Theodore Baschak

BOFH. Open Source Guru. Founder/Operator of Hextet Systems, AS395089 and Network Architect for Daemon Defense Systems, AS55101.

Deploying a Nameserver at DigitalOcean in 2 minutes

Wed, 23 Jul 2014 23:56:49 -0500 » Nerd Projects, Network Monitoring, CLI, IPv6, Virtualization, SaltStack, System Administration

One of the great things about DigitalOcean is that you can spin up a new small sized Debian VM in under 55 seconds. All that remains is to log in, add the Salt Debian repo, add the salt signing key, and then run state.highstate on the Salt master. If somewhat scripted, this can easily be accomplished in under 65 seconds, resulting in a new Slave Nameserver deployed in (under) 2 minutes. I have used this to deploy slave nameservers at LON1, SGP1, and most recently, NYC3 (all the DigitalOcean regions with IPv6).

#!/bin/bash

APTLISTD = "/etc/apt/sources.list.d"
MINIOND = "/etc/salt/minion.d"
echo "# SaltStack" > $APTLISTD/saltstack.list
echo "deb http://debian.saltstack.com/debian wheezy-saltstack main" >> $APTLISTD/saltstack.list
wget -O- http://debian.saltstack.com/debian-salt-team-joehealy.gpg.key|apt-key add -

echo "# backports" > $APTLISTD/backports.list
echo "deb http://http.debian.net/debian wheezy-backports main" >> $APTLISTD/backports.list

apt-get update
apt-get install salt-minion

echo 'master: master.example.com' > $MINIOND/master.conf
#echo 'ipv6: true' > $MINIOND/ipv6.conf
cat <<EOM > /etc/salt/grains
roles:
  - monitoring
  - slavens
datacenter: $LOCATION
EOM
service salt-minion restart

The two roles specified in the grains get pushed up to the server, and can then be used for targeting.

#!/bin/bash

salt-key -L
salt-key -a $MINIONHOSTNAME
salt -G roles:slavens test.ping
salt -G roles:slavens test.version
salt -G roles:slavens state.highstate
© Theodore Baschak - https://github.com/tbaschak - Powered by Jekyll.
Powered by Les.net.
CiscoDude.net is a personal website. Opinions expressed are not necessarily those of his employer.