Note: Still in draft form. Need to flesh out a bit.
From https://www.digitalocean.com/community/tutorials/how-to-use-terraform-with-digitalocean
On the Digital Ocean site:
- Create and save a Digital Ocean token.
- Create an SSH key called '~/.ssh/id_digital_ocean' without a passphrase and upload to Digital Ocean with the name "digital_ocean".
export DO_PAT="${DO_TOKEN}"
export DO_SSH_KEY_NAME="digital_ocean"docker container run \
-d \
--name tform \
-v ~/.ssh/id_digital_ocean:/tmp/id_digital_ocean:ro \
ubuntu sleep inf ; sleep 1This verifies that the container works.
docker container exec -it tform /bin/bashThese are items that will eventually make it into a Dockerfile.
docker container exec -i tform /bin/bash << 'eof'
export DEBIAN_FRONTEND=noninteractive
apt-get update
apt-get install -y curl unzip zip tree vim jq file elinks less
# fetch hcl2json binary
curl -L --output-dir /usr/local/bin -O \
https://github.com/tmccombs/hcl2json/releases/download/v0.6.0/hcl2json_linux_amd64
chmod +x /usr/local/bin/hcl2json_linux_amd64
# fetch and install the latest terraform binary
elinks --dump 'https://releases.hashicorp.com/terraform' |
grep -v alpha |
grep -m 1 -o 'https://.*terraform/.*$' |
xargs elinks --dump |
grep -m 1 -o 'https://.*_linux_amd64.zip' |
xargs curl -o /tmp/terraform.zip
unzip /tmp/terraform.zip -d /usr/local/bin
rm /tmp/terraform.zip
mkdir /root/loadbalance
eofdocker container exec \
-i \
-e DO_PAT="${DO_TOKEN}" \
-e DO_SSH_KEY_NAME="${DO_SSH_KEY_NAME}" \
-e TF_LOG=1 \
-w /root/loadbalance \
tform /bin/bash << 'eof'
cut -c5- <<eof2 > provider.tf
terraform {
required_providers {
digitalocean = {
source = "digitalocean/digitalocean"
version = "~> 2.0"
}
}
}
variable "do_token" {}
variable "pvt_key" {}
provider "digitalocean" {
token = var.do_token
}
data "digitalocean_ssh_key" "${DO_SSH_KEY_NAME}" {
name = "${DO_SSH_KEY_NAME}"
}
eof2
terraform init
eofThis sets up a single droplet.
docker container exec \
-i \
-e DO_PAT="${DO_TOKEN}" \
-e DO_SSH_KEY_NAME="${DO_SSH_KEY_NAME}" \
-e TF_LOG=1 \
-w /root/loadbalance \
tform /bin/bash << 'eof'
cut -c5- <<eof2 > www-1.tf
resource "digitalocean_droplet" "www-1" {
image = "ubuntu-22-04-x64"
name = "www-1"
region = "sfo3"
size = "s-1vcpu-512mb-10gb"
ssh_keys = [
data.digitalocean_ssh_key.${DO_SSH_KEY_NAME}.id
]
}
eof2
eofThis is similar to a dry-run. Terraform informs you about what it will do if you were to deploy ( i.e. apply ).
docker container exec \
-i \
-e DO_PAT="${DO_TOKEN}" \
-w /root/loadbalance \
tform /bin/bash << 'eof'
terraform plan \
-var "do_token=${DO_PAT}" \
-var "pvt_key=/tmp/id_digital_ocean"
eofdocker container exec \
-i \
-e DO_PAT="${DO_TOKEN}" \
-w /root/loadbalance \
tform /bin/bash << 'eof'
terraform apply -auto-approve \
-var "do_token=${DO_PAT}" \
-var "pvt_key=/tmp/id_digital_ocean"
eofdocker container exec \
-i \
-e DO_PAT="${DO_TOKEN}" \
-w /root/loadbalance \
tform /bin/bash << 'eof'
terraform show terraform.tfstate
eofdocker container exec \
-i \
-e DO_PAT="${DO_TOKEN}" \
-w /root/loadbalance \
tform /bin/bash << 'eof'
terraform refresh \
-var "do_token=${DO_PAT}" \
-var "pvt_key=/tmp/id_digital_ocean"
eofThis does both the dry-run ( plan ) and deploy ( apply ).
docker container exec \
-i \
-e DO_PAT="${DO_TOKEN}" \
-w /root/loadbalance \
tform /bin/bash << 'eof'
terraform plan -destroy -out=terraform.tfplan \
-var "do_token=${DO_PAT}" \
-var "pvt_key=/tmp/id_digital_ocean"
terraform apply terraform.tfplan
eofdocker container stop tform ; docker container rm tform ;