One of the main benefits of using cloud is to harvest the power of handling infrastructure as code. We’ll go over handling droplet creation in Digital Ocean using Ansible.

First things first. The plan:
– Installing/Cloning ansible-digitalocean role (We will be using jasonheecs’s ansible role that he willingly shared with everyone! https://github.com/jasonheecs/ansible-digitalocean – all props to him!)
– Configuring credentials to connect to Digital Ocean
– Creating a playbook which will create a Ubuntu 18 droplet

1. Installing the role
My preference is to clone a git repository in an exact folder wherever I want it:
cd /etc/ansible/roles
git clone git@github.com:jasonheecs/ansible-digitalocean.git
The alternative is to install it with ansible galaxy:
ansible-galaxy install jasonheecs.digitalocean

2. Configuring access credentials
The way our Ansible control machine is connecting to Digital Ocean is using an API. Authentication is done by using a Personal Access Token.
Afterwards our ansible control machine will connect to created droplet via SSH using a key pair.

2.1 Create a Personal Access Token with READ and WRITE permissions in Digital Ocean by navigating to API section on the left side. It is best to name token in a way that identifies that it is used by ansible. Make sure to save the token immediately! (https://www.digitalocean.com/docs/api/create-personal-access-token/)

2.2 Add SSH public key to SSH keys list in Digital Ocean (https://www.digitalocean.com/docs/droplets/how-to/add-ssh-keys/to-account/)
This key will be used by the ansible control machine to connect directly to the created droplet. Make sure you use SSH keys from you control machine!

3. Prepare the control machine
Add host group [do_droplets] to ansible hosts file
Double check SSH keys that will be used to connect to droplet directly
For simplicity we’ll be running the playbooks as root user

4. Creating the playbook

Create a new playbook in your playbooks folder (i.e. /etc/ansible/playbooks/do_create_droplet.yml)
– hosts: localhost
vars:
do_ssh_key_name: ansible-control-machine
do_ssh_pub_key: “{{ lookup(‘file’, ‘~/.ssh/id_rsa.pub’) }}”
do_ssh_private_key: “~/.ssh/id_rsa”
droplet_name: test-droplet-ansible
droplet_region_id: fra1
droplet_size_id: 512mb
droplet_image_id: ubuntu-18-04-x64
ansible_inventory_file: //etc/ansible/hosts
droplets_inventory_group: do_droplets
do_api_token: EXAMPLEasd1adasdf142733ac482de0f235236724752sd8c89ff71c9e775badf
droplet_additional_ssh_key_ids: [] connection: local
become: no
roles:
– { role: ansible-digitalocean }

5. Run the playbook
ansible-playbook do_create_droplet.yml

Output should be similar to this (depending on what packages are already installed on your control machine). Please note the displayed IP address:

“Droplet IP is 104.248.242.127”

6. Test access
From our control machine we already have SSH access:

ssh root@104.248.242.127

Make sure an entry was added to your ansible hosts file, so additional playbooks will be able to apply on this host.[do_droplets] test-droplet-ansible ansible_host=104.248.242.127

7. Cleanup
Do not forget to destroy the droplet in Digital Ocean afterwards to avoid unnecessary costs!