values.yml -n wordpress myblog bitnami/wordpress
After a while WordPress should be available by accessing through the defined load balancer IP address.
Expose via Cloudflare Tunnel
First of all create an account in Cloudflare if you don’t have one already.
The first step would be to define the site in Cloudflare, and delegate the DNS resolution of your domain to Cloudflare. This step requires to setup the assigned Cloudflare nameservers on your domain registrar. With this Cloudflare can fully manage your domain resolution and apply its protection and cache magic.
The next step is to create the tunnel from your local K8s cluster to Cloudflare.
Look for the Traffic section on Cloudflare dashboard, and there will find the Cloudflare Tunnel option. Launch the Zero Trust Dashboard.
This opens a new page where the tunnel can be defined, go to Access and then Tunnels.
There are two options to create tunnels, via dashboard of using the CLI, I decided to use the later to have more control over what’s going on.
The official instructions can be found here.
Major steps are:
- Install the cloudflared daemon.
- Authenticate using your credentials.
- Create a tunnel with a specific name.
- Create a configuration file with details for traffic routing.
- Run the tunnel connection.
In my specific case, the configuration file looks like this:
url: http://XXX.XXX.XXX.XXX tunnel: XXXX-XXXX-XXXX-XXXX-XXXX credentials-file: /root/.cloudflared/XXXX-XXXX-XXXX-XXXX-XXXX.json
The url parameter is the already defined IP address of the local Metallb load balancer.
The tunnel id can be found on Cloudflare dashboard, and the credentials file corresponds to the tunnel id.
Running the tunnel connection and checking on the dashboard will give you a status of the link connection. You are ready to access your blog from anywhere on the Internet.
Let me know if this post was useful, and any comments or corrections you may find.