Laboratory to bluemix, a cloud solution exercise to etl scheduler

Archive for the tag “bluemix”

Run the web app

Run images the same way you did locally but without any worry of keeping your laptop on all day!

  • Check images are in your Bluemix hosted registry

     $ cf ic images
     REPOSITORY                                        TAG           latest                         latest              
  • Run Mongo container

  Just like locally, except this time use cf ic instead of docker to point to Bluemix.

$ cf ic run --name lc-mongo -p 27017 -m 512

  • Show the running container instances

    Wait for a state of RUNNING before you proceed:

    $ cf ic ps
    CONTAINER ID        IMAGE                                                       
    7ebf51a3-35a   ""
  • Run  Let’s Chat container

    $ cf ic run --name lets-chat --link lc-mongo:mongo -p 8080 -m 256


    Show the running container instances. Wait for a state of RUNNING before you proceed:

    $ cf ic ps
    CONTAINER ID        IMAGE                                                                
  • Expose Let’s Chat container to the public Internet

    The IBM Containers command line tool will attempt to expose your container for you if you have room left in your Public IP Address quota.

    Check which IPs are available and then bind one to your running container.

    $ cf ic ip list
    Number of allocated public IP addresses:  2
    IpAddress        ContainerId   

    If you have no available IP addresses in the response, you can request one:

    $ cf ic ip request
    Successfully requested ip 134.XXX.YYY.ZZZ


  • Bind an available IP address

    $ cf ic ip bind 134.XXX.YYY.ZZZ lets-chat
    The IP address was bound successfully

    Show running containers with bound IP information now visible:

    $ cf ic ps
    d368a598-69d   ""
    7ebf51a3-35a       ""     
  • Running app in browser

    At the IP you just bound. Remember to use port 8080!


Congratulations, you have successfully completed this IBM Containers lab!. In this lab, you learned how to tag and push local images to Bluemix, inspect pushed images for security vulnerabilities, and run hosted multi-container applications on IBM Containers.

Now you can take the hands-off approach to all your future application deployments!


If you plan to do another lab, you need to clean up your container instances. This can be done through the UI and the DELETE button on each container, or you can do this through the CLI with the cf ic rm -f [CONTAINER_NAME] command.

$ cf ic rm -f lets-chat
$ cf ic rm -f mongo

Verify security vulnerabilities

One of the fundamental aspects of Docker containers is reuse and the ability to base your containers on top of other containers. IBM Containers provides Vulnerability Advisor, a pre-integrated security scanning tool that will alert you of vulnerable images and can even be configured to prevent deployment of those images.

  1. Go to the Bluemix Dashboard and click on CATALOG.
  2. Hover over the purple icon for Mongo. This is the Mongo image that you pulled from the public DockerHub registry and pushed into your private registry.You will see a pop-up with the vulnerability assessment shown inline. This is a red/yellow/green scale. Your Mongo image should be a green status of Safe to Deploy.
  3. Click on the Mongo image and you are taken to the container deployment page. You won’t deploy your container from here, but you can see the vulnerability assessment in full detail.On the right side of the screen, you can see your image’s Vulnerability Assessment as well as your quota information. The icon should read Safe to Deploy based on your Mongo image upload.
  4. Click on View the vulnerability report for this image. This will bring you to the assessment details page with two tabs:Vulnerable Packages and Policy Violations.
  5. Click on Manage your org’s policies. Here you are presented with two boxes – Deployment Settings for Containers and Image Deployment Impact
  6. Return to the Bluemix Catalog and review the vulnerability assessment for the Let’s Chat image. You can do this by clicking on the purple lets-chat icon and viewing the same vulnerability information on the right hand side of the page.

You have reviewed your pushed images, which were sourced from a public repository, and can now safely deploy them on your hosted Bluemix account. This is a key step in making sure you are running the code which you expect to be running and you are not opening your organization up to security issues, at the expense of agility. You still want to stay secure, even when moving at light-speed!

Push images to Bluemix

It is time to tag them for use in IBM Containers on Bluemix. To do so, you will need to tag them with the repository name you created when you setup your Bluemix account for IBM Container usage.

  • Log in to Bluemix

     $ cf login
     API endpoint:
    Targeted org
    Select a space (or press enter to skip):
    1. BAO-TW
    2. Scheduler
    Space> 1
    Targeted space BAO-TW
  • Log into the IBM Containers service

     $ cf ic login
    Deleting the old configuration file...
    Retrieving client certificates from IBM Containers...
      Example Usage:
      docker ps
      docker images
  • First tag your MongoDB image.

