Running WordPress in production requires more than just spinning up a container. You need a reliable Kubernetes cluster, persistent block storage, TLS certificates, and a secure ingress setup.
In this guide, weโll walk through:
- Setting up a production-ready Kubernetes cluster with MicroK8s
- Installing Longhorn for block storage
- Configuring Ingress with TLS via cert-manager
- Deploying WordPress and MySQL applications
1. Setting Up MicroK8s
First, letโs install a fresh MicroK8s cluster.
sudo snap install microk8s –classic–channel=1.32
Enable Required Addons
microk8s enable dns
microk8s enable rbac
Configure User Permissions
sudo usermod -a-G microk8s $USER
mkdir-p ~/.kube
chmod0700 ~/.kube
su-$USER
Add aliases for convenience:
echo”alias kubectl=’microk8s kubectl'” >> ~/.bashrc
echo”alias helm=’microk8s helm'” >> ~/.bashrc
source ~/.bashrc
2. Installing Longhorn for Block Storage
Longhorn provides reliable distributed block storage for Kubernetes workloads.
Add Helm Repository
helm repo add longhorn https://charts.longhorn.io
helm repo update
Install Longhorn
helm install longhorn longhorn/longhorn \
–namespace longhorn-system \
–create-namespace \
–version1.8.0 \
–set csi.kubeletRootDir=/var/snap/microk8s/common/var/lib/kubelet
Set Longhorn as Default StorageClass
kubectl patch storageclass longhorn \
-p'{“metadata”: {“annotations”:{“storageclass.kubernetes.io/is-default-class”:”true”}}}’
3. Configuring Ingress with TLS
Weโll use NGINX ingress controller and cert-manager for automatic TLS.
Install NGINX Ingress
helm upgrade –install ingress-nginx ingress-nginx \
–repo https://kubernetes.github.io/ingress-nginx \
–namespace ingress-nginx \
–create-namespace
Patch the ingress service with your external IP:
kubectl patch svc ingress-nginx-controller \
-n ingress-nginx \
-p'{“spec”:{“externalIPs”:[“<YOUR_PUBLIC_IP>”]}}’
Install cert-manager
helm repo add jetstack https://charts.jetstack.io –force-update
helm install cert-manager jetstack/cert-manager \
–namespace cert-manager \
–create-namespace \
–set crds.enabled=true
4. Deploy WordPress & MySQL
Create a config.yaml inside your resources/ directory.
apiVersion: v1
apiVersion: apps/v1
kind: Deployment
metadata:
name: wordpress
namespace: dev-ops
spec:
replicas: 1
selector:
matchLabels:
app: wordpress
template:
metadata:
labels:
app: wordpress
spec:
containers:
– name: wordpress
image: wordpress:php8.2-apache
env:
– name: WORDPRESS_DB_HOST
value: mysql
– name: WORDPRESS_DB_USER
value: root
– name: WORDPRESS_DB_PASSWORD
value: rootpass
– name: WORDPRESS_DB_NAME
value: wordpress
—
apiVersion: v1
kind: Service
metadata:
name: wordpress
namespace: dev-ops
spec:
type: ClusterIP
selector:
app: wordpress
ports:
– port: 80
targetPort: 80
—
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: wordpress-ingress
namespace: dev-ops
annotations:
cert-manager.io/cluster-issuer: “letsencrypt-prod”
spec:
rules:
– host: yourdomain.com
http:
paths:
– path: /
pathType: Prefix
backend:
service:
name: wordpress
port:
number: 80
tls:
– hosts:
– yourdomain.com
secretName: wordpress-tls
Apply it:
kubectl apply -f resources/config.yaml
5. Verify the Deployment
Check everything:
kubectl get pods -n dev-ops
kubectl get svc -n dev-ops
kubectl get ingress -n dev-ops
If DNS and TLS are set up correctly, visiting https://yourdomain.com should load your WordPress site ๐
โ Conclusion
You now have a production-ready WordPress setup on Kubernetes with:
- MicroK8s for lightweight orchestration
- Longhorn for persistent block storage
- NGINX ingress + cert-manager for TLS security
- WordPress + MySQL deployed in a secure namespace
This approach ensures scalability, resilience, and security for your blogging or business platform.