Improving WordPress Development and Deployments with Docker

IMPROVING WORDPRESS DEVELOPMENT AND
DEPLOYMENTS WITH DOCKER AND CI/CD
Brett G. Palmer
Twitter: @brettgpalmer
LinkedIn: brettgpalmer

Career Background
• Independent Software Developer & Entrepreneur
• Promoting open source and technology
• Currently: Contractor for State of Utah - DTS/DWS
• Helping Migrate to Open Source Eligibility System
• WordPress Development last 7 years
• Organizer for SLC DevOps Days and DevOpsUT Meetup
3

Development Interests
• Enterprise Java Development - Spring Cloud
• Mobile Development
• Ionic Mobile Framework
• Chatbots for Alexa, Google Home, FB Messenger
• WordPress REST API integration
• WordPress Hosting and Deployments
4

Current Tech Interests
• Entrepreneur helping small businesses
• Mobile business apps
• Website hosting
• Software Recruiter
• Helping developers gain their independence
• Development training
• Programming, DevOps, Testing
5

WordPress Security Concerns
• Sucuri 2018 Reports
• 90% CMS sites were WordPress
• Under 5% for Magento, Joomla, Drupal, etc
• Enterprises avoid adopting WordPress
• Frequently affects small businesses
9

Common Reasons for Hacks
• Outdated WordPress Installs
• Unprotected Access to WordPress Admin
• Insecure/outdated plugins or themes
• Incorrect File Permissions
10

WordPress Deployment Errors
• Manual steps from testing to production
• Frequent errors with deployments
• “Works on my machine” syndrome
11

Docker Containers Intro
• Standard unit of software
• Packages code and dependencies together
• Minimal amount necessary to run
• Run quickly and reliably
• Containers are ephemeral (disposable)
• Pets vs Cattle

Improving WordPress Development and Deployments with Docker

How Containers Can Help
• WordPress updates are easier and more frequent
• Consistent deployments to Dev, Test, and Prod
• Lock down plugins and themes
• Containers are ephemeral (short lasting) - any changes
to running container are temporary.
16

Stateless Containers
for WordPress
Approach

The Approach
• Create consistent WordPress environment
• Dev, Test, and Prod
• Started 2 years ago and evolved as needed
• Many ways to solve the same problem
• More WP containers available today
18

Technologies Used
• Docker: creates WordPress containers
• Docker Compose: integrates dependent services
• Nginx: Reverse proxy and TLS/SSL certificates hosting
• WordPress Site Container (Primary)
• WP Offload Media Light Amazon S3 and Cloudfront
• MySQL Database
• PhpMyAdmin container (development only)
• Kubernetes (future deployments)
19

Solution: Three Containers
• WordPress Base Container
• WordPress CLI Container
• Nginx container
• WordPress Site Container (Primary)
20

Layered Diagram Here
Php:fpm Image
wp-base
wp-cli
wp-nginx
wp-site
Each layer inherits
from the image above
Primary container
Smaller layers == faster
deployments

WordPress Base Container
• Depends on php:fpm (FastCGI Process Manage)
• Installs PHP extensions and makes php settings
• Downloads WordPress version (e.g. 5.2.x)
• Unpacks WordPress and sets file permission
• Sets up Docker env variables
• WORDPRESS_DB_NAME, USER, PASSWORD, HOST
• WP_DEBUG settings
22

Dockerfile: Base Container
ENV WORDPRESS_VERSION 5.2.3
ENV WORDPRESS_SHA1 5efd37148788f3b14b295b2a9bf48a1a467aa303
# upstream tarballs include ./wordpress/ so this gives us /usr/src/wordpress
RUN curl -o wordpress.tar.gz -SL https://wordpress.org/wordpress-$
{WORDPRESS_VERSION}.tar.gz
&& echo "$WORDPRESS_SHA1 *wordpress.tar.gz" | sha1sum -c -
&& tar -xzf wordpress.tar.gz -C /usr/src/
&& rm wordpress.tar.gz
&& chown -R www-data:www-data /usr/src/wordpress
# extract wordpress on build
RUN tar cf - --one-file-system -C /usr/src/wordpress . | tar xf -
23

WordPress CLI Container
• Depends on WordPress base container
• Downloads current wpcli tool
• Sets file permissions for utility
24

WordPress Nginx Container
• Depends on wp-stateless-cli image
• Downloads nginx libraries
• Sets configurations for nginx
• Sets permissions to run nginx
25

