Ansible playbook for spin up droplets in DigitalOcean

Ansible is an open source configuration management tool, and is popular for provision infrastructure. In this blog post I’ll show you how easily you can spin up multiple droplets in DigitalOcean. The full code can be downloaded from here.

Prerequisite

  1. Ansible should be installed on your host and you should have some basic understanding about ansible. If you want to know what ansible is and how to install it you can follow my other post regarding ansible here.
  2. You need a valid DigitalOcean account. You can create it for free (but you cannot use it for free!).
  3. The API key/token of your DigitalOcean account. After login to your DigitalOcean account got to Manage->API. From here you can generate your API key/token. Once generate copy the value of the key and save it in a safe place. Do not share this value with others until unless you really need it.
  4. This is not mandatory, but as we are going to run instance in a cloud environment, it’s better to avoid password authentication and use the key based authentication. generate a key pair locally and upload the public key in your account. Goto Account->Security and click on Add SSH key button. Paste your key content and give a name of that key. Click on Add ssh key button to save your key. To find out the “keyid” which we will use in our playbook run the below command from your terminal.
curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer PASTE_YOUR_API_HERE" "https://api.digitalocean.com/v2/account/keys"  | python -m json.tool

I use json.tool as a json parser. From the output find the “id:” field and copy the value. This is our key id.

All set we are ready to run the playbook.

Download and run the playbook

Run the below command in your terminal.

git clone https://github.com/imtiazrahman/droplet_run.git

After cloning the repo you will find a directory called “droplet_run”. Go inside that directory, you will find a file called  do_run.yml and the inventory folder. Open the do_run.yml file with your favourite editor and find the line “do_token:”. Put your API/token here inside the single quote like below:

Previous

do_token: '' #MY-DO--TOKEN Need to change the value here

After API/token

do_token: 'utrfd........lkjd' #MY-DO--TOKEN Need to change the value here

After that find the line contains “ssh_keys:”. Put your ssh “keyid” here like below:

Previous

ssh_keys: [ '' ] #Need to change the value here

After keyid

ssh_keys: [ '12...0021' ] #Need to change the value here

Next find the line “with_items:”.  Here you can declare your droplets name and number of droplets you want to run. You can keep it as it is or you can change this section according to your requirements. As this is a .yml file so you should handle the indent or space carefully. Finally at the end of the script you will find the line ansible_ssh_private_key_file: “PUT_YOUR_KEY_FILE_LOCATION/id_rsa”, put your private key file location here along with the key name like below:

Previous

ansible_ssh_private_key_file: "PUT_YOUR_KEY_FILE_LOCATION/id_rsa"

After change the key location

ansible_ssh_private_key_file: "my_keys/id_rsa"

To run the playbook type the below command from your ansible host

ansible-playbook -i inventory do_run.yml -u root

It will take some time to complete the script and spin up your droplets. At the end you will see the ansible “PLAY RECAP” section where you can find your droplets ip. Choose one of them and try to ssh on that server like below:

ssh -i YOUR_KEY_LOCATION/id_rsa root@DROPLETIP

if everything goes well you should be able to login to your newly created droplet. If you want to choose a different type of droplet or want to run the droplet in different locations you can do it by editing the first task of this ansible playbook.

Thanks for reading the post. If you enjoyed the post, please share it with your network and let me know your thoughts in the comments. 

About the Author: Imtiaz is working in a financial organization in Bangladesh and having experience in system, network and security administration. Feel free to contact with him on LinkedIn or Twitter

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.