how to create rds database for wordpress in aws on rhel 7 or centos 7

How To Create RDS Database in AWS for WordPress

i | P a g e

Table of Contents Overview ....................................................................................................................................................... 1

Applies To ...................................................................................................................................................... 1

Pre-Requisites ............................................................................................................................................... 1

RDS Database ................................................................................................................................................ 1

Launch RDS Console .................................................................................................................................. 1

Select Engine – Database .......................................................................................................................... 2

DB Instance – High Availability ................................................................................................................. 2

DB Instance – Specifications ..................................................................................................................... 3

DB Instance – Settings............................................................................................................................... 3

DB Instance – Configure Advanced Settings ............................................................................................. 4

DB Instance – Database Options ............................................................................................................... 5

DB Instance – Backup ................................................................................................................................ 5

Backup Retention Period ...................................................................................................................... 5

Backup Window .................................................................................................................................... 6

DB Instance – Maintenance ...................................................................................................................... 6

Auto Minor Version Upgrade ................................................................................................................ 6

Maintenance Window ........................................................................................................................... 6

DB Instance – View Your DB Instance ....................................................................................................... 7

DB Instance – Launch Status - Creating .................................................................................................... 8

DB Instance – Launch Status - Available ................................................................................................... 8

DB Instance – Configure Security Group ................................................................................................... 9

DB Instance – Configure Security Group – Add Rule ................................................................................ 9

DB Instance – MySQL Workbench – Parameters .................................................................................... 10

DB Instance – Connect MySQL Workbench – SSL ................................................................................... 11

DB Instance – Connect MySQL Workbench ............................................................................................ 12

DB Instance – RDS DB Connection – SSL CA Download .......................................................................... 13

MySQL – RDS DB Connection - SSL Certificate Connectivity ................................................................... 13

MySQL – SSL Certificate Connection – DB .............................................................................................. 14

MySQL – Non SSL Connectivity ............................................................................................................... 14

Configure SELinux ....................................................................................................................................... 15

SELinux – httpd ....................................................................................................................................... 15


ii | P a g e

SELinux – httpd ....................................................................................................................................... 16

WordPress – Download Package ................................................................................................................ 16

WordPress - Extract Package ...................................................................................................................... 17

WordPress – Configure Database Parameters........................................................................................ 17

WordPress - Launch Portal ...................................................................................................................... 18

Troubleshooting .......................................................................................................................................... 19

Error establishing a database connection ............................................................................................... 19

Error Message ..................................................................................................................................... 19

Cause ................................................................................................................................................... 19

Resolution ........................................................................................................................................... 19


1 | P a g e

Overview

One of the main features in AWS environment is RDS database, wherein database does need a server to

create a database. You just need to create a new instance and start utilizing the database service, once

you configure the security group and you need to establish connection via endpoint.

Applies To

RHEL 7, CentOS 7, AWS, RDS – MySQL

Pre-Requisites

MySQL workbench (optional) if you want to connect from Windows machine

RDS Database

RDS Database.

It’s completely different from the way a conventional database where you build a server and install MySQL

server, client packages and create the database and create the required access privileges.

Launch RDS Console

Launch “RDS” from different AWS services from the AWS Management Services Console, when you click

on “RDS Dashboard” will be launched. If it’s a first time you are launching it, you will be seeing the below

screen, to create a new Instance, click on “Get Started Now”.


2 | P a g e

Select Engine – Database

Next step is to choose database engine that needs to be created. In this document we are creating MySQL

instance, so click on “MySQL” and click on “Select” button.

DB Instance – High Availability

Next step is to choose whether the database have to be configured in “Multi-AZ Deployment” which is

the database would be configured in more than one availability zone for higher availability or choose it to

be a standalone database, typically for a non-production deployments.


3 | P a g e

DB Instance – Specifications

Next step, after selecting DB Engine choose Instance options and configurations.

Options When to choose

DB Engine Version Choose the Version that you intend to deploy, typically depends on the application compatibility

DB Instance Class Choose the compute, memory and workload, depends on workloads

Multi-AZ Deployment Choose, wherein High-availability is mandatory

Storage Type Depends on the application needs and IOPs required for the application performance

Allocated Storage 5 GB Size

DB Instance – Settings

Next step, select the database settings and parameters.

