How to provision a VSI and Install Docker Tools for Development on IBM Cloud

Virtual Server Instance Provisioning Interface

If you want to spare some local machine disk and resources and do all your Docker preparations remotely, you can simply do it on a very affordable Linux machine on your cloud of choice. This example is specifically based in IBM Cloud.

This example will guide you through all the steps using IBM Cloud CLI, and we assume that you have already an IBM Cloud account and also have an organization.

Preparation: Install IBM Cloud CLI

There is a great document on IBM Cloud documentation portal: https://cloud.ibm.com/docs/cli?topic=cli-install-ibmcloud-cli

All you need to do is to go to the following page: https://github.com/IBM-Cloud/ibm-cloud-cli-release/releases/ and choose the right binairies for your operating system.

Step 2: Check that your CLI is correctly working

Open a terminal window and type the following;

ibmcloud sl

Output:

# ibmcloud sl
NAME:
ibmcloud sl - Manage Classic infrastructure services
USAGE:
ibmcloud sl command [arguments...] [command options]
COMMANDS:
block Classic infrastructure Block Storage
call-api Call arbitrary API endpoints
dns Classic infrastructure Domain Name System
file Classic infrastructure File Storage
globalip Classic infrastructure Global IP addresses
hardware Classic infrastructure hardware servers
image Classic infrastructure Compute images
ipsec Classic infrastructure IPSEC VPN
order Classic infrastructure Orders
placement-group Classic infrastructure Placement Group
security Classic infrastructure SSH Keys and SSL Certificates
securitygroup Classic infrastructure network security groups
subnet Classic infrastructure Network subnets
ticket Classic infrastructure Manage Tickets
user Classic infrastructure Manage Users
vlan Classic infrastructure Network VLANs
vs Classic infrastructure Virtual Servers
help, h Show help
Enter 'ibmcloud sl help [command]' for more information about a command.

So far so good, let’s keep moving!

Step 3: Create your SSH key in IBM Cloud

The next step is to prepare a SSH key so that you can connect to your server(s).

The following steps will create a ssh key pair and register it with IBM Cloud.

https://cloud.ibm.com/docs/cli?topic=cloud-cli-sl-manage-security-keys

It is very important to use one ssh key when you want to manage many virtual servers and devices.

The name you give the key in IBM Cloud has to be unique.

For now, use your name and some numbers to make the key ID unique. For the following steps, replace ‘shortnamesshkey’ with your own actual key ID.

On windows, you may need to install OpenSSH separately (check ssh command in the CLI ).

On the command line, enter the following commands :

cd
(press enter after the cd command)
ssh-keygen -f mykey -P ""

You will end up with two files in the current directory, mykey (the private key) and mykey.pub (the public key) Next, you’ll register the public key with IBM Cloud by executing :

ibmcloud sl security sshkey-add mykey -f mykey.pub --note mykey

Then list all your ssh keys with the following command :

ibmcloud sl security sshkey-list

Results :

ibmcloud sl security sshkey-list
ID label fingerprint note
1770077 mykey ba:18:fc:54:82:ee:f3:47:a2:be:91:24:72:fa:d4:b4 mykey
1146085 Temp Public Key 37:cd:69:ef:08:7c:42:36:92:31:a3:33:e9:38:45:eb -
842075 Temp Public Key 1a:83:27:96:d7:ab:8f:bf:af:21:eb:b7:28:cd:87:71 -
842077 CAM Public Key 94:4d:f0:8b:89:72:61:7f:a9:9a:87:b4:7a:a5:6c:b7 -
920445 CAM Public Key b3:c4:47:8c:cb:dc:50:dc:27:11:d9:b8:15:15:57:55 -
921603 Temp Public Key f1:63:cd:ff:a9:22:d1:b5:8b:61:c8:c4:41:0a:75:a4 -
1150051 Temp Public Key 02:b2:66:e4:52:e4:ef:ce:ab:1c:49:08:f5:ac:a9:35 -
1145561 Temp Public Key 06:ea:10:41:1d:53:c1:42:22:32:fd:4e:6d:41:ab:f9 -

Locate your key and take a note of the KEYID (1770077).

You only need to do this task only once.

Step 4: Connect to IBM Cloud using the CLI

You can use either of the commands below;

ibmcloud login 
(or ibmcloud login -sso)
#ibmcloud login
API endpoint: https://cloud.ibm.com
Region: eu-gb (or whatever region you want to choose)
Email> myUser@ibm.com
Password>
Authenticating...
OK
Select an account:
1. user1 Account (9678c84e574cfa6876876896b0a04222b) <-> 1702767
2. user2 Account (8181f93cf3b742dbd2a876876d34a6523)
3. User3 (62a88dc108f52300b666771947d75b)
4. myUser Account (8bb3642c049f5623c18bac0779dfb5d0) <-> 708531

Enter a number> 4
Targeted account myUser Account (8bb3642c049f5623c18bac0779dfb5d0) <-> 708531
API endpoint: https://cloud.ibm.com
Region: eu-gb
User: myUser@ibm.com
Account: myUser's Account (8bb3642c049f5623c18bac0779dfb5d0) <-> 708531
Resource group: No resource group targeted, use 'ibmcloud target -g RESOURCE_GROUP'
CF API endpoint:
Org:
Space:

Then target the group of your choice:

ibmcloud target -r eu-gb -g myGroup-resources

Where:

-r is the region

-g is the resource group used at myGroup

Results:

API endpoint: https://cloud.ibm.com
Authenticating...
OK

Targeted account myUser's Account (8bb3642c049f5623c18bac0779dfb5d0) <-> 708531

Targeted region eu-gb

API endpoint: https://cloud.ibm.com
Region: eu-gb
User: myUser@ibm.com
Account: myUser's Account (8bb3642c049f5623c18bac0779dfb5d0) <-> 708531
Resource group: myGroup-resources
CF API endpoint:
Org:
Space:

Retrieve your SSH keyID;

ibmcloud sl security sshkey-list | grep mykey

Output:

ibmcloud sl security sshkey-list | grep mykey
1822340 mykey SHA256:v5JZzBMiHYPK/unRCRgTXCjpB1vwfG7mdy76cZlhm30 mykey

For myUser the KEYID is 1822340. This ID is needed to provision the VSI.

