Kubernetes LEMP Stack is a distributed LEMP stack built on top of a Kubernetes cluster. It enables anyone to deploy multiple CMSs (currently WordPress) for any number of websites. We built it to be secure and very fast by default.
Currently this supports Google Compute Engine as a cloud provider. Other providers haven't been tested (things like PersistentVolume
and Ingress
depend on your cloud provider).
There are already stable turn-key deployments for various CMSs via Kubernetes Helm Charts, but Kubernetes LEMP Stack is designed more or less in the traditional LEMP fashion where you get a bucket for all of your HTML at /var/www/html
and you may or may not use a CMS.
Actually, k8s LEMP Stack should be able to serve as your own personal web server farm! Use it as a backend to your own cloud hosting company! We also want extra customisation in terms of our web server and security hardening measures. In addition, future improvements aim to make this software scalable and highly-available.
WordPress
redis
. WordPress is contained in one Deployment
controller along with an NGINX container with FastCGI caching and the NAXSI web application firewall.Deployment
gets it's own PersistentVolume
as well as Secret
objects for storing sensitive information such as passwords for their DBs.ConfigMap
s are used to inject various php.ini
settings for PHP 7.3.NGINX
ConfigMap
objects.nginx-naxsi
image, which comes with:ConfigMap
s.MariaDB
mariadb
StatefulSet
. This is so anyone can start off with a full-fledged web farm and bring up any number of websites using one mariadb
instance with a databse for each site. Future improvements will allow for HA and scalable clustered RDBMSs.mariadb
also gets a PersistentVolume
and Secret
objects.StatefulSet
objects in Kubernetes is currently a manual process, meaning we have to execute MySQL commands in the mariadb
pod to add new databases and users.Redis
redis
PHP extension and include a Redis Deployment
.Ingress/Kube Lego
nginx
Ingress
controller. See Kubernetes documentation regarding Ingress
in the official docs and on GitHub.Ingress
via free Let's Encrypt certificates good for all domains on your cluster. Better yet, certificate issuance is handled automatically with the awesome cert-manager.See Installation and Usage for instructions on getting up and running.
kubernetes.io/ingress.global-static-ip-name: "wpclust-ingress"
Visit USAGE.md.
This project was inspired by the official Kubernetes WordPress + MySQL sample and builds on it with the various other official Docker images and Kubernetes applications mentioned previously.