Deploy PrestaShop on Azure Kubernetes Service with Azure Database for MySQL

Introduction

Reliability is a top-of-mind concern for every e-commerce retailer. Unpredictable traffic can cause pages to load slowly, integrated systems to crash, and customer orders to be saved inconsistently or not at all. Success depends on having a system that is reliable, resistant to failure, and easy to monitor.

Sounds like a tall order? It is, but with the three components below, it's easier than ever to achieve (and it won't even requires days of effort to get it working).

  • Kubernetes provides built-in capabilities to monitor health and recover from process/node failure.

  • A cloud database provides enterprise-level security, compliance and performance, together with automated backups and point-in-time recovery.

  • Bitnami's Helm charts give you production-ready application deployments that are preconfigured according to current security best practices, while still allowing a high degree of customization.

In this article, I'll show you how to connect these three components and create a PrestaShop deployment using Azure Kubernetes Service (AKS), Azure Database for MySQL and Bitnami's PrestaShop Helm chart, which is part of the official Helm repository.

Assumptions and prerequisites

This guide assumes that:

Step 1: Provision and configure a new Azure Database for MySQL service instance

The first step is to create a new Azure Database for MySQL service, which will serve as the data storage engine for your PrestaShop instance. Follow the steps below:

Azure DB service
  • Click the "Add" button to add a new service.
  • On the server creation page, enter the following information:
    • Create a new resource group or select an existing one. In this example, the resource group is named aks-resource-group.
    • Enter a name for the service, together with an administrator username and password. This example uses prestashop-db as the service name.
    • Define the location for the service.
    • Set the MySQL version to "5.7".
    • Modify the default server configuration depending on your expected usage pattern.
Azure DB service creation* Click "Review + create" to proceed. * Review the details of the service and click "Create" to begin creating the service.

Your request will now be submitted for processing. It will take a few minutes for the service to become available, and you will receive a notification once complete.

Once the service is available:

  • Navigate to the list of resource groups and select the resource group assigned to the new database service.
  • Find and select the database service within the resource group.
  • In the left navigation pane, select the "Overview" tab.
  • Note the server name and administrator login name. You will need this in subsequent steps.
Azure DB service details
TipIn particular, note that the administrator login name is obtained by combining the administrator user name entered by you at deployment time with the database service name, in the format USERNAME@SERVICE-NAME.
Before proceeding to the next step, you must adjust the server's firewall configuration, which by default is configured to block incoming connections. You must also disable the default enforcement of SSL for database communication, as PrestaShop is known to have issues [connecting to databases over SSL](https://github.com/PrestaShop/PrestaShop/issues/10784).

Follow the steps below:

  • Navigate to the list of resource groups and select the resource group assigned to the new database service.

  • Find and select the database service within the resource group.

  • In the left navigation pane, select the "Connection security" tab.

  • On the "Connection security" page, make the following changes and click "Save" once done:

    • In the "Firewall rules" section, add a new firewall rule by entering the IP address or IP address range of the host(s) from which you will be initially connecting to the database.

      Tip

      If the host from which you will be initially connecting is the same as your current host, click the "Add client IP" button to automatically add a new firewall rule using your current IP address.

    • In the same section, set the value of "Allow access to Azure services" to "On". This will allow your PrestaShop deployment on AKS to communicate with the database service.

    • In the "SSL settings" section, set the value of "Enforce SSL connection" to "Disabled".

Azure DB service configuration

Step 2: Create a new database for PrestaShop

Once your database service is provisioned and configured, the next step is to connect to it and create an empty database for PrestaShop's use. Following security best practices, you should also create a separate database user account for PrestaShop with restricted privileges.

Follow the steps below:

  • Start the MySQL command-line client (CLI) and connect to the Azure Database for MySQL service. Replace the DB-HOST and DB-USER placeholders with the server name and administrator login name obtained in Step 1 and enter the password entered at deployment-time when prompted.

    mysql -h DB-HOST -u DB-USER -p
    
  • Create a new database for PrestaShop named prestashop:

    CREATE DATABASE prestashop;
    
  • Create a new user account named prestashop_user with full privileges to only the new PrestaShop database. Replace the PRESTASHOP-DB-PASSWORD placeholder with a unique password for the account. Note these values carefully, as you will require them in Step 6.

    GRANT ALL ON prestashop.* TO 'prestashop_user'@'%' IDENTIFIED BY 'PRESTASHOP-DB-PASSWORD';
    
  • Exit the MySQL command-line client.

    exit
    

Your database is now ready for use by PrestaShop.

Step 3: Provision a new Azure Kubernetes Service cluster

The next step is to provision a new Kubernetes cluster using the Azure Kubernetes Service (AKS) and the Microsoft Azure CLI. Follow these steps:

  • Log in to Microsoft Azure from the server console:

    az login
    

    If you have multiple subscriptions, you can optionally set the subscription you wish to use in the SUBSCRIPTION-NAME placeholder.

    az account set --subscription "SUBSCRIPTION-NAME"
    
  • Create a cluster within the same resource group as your Azure Database for MySQL service. The cluster creation process can take up to 20 minutes.

    az aks create --name aks-cluster --resource-group aks-resource-group --node-count 3 --generate-ssh-keys
    

    In this example, the cluster is named aks-cluster and is provisioned within the aks-resource-group created in Step 1. If you choose different names, update the previous and subsequent commands to use the correct information.

