github.com/weaveworks/common@v0.0.0-20230728070032-dd9e68f319d5/tools/provisioning/do/README.md (about) 1 # Digital Ocean 2 3 ## Introduction 4 5 This project allows you to get hold of some machine on Digital Ocean. 6 You can then use these machines as is or run various Ansible playbooks from `../config_management` to set up Weave Net, Kubernetes, etc. 7 8 ## Setup 9 10 * Log in [cloud.digitalocean.com](https://cloud.digitalocean.com) with your account. 11 12 * Go to `Settings` > `Security` > `SSH keys` > `Add SSH Key`. 13 Enter your SSH public key and the name for it, and click `Add SSH Key`. 14 Set the path to your private key as an environment variable: 15 16 ``` 17 export DIGITALOCEAN_SSH_KEY_NAME=<your Digital Ocean SSH key name> 18 export TF_VAR_do_private_key_path="$HOME/.ssh/id_rsa" 19 ``` 20 21 * Go to `API` > `Tokens` > `Personal access tokens` > `Generate New Token` 22 Enter your token name and click `Generate Token` to get your 64-characters-long API token. 23 Set these as environment variables: 24 25 ``` 26 export DIGITALOCEAN_TOKEN_NAME="<your Digital Ocean API token name>" 27 export DIGITALOCEAN_TOKEN=<your Digital Ocean API token> 28 ``` 29 30 * Run the following command to get the Digital Ocean ID for your SSH public key (e.g. `1234567`) and set it as an environment variable: 31 32 ``` 33 $ export TF_VAR_do_public_key_id=$(curl -s -X GET -H "Content-Type: application/json" \ 34 -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" "https://api.digitalocean.com/v2/account/keys" \ 35 | jq -c --arg key_name "$DIGITALOCEAN_SSH_KEY_NAME" '.ssh_keys | .[] | select(.name==$key_name) | .id') 36 ``` 37 38 or pass it as a Terraform variable: 39 40 ``` 41 $ terraform <command> \ 42 -var 'do_private_key_path=<path to your SSH private key>' \ 43 -var 'do_public_key_id=<ID of your SSH public key>' 44 ``` 45 46 ### Bash aliases 47 48 You can set the above variables temporarily in your current shell, permanently in your `~/.bashrc` file, or define aliases to activate/deactivate them at will with one single command by adding the below to your `~/.bashrc` file: 49 50 ``` 51 function _do_on() { 52 export DIGITALOCEAN_TOKEN_NAME="<your_token_name>" # Replace with appropriate value. 53 export DIGITALOCEAN_TOKEN=<your_token> # Replace with appropriate value. 54 export DIGITALOCEAN_SSH_KEY_NAME="<your_ssh_key_name>" # Replace with appropriate value. 55 export TF_VAR_do_private_key_path="$HOME/.ssh/id_rsa" # Replace with appropriate value. 56 export TF_VAR_do_public_key_path="$HOME/.ssh/id_rsa.pub" # Replace with appropriate value. 57 export TF_VAR_do_public_key_id=<your_ssh_key_id> # Replace with appropriate value. 58 } 59 alias _do_on='_do_on' 60 function _do_off() { 61 unset DIGITALOCEAN_TOKEN_NAME 62 unset DIGITALOCEAN_TOKEN 63 unset DIGITALOCEAN_SSH_KEY_NAME 64 unset TF_VAR_do_private_key_path 65 unset TF_VAR_do_public_key_path 66 unset TF_VAR_do_public_key_id 67 } 68 alias _do_off='_do_off' 69 ``` 70 71 N.B.: 72 73 * sourcing `../setup.sh` defines aliases called `do_on` and `do_off`, similarly to the above (however, notice no `_` in front of the name, as opposed to the ones above); 74 * `../setup.sh`'s `do_on` alias needs the `SECRET_KEY` environment variable to be set in order to decrypt sensitive information. 75 76 ## Usage 77 78 * Create the machine: `terraform apply` 79 * Show the machine's status: `terraform show` 80 * Stop and destroy the machine: `terraform destroy` 81 * SSH into the newly-created machine: 82 83 ``` 84 $ ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no `terraform output username`@`terraform output public_ips` 85 ``` 86 87 or 88 89 ``` 90 source ../setup.sh 91 tf_ssh 1 # Or the nth machine, if multiple VMs are provisioned. 92 ``` 93 94 ## Resources 95 96 * [https://www.terraform.io/docs/providers/do/](https://www.terraform.io/docs/providers/do/) 97 * [https://www.terraform.io/docs/providers/do/r/droplet.html](https://www.terraform.io/docs/providers/do/r/droplet.html) 98 * [Terraform variables](https://www.terraform.io/intro/getting-started/variables.html)