IBM SmartCloud Enterprise (IBM Cloud) is a dynamically provisioned and scaled elastic environment that provides enterprise customers with everything they need to develop and test application code. It includes a web portal to configure and manage the cloud resources, software images of IBM products that will jumpstart your development and test efforts, and APIs that will enable you to control your cloud resources and software programmatically. You can interact with the IBM Cloud through either a browser or through a number of IBM Rational® tools, designed to make the environment an efficient one for developers so they can easily reuse components and collaborate in application development. A production version of the IBM Cloud is now available in the US and Canada. See how you can get started with the IBM Cloud.

(Oh, when we refer to "Cloud" with an uppercase "C" in this article, we're talking about the product — the IBM SmartCloud Enterprise. Lowercase "c" means we're referring to cloud computing in general.)

Description of the IBM Cloud

As any good technology does, the cloud continuously evolves; at this moment you can expect the following services:

• The overview (main page, ibm.com/cloud/developer/) is your access point to the Cloud environment. If you're not signed in, you see recent news and videos. Once you are logged in, you'll get a list of your active instances, plus user statistics, video demos, and other resources.
• The control panel lets you add and manage instances, images, and storage. You have three view options:
  1. All of your provisioned instances
  2. The images you created from your customized instances
  3. Persistent cloud storage units that you provisioned
  (We'll discuss how to create and manage instances, images, and storage later in this article.)
• The asset catalog powered by Rational Asset Manager software, is a robust interface you use to manage the details of your created custom software images. You can add permissions, user guides, and general content, as well as customize the details of your image offerings. The asset catalog also contains some key developer forums and other cloud materials and artifacts. (More discussion on the catalog after this list.)
• The account page holds your private keys (more about keys in the next section), reserved IP addresses, an aggregation of your account and instance/image notifications, some global statistics, and basic user information.
• The support page gives you access to the IBM Cloud communities and a diverse variety of other cloud materials. You can bring an issue to the attention of others and view feedback. There is also a document and video library here for all kinds of detailed resources. The support pages include the IBM Cloud Forum on developerWorks — the place to report issues you experience while using the IBM Cloud, to check the current status of the system, and to see our maintenance schedules.

Now more on the asset catalog. It is powered by Rational Asset Manager, a platform that helps you manage organization, use/reuse, and reporting on any type of asset ranging from a simple community post to a video or code fragment.

In relationship to the IBM Cloud, it helps you in three ways:

1. It provides a visual and collaborative repository for all software images that can be provisioned in the IBM Cloud. It delivers a level of transparency and access to detailed image elements that makes it easier for the community and individual users to collaborate on image creation and interaction.
2. It delivers an enhanced level of management control over the image-creation life cycle by aggregating everything associated with an image into a single, manageable unit. This lets you enjoy a high degree of customization without having to know all the details of cloud operations.
3. It exports an API which integrates with open source Eclipse-based tooling via plugins. The Rational Zephyr topology provides you with the ability to drag-and-drop cloud resources onto your deployment topologies so you can include them in your projects and provision them with just a few mouse clicks.

Back to top

Opening an IBM SmartCloud Enterprise account

To get started with the IBM Cloud, go to the IBM SmartCloud Enterprise site.

• If you are located in the U.S., click on the Purchase now link to open an account online, or contact an IBM representative through live chat, email, or phone. There is no charge to open an account; you pay as you go for use.
• Not in the U.S.? Use the country locator above the Purchase now button to choose your country page, and learn more about ordering IBM SmartCloud Enterprise in your location.

Back to top

Creating your assets

This section will provide step-by-step instructions to help you create instances, keys, images, and storage.

Create a virtual server instance

An instance is associated with a user; you must have an instance before you have your own computing, storage, network, or middleware image. And you will only have access to the images that you have instantiated.

To get started, you can create an instance based on public images. To create a new instance:

1. Click Control Panel, then click Add an instance to get started. You can view a list of all images available.
2. Select the data center you want to access.
3. Select an image that you want to instantiate (for example, Novell SUSE Linux Enterprise Server 11.0, 32-bit) and click Next.
4. Type a request name (for example, test_request).
5. If you have no SSH key used for a secure instance, generate a key pair before you continue.
   1. Click Add Key.
   2. Type the name of the key pair and click Continue.
   3. Click Click to download key and save the file to your local disk. It is important to save this private key when it is created because it cannot otherwise be recovered.
6. Select the key that you want to use in SSH connections to your instance. You can manage your keys from the Account tab.
7. Select the static IP address of the instance or select the default option system generated. Click Next.
8. View a summary of the instance and click Next.
9. Read and accept the license agreement by selecting I agree and click Submit.
10. If the instance is created successfully, eventually you will be prompted with a message that lets you know you've succeeded.