  • If you don't already have it, use the command below to install kubectl, the Kubernetes command-line interface:

    sudo az aks install-cli
    
  • Configure kubectl to use the credentials for the new AKS cluster:

    az aks get-credentials --name aks-cluster --resource-group aks-resource-group
    

Step 4: Install Helm

Next, install and configure Helm, which you will need to deploy applications on your cluster.

curl https://raw.githubusercontent.com/kubernetes/helm/master/scripts/get > get_helm.sh
chmod 700 get_helm.sh
./get_helm.sh
Tip

If you are using OS X, you can install Helm with the brew install command: brew install kubernetes-helm.

By default, the previous command will install Helm v3.x. If you're using Helm v2.x, you will need to also install and configure Tiller, as follows:

  • Create a ServiceAccount and associate it with the predefined cluster-admin role, use a ClusterRoleBinding, as below:

    kubectl create serviceaccount -n kube-system tiller
    kubectl create clusterrolebinding tiller-cluster-rule --clusterrole=cluster-admin --serviceaccount=kube-system:tiller
    
  • Initialize Helm as shown below:

    helm init --service-account tiller
    

    If you have previously initialized Helm, execute the following command to upgrade it:

    helm init --upgrade --service-account tiller
    

Step 5: Install the NGINX Ingress controller

The next step is to install the NGINX Ingress controller, which will be used to route incoming requests to your PrestaShop deployment. The easiest way to get this running on any platform is with the stable Helm chart.

helm install --name ingress stable/nginx-ingress

Once the controller is created and running, you can access the NGINX server through the load balancer's IP address. To obtain this IP address, use the command below:

kubectl get svc ingress-nginx-ingress-controller
External IP of PrestaShop deployment
Warning

It may take some time for the load balancer IP address to be assigned, so you may need to wait a few minutes before the previous command returns output. Depending on your cloud provider's policies, you may incur additional charges for this IP address.

If everything is configured correctly, you should get a "default backend - 404" response when accessing the NGINX server using the load balancer IP address.

Step 6: Deploy PrestaShop using the Bitnami Helm chart

You're now ready to deploy PrestaShop on the cluster using the Bitnami Helm chart, which is also part of the stable Helm repository. Execute the command below:

helm install --name prestashop stable/prestashop 
  --set prestashopUsername=ADMINISTRATOR-USERNAME 
  --set prestashopEmail=ADMINISTRATOR-EMAIL-ADDRESS 
  --set prestashopPassword=ADMINISTRATOR-PASSWORD 
  --set service.type=LoadBalancer
  --set ingress.enabled=true 
  --set ingress.hosts[0].name=DOMAIN 
  --set mariadb.enabled=false 
  --set externalDatabase.host=DB-HOST 
  --set externalDatabase.user=prestashop_user@prestashop-db 
  --set externalDatabase.password=PRESTASHOP-DB-PASSWORD 
  --set externalDatabase.database=prestashop 

Here is a quick explanation of what the previous command does and how to replace its placeholders:

  • The prestashopUsername, prestashopEmail and prestashopPassword parameters configure the PrestaShop administrator account credentials. Replace the ADMINISTRATOR-USERNAME, ADMINISTRATOR-EMAIL-ADDRESS and ADMINISTRATOR-PASSWORD placeholders with the administrator's username, email address and a hard-to-guess password respectively.

  • The ingress.hosts[0].name parameter sets the hostname to use for Ingress routing. Replace the DOMAIN placeholder with the domain name for your PrestaShop instance.

  • The mariadb.enabled parameter controls whether to create an accompanying MariaDB deployment. In the current example, this is disabled and instead, the externalDatabase parameters are used to configure the hosted Azure Database for MySQL service. Replace the DB-HOST and PRESTASHOP-DB-PASSWORD placeholders with the server name (obtained in Step 1) and the PrestaShop database account password (set in Step 2) respectively. If you used a different database name or user name for the PrestaShop database in Step 2, modify those values accordingly too.

After executing the previous command, wait a few minutes for the deployment to complete and for an IP address to be assigned to the PrestaShop load balancer. To obtain the load balancer IP address, use the command below:

kubectl get svc prestashop
Warning

It may take some time for PrestaShop to initialize the database and for the load balancer IP address to be assigned, so you may need to wait a few minutes before the previous command returns output. Depending on your cloud provider's policies, you may incur additional charges for this IP address.

You should now update the DNS settings for your domain by adding an A record pointing to the load balancer IP address obtained in the previous step. With this final change, you should be able to access your PrestaShop instance by browsing to http://DOMAIN, as shown below:

PrestaShop home page

To log in to the PrestaShop administrator console, browse to http://DOMAIN/administration and log in using the ADMINISTRATOR-EMAIL-ADDRESS and ADMINISTRATOR-PASSWORD values defined when deploying the Helm chart.

PrestaShop admin page

Your PrestaShop deployment is now ready for use!

Tip

Before taking your store live, make sure that you configure TLS using cert-manager.

Useful links