Improve article on how to deploy Laravel to Kubernetes

[danielepolencic]

Article:

We received the following comments:

Running laravel in production using serve is considered bad practice.
— boris_eve

RUN php artisan key:generate
You should only run this one.....it should be retrieved from a secret or else things like already set cookies get funky on rebuild of the container.
RUN php artisan serve --host=0.0.0.0 --port=8181
Shouldn't this be CMD?
Also no explanation that "php artisan serve" should not be used for anything outside development and that requires a bit more kubernetes work to serve laravel without it.
— delfinom

RUN php artisan key:generate
If this is generating a secret key, this looks very wrong, because it would embed a secret key into an image that gets pushed to a registry.
If the key is ephemeral (doesn’t need to survive the containers’ lifetimes) it’s better to create it when the container runs. If it’s a persistent secret then Kubernetes has a secrets feature that is appropriate.
— sacundim

I think we should fix the content. I'm not sure what's considered to be best practice in the Laravel world.

Also, we should tweak the title again — I know what you're thinking, we went live already.
I think this article is not one-off. It isn't one of those articles that are forgotten after a while (like How to optimise your Docker images).
More and more people will look for this kind of content in the long run.

In that respect, I suggest we rename the article, but still retain most of the original one.

• Introduction to Kubernetes: How to Deploy a Laravel 5 application
• Getting started with Laravel 5 on Kubernetes
• Deploy a Laravel 5 application to Kubernetes

The titles are variations of articles already published for Heroku — i.e. I google "laravel heroku" and generated variations of the titles.

@keithmifsud let me know what you think.

[danielepolencic]

Interesting: https://www.reddit.com/r/kubernetes/comments/8gmh6m/extremely_new_to_kubernetes_want_to_deploy_a_lamp/

We could repurpose this tutorial and make it LAMP: https://medium.com/containerum/how-to-easily-deploy-a-drupal-8-instance-on-kubernetes-b90acc7786b7

Two interesting suggestions:

• k8s + LAMP
• from docker-compose to K8s

[keithmifsud]

Keyword Research for the main title:

Keyword	Monthly Volume	Diificulty	Organic CTR	Priority	Comments
How to deploy Laravel to Kubernetes	no data	30	94%	30	We're already on top in SERP
Introduction to Kubernetes: How to Deploy a Laravel 5 application	no data	40	86%	27
Getting started with Laravel 5 on Kubernetes	no data	34	100%	30	We're already top in SERP
Deploy a Laravel 5 application to Kubernetes	no data	37	88%	28

[keithmifsud]

@danielepolencic I don't think we should change the title. My main reason is that if I had to google this I would literally type the title exactly: "How to deploy Laravel to Kubernetes". I would not specific the version number "laravel 5". I might search for "Deploy laravel to Kubernetes" instead. The article ranks #1 in google for both "Deploy laravel to Kubernetes" and the existing title. I think it will be detrimental to the existing search ranking if we change it. It is also specific to what users will type if this is the problem they are trying to solve.

SERP analysis is from MOZ https://moz.com/explorer/keyword/overview?locale=en-GB&q=deploy%20laravel%20to%20kubernetes and my previous search history and search profile does not affect it.

[keithmifsud]

@danielepolencic In regards to the comment by sacundim; he's right in the sense that once the key is generated, it will be included in the image. Outside of a Docker setup, this is not an issue because Laravel uses a .env file which is ignored by git. I don't really know how to use the docker secrets feature. Do you? Also, I'm not sure this is very important for the purpose of this tutorial. Maybe we can simply add a disclaimer: "In a production scenario, the .env file should be ignored by docker ..."?

[danielepolencic]

About laravel using serve in production, I think we should use php apache or php fpm as a base container as explained here: https://bitpress.io/simple-approach-using-docker-with-php/

"php artisan key:generate is a command that sets the APP_KEY value in your .env file."
That should be injected as an env variable. Example:

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: app
spec:
  replicas: 1
  template:
    metadata:
      labels:
        app: app
    spec:
      containers:
      - name: app
        image: laravel
        env:
        - name: APP_KEY
          value: "something"
        ports:
          - containerPort: 8080

In your case, we're not using a yaml file, so I wonder... what happens if we remove that all together? does it still work without a key?

[keithmifsud]

@danielepolencic :

Regarding apache / php-fpm.. we're using Nginx in Ingress? We could eliminate the php artisan serve if we didn't need a preview at such an early stage.

Laravel will not work without an APP_KEY variable. Also, I don't know how we can generate it and then add it to the yaml file?

[keithmifsud]

pinging @danielepolencic 😄

[danielepolencic]

The ingress is to route the traffic into the cluster. It's a proxy that distributes the traffic to the internal service in the network. It's not a replacement for the Nginx in front of php-fpm.

As for the env variable, you should tweak your command to be:

kubectl run laravel-kubernetes-demo \
  --image=yourname/laravel-kubernetes-demo \
  --port=8181 \
  --image-pull-policy=IfNotPresent \
  --env=APP_KEY=something

And you can remove RUN php artisan key:generate from your Dockerfile.

[keithmifsud]

Thanks, @danielepolencic Sorry for the nginx.. Silly comment!
I will fix the Dockerfile so that includes a web server with PHP support - probably it will also be Nginx (not apache).

Regarding the app key, we still need to generate one before we can add it as an env var. This needs to be done inside the container. How would you go about it? We need to have a different and hidden key per install.

[danielepolencic]

Regarding the app key, we still need to generate one before we can add it as an env var.

You can generate a random string and base64. It should work. I just checked the code and that's what they do in Laravel too https://github.com/laravel/framework/blob/56a58e0fa3d845bb992d7c64ac9bb6d0c24b745a/src/Illuminate/Foundation/Console/KeyGenerateCommand.php#L59