Kubernetes: WordPress on GKE using Cloud SQL

Create MySQL database


Choose MySQL.

Choose an Instance ID and Root password. Click Create.

Click on the USERS tab. Click Create user account.

Insert wordpress as the User name and create a Password. Click CREATE.

Feel free to use openssl to create a password.

openssl rand -base64 32

Click the DATABASES tab. Click Create database.

Insert wordpress as the Database name. Click CREATE.

Create a Service Account

Create a service account that will be used by your application to talk to the CloudSQL instance.

APIs & Services > Credentials

Click Create credentials.

Select Service account key.

Choose JSON.

Select New service account. Select Cloud SQL > Cloud SQL Client Role. Click Create.

This will automatically download a JSON file service key to your computer. I renamed it credentials.json.

Create Secrets

Create cloudsql-instance-credentials

Create the Secret containing the Service Account which enables authentication to Cloud SQL.

kubectl -n itsmetommy create secret generic cloudsql-instance-credentials \

Create wordpress-db-credentials

Create the Secret needed for database access, using the user name and password for the user you created previously. You will also need the Instance connection name from the database you created earlier.

To view your Instance connection name, click the OVERVIEW tab on your database.

kubectl -n itsmetommy create secret generic wordpress-cloudsql-db-credentials \
--from-literal=username=wordpress \
--from-literal=password=[YOUR_PASSWORD] \


kubectl -n itsmetommy create secret generic wordpress-cloudsql-db-credentials \
--from-literal=username=wordpress \
--from-literal=password=ux9ftpLM6YSB8gnCB+LOomCqp+gPlnk63JJEzCEp1Uo= \


kubectl apply -f https://raw.githubusercontent.com/itsmetommy/kubernetes-cloudsql/master/cloudsql-mysql-statefulset.yaml

Optional LB option.

apiVersion: v1
kind: Service
namespace: itsmetommy
name: wordpress
app: wordpress
type: LoadBalancer
- port: 80
name: web
targetPort: 80
protocol: TCP
app: wordpress

Watch the pod being created.

kubectl get pods -n itsmetommy -w

Connect to wordpress

Create a port-forwarding connection.

kubectl port-forward pod/wordpress-0 3000:80 -n itsmetommy


kubectl port-forward statefulsets/wordpress 3000:80 -n itsmetommy

View in browser.

open http://localhost:3000

Clean up

kubectl delete -f https://raw.githubusercontent.com/itsmetommy/kubernetes-cloudsql/master/cloudsql-mysql-statefulset.yaml
kubectl delete secrets wordpress-cloudsql-db-credentials -n itsmetommy
kubectl delete secrets cloudsql-instance-credentials -n itsmetommy
gcloud sql instances delete wordpress-db-itsmetommy
gcloud iam service-accounts delete wordpress-db-access@xxxxx-xxxxx.iam.gserviceaccount.com