WordPress Migration to OCI: Installing MariaDB and NGINX for WordPress

I will cover how to migrate the data first as it is the essential component to get WordPress site going. In my previous blog post, I covered how to backup data, so please refer to it to back up the existing WordPress data.

Install MariaDB

MariaDB is a forked database engine from MySQL. As far as I remember, it has 100% compatibility with MySQL and it’s completely free.

SSH into the host you provisioned.

$ ssh opc@[IP address for the host]

Install MariaDB on the host.

$ sudo yum install mariadb-server

Start the database server.

$ sudo systemctl start mariadb

Make sure that the service starts on OS start up.

$ sudo systemctl enable mariadb

Start the initial configuration process.

$ sudo mysql_secure_installation

The command above will ask the following questions.

  • Enter current password for root (enter for none): -> Simply hit enter here.
  • Set root password? [Y/n] –> Y
  • New password: –> New password for root credential of MariaDB.
  • Re-enter new password: –> Repeat.
  • Remove anonymous users? [Y/n] –>Y
  • Disallow root login remotely? [Y/n] –> Y or n depending on your need but Y is securer.
  • Remove test database and access to it? [Y/n] –> Y
  • Reload privilege tables now? [Y/n] –>Y

Your MariaDB is now more secured and ready for you to use.

Install NGINX (web server)

I am choosing NGINX for web server to serve the WordPress pages. Follow the steps below to install and configure NGINX.

First, create nginx.repo file under /etc/yum.repo.d/

$ sudo vi /etc/yum.repo.d/nginx.repo

Paste the following text.

[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/mainline/centos/7/$basearch/
gpgcheck=0
enabled=1

Save the file and exit.

:wq

Back in the command line, install the latest NGINX.

$ sudo yum -y install nginx

Start NGINX.

$ sudo systemctl start nginx

Make sure NGIX survives the restart.

$ sudo systemctl enable nginx

Make sure the host can accept incoming traffic to HTTP and HTTPS.

$ sudo firewall-cmd --add-service=http --permanent --zone=public
$ sudo firewall-cmd --add-service=https --permanent --zone=public
sudo firewall-cmd --reload

If you browse to http://[Your public IP address], you will see welcome screen from NGINX.

Recap

I am planning to cover how to restore data in MariaDB and configure it in the next blog. More to come!

WordPress Migration to OCI: Opening Ports

When you provision an instance (host) on OCI, a public IP address is assigned.

I have already covered how to open ports on OCI in my previous post.

https://hayato-iriumi.net/2020/02/02/open-http-traffic-on-oracle-cloud-infrastructure/

Next time, I will cover how to install the necessary software on the newly provisioned instance.

WordPress Migration to OCI: Create a Host and Configure

We will need an instance to host the WordPress blog. Here are the steps.

Create a Host (Instance)

Login to Oracle Cloud Infrastructure. You already should have an account with OCI.

Click the menu at the left corner and Compute -> Instances.

Click Create Instance button.

Do the following in the next screen.

  1. Give the instance a name.
  2. Click Change Image button and select CentOS 7.6.
  3. Select AD3 in Availability Domain.
  4. Click Change Shape button and select VM Standard E2.1 Micro. This is a free tier available in OCI.

Paste the content of your public key located at ~/.ssh/id_rsa.pub to the SSH Keys textbox.

Finally click Create button at the bottom.

After a while, the instance is created and available for you to SSH into it. Let’s SSH!

Update the Base CentOS 7

Check the assigned public IP address for the host in the detail page of the instance you just provisioned.

Open Terminal and enter the following command.

$ ssh opc@[your public IP address]

And then install epel-release repository.

$ sudo yum install epel-release

Now update the packages.

$ sudo yum upgrade

Recap

We went over how to provision an instance (host) on OCI and SSH into it in the free tier. We will cover how to add things to the provisioned host next time.

WordPress Migration to OCI: Backing Up Data

There are many steps in migrating WordPress blog to another host. In this first attempt, I am going to cover backing up data.

Backup Database

In many web site hosts, phpMyAdmin is available to manage database such as MySQL or Maria DB.

Open the phpMyAdmin UI and click on the WordPress database, and then click Export.

Click Custom – display all possible options and Add CREATE DATABASE /USE statement. And then click Go button.

The browser automatically downloads the SQL file to your local machine. Keep the file for later use.

Backup WordPress Files

Use FTP or (preferably) SFTP to download all the WordPress files to. your local machine so that you can upload them to your new host.

I recommend that you use software like FileZilla. Your website host might have a way for you to compress the files and let you download them. It really doesn’t matter which method you use to get all the WordPress files.

Keep the files for later use.

Recap

The next blog article will be about provisioning OCI host.

Planning of WordPress Migration to OCI’s Free Tier

At the time of writing this blog, I am planning to migrate this blog from ipage.com to OCI’s free tier. Here is the list of what I’m planning.