After you create an instance, you can view its information from the control panel.

Create an image

An image can be a public image (for example, an operating system or middleware image predefined in the IBM Cloud service) or it can be a customized and captured instance that you can replicate and instantiate. An image cannot be started, stopped, or restarted.

OK, so you have provisioned an instance and customized it with your own data and software. Now you can base your own private software image on that instance. This new image will be entered into your personal library, giving you the ability to provision new instances from that image.

To create an image:

1. On the control panel page, click Instances and select the instance you want to capture from the instance list.
2. Click Create an image under the instance name.
3. In the Create Image dialog, type the name and description if you do not want to use the default values. Click Submit. It might take awhile to complete creation of this image.

After you create an image, you can view its information from the control panel.

Create a persistent storage unit

When you create an instance, it is not associated with any fixed storage. The storage space of the instance is allocated by the IBM Cloud service automatically. When your instance is deleted, your data associated with the instance will be lost.

You can, however, create storage before you create an instance and the storage will persist after you delete the instance:

1. On the control panel page, click Storage and Add storage to get started.
2. Select the data center, type the name, and select size and format of the storage. Click Next.
3. Review the summary of the storage and click Next.
4. Read and accept the license by selecting I agree.
5. Click Add Storage. You will be prompted with a message similar to "Successfully created new Storage."

After you add storage, you can view its information from the control panel.

Two quick notes on storage:

• Storage can only be attached when you create an instance.
• You can share storage among instances via NFS or similar applications.

Back to top

Accessing your assets

This section will provide step-by-step instructions to help you access the instances you've created.

There are three methods for connecting to an instance you've created.

• Via PuTTY.
• Via WinSCP.
• Via VNC.

Connecting to your instance with PuTTY

Of course, you will be able to connect to some of your instances with the Web browser from the Account tab. For example, if you've created a Novell SUSE 11 Linux Enterprise Server instance, you can login and configure your team by clicking on the links on the "Getting Started" screen. But if you want to or have to connect to your instance using an SSH client, you'll have to acquire the client and prepare the SSH private key to securely connect to your instance.

Linux and Apple operating systems have an embedded SSH client. For Microsoft Windows operating systems, you can download PuTTY from the PuTTY download site (Resources); PuTTYgen is also handy for generating your own key pairs.

Preparing your keys. You have to get the private key associated with your instance. It must in PuTTY format. If your key is generated by the user interface when you create the instance, you can convert it into a PuTTY key file in PuTTYgen and save the public key for future use:

1. Start PuttyGen.exe.
2. Click Load, locate the key file (for example, ibmcloud_your.name@us.ibm.com_rs) in your local disk, and click Open.
3. Specify a key passphrase. Click Save private key.
4. Select the location where you want to save the PuTTY key file and the file name (for example test.ppk) and then click Save.
5. Click Save public key, specify a different name if you want, and then click Save. By default, the public key for test.ppk will be saved in the same directory as test.ppk.public.

Connecting to your instance. When you have PuTTY client on your local machine, you can securely connect to your instance created in IBM Cloud service. To connect to your instance:

1. Start PuTTY.
2. In the Host name (or IP address) field, type the IP address of your instance.
3. Select Connection -> Data from the left category panel and type idcuser in the Auto-login username field.
4. Select Connection -> SSH -> Auth from the left category panel and select Allow attempted changes of username in SSH-2 in Authentication parameters.
5. Click Browse, select the PuTTY private key file you generated by PuTTYgen, and click Open.
6. Click Open. Type your key passphrase if you have specified one and you will see a page that tells you you are now connected to your instance.

Connecting to your instance with WinSCP

WinSCP is an open source SFTP and FTP client for Microsoft Windows. It can be used transfer files securely between a remote and a local machine. Get the WinSCP client from the site (Resources).

Connecting to your instance. When you have WinSCP client on your local machine, you can securely connect to your instance created in IBM Cloud service. To connect to your instance:

1. Convert your private key (generated when you created an instance) into PuTTY format if your private key is not already in .ppk format.
2. Start WinSCP.
3. Type the IP address or host name of the instance and type the user name idcuser. Leave the password blank.
4. Locate the private key file.
5. Click Login.
6. Specify the passphrase when prompted. Click OK.

Connecting to your instance with VNC

Virtual Network Computing (VNC) provides remote control support and enables you to view and manage remote applications. To get the VNC client and server, download them from the RealVNC Web site (Resources).