Setting Purpose

DB Instance Identifier DB instance identifier, unique identifier for the AWS account

Master Username Set master username for the database

Master Password Set master password for the database

Confirm Password Set the master username password


4 | P a g e

DB Instance – Configure Advanced Settings

Next step is to configure advanced settings, wherein security parameters is set or configured. Also ensure

that you download the “SSL Certificate” if you intend to connect securely, click on link “new certificate

bundle”

Setting Purpose

VPC If you intend to create new VPC wherein you DB will be configured on different VPC and DB Subnet group

Subnet Group Default or new subnet group to be configured, according to the VPC option

Publicly Accessible If the database is accessible within VPC or publicly

Availability Zone Choose the default, ideally choose in the EC2 configured zone

VPC Security Group(s) Configure the authorized network to connect to database


5 | P a g e

DB Instance – Database Options

Next step is to configure database options, wherein database options.

Setting Purpose

Database Name Database name to be created by the RDS installation process

Database Port Database service port to be configured

DB Parameter Group Choose the configuration setting for the version (container for the engine)

Option Group Amazon RDS uses option groups to enable and configure these features. An option group can specify features, called options, that are available for a particular Amazon RDS DB instance

Copy Tags To Group Select this option to have any DB instance tags copied to a DB snapshot when you create a snapshot.

Enable Encryption Encrypt data transfer and data stored

DB Instance – Backup

Next step is to configure database backup retention and backup window options. These two options are

by default enabled.

Backup Retention Period

One of the feature wherein database or backup administrators take of is configuring backup and

subsequently retention period wherein the previous backup that needs to be retained. Currently it can

be configured anywhere between 1 to 35 days.


6 | P a g e

Backup Window

When you configure Backup retention period, “Backup Window” should also be configured according to

the business needs and within stipulated timeframe. If you need the backup should be done at specific

time intervals, choose the “Backup Window” option and set the “Start Time” and “Duration” parameters.

Backup window should not be configured same as “Maintenance Window” and also ensure that you have

given sufficient time to complete the backup task, such that ongoing backup should not be disrupted.

See the “Maintenance Window”. Hence it is very import to configure backup windows that doesn’t

overlap with maintenance activity.

DB Instance – Maintenance

Once you have configured backup options. Next step is to configure “Maintenance”. There are two

options.

Auto Minor Version Upgrade

The first option is to choose the “Auto Minor Version Upgrade” wherein minor database upgrade will be

done automatically, when the option is set to “Yes”.

Maintenance Window

When you configure Upgrade to “Yes”, “Maintenance Window” should also be configured according to

the business needs. If you need the maintained activity to be implemented at specific time intervals,

choose the “Maintenance Window” option and set the “Start Time” and “Duration” parameters.

Maintenance window should not be configured same as “Backup Window” and also ensure that you have

given sufficient time to complete the backup task, such that ongoing backup should not be disrupted.

See the “Backup Window”. Hence it is very import to configure backup windows that doesn’t overlap

with maintenance activity.

After configuring this option, click on “Launch DB Instance”.


7 | P a g e

DB Instance – View Your DB Instance

After configuring all the options and clicking on “Launch DB Instance”, you can view the launch status by

clicking the “View Your DB Instance” button.


8 | P a g e

DB Instance – Launch Status - Creating

When you click on “View Your DB Instance” button, you DB instance current creation status will be

displayed. In order to connect the Database Instance that we launched, we will have to wait till the Status

is set / updated to “available” and “Endpoint” is shown.

DB Instance – Launch Status - Available

After creating the DB Instance is created, the status will be set to “available” and endpoint for the DB

instance will be displayed and the authorized networks will also be set. Endpoint is nothing but

“hostname” for MySQL client connect string and authorized is nothing but security groups configured list.


9 | P a g e

DB Instance – Configure Security Group

In order to connect to the database you need to configure security group in the AWS Management console

with the IP Address range for the port 3306. To add a new rule or modify click on security “Group ID”.

Click on “InBound” tab and click on “Edit” button.

DB Instance – Configure Security Group – Add Rule

After adding the new rule, click on “Save” button. After that you can establish connection to the database.