  • Remember to use your namespace from the first command below to replace[NAMESPACE] in the tag and push commands below.List your images:
    $ docker images
    REPOSITORY                                               TAG
    mongo                                                    latest
    sdelements/lets-chat                                     latest

    Make note of your namespace:

    $ cf ic namespace get

    Tag your Mongo image in a Bluemix-compatible format:

    $ docker tag mongo

    List your images again, now showing the newly tagged image:

    $ docker images
    REPOSITORY                                               TAG
    mongo                                                    latest                       latest
    sdelements/lets-chat                                     latest

    The IMAGE ID stays the same and allows us to reuse the existing container image as-is.

  • Next, tag your Let’s Chat image.

  • Push commands below.Tag your Let’s Chat image in a Bluemix-compatible format:
    $ docker tag sdelements/lets-chat

    List your images again, now showing the newly tagged image:

    $ docker images
    REPOSITORY                                               TAG
  • Wrap  Let’s Chat image with a simple Dockerfile

    To ensure network connectivity, create a new directory called wrapper

    $ mkdir wrapper

    Switch to that directory and run the following command to create a Dockerfile

    $ cd wrapper
    $ echo "FROM sdelements/lets-chat:latest" > Dockerfile
    $ echo "CMD (sleep 60; npm start)" >> Dockerfile

    This will create a new Dockerfile that we can build a temporary image from.

    $ docker build -t .

    Use this image below to push to Bluemix instead of the base lets-chat image.

  • Push to private registry on Bluemix.

    This allows the IBM Container service to run your container images on the cloud.

    Push your Mongo image to your Bluemix registry:

    $ docker push
    The push refers to a repository [] (len: 1)
    Sending image list
    Pushing repository (1 tags)
    Pushing tag for rev [202e2c1fe066] on {}

    Push your Let’s Chat image to your Bluemix registry:

    $ docker push
    The push refers to a repository [] (len: 1)
    Sending image list
    Pushing tag for rev [2409eb7b9e8c] on {}

    Now your images are up in the cloud, in your hosted registry, and ready to run on Bluemix! But first, take a moment to understand what is inside the images you just pushed!

Pull public images

This lab work with two public images, Let’s Chat and MongoDB. First, you will need to pull them down locally before you can tag and push them to your private Bluemix registry.

  Pull the MongoDB image

  • $ docker pull mongo
    Using default tag: latest
    latest: Pulling from library/mongo
    Digest: sha256:223d59692269be18696be5c4f48e3d4117....
    Status: Downloaded newer image for mongo:latest

    Pull the Let’s Chat image

    $ docker pull sdelements/lets-chat
    Using default tag: latest
    latest: Pulling from sdelements/lets-chat
    Digest: sha256:98d1637b93a1fcc493bb00bb122602036b7....
    Status: Image is up to date for sdelements/lets-chat:latest

    Verify image by running locally

    Start a Mongo instance:

    $ docker run -d --name lc-mongo mongo  

    Start a Let’s Chat instance:

    $ docker run -d --name lets-chat --link lc-mongo:mongo -p 8080:8080 sdelements/lets-chat

    Access through browser

    In your browser, access http://localhost:8080.

    Stop local containers

    After verify images, these container are not required in following lab.

    Test Stop the containers:

    $ docker stop lets-chat lc-mongo

    Delete the containers:

    $ docker rm lets-chat lc-mongo

    Congratulations, you’ve pulled and run your first Docker-based web app. Now you will prepare the images to run them on the IBM Containers service in the cloud.

Deploy a container through the command line

  1.  You can verify connection via cf ic images. This will show a list of all the images in your organization’s repository, which should be the four public IBM images so far.
        $ cf ic images
        REPOSITORY                                                            TAG                 IMAGE ID            CREATED             VIRTUAL SIZE                         latest              ef21e9d1656c        13 days ago         528.7 MB                                 latest              2209a9732f35        13 days ago         492.8 MB                                    latest              8f962f6afc9a        13 days ago         429 MB                    latest              5996bb6e51a1        13 days ago         770.4 MB
  2. You will be using the IBM Containers plug-in. You can run help for more information   $ cf ic help