Dockerfile: Nginx Container
# install nginx
RUN apt-get update && apt-get install -y nginx && rm -rf /var/lib/apt/lists/*
#########################################################################
#####################
# NGINX SETUP
#########################################################################
#####################
RUN rm -r /etc/nginx/sites-enabled/*
ADD default.conf /etc/nginx/sites-enabled/default.conf
ADD wordpress.conf /etc/nginx/global/wordpress.conf
ADD restrictions.conf /etc/nginx/global/restrictions.conf
26

WordPress Site Container
• Depends on wp-stateless-nginx image
• Sets memory, upload_max_filesize, etc
• Adds default and custom plugins to image
• Adds custom theme to image
27

Dockerfile: Site Container
RUN /plugins.sh /plugins/base
RUN /plugins.sh /plugins/security
# Delete Plugins script and plugin installation folder
RUN rm /plugins.sh && rm /plugins -r
# ADD OWN CUSTOM PLUGINS
ADD ./plugins/my-plugin /var/www/html/wp-content/plugins/my-plugin
##############################################################################################
# WORDPRESS Divid Theme Setup
##############################################################################################
COPY ./themes/Divi.zip /var/www/html/wp-content/themes
RUN unzip /var/www/html/wp-content/themes/Divi.zip -d /var/www/html/wp-content/themes
&& chown -R www-data:www-data /var/www/html/wp-content/themes
&& rm /var/www/html/wp-content/themes/Divi.zip
28

Developer Process
• Works with local wp-stateless-site repo
• Mounts local volume for development
• my-plugin directory
• my-theme directory
• Tests locally
• Commits changes into develop branch
• Push changes to remote Git server
29

Build Process
• Jenkins polls for repo changes
• Runs the build for wp-stateless-site
• Adds plugins
• Adds themes
• Pushes images to docker hub
• Pipeline runs script to deploy to test environment
• Runs automated selenium tests
30

Continuous
Integration/
Delivery/
Deployment

CI/CD Definitions
• Continuous Integration:
• Executes Build
• Runs unit and integration tests
• Continuous Delivery
• Insure software ready for deployment
• Tags artifacts
• Pushes to artifact repository (e.g. docker hub)
• Continuous Deployment (after all tests pass)
• Automated deployment of software to production
35

Continuous Integration and Continuous Delivery

Deployment Pipeline
• Jenkins polls for repo changes
• Runs the build for wp-stateless-site
• Adds plugins
• Adds themes
• Pushes images to docker hub
• Pipeline runs script to deploy to test environment
• Runs automated selenium tests
37

Blue/Green Deployments
• Blue environment is live
• Push new deployment to Green env
• Test Green environment
• Deployment verified switch to Green
• No downtime for customers

Blue/Green Deployment with No Downtime

Stateless Vs Traditional
1. Image is ephemeral/immutable
(doesn’t change)
2. Software is built and deployed
3. All environments have exactly
same software
4. Production is not a testing
environment
42
1. Setup repeated for each
environment
2. Differences between
environments
3. Production is a testing
environment
Stateless WP Traditional WP

WordPress Development Evolution
• WordPress Headless CMS
• Gutenberg Blocks
• ReactJS
• More integration requires standardized
build and deployments

Database Persistence
• Containers should be ephemeral
• Databases are persistent and changing
• Docker volumes can work
• Recommended: Use DB services outside
of containers

Containers: Pros and Cons
• Pros
• Docker can improve WordPress Development and
Deployments
• Docker can help improve security
• Cons
• Lose some production flexibility
• Solution is not trivial

References
• WordPress Security Concerns
• https://sucuri.net/reports/2018-hacked-website-report/
• Docker Images
• https://cloud.docker.com/u/brettgpalmer/repository/
list
• Original Idea from Michael Haessig (2017)
• https://github.com/michaelhaessig/wordpress-
stateless

Technology References
• Jenkins CI
• https://hub.docker.com/_/jenkins/
• https://jenkins.io/
• CircleCI: https://circleci.com
• Travis CI: https://travis-ci.com/

Technology References
• Docker/Docker Compose
• Kubernetes: https://kubernetes.io/docs/
home/
• php-fpm: https://php-fpm.org/
• Book: Continuous Delivery by Jez Humble &
David Farley

CONTACT INFO
Brett G. Palmer
Email: bpalmer@palmersoftware.com
Twitter: @brettgpalmer
LinkedIn: brettgpalmer
• Meetups: DevOpsUT, Ionic, Tech Startups
• Skiing Favorites: Solitude, Snowbird,
anywhere
• Downtown SLC (M-Th) or Utah County

Improving WordPress Development and Deployments with Docker

More Related Content

What's hot (20)

Similar to Improving WordPress Development and Deployments with Docker (20)

Recently uploaded (20)

Improving WordPress Development and Deployments with Docker