Setting Purpose

Type Choose type of connection (MySQL/Aurora)

Database Port Automatically updated

Source Add access rule for the Source IP from where the database connection would to be established

Connect from – Anywhere (0.0.0.0/0), My IP and Custom IP


10 | P a g e

DB Instance – MySQL Workbench – Parameters

Once the instance status is set to “available”, Create a new the MySQL workbench connection. Configure

New connection as per the below parameters and click on “Test Connection” and “OK” button.

Parameters Values

Hostname copy and paste endpoint string from RDS Instance information

Username Username, set during the “DB instance – Settings” section

Password Password, set during the “DB instance – Settings” section


11 | P a g e

DB Instance – Connect MySQL Workbench – SSL

Optionally, you can configure SSL Certificate downloaded from AWS Portal.

https://s3.amazonaws.com/rds-downloads/rds-combined-ca-bundle.pem

Download the security file when configuring “Network & Security” option.

https://s3.amazonaws.com/rds-downloads/rds-combined-ca-bundle.pem


12 | P a g e

DB Instance – Connect MySQL Workbench

Once saved, double click on the saved connection, you should be able to launch SQL query window.

Database server information is displayed.


13 | P a g e

DB Instance – RDS DB Connection – SSL CA Download

Optionally, you can configure SSL Certificate downloaded from AWS Portal.

Download the SSL CA certificate for RDS database instance connection. When configuring the network &

security section click on download link “new certificate bundle”.

wget https://s3.amazonaws.com/rds-downloads/rds-combined-ca-bundle.pem

MySQL – RDS DB Connection - SSL Certificate Connectivity

Connect the database with SSL certificate with specific database.

mysql -h mywordpress.cnntryehtcnj.us-east-1.rds.amazonaws.com -umywordpressdb

-pmywordpressdb --ssl-ca=/root/rds-combined-ca-bundle.pem -s


14 | P a g e

MySQL – SSL Certificate Connection – DB

Connect the database with SSL certificate with specific database.

mysql -h mywordpress.cnntryehtcnj.us-east-1.rds.amazonaws.com -umywordpressdb

-pmywordpressdb --ssl-ca=/root/rds-combined-ca-bundle.pem -Dmywordpressdb

MySQL – Non SSL Connectivity

Connect the database without SSL certificate with specific database.

mysql -h mywordpress.cnntryehtcnj.us-east-1.rds.amazonaws.com -umywordpressdb -

pmywordpressdb -Dmywordpressdb


15 | P a g e

Configure SELinux

One of the important step after configuring wordpress database is to configure SELinux and enable “httpd

network db connection”. This step is applicable when the SELinux is enabled.

SELinux – httpd

To list all SELinux attributes that can be configured httpd related SELinx parameters that can be configured

can be listed with command “getsebool -a | grep httpd” though we need to configure database

connectivity to get filter by below command.

getsebool -a | grep httpd_can_network


16 | P a g e

SELinux – httpd

Modify current state of particular SElinux boolean; for httpd database connection via network should be

set to “on” to turn off modify the object to “off”, which is 0.

setsebool -P httpd_can_network_connect_db 1

WordPress – Download Package

Download the WordPress package on the server, run the command.

wget http://wordpress.org/latest.tar.gz


17 | P a g e

WordPress - Extract Package

Extract the package in the DocumentRoot folder of Apache httpd server.

cd /var/www/html

tar -zxf latest.tar.gz

WordPress – Configure Database Parameters

Configure the database connection parameters for the WordPress portal in the configuration file “wp-

config.php”.

Setting Purpose

DB Name Configured database name (database – settings)

Master Username Configured username

Master Password Set master password for the database

Confirm Password Set the master username password


18 | P a g e

WordPress - Launch Portal

Launch the WordPress portal and configure the Site Information, administrator username, password and

email ID. Once you are done posting administrator information click on “Install WordPress” button.

http://WordPressServerIP/wordpress/


19 | P a g e

Troubleshooting

Error establishing a database connection

Error Message

Cause

SELinux is not configured to establish database connection for httpd service. To verify this run the

command;

getsebool -a | grep httpd_can_network

Resolution

Since WordPress connects to a database SELinux needs to be configured via httpd service, you need to

turn on SELinux attribute “httpd_can_network_connect_db”.

setsebool -P httpd_can_network_connect_db 1


20 | P a g e

how to create rds database for wordpress in aws on rhel 7 or centos 7

Technology