Ansible is an open-source configuration management tool and is popular for provisioning infrastructure.
In this blog post, I’ll show how you can easily spin up multiple droplets in DigitalOcean. The full code can be downloaded from here.
Prerequisites
- Ansible should be installed on your host and you should have some basic understanding of it. If you want to know what Ansible is and how to install it you can follow my other post, Ansible for beginners.
- You need a valid DigitalOcean account. You can create it for free (but you cannot use it for free!).
- You also need the API key/token of your DigitalOcean account. After logging into your DigitalOcean account go to Manage->API. From here generate an API key/token. Once generated, copy the value of the key and save it in a safe place. Do not share this value with others unless they really need it.
- This is not mandatory, but as we are going to run this instance in a cloud environment, it’s better to avoid password authentication and use key-based authentication. Generate a key pair locally and upload the public key into your account. Go to Account->Security and click on Add SSH key button. Paste your key content and give a name to that key. Click on the Add SSH key button to save your key. To find out the “keyid”, which we will use in our playbook, run the command below from your terminal.
curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer PASTE_YOUR_API_HERE" "https://api.digitalocean.com/v2/account/keys"| python -m json.tool
I use json.tool as a JSON parser. From the output find the “id:” field and copy the value. This is our key ID.
Now we’re ready to run the playbook.
Download and run the playbook
Run the command below in your terminal:
git clone https://github.com/imtiazrahman/droplet_run.git
After cloning the repo you will find a directory called “droplet_run”. Inside that directory, you will find a file called do_run.yml and the inventory folder. Open the do_run.yml file with your favourite editor and find the line “do_token:”. Add your API/token here inside a single quote as below:
Before:
do_token: '' #MY-DO--TOKEN Need to change the value here
After adding your API/token:
do_token: 'utrfd........lkjd' #MY-DO--TOKEN Need to change the value here
Next, find the line that contains “ssh_keys:”. Add your SSH “keyid” here as below:
Before:
ssh_keys: [ '' ] #Need to change the value here
After adding your keyid:
ssh_keys: [ '12...0021' ] #Need to change the value here
Next, find the line that contains “with_items:”. Here you can declare your droplet’s name and the number of droplets you want to run. You can keep it as it is or you can change this section according to your requirements. As this is a .yml file you should handle the indent or space carefully.
Finally, at the end of the script, you will find the line ansible_ssh_private_key_file: “PUT_YOUR_KEY_FILE_LOCATION/id_rsa”. Put your private key file location here along with the key name as below:
Before:
ansible_ssh_private_key_file: "PUT_YOUR_KEY_FILE_LOCATION/id_rsa"
After changing the key location:
ansible_ssh_private_key_file: "my_keys/id_rsa"
To run the playbook type the command below from your Ansible host:
ansible-playbook -i inventory do_run.yml -u root
It will take some time to complete the script and spin up your droplets. In the end, you will see the Ansible “PLAY RECAP” section where you can find your droplets IP. Choose one of them and try to SSH on that server as below:
ssh -i YOUR_KEY_LOCATION/id_rsa root@DROPLETIP
If everything goes well you should be able to login to your newly created droplet. If you want to choose a different type of droplet or want to run the droplet in different locations, you can do it by editing the first task of this Ansible playbook.
Thanks for reading the post. If you enjoyed it, please share it with your network and let me know your thoughts in the comments below.
Adapted from original post which first appeared on Imtiaz Rahman’s Blog.
Imtiaz Rahman works for a financial organization in Bangladesh. He has experience in system, network and security administration.
The views expressed by the authors of this blog are their own and do not necessarily reflect the views of APNIC. Please note a Code of Conduct applies to this blog.