This guide walks through deploying a WordPress application on an OpenShift cluster using built-in templates, ConfigMaps, routes with self-signed TLS, and basic WordPress. It is designed for hands-on learning and local or lab environments such as CRC.
- Architecture Diagram
- Create Project
- Deploy MySQL Using Template
- Create WordPress ConfigMap
- Deploy WordPress Application
- Configure WordPress Environment Variables
- Expose Application with Self-Signed TLS Route
- Reset WordPress Admin Password via WP-CLI
- Screenshots
Create and switch to a dedicated OpenShift project for the WordPress deployment.
oc login -u developer
oc new-project wp-projectUse the built-in mysql-persistent template to deploy a MySQL database backend for WordPress.
oc new-app --template mysql-persistent \
-p MYSQL_USER=wp_user -p MYSQL_PASSWORD="password" \
-p MYSQL_ROOT_PASSWORD="password" -p MYSQL_DATABASE=wp_db \
--as-deployment-config --dry-run=client -oyaml > mysql-deployment.yaml
# apply to openshift
oc apply -f mysql-deployment.yamlCreate a ConfigMap to store database connection details used by the WordPress application.
oc create cm wp-config --from-literal host=mysql \
--from-literal name=wp_db --from-literal user=root \
--from-literal password="password" --dry-run=client -oyaml > wp-configmap.yaml
# apply to openshift
oc apply -f wp-configmapDeploy the WordPress application using the Bitnami WordPress container image.
oc new-app --name wp-app --image docker.io/bitnami/wordpress \
--dry-run=client -oyaml > wp-deployment.yaml
# apply to openshift
oc apply -f wp-deployment.yamlInject database configuration into the WordPress deployment using environment variables sourced from the ConfigMap.
# set the configuratino to the worpdress deployment wp-app
oc set env deployment wp-app --prefix WORDPRESS_DATABASE_ --from configmap/wp-config
# check the list of environment
oc set env deploy/wp-app --listCreate a self-signed certificate and expose the WordPress service securely using an OpenShift edge route.
# create the certificates
openssl genrsa -out myCA.key 2048
# on the popup set the hostname --> your current hostname vm
openssl req -x509 -new -nodes \
-key myCA.key -sha256 -days 3650 -out myCA.pem
# create the tls key with sigining request
openssl genrsa -out tls.key 2048
openssl req -new -key tls.key -out tls.csr
# create the certificate tls.crt
openssl x509 -req -in tls.csr \
-CA myCA.pem -CAkey myCA.key \
-CAcreateserial -out tls.crt -days 3650 -sha256
# create ssl route for the app
oc create route edge wp-endpoint \
--service wp-app \
--cert tls.crt --key tls.key \
--hostname wp-wp-project.apps-crc.testingAccess the WordPress pod and reset the admin password using WP-CLI.
oc rsh pod/wp-app-xxxxx
wp user list
wp user update admin --user_pass=password
