Categories
Best Practices

Add Redis Cache to WordPress

Using Redis cache may significantly speed up your web apps. Today we’ll see how to add Redis cache to WordPress. To achieve that I’ll deploy Redis, install PHP Redis client extension and install Redis Object Cache WordPress plugin.

Why do you need Redis for WordPress

After upgrade to WordPress 6.1 you may get a warning in Site Health tool: “You should use a persistent object cache”. Why do you need it?

Using Persistent Object Cache will speed up page load times by saving on trips to the database from your web server.

WordPress optimization docs

Remember that database queries are one of the most expensive ones. Some queries are performed for each page view. So why to not cache them in RAM? That’s where Redis comes to the rescue. It keeps most frequently used db queries results in RAM. Yet, what will read those queries’ results from Redis and from db if they are not available? Right, we need some backend between the webserver (e.g. Apache) and Redis along with the database. That’s where Redis Object Cache plugin comes into play and provides that backend.

Deploy Redis

You can install and deploy Redis in multiple ways. For example, install and run it as an OS package or using docker and Kubernetes. I’ll deploy containerized Redis, because it’s rather easy and doesn’t conflict with existing OS packages. The only OS packages you need are either docker or podman and their dependencies. I’ll use podman which is a deamonless alternative to docker. podman CLI is the same as docker’s, so you can use the same docker commands. Just replace the word docker with podman:

podman run --name redis -p 6379:6379 -d docker.io/redis

This method assumes you run WordPress not in a container, but rather as apache web app directly on your VPS (e.g. on Linode). For instance, if you deployed WordPress as a marketplace app. If you run WordPress in a container refer to the below way for deploying Redis.

To check your Redis is running and healthy enter its container and ping it:

podman exec -it redis bash
# redis-cli
127.0.0.1:6379> ping
PONG

If you rather prefer using a managed Redis solution, consider using Linode’s Redis marketplace app. Linode is a cloud provider recently purchased by Akamai. With this purchase, Akamai became a competitor in the cloud providers market.

Install Redis client php extension

Installing Redis client php extension might be optional. You may skip it and do that only if you discover that Redis Object Cache plugin is not working.

If you still need to install the client you can install
phpredis
or other supported extensions like predis.

Install Redis Object Cache plugin

You need Redis Object Cache plugin because it checks first whether the required data from WordPress DB is present in Redis cache. If it does, it reads it from Redis, otherwise queries the database. The plugin is basically a persistent object cache backend for WordPress. I’ll use composer and wp-cli for installation of the plugin and inspecting its status.

Configure WordPress to use Redis

If you use Bedrock WordPress setup, add to your application.php 2 below commands:

Config::define( 'WP_REDIS_HOST', '127.0.0.1');
Config::define( 'WP_REDIS_PORT', 6379 );

Add Redis cache to WordPress in Docker

If your WordPress setup is containerized e.g. in docker-compose stack, you can add Redis in as an additional service:

  redis:
    image: redis
    container_name: '${COMPOSE_PROJECT_NAME}-redis'
    restart: 'always'
    expose:
      - 6379

and raise it using docker-compose up -d redis.

In that case Config::define( 'WP_REDIS_HOST', '127.0.0.1'); will have to change to Config::define( 'WP_REDIS_HOST', '${COMPOSE_PROJECT_NAME}-redis');. In addition you’ll have to add COMPOSE_PROJECT_NAME variable to .env file. Of course, the above steps assume you use the Bedrock WordPress setup.

Summary

That’s it about adding Redis cache to WordPress. Feel free to share this article.

You may find interesting below articles I wrote:

Find out recommended Redis books on Amazon.