  1. Backing up database.
  2. Backing up WordPress files.
  3. Install CentOS 7 on OCI and update.
  4. Configure CentOS 7 to accept 80 and 443 inbound traffic.
  5. Install Maria DB on it.
  6. Install NGINX.
  7. Install myPHPAdmin and get it to work with Maria DB.
  8. Restore data to the Maria DB database.
  9. Create user for WordPress in Maria DB and give it privileges.
  10. Upload the backed up WordPress files.
  11. Configure wp-config.php.
  12. Configure SSL in NGINX.
  13. Configure NGINX to redirect HTTP (port 80) to HTTPS (port 443).
  14. Change DNS configuration in ipage.com to route the traffic to the OCI instance.

I decided to go for NGINX because I feel it is a superior web service/reverse proxy. I will write more about the migration as I go through every single step.

How to Filter and Format OCI CLI Data

All commands of OCI CLI return JSON data. It’s nice but it’s kind of hard to read. Let’s see how we can format it just for readability.

We are going to choose oci compute image list command in this example.

$ oci compute image list --compartment-id $T

Make sure you have $T set to your tenancy OCID. As a result of the command, you will see data like the following.

{
"data": [
{
"agent-features": null,
"base-image-id": null,
"compartment-id": null,
"create-image-allowed": true,
"defined-tags": {},
"display-name": "Windows-Server-2016-Standard-Edition-VM-Gen2-2020.01.14-0",
"freeform-tags": {},
"id": "ocid1.image.oc1.iad.aaaaaaaauwpipy7yex62fvqix7a7ipdzdhc6pdz57vkowvc4jhkfrazm6bwa",
"launch-mode": "NATIVE",
"launch-options": {
"boot-volume-type": "PARAVIRTUALIZED",
"firmware": "UEFI_64",
"is-consistent-volume-naming-enabled": false,
"is-pv-encryption-in-transit-enabled": true,
"network-type": "VFIO",
"remote-data-volume-type": "PARAVIRTUALIZED"
},
"lifecycle-state": "AVAILABLE",
"operating-system": "Windows",
"operating-system-version": "Server 2016 Standard",
"size-in-mbs": 262144,
"time-created": "2020-01-15T00:08:30.361000+00:00"
},
SNIP

I’m going to just extract display-name and operationg-system as a table formatted data.

oci compute image list --compartment-id $T --query "data[*]".{"name:\"display-name\",os:\"operating-system\""} --output table

Here is the output.

Let’s do a basic filtering of the data. We will list only the images where the operating-system is Oracle Linux.

oci compute image list --compartment-id $T --query "data[?\"operating-system\"=='Oracle Linux']".{"name:\"display-name\",os:\"operating-system\""} --output table

The filtering looks kind of cryptic because of the dash in the JSON data key. Output looks like the image below.

It’s quite useful to be able to filter the data and also format it in a better looking table format.

I hope this helps someone out there because I struggled with the –query part of this effort because of the dashed JSON data key.

How to Install Oracle Cloud CLI Tool

I’m getting really into OCI (Oracle Cloud Infrastructure) CLI (Command Line Interface). It’s really cool to be able query and manipulate the Oracle Cloud Infrastructure resources. First, let’s see how we can install it.

Installation

Copy the following command and paste it in your terminal.

$ bash -c "$(curl -L https://raw.githubusercontent.com/oracle/oci-cli/master/scripts/install/install.sh)"

Pretty much all default values will do when prompted to enter information and the install is complete when you execute the next command.

$ source ~/.bashrc # ~/.bash_profile if macOS.

Depending on your environment, have your shell read the correct source.

Configuration

Enter the following command to start to configure.

$ oci setup config

You will be prompted to choose where you want to store the configuration file for OCI CLI. I usually leave it at the default location, so simply hit enter (return) here.

Enter a location for your config [/home/amaterasu48/.oci/config]:

Now you will be prompted to enter user OCID. First login to OCI UI and click the Profile menu icon. And then select User Settings. By the way, OCID is resource identifier throughout Oracle Cloud Infrastructure. For more details, please refer to this documentation.

Then copy your OCID to your clipboard by clicking Copy link.

Back in your terminal, paste the copied user OCID and then hit enter.

Enter a user OCID: [Paste your user OCID here]

Next, you will be prompted to enter tenancy ID. Tenancy is equivalent to account. Click Profile -> Tenancy: [your tenancy name]

Now click Copy link to copy the Tenancy OCID.

Back in your terminal, paste the copied Tenancy OCID and then hit enter.

Enter a tenancy OCID: [Paste your tenancy OCID here]

Now you will be asked to enter the default region. All the available regions are listed in the prompt. I am entering us-ashburn-1 as my default region.

Enter a region (e.g. ap-melbourne-1, ap-mumbai-1, ap-osaka-1, ap-seoul-1, ap-sydney-1, ap-tokyo-1, ca-toronto-1, eu-amsterdam-1, eu-frankfurt-1, eu-zurich-1, me-jeddah-1, sa-saopaulo-1, uk-gov-london-1, uk-london-1, us-ashburn-1, us-gov-ashburn-1, us-gov-chicago-1, us-gov-phoenix-1, us-langley-1, us-luke-1, us-phoenix-1): us-ashburn-1

Now you will be prompted to generate private and public key pair. Enter Y to proceed.

