Using Ansible to Automate the Deployment of DigitalOcean Droplets

Introduction

Ansible is a configuration management tool that makes it easy to automate the deployment and configuration of infrastructure. You can use it to spin up thousands of servers in record time.

This tutorial will demonstrate how to provision multiple DigitalOcean Droplets and configure them to host a static site using NGINX.

Before we begin

You will need a DigitalOcean* account and Ansible Version 2.9.11+ installed on your machine. The following example has was tested on a MacBook Pro with version 2.9.11 of Ansible.

Step 1: Create a DigitalOcean API Token

The first thing we need to do is create a DigitalOcean API token that we can use in our Ansible playbooks to automate the creation of new Droplets.

Login to your DigitalOcean account (if you don’t have one you can use my affiliate link* to get $100 free credit) then navigate to the API page and click Generate New Token.

Enter a name for the token, e.g Ansible then click Generate Token.

You should now see the token in your list of Personal access tokens. Click Copy and store the token in a safe place.

Step 2: Create Directory Structure

Create a directory on your machine to store the playbooks and inventory files inside. For this example I’ve called it ansible. Run the following commands to create the directory and files.

mkdir ansible && cd ansible
touch prod.yml
touch digitalocean.yml
touch nginx.yml

Step 3: Create Inventory File

Open the prod.yml inventory file and add the following YAML config:

web:
  hosts:
    web01.example.com:
    web02.example.com:
  vars:
    ansible_user: root
    ansible_ssh_private_key_file: ~/.ssh/id_rsa

This inventory file defines two hosts, which means two droplets will be created. It also specifies the location of the private key that will be used to connect to the Droplets. Make sure you have generated a private key on your local machine before continuing.

Step 4: Create the Playbooks

Open the digitalocean.yml file and add the following YAML config:

- hosts: localhost
  vars:
    digital_ocean_token: <your_token>
    droplet_size: s-1vcpu-1gb
    droplet_region: nyc1
    droplet_image: ubuntu-18-04-x64
  tasks:
  
  - name: "add public ssh key to digitalocean account"
    digital_ocean_sshkey:
      name: "MacBook Pro"
      oauth_token: "{{ digital_ocean_token }}"
      ssh_pub_key: "{{lookup('file', '~/.ssh/id_rsa.pub') }}"
      state: present
    register: sshkey_result

  - name: create a new droplet assigning the key
    digital_ocean_droplet:
      name: "{{ item }}"
      oauth_token: "{{ digital_ocean_token }}"
      size: "{{ droplet_size }}"
      region: "{{ droplet_region }}"
      image: "{{ droplet_image }}"
      wait_timeout: 600
      unique_name: yes
      ssh_keys: ["{{ sshkey_result.data.ssh_key.id }}"]      
      state: present
    with_inventory_hostnames:
      - web
    register: droplet_result

  - name: save ip and hostname to local hosts file /etc/hosts
    become: yes
    lineinfile:
      path: /etc/hosts
      regexp: '.*{{ item.data.droplet.name }}$'
      line: "{{ item.data.ip_address }}  {{ item.data.droplet.name }}"
    with_items: "{{ droplet_result.results }}"

You will need to replace the <your_token> value that is assigned to the digital_ocean_token variable with your DigitalOcean token.

There are three tasks in the playbook above. The first task will add the public key of your SSH key located in ~/.ssh to your DigitalOcean account. The ID of the key will be stored in sshkey_result and used in the next task to assign it to the created Droplet.

The last task will store the hostnames and IP addresses of the Droplets in your local hosts file. Note: in a production environment, you will likely want to replace this task for a task that adds the IP addresses to your DNS servers.

nginx.yml

Open the nginx.yml file and add the following YAML config:

- hosts: web
  become: true
  tasks:
  
  - name: "apt-get update"
    apt:
      update_cache: yes
      cache_valid_time: 3600

  - name: "install nginx"
    apt:
      name: ['nginx', 'ssl-cert']
      state: latest

Step 5: Run Playbooks

With the playbooks created, it’s time to test them out. Run the following command to create the droplets.

ansible-playbook -i prod.yml digitalocean.yml --ask-become-pass

Once the playbook above has finished, the hosts should be created and the IP addresses saved in your local hosts file (/etc/hosts). Now we can run the nginx.yml playbook to install NGINX on the Droplets by running the command below:

ansible-playbook -i prod.yml nginx.yml --ssh-common-args='-o StrictHostKeyChecking=no'

Test

If all went to plan, you should now see the NGINX welcome page when entering the hostnames into a browser as you can see from the screen shot below.

Conclusion

And that’s it, we now have two Droplets with NGINX installed and they were deployed by simply running a couple of commands.

Ansible is cool :)

Written by: Tony Mackay