Categories
quick q&a

Get user’s permissions using kubectl

Kubernetes supports RBAC authorization out of the box. In short, every Kubernetes user or a service account have permissions to perform certain actions (HTTP verbs) on certain API server resources e.g. pods. To get user’s permissions using kubectl run kubectl auth can-i --list:

Resources                                       Non-Resource URLs                     Resource Names              Verbs
selfsubjectaccessreviews.authorization.k8s.io   []                                    []                          [create]
selfsubjectrulesreviews.authorization.k8s.io    []                                    []                          [create]
persistentvolumeclaims                          []                                    []                          [get list watch create delete deletecollection patch update]
pods/exec                                       []                                    []                          [get list watch create delete deletecollection patch update]
pods                                            []                                    []                          [get list watch create delete deletecollection patch update]
events                                          []                                    []                          [get list watch]
pods/log                                        []                                    []                          [get list watch]
configmaps                                      []                                    []                          [get watch list]
                                                [/.well-known/openid-configuration]   []                          [get]
                                                [/api/*]                              []                          [get]
                                                [/api]                                []                          [get]
                                                [/apis/*]                             []                          [get]
                                                [/apis]                               []                          [get]
                                                [/healthz]                            []                          [get]
                                                [/healthz]                            []                          [get]
                                                [/livez]                              []                          [get]
                                                [/livez]                              []                          [get]
                                                [/openapi/*]                          []                          [get]
                                                [/openapi]                            []                          [get]
                                                [/openid/v1/jwks]                     []                          [get]
                                                [/readyz]                             []                          [get]
                                                [/readyz]                             []                          [get]
                                                [/version/]                           []                          [get]
                                                [/version/]                           []                          [get]
                                                [/version]                            []                          [get]
                                                [/version]                            []                          [get]
podsecuritypolicies.policy                      []                                    [global-unrestricted-psp]   [use]

To view another user’s permissions add --as=[user-name] flag. For instance: kubectl auth can-i --list --as=jenkins.

To see a real world example, you can follow my tutorial on installing Jenkins helm chart and then see the permissions of Jenkins service account. Such permissions include creating pods on demand for Jenkins jobs. Have a look at this chart’s template to get a taste of how RBAC is configured.

If you are after more granular information on roles or cluster roles per service account, have a look at this great answer on stack overflow. It suggests using rbac-tool.

Also note that Kubernetes distinguishes between user and service accounts.

Summary

That’s it about getting user’s permissions using kubectl.

You can find below articles useful:

Categories
Automation DevOps

Kafka Producer and Consumer in Python

Today, I’ll demo Kafka producer and consumer written in Python. We’ll see a fully working demo of producer and consumer running against Kafka in a docker-compose stack.

Categories
Automation CI/CD DevOps

Auto Tag Releases with Semantic Versions

If you developed modern CI/CD pipelines you probably stumbled on the need to auto tag releases with semantic versions. Today I’ll show how to do that automatically and which tools may help to achieve automatic tagging releases with semantic versions.

Categories
Monitoring Orchestration

Monitor Spring Boot Apps using Prometheus on Kubernetes

Let’s discover how to monitor Spring Boot apps using Prometheus on Kubernetes clusters. Prometheus and the app will be deployed to different Kubernetes namespaces. So we’ll also see how using ExternalName Kubernetes service enables Prometheus to get metrics of Spring Boot Java app deployed to a different namespace.

Categories
Automation CI/CD DevOps

How to Create Kubernetes cluster on Linode using CLI

Today, I’ll show how to create Kubernetes cluster on Linode using CLI. It might be useful, for instance, for CI/CD, automation processes, etc…

Categories
Automation DevOps Orchestration

Create Kubernetes Operator using Ansible

Today, I’ll show how to create and use Kubernetes operator using Ansible. I’ll also explain why to use Kubernetes operators and their relation to Kubernetes CRDs. As always, I’ll show a demo.

Categories
Automation CI/CD DevOps

GitLab Self-Hosted Runners Demo

In this post we’ll see how and why to use GitLab self-hosted runners. As always, I’ll show a practical demo of GitLab self-hosted runner which runs jobs in CI/CD pipelines.

Categories
Automation CI/CD DevOps

Podman Jenkins Agent

Today, I’ll show Podman Jenkins agent assuming Jenkins runs on Kubernetes. We’ll see Podman agent’s Dockerfile and CI/CD pipeline using it.

Categories
Automation DevOps

Migration from Jenkins to GitLab

Have you considered migration from Jenkins to GitLab? While working on CI/CD pipelines in Jenkins, you probably didn’t like coding them in Groovy. You wondered if any simpler CI/CD platform exists where you just have to worry about what commands to run in the pipelines. We’ll review important things to consider while planning migration from Jenkins to GitLab.