0

I'm working on a project that utilizes WordPress' admin front end to manage data, and a Laravel API that accesses the WP database (via Corcel) to return JSON/HTML/whatever.

I'd like to run these as separate apps within the same Elastic Beanstalk environment, connecting to the common RDS instance which sits outside of EB.

There are no problems at all getting the WP and Laravel apps up and running separately - following the AWS tutorials, I can get WP installed no problem, and I can get Laravel installed and the migrations to run.

I'm just struggling to figure out the "correct" way to hook them up to the common RDS instance I've already created. I can't seem to get the WordPress install to talk to RDS if I set up Laravel first, and vice versa. I've researched and tinkered with Security Groups but just can't get them to co-exist.

Without getting into the micro details, is what I've described workable, or is it crazy at a basic level? Should I just drop the idea of running them as separate apps and just have them running together? If anyone has a suggestion on a better/best approach to what I'm trying to do, I'd be extremely grateful.

Improve this question

2 Answers 2

Reset to default
0

Check your route tables. Most likely there is a route from the Elastic Beanstalk subnets to the RDS subnets missing. From an infrastructure point of view this setup seems pretty standard. For further debugging I would recommend to ssh to the WP instance and check with ping and MySQL client if the root cause is networking (Security Groups, route tables, NACLs) or something else for example authentication to RDS.

Improve this answer
1
  • Thank you for the advice and confirming this is a pretty standard setup. I think you're 100% right as I was having trouble getting the WP instance to talk to RDS after SSH'ing in. I ended up scrapping the whole thing and starting again from scratch. Some careful attention to SGs and DB config along the way got me some success in the end, I now have end-to-end working. cheers
    – Adam Crampton
    Commented May 31, 2019 at 6:09
0

For testing. Create security group and add to this SG your EC2 and RDS instances. Add a inbound rule to this SG: Protocol type:All Protocol number:All Ports: All Source IP: The ID of this security group It enables associated instances to communicate with each other.

Improve this answer
2
  • That's a pretty expansive bypass rule you're proposing there - sorta the opposite of Least Privilege firewalling! Maybe there's a smaller exposure possible with a more directed set of rules?
    – TristanK
    Commented May 28, 2019 at 22:40
  • @TristanK I took that rule from aws doc. That suggestion is to verify that everything works. I mean apps work with rds instance. So there is SG issue and have to see into SG rules. Need to carefully make SG rules.
    – Passatizhi
    Commented May 29, 2019 at 2:34

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .