Digital Ocean and Salt Cloud Setup on Ubuntu 14.04

Mar 7, 2015 00:00 · 399 words · 2 minute read Ubuntu SaltStack

Setting up your Salt master to work with Digital Ocean is a fairly easy setup but things in the Salt community are changing rapidly so some of the documentation is a little out of sync so I wanted to clear this up for anyone else who is confused trying to to set this up.

Setup:

First you need to set up a Salt master which is very simple on Ubuntu 14.04. First add the repository for Salt:

sudo add-apt-repository ppa:saltstack/salt

Now you can add all the packages you need:

sudo apt-get install salt-master salt-minion salt-cloud

Now the little gotcha about connecting to Digital Ocean is that there are 2 drivers for connecting to their API. This is a sample of what the original conf file, /etc/salt/cloud.providers.d/digital_ocean.conf, should look like:

do:
provider: digital_ocean
# Digital Ocean account keys
client_key: YourClientIDCopiedFromControlPanel
api_key: YourAPIKeyCopiedFromControlPanel
# Directory & file name on your Salt master
ssh_key_name: digital-ocean-salt-cloud.pub
ssh_key_file: /keys/digital-ocean-salt-cloud

The Digital Ocean legacy driver issues both a client key and an api key, both of which can be found in the ‘Apps and API’ section by clicking ‘View API v1’ in the top right corner. The new version of the Digital Ocean driver only uses a personal auth token which is found on the main page of the ‘Apps and API’ page. If you try to only use this you will get an error because as of today the new digital ocean driver is not included in the Salt package but you can copy the code from their Github Repo. You just need to copy this file to the salt installation directory, I copied the file to /usr/lib/python2.7/dist-packages/salt/cloud/clouds/ on my server. You should then be able to change your config to:

do:
provider: digital_ocean
# Digital Ocean account keys
personal_access_token: YourTokenCopiedFromControlPanel
# Directory & file name on your Salt master
ssh_key_name: digital-ocean-salt-cloud.pub
ssh_key_file: /keys/digital-ocean-salt-cloud

There is no need to change the provider name since both drivers use the virtual_name variable to load the appropriate version depending on what you have defined. You can test that this works by just running a simple salt command:

salt-cloud --list-locations do

If you get a response with the location then you are successfully connected to the new API. The new API has more functionality than the legacy one so I would recommend updating to it so you can enable backups/private networking or any of the other useful features.