  3. To create a container deploying the IBM Liberty container image again:cf ic run --name container-lab-1 -p 9080 -m 64
    • -p specifies the exposed port of the image, similar to the Ports field in Task 2, Step 9 above.When you specify a port, you are making the application available to the Bluemix Load Balancer and other containers attempting to access that port. If a port is specified in the Dockerfile for the image that you are using, include that port.For the IBM certified Liberty Server image, enter port 9080 via -p 9080.
      For the IBM certified Node.js, enter port 8000 via p 8000.
      If you plan on logging in to the container via SSH, add port 22 via -p 22.
    • --name specifies the name you can use to refer to the container
    • -m specifies the memory limit (and associated storage capacity), similar to Task 2, Step 7 above
    • is the repository name for the image as displayed by the cf ic images command
  4. To check that the container has been deployed successfully, run the cf ic ps -a command to show all the container artifacts that have been created or deployed in your organization.
        $ cf ic ps -a
        CONTAINER ID        IMAGE                                                            COMMAND             CREATED            STATUS                  PORTS                                                                                     NAMES
        a055ba5e-77b                     ""                  5 minutes ago      Running 4 minutes ago   134.XXX.YYY.ZZZ:9080->9080/tcp                                                             container-lab-1
  5. Now you can assign a public IP to the container. The cf ic run command will proactively attempt to request and bind a public IP address for your container instance if there is room left in your IP Quota. By default, you have 2 Public IP addresses in your quota.If your cf ic ps -a command returns your Liberty container with ports in the form of 134.XXX.YYY.ZZZ:9080->9080/tcp, then your container already has an assigned Public IP address and you can skip the next step.
  6. (Optional) You will first list all requested Public IP addresses and then bind an available IP address to your running container instance.
        $ cf ic ip list -a
        Number of allocated public IP addresses:  2
        IpAddress         ContainerId   
        134.XXX.YYY.174   df6ba7fd-436e-4d57-a69b-4228e19cadc1   

    Choose an IP address that is not bound to a container. Note that in Bluemix, you are allocated 2 Public IPs free of charge. If you do not have any public IP addresses available to complete the lab, use the cf ic ip release command to release one. In a real environment, contact your Bluemix organization administrator to provision additional public IP addresses for your organization.

    Once you have identified the desired IP address (selecting 134.XXX.YYY.175 from above), you run the cf ic ip bindcommand to associate a running container instance to a public IP address. The cf ic ip bind command takes either the container name or the container ID as the second argument to support scriptable interactions.

          $ cf ic ip bind 134.XXX.YYY.175 container-lab-1
          Successfully bound IP
  7. Validate access to the container through the browser. Run cf ic ps -a once again and copy the public IP address associated with your container. Enter this value into your browser via http://%5BPublic_IP_Address%5D:9080 and you should see the Welcome to Liberty landing page.
  8. Since both the UI and the CLI are working with the same backend, you can view your newly CLI-created container instance in the UI as well. This can be done by returning to the Bluemix Dashboard.
  9. Click on CONTAINERS in the left-hand menu. Your dashboard is now filtered to show your running container instances. Clicking on the square with the container-lab-1 title will take you to the container overview dashboard. From here you have access to the same Monitoring & Logging, as well as the controls available to Stop, Pause, Restart, & Delete containers.


Congratulations, you have successfully completed this IBM Containers lab! You learned how to work with IBM Containers, and deploy Docker images onto Bluemix through the UI & CLI.


If you plan to do another lab, you need to clean up your container instances. This can be done through the UI and the DELETE button on each container, or you can do this through the CLI with the cf ic rm -f [CONTAINER_NAME] command.