Step 5- “Optional” — Check if you have the necessary access rights to provision/create a VM

Type the following command:

<VMNAME> : this a name of you choice starting with your initials

<KEYID> : this is the number you get from the previous step.

ibmcloud sl vs create -H <VMNAME> -D ibm.ws --flavor B1_4X8X100 -o UBUNTU_18_64 -d lon06 -n 1000 --billing hourly --san -k <KEYID> --test

Results:

# ibmcloud sl vs create -H myVM -D ibm.ws --flavor B1_4X8X100 -o UBUNTU_18_64 -d lon06 -n 1000 --billing hourly --san -k 1822340 --test
OK
The order is correct.

You can change parameters if needed like the datacenter and the flavour.

If the output is correct, move to the next section to provision the VM.

Step 6- Create the Virtual Server Instance

Repeat the same command that in the previous step and remove — test at the end.

ibmcloud sl vs create -H myVSI -D ibm.ws --flavor B1_4X8X100 -o UBUNTU_18_64 -d lon06 -n 1000 --billing hourly --san -k 1822340 

Results (answer Yes):

This action will incur charges on your account. Continue?> Yes
name value
ID 102765144
FQDN budatest.ibm.ws
Created 2022-03-11T20:25:57Z
GUID b84b01ef-1224-4a37-a0c2-572d6863aac8
Placement Group ID -

Wait until the provisioning is finished (2 or 3 minutes)

Check by using:

ibmcloud sl vs list | grep myVSIibmcloud sl vs list | grep 109393198 

Results:

102765144   budatest ibm.ws   4     8192     158.176.128.251   10.72.194.254    lon06 
=========================
109393198 myVSI ibm.ws 4 8192 158.176.128.238 10.72.194.248 lon06 CLONE_CLOUD_TEMPLATE ...

Take a note of the public IP address, you will need to use it.

Step 7- Login to the VM

ssh -i ~/myKey root@158.176.128.238Welcome to Ubuntu 18.04.4 LTS (GNU/Linux 4.15.0-88-generic x86_64) * Documentation:  https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
System information as of Tue May 19 20:31:51 UTC 2020 System load: 0.01 Processes: 124
Usage of /: 0.9% of 98.06GB Users logged in: 0
Memory usage: 2% IP address for eth0: 10.72.194.254
Swap usage: 0% IP address for eth1: 158.176.128.251
0 packages can be updated.
0 updates are security updates.
root@budatest:~#

Warning: If you get this error:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!

Then try this: rm ~/.ssh/known_hosts and retry the ssh command.

Step 8- Install Docker on the VSI

Create a new file on the remote server, which we call for install “install.sh” as follows;

cat <<'ENDOFFILE' >install.sh
export MASTERIP=`curl ifconfig.co`
export HOSTNAME=`hostname`
apt-get -q update
echo "127.0.0.1 localhost" > /etc/hosts
echo "$MASTERIP $HOSTNAME.ibm.ws $HOSTNAME" >> /etc/hosts
apt-get -y install apt-transport-https ca-certificates curl software-properties-common
apt-get -y install gnupg-agent python-minimal jq
sysctl -w vm.max_map_count=262144
swapoff -a
sed -i '/ swap / s/^/#/' /etc/fstab
echo "vm.max_map_count=262144" >> /etc/sysctl.conf
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -
add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
apt-get -q update
apt-get -y install docker-ce docker-ce-cli containerd.io
docker version
ENDOFFILE

Now let’s execute the bash script we just created;

chmod +x ./install.sh

./install.sh

Results:

...
Processing triggers for systemd (237-3ubuntu10.39) ...
Processing triggers for man-db (2.8.3-2ubuntu0.1) ...
Processing triggers for ureadahead (0.100.0-21) ...
Client: Docker Engine - Community
...
Server: Docker Engine - Community
Engine:
...

There you go, you can start building images and using Docker on your remote server.

--

--

--

IT guy for a long time, looking for technical challenges everyday!

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

SEEDS World Structure — Part 1

Routing to internal Kubernetes services using proxies and Ingress controllers

Scanner Class in Java..

3 ways to verify your site with Google Search Console

NuLL_Br3aker_2020 CTF Writeup

DNSOverHTTPS Over Lambda?!

Socket to me

Launching The Instance( container) From AWS

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Alain Airom (Ayrom)

Alain Airom (Ayrom)

IT guy for a long time, looking for technical challenges everyday!

More from Medium

Git clone a branch

How to use Azure KeyVault to set custom secrets in GitHub Action’s reusable flow

How to perform subdomain based routing using AWS with an application load balancer and Elastic…

SIMCOM7600 and AWS IoT Core Integration Guide