Do you want to generate a new RSA key pair? (If you decline you will be asked to supply the path to an existing key.) [Y/n]: Y

The key files will be generated to ~/.oci directory. You have a chance to change the directory where you generate them but I would leave it to the default location. Simply hit enter here.

Enter a directory for your keys to be created [/home/amaterasu48/.oci]:

You are not prompted to enter a name for the key. I would just leave it as default. Hit enter.

Enter a name for your key [oci_api_key]:

Next, you will be asked to enter a passphrase for the private key. This is optional, so it’s up to you whether you enter a passphrase or not. I’m leaving it blank in this example.

Enter a passphrase for your private key (empty for no passphrase):

Copy the public key to your clipboard.

$ cat ~/.oci/oci_api_key_public.pem

Back in Oracle Cloud Infrastructure UI, navigate to User Settings.

Click Add Public Key button.

Click PASTE PUBLIC KEYS, paste the copied public key from ~/.oci/oci_api_key_public.pem in the PUBLIC KEY text area and finally click Add button.

Back in your terminal, execute the following lines to check if your OCI CLI can actually talk to Oracle Cloud Infrastructure.

$ T=[your Tenancy OCID here]
$ oci compute image list --compartment-id $T

If it’s successful, you would get a list of available images for you to spin up instances (VM hosts) in JSON data.

It’s actually pretty fun to explore Oracle Cloud Infrastructure using CLI tool. You can find references here on Oracle’s official documentation site.

Correction

I need to correct the networking part of my WordPress site hosted on OCI. Looks like I had a public IP address assigned to an instance I intended to use it as a WordPress server and allowed HTTP traffic to the instance directly. That’s not really what I want to do. As I’m learning Oracle Cloud Infrastructure more, I see some parts I blogged was wrong.

What I want to do is to have a NAT gateway that routes traffic to the private IP address assigned to the instance (host). I’m going to redo the networking part from scratch in the next days.

Open HTTP Traffic on Oracle Cloud Infrastructure

Open http and https Traffic

The host definitely needs to accept http and/or https traffic. I’m going to just add both http and https for now. SSH to the host and run the following commands as root.

firewall-cmd --add-service=http --zone=public --permanent
firewall-cmd --add-service=https --zone=public --permanent
firewall-cmd --reload

Install and Configure NGINX

As I wrote in my previous post, I’m planning to use NGINX as a reverse proxy. If you need to know what reverse proxy is, please read this article. Let’s install it!

$ sudo yum -y install nginx

We will start it and enable it so that it will survive reboots.

$ sudo systemctl start nginx
$ sudo systemctl enable nginx

If you run curl,  you can check if the service is actually up and running locally.

$ curl http://localhost

If you try to access NGINX from your desktop, however, it cannot be reached. That’s because your VCN (Virtual Cloud Network) doesn’t know how to route the traffic from outside to the internal resources within OCI. I will write up how to route TCP 80 traffic to the internal resources in OCI.

Open Menu -> Networking -> Virtual Cloud Networks.

Select the VCN that’s already there by clicking the link.

Click Security Lists under Resources section and select the security list that already exists.

Under Ingress Rules, click Add Ingress Rules button.

Enter 0.0.0.0/0 in SOURCE CIDR. Select TCP as IP PROTOCOL. Enter 80 in DESTINATION PORT RANGE. Finally, enter text like “HTTP traffic” in DESCRIPTION. It’s optional but it’s good to note what your intention was when you created this Ingress Rule.

Now when you try to hit the public IP address of the instance, you can now see the test page for NGINX.

Recap

We have learned to spin up an instance of Oracle Linux and to allow traffic from outside to the resource. We will keep trying. 🙂

Planning for Dockerized WordPress

The home project I’ve been working on is to migrate this blog site hosted on ipage.com to Oracle Cloud Infrastructure. On my way to it, I’m also dockerize it.

Before I start a WordPress container, I should think about how I’m going to host the dockerized WordPress. In other words, I need to think about the architecture. Here is what I’m thinking.

I’m going to list the things I will work on.

  • Open ports 80 and 443. Possibly just open http and https in firewalld.
  • Install NGINX, start and enable it.
  • Install Docker Compose.
  • Create docker compose file and start WordPress.
  • Open port 80 to the instance on OCI side.
  • Map Docker 80 to 80 just to test it.
  • Create SSL certificate using https://www.sslforfree.com/
  • Implement SSL on NGINX
  • Route port 443 traffic to NGINX to port 80 of the WordPress container. Make sure it works.
  • Migrate the data.
  • Change DNS to point the IP address hosted on OCI.

There is still quite a bit of way to go but it’s going to be fun.