Nerd blog.

23 Jul 2014

Deploying a Nameserver at DigitalOcean in 2 minutes

One of the great things about DigitalOcean is that you can spin up a new small sized Debian VM in under 55 seconds. All that remains is to log in, add the Salt Debian repo, add the salt signing key, and then run state.highstate on the Salt master. If somewhat scripted, this can easily be accomplished in under 65 seconds, resulting in a new Slave Nameserver deployed in (under) 2 minutes. I have used this to deploy slave nameservers at LON1, SGP1, and most recently, NYC3 (all the DigitalOcean regions with IPv6).


APTLISTD = "/etc/apt/sources.list.d"
MINIOND = "/etc/salt/minion.d"
echo "# SaltStack" > $APTLISTD/saltstack.list
echo "deb wheezy-saltstack main" >> $APTLISTD/saltstack.list
wget -O-|apt-key add -

echo "# backports" > $APTLISTD/backports.list
echo "deb wheezy-backports main" >> $APTLISTD/backports.list

apt-get update
apt-get install salt-minion

echo 'master:' > $MINIOND/master.conf
#echo 'ipv6: true' > $MINIOND/ipv6.conf
cat <<EOM > /etc/salt/grains
  - monitoring
  - slavens
datacenter: $LOCATION
service salt-minion restart

The two roles specified in the grains get pushed up to the server, and can then be used for targeting.


salt-key -L
salt -G roles:slavens
salt -G roles:slavens test.version
salt -G roles:slavens state.highstate

Theodore Baschak - Theo is a network engineer with experience operating core internet technologies like HTTP, HTTPS and DNS. He has extensive experience running service provider networks with OSPF, MPLS, and BGP.