Ansible Playbook to get you up and running with OpenFaas on DigitalOcean. This is intended for evaluation / testing where quick and repeatable access to a clean instance is desired.
Please be aware this playbook is not idempotent, specifically in droplet creation; if you run it n times you will get n droplets.
Both swarm and kubernetes deployments are possible by passing -e "orchestrator=swarm" or -e "orchestrator=k8s".
These vary depending on the mechanism by which Ansible is being invoked. If Ansible is being installed onto a control machine then all three apply. Alternatively a Docker image has been made available at rgee0/ansible-playbook:2.6.0 which includes the first two pre-reqs.
- Install Ansible (Skip if using Docker image)
- PIP and DOPY (Skip if using Docker image)
- DigitalOcean account
Configure the create_droplet role variables according to your needs.
token: <your DO API token>
sshid: <your ssh key ids>
size_slug: <your required vm size>
region: <your desired region>
image: ubuntu-17-10-x64
- token
Click API in the DigitalOcean Dashboard, then under Tokens/Keys click “Generate New Token”. Select Read & Write scopes.
- sshid
The ssh key IDs can be found by running:
$ export DOTOKEN=<API token>
$ curl -X GET -H 'Content-Type: application/json' -H 'Authorization: Bearer '$DOTOKEN "https://api.digitalocean.com/v2/account/keys" 2>/dev/null | python -m json.toolLook at the “ssh_keys” section and pick one of the SSH keys you want to use to log into the new droplet we will create. Use the “name” field to identify the key and then copy the “id” field
- size_slug
Its recommended that s-2vcpu-4gb is used as a minimum. Further options can be found on DigitalOcean
or through the API:
$ curl -X GET -H 'Content-Type: application/json' -H 'Authorization: Bearer '$DOTOKEN "https://api.digitalocean.com/v2/sizes" 2>/dev/null | python -m json.tool- region
$ curl -X GET -H 'Content-Type: application/json' -H 'Authorization: Bearer '$DOTOKEN "https://api.digitalocean.com/v2/regions" 2>/dev/null | python -m json.tool
- Using Swarm (Ansible via Docker)
Ensure the path to, and key names, are adjusted according to your set-up.
$ docker run --rm -it -v $(pwd):/ansible/playbooks \
-v ~/.ssh/id_rsa:/root/.ssh/id_rsa \
-v ~/.ssh/id_rsa.pub:/root/.ssh/id_rsa.pub \
rgee0/ansible-playbook:2.6.0 site.yml -e "orchestrator=swarm"- Using Kubernetes (Ansible via Docker)
Ensure the path to, and key names, are adjusted according to your set-up.
$ docker run --rm -it -v $(pwd):/ansible/playbooks \
-v ~/.ssh/id_rsa:/root/.ssh/id_rsa \
-v ~/.ssh/id_rsa.pub:/root/.ssh/id_rsa.pub \
rgee0/ansible-playbook:2.6.0 site.yml -e "orchestrator=k8s"- Using Swarm (local Ansible installation)
$ ansible-playbook site.yml -e "orchestrator=swarm"- Using Kubernetes (local Ansible installation)
$ ansible-playbook site.yml -e "orchestrator=k8s"Check the output of the final task to find the location of the OpenFaaS UI. For example:
ok: [209.97.188.227] => {
"msg": [
"OpenFaaS Gateway: http://209.97.188.227:8080",
"Gateway User: admin ",
"Gateway Password: c2db2b6d59df518392a81eff57c52486f9f2f46e2480d9de150904bbce0560bc",
"CLI Gateway Login: echo -n c2db2b6d59df518392a81eff57c52486f9f2f46e2480d9de150904bbce0560bc | faas-cli login --username=admin --password-stdin -g http://209.97.188.227:8080"
]
}
PLAY RECAP **************************************************************************************************************************
209.97.188.227 : ok=12 changed=6 unreachable=0 failed=0
localhost : ok=6 changed=2 unreachable=0 failed=0
As this deploys to public cloud basic auth is enabled by default for both orchestrators.