Deploy container on Bluemix

  1. Go to the Bluemix dashboard for the same organization you logged into above. This is available via Bluemix Dashboard.
  2. Click on Start Containers and you will be taken to your organization’s Catalog, containing all the public and private images stored for your organization.You have not pushed any images to your private registry, so you should only see the following images:
    • ibm-mobilefirst-starter – Starter image for IBM MobileFirst Platform Foundation
    • ibm-node-strong-pm – Starter image for IBM Strongloop Process Manager
    • ibmliberty – IBM-Supported WebSphere Liberty Profile runtime container image
    • ibmnode – IBM-Supported Node.js runtime container image
  3. Select the ibmliberty image from the list of available images.
    Catalog - IBM Bluemix - Google Chrome_2016-03-24_13-26-12
  4. You are taken to the Create Container page.This is a user-interface driven method to deploying container instances on IBM Containers. The same capability is available through the CLI, but you will be using the UI to deploy your first container on IBM Bluemix.
  5. Choose the space in your organization where you would like to host the container. At this point, you should probably only have the BAO-TW space.Select BAO-TW.In Bluemix, spaces provide a mechanism to collect related applications, services, containers, and the users that can collaborate on the resources. You can have one or more spaces within an organization.
    ibmliberty - IBM Bluemix - Google Chrome_2016-03-24_13-30-09
  6. Provide a name for the container.Enter libertydemo1. This is the same as the --name parameter when using the Docker CLI.
  7. Choose the size of the container.Select Pico (64 MB Memory, 4 GB Storage). IBM Containers allows you to select right-sized hardware resources for your container instances to allow for cost-effective runtimes. Note: The size of a container cannot be changed once it has been created.
  8. Associate a publicly-routed IP address to the newly created container.Select the option Request and bind a public IP. or your existed public IPIn Bluemix, you are provided with a default private network for all your running container instances automatically. You can optionally select container instances to be assigned Public IP addresses and expose them to the public internet. This is useful for web frontends and load balancing containers, while your database and similarly functioning containers can remain walled off from public internet traffic.
  9. When deploying through the Bluemix user interface, container images have their exposed ports automatically detected. You should see the following ports automatically detected when viewing the ibmliberty image: 22/tcp, 9080/tcp, 9443/tcp
  10. Click CREATE.Your container instance will now be deployed to Bluemix. You will be redirected to the dashboard overview for this new container instance.In future tasks and labs you will interact with elements under the Advanced Options and Vulnerability Assessment, but feel free to explore before clicking CREATE. These additional options allow you to work with volumes stored on Bluemix, bind your containers to over 150 Bluemix services, and inject your own SSH key into each container you deploy.
  11. From the dashboard overview, you should see the Public IP address assigned to your running WebSphere Liberty container.Find your Public IP address and enter it into a browser, like http://Public_IP_Address:9080. You should be presented with the Welcome to Liberty landing page.Alternatively, you can click on the 9080 port that is linked from the dashboard page to open the container instance via the exposed port. You should see the same Welcome to Liberty landing page.
  12. Back in the dashboard overview page in Bluemix, you are presented with all the controls necessary to manage your container instance. You are also presented with pre-integrated Logging & Monitoring for all your container instances.Click on Monitoring and Logs on the left hand menu and you will be taken to deeper view into the provided monitoring & logging stack. You can configure your containers to log additional information directly to this endpoint as well.This is a key piece in enabling container-based infrastructures, as it becomes quickly unmanageable to interact with all the singular instances at the lowest level. This is just one of a few capabilities that IBM Containers provides to reduce the amount of time users take to get value out of Docker containers and hosted infrastructure. You’ll touch on a few more in subsequent labs.
  13. Once you have verified your container was successfully deployed, you can delete your running container instance via the DELETE button on the container dashboard.As you are most likely on a Trial account, removing containers after each lab will make sure you are making efficient use of your Trial quota.

5. Install the IBM Containers plugin

Ref: Install IBM Container plugin@Step3


Instead of using the depreciated IBM® Containers Extension (ice), use the Cloud Foundry plug-in for IBM Containers after 2016-Jan.

  • Install the IBM Containers Cloud Foundry plug-in download for your operating system by running one of the following commands.
    Table 2. Cloud Foundry plug in commands
    Operating system Command
    Linux 64-bit
     $ cf install-plugin

    When the installation completes, an OK message is displayed.Verify the plug-in installation


Verify the plug-in installation

$ cf plugins

Listing Installed Plugins…

Plugin Name Version Command Name Command Help
IBM-Containers 0.8.826 ic IBM Containers plug-in


Logging in through CLI

Log in to Bluemix through the Cloud Foundry CLI

$ cf login -a
  1. For Email, enter the IBM ID that you use to log in to Bluemix.
  2. For Password, enter the password for the IBM ID that you use to log in to Bluemix. By entering your user name and password, your Bluemix organization and space are retrieved.
  3. Enter the number that represents one of your Bluemix organizations.
  4. Enter the number that represents one of your Bluemix spaces

Log in to the IBM Container service

$ cf ic login


Bluemix Container Lab @ Windows


There are many configuration to enable Bulemix devops process. Here I show is the easiest way for lab.

  1. Install Docker@Windows
    Install Docker Toolbox
  2. Sign up for an IBM Bluemix account
  3. Install IBM Containers plugin
    Table 1. Two ways to install plugin @ Windows
    Operating system Command
    Windows 7 64-bit
    Linux 64-bit@VirtualBox


  4. Sign up for IBM Containers in IBM Bluemix
    • From the Bluemix dashboard, click Start Containers
    • You will be prompted to Set registry namespace.
    • Enter in a registry name, cannot be changed afterwards. This registry name is used across your account when using the IBM Containers service.

Read more…

My playground

Post Navigation