Turnkey AWS with Paco

Waterbear Cloud was started with the vision of making cloud management more modular. We wanted to be able to re-use the code we wrote as cloud consultants between multiple projects. We dreamed of having complete turnkey AWS solutions that we could use as starting points for creating new Infrastructure as Code projects. That dream turned into an open source tool that we named Paco.

Today we are starting a new blog post series we’re calling Turnkey AWS with Paco. In this series we’ll show you how to use Paco to create different turnkey AWS solutions with Paco’s templated starter project feature.

Prescribed Automation for Cloud Orchestration

Paco is an acronym for Prescribed Automation for Cloud Orchestration. Paco is in the class of Infrastructure as Code tools, also sometimes called cloud orchestration. This type of tool automates the creation and configuration of cloud resources. Rather than manually creating cloud infrastructure and configuring it, code drives all of this activity by calling APIs.

We saw that much of the automation and configuration for cloud projects is repetitive — we built Paco to include these repetitive features directly in the tool. This enables you to create complete Infrastructure as Code projects without writing any code.

The Paco starter projects feature asks you some basic questions about your project and creates you a complete ready-to-run Paco project. What may have taken you weeks or months to build using lower level Infrastructure as Code tooling can now be created in minutes.

Turnkey WordPress on AWS with Paco

For this first turnkey solution, we’ll show you a simple Paco starter project: a budget-conscious, single-tier WordPress server.

When architecting a WordPress solution on AWS, you can have either single-tier or multi-tier. With single-tier you run everything, including the MySQL database, on one EC2 instance. With multi-tier there will be a load balancer, one or more web servers, and a database server. While the single-tier solution is cheaper to run, multi-tier benefits from increased reliability and can handle higher traffic loads. Today we’ll show you the more simple single-tier solution.

To try this solution yourself, you will follow five steps:

Install Paco. Create a Paco project with a single-tier WordPress starter project. Connect your new Paco project to your AWS account. Provision a WordPress environment in your AWS account. Access your new WordPress server.

After your WordPress is running, we will give you a tour of the AWS resources Paco has created and show you further customizations you can do with Paco.

1. Install Paco

Start at the Paco web site and follow the Paco Installation docs to install the Paco command-line interface.

Hint: if you already have Python 3.6+ or higher installed, you can run pip install paco-cloud to install Paco.

2. Create a Paco project using the WordPress-single-tier starter project

With Paco installed, you will run the paco init project <project-name> command to create a new Paco project. Paco projects are a collection of YAML files that declare your cloud resources. You can create a Paco project from scratch, but the paco init project command will get you up-and-running much quicker with a ready-to-go projects.

Run paco init project wp-paco and answer the following prompts. This will create a new directory in your current working named wp-paco . You will need to know your AWS account id and root email for the last two prompts:

$ paco init project wp-paco Paco project initialization

---------------------------

About to create a new Paco project directory at /Users/username/wp-paco Choose a starter project template: 1: simple-web-app

A minimal skeleton with a simple web application.

2: wordpress-single-tier

A single-tier WordPress application.

3: managed-webapp-cicd

A managed web application with CI/CD and dev/staging/prod environments.

4: s3lambda

An S3 Bucket that notifies a Lambda which replicates additions/deletions to S3 Bucket(s) in other regions. Enter a number or name: 2

Project title - Long description for this Paco project:

WordPress Test NetworkEnvironment name - short alphanumeric string used to name cloud resources:

wnet NetworkEnvironment title - Long description for a NetworkEnvironment:

WordPress Network Application name - short alphanumeric string used to name cloud resources:

site Application title -Long description for this application:

Wordpress Site AWS Region name - e.g. us-west-2, us-east-1 or ca-central-1:

us-west-2 AWS account id this project will connect to:

<your-aws-account-id> Root email for the AWS account to connect to:

<your-aws-root-email>

After you’ve finished, you will have a wp-paco directory that looks like this:

Your Paco project created from the wordpress-single-tier starter project

3. Connecting Paco to your AWS Account

The next step is to connect your new Paco project to your AWS account. Back on the Paco docs site, follow the Getting Started with Paco instructions to create an IAM User and Role and then run paco init credentials to connect your newly created Paco project to your AWS account.

4. Prepare a SSH keypair and get the Bitnami Ami Id from AWS Marketplace

You are almost ready to provision your WordPress network and server. First though, you will need to create an EC2 SSH keypair. Run the paco provision command to create an EC2 kepair:

paco provision resource.ec2.keypairs

Copy the PEM file output on your terminal, starting at the BEGIN RSA PRIVATE KEY line up to the END RSA PRIVATE KEY and create a new file from it. You can use this PEM file to SSH to your new server:

EC2 Service: keypairs: pacokeypair: Key pair created successfully.

pacokeypair: Account: master

pacokeypair: Region: ca-central-1

pacokeypair: Fingerprint: 47:a1:5c:90:60:e0:d5:25:8e

pacokeypair: Key:

-----BEGIN RSA PRIVATE KEY-----

MIIEogIBA...<keypair-encoded here>...T3yWZJcsD42/JGEFw=

-----END RSA PRIVATE KEY-----

If you already have an EC2 keypair that you want to use, you could instead edit resource/ec2.yaml file in your Paco project and enter the name of your EC2 keypair:

keypairs:

pacokeypair:

keypair_name: “<your-ec2-keypair-name>”

Visit the AWS Marketplace and subscribe to the WordPress Certified by Bitnami and Automattic product. This is a free subscription — you will only be charged for your normal AWS EC2 instance costs.

Click on “Continue to Subscribe” then “Continue to Configuration”, and on the configuration page select the same AWS Region you entered when you created your Paco project. Choose US West (Oregon) if you followed this blog post example and entered us-west-2. Copy the Ami Id shown.