How to deploy WordPress on GKE Autopilot in Google Cloud

Here I would like to share step by step on deploying WordPress site to GKE Autopilot in Google Cloud. This approach is the most managed as the GKE autopilot clusters are fully managed by GCP along with Node upgrade, repairs, maintenance. So there is no operational cost associated with it.

Setting up your environment

$ gcloud services enable

$ git clone

$ cd kubernetes-engine-samples/wordpress-persistent-disks

$ WORKING_DIR=$(pwd)

Creating a GKE Autopilot cluster

$ gcloud container clusters create-auto gke-autopilot-bicarait --region asia-southeast2 --project=work-bicarait-prod-blog 

$ gcloud container clusters get-credentials gke-autopilot-bicarait --region asia-southeast2 --project=work-bicarait-prod-blog

$ gcloud container clusters describe gke-autopilot-bicarait --region asia-southeast2

Creating a PV and a PVC backed by Persistent Disk

$ vim wordpress-volumeclaim.yaml

apiVersion: v1
kind: PersistentVolumeClaim
  name: wordpress-volumeclaim
  storageClassName: standard
    - ReadWriteOnce
      storage: 200Gi
$ kubectl apply -f $WORKING_DIR/wordpress-volumeclaim.yaml
$ kubectl get persistentvolumeclaim

Creating a Cloud SQL for MySQL instance

$ INSTANCE_NAME=mysql-bicarait-gkeautopilot

$ gcloud sql instances create $INSTANCE_NAME --region=asia-southeast2

$ export INSTANCE_CONNECTION_NAME=$(gcloud sql instances describe $INSTANCE_NAME \

$ gcloud sql databases create wordpress --instance $INSTANCE_NAME

$ CLOUD_SQL_PASSWORD=$(openssl rand -base64 18)

$ gcloud sql users create wordpress --host=% --instance $INSTANCE_NAME \
    --password $CLOUD_SQL_PASSWORD

Configure a service account and create secrets

$ SA_NAME=cloudsql-proxy

$ gcloud iam service-accounts create $SA_NAME --display-name $SA_NAME

$ SA_EMAIL=$(gcloud iam service-accounts list \
    --filter=displayName:$SA_NAME \

$ gcloud projects add-iam-policy-binding $PROJECT_ID \
    --role roles/cloudsql.client \
    --member serviceAccount:$SA_EMAIL

$ gcloud iam service-accounts keys create $WORKING_DIR/key.json \
    --iam-account $SA_EMAIL

$ kubectl create secret generic cloudsql-db-credentials \
    --from-literal username=wordpress \
    --from-literal password=$CLOUD_SQL_PASSWORD

$ kubectl create secret generic cloudsql-instance-credentials \
    --from-file $WORKING_DIR/key.json

Deploy WordPress

$ cat $WORKING_DIR/wordpress_cloudsql.yaml.template | envsubst > \

$ kubectl create -f $WORKING_DIR/wordpress_cloudsql.yaml

$ kubectl get pod -l app=wordpress --watch

Expose the WordPress service

$ vim $WORKING_DIR/wordpress-service.yaml

apiVersion: v1
kind: Service
    app: wordpress
  name: wordpress
  type: LoadBalancer
    - port: 80
      targetPort: 80
      protocol: TCP
    app: wordpress
$ kubectl create -f $WORKING_DIR/wordpress-service.yaml

$ kubectl get svc -l app=wordpress --watch

Setting up your WordPress blog

Open browser to http://external-ip-address of the services that exposes your WordPress instance

Congratulation! You now have a blog site.

Kind Regards,
Doddi Priyambodo

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.