Preparing VNC server. Before connecting to an instance with VNC, you have to install and configure VNC server on the instance.

To prepare VNC server on Novell SUSE Linux 11 Enterprise Server:

1. Start PuTTY and logon to the instance.
2. Set the root privilege by the command sudo bash.
3. Enter the command vncserver and you will be asked to specify and confirm the password for accessing your remote desktop.
4. Type y when prompted about whether to set a view-only password.
5. Specify a view-only password and retype it to confirm your input.
6. Configure the instance by the command yast like so:
   1. Select Network Services from the left panel with the down arrow or up arrow key.
   2. Press the right arrow key and then select Remote Administration with the down arrow or up arrow key. Press the Enter key.
   3. Press the Tab key till you select Allow Remote Administration and then press the Enter key.
   4. Press the Tab key to select Finish.

To prepare VNC server on Red Hat Enterprise Linux:

1. Start PuTTY and logon to the instance.
2. Set the root privilege by the command sudo bash.
3. Enter the command vncserver and you will be asked to specify and confirm the password for accessing your remote desktop.
4. Find the file xtartup from /root/.vnc/ and enter the command vi.

# Uncomment the following two lines for normal desktop:

unset SESSION_MANAGER-----------------------(Attention: uncomment the two line)
exec /etc/X11/xinit/xinitrc 

[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
xsetroot -solid grey
vncconfig -iconic &
xterm -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" &
twm &
~ 

5. Uncomment the two lines (bold in this example) and exit vi.
6. Add rule #iptables -A INPUT -p tcp --dport 5900:5920 -j ACCEPT.
7. Enter the command vncserver again. The VNC server has been started.

Connecting to your instance. When you have VNC viewer installed on your machine, you can connect to your instance on the IBM Cloud service. To connect to your instance:

1. Start VNC viewer.
2. Type the host name or IP address of your instance, a colon (:) and the display number (for example, 129.33.195.130:3). The display number must match the one you are prompted with in the previous configuration step.
3. Click OK and you will be able to see the graphic interface of the instance.

Back to top

Configuring the firewall for your instances

I've been asked a lot by users: "How do I configure the firewall on my instance?" (The question most frequently comes in the form of "How come I cannot connect to port XXX on my instance?")

At this point, all of your outbound ports — remember, your instance attempts to contact an external service on a certain port — should be open except the mail port 25. (If you need to send mail, you may consider secure SMTP, port 465.)

For inbound ports, you have the luxury of configuring them in at least two ways:

1. By injecting rules pertinent to your virtual machine into the overall hypervisor firewall rules.
2. In the virtual machine itself (for example, using iptables).

Altering hypervisor firewall rules

Let's look at number 1 in detail first. Clearly, dealing with the firewall on the hypervisor level is preferred if you care about performance. If you are restricting the packets on this level, they do not need to be even delivered to your VM before they can be discarded.

On the other hand, the process I'm talking about is somewhat involved: In the base master images, only ports 22, 80, and 443 are opened for your VM by the hypervisor. If you need to open other ports, follow these steps:

1. You'll need to capture an image of your running instance. In the control panel, select your instance and click Select image. This may take awhile depending on the instance size.
2. Once the capture is complete, you will need to find and access your custom image in the image catalog. Make sure that you are logged in; from the image homepage you'll need to click on the Content tab and navigate to the file called parameters.xml.
3. Take a look at the default parameters.xml file. It should look something like this, only ports 22, 80, and 443 are open:

  <?xml version="1.0" encoding="UTF-8" ?> 
- <parameters xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
    xsi:noNamespaceSchemaLocation="platform:/resource/com.ibm.ccl.devcloud.client/
    schema/parameters.xsd">
  - <firewall>
    - <rule>
        <source>0.0.0.0/0</source> 
        <minport>22</minport> 
        <maxport>22</maxport> 
      </rule>
    - <rule>
        <source>0.0.0.0/0</source> 
        <minport>80</minport> 
        <maxport>80</maxport> 
      </rule>
    - <rule>
        <source>0.0.0.0/0</source> 
        <minport>443</minport> 
        <maxport>443</maxport> 
      </rule>
 </firewall>
</parameters>

4. Feel free to add the ports that you want open. If you want to open all ports, you can the following file as your baseline.

  <?xml version="1.0" encoding="UTF-8" ?> 
- <parameters xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
    xsi:noNamespaceSchemaLocation="platform:/resource/com.ibm.ccl.devcloud.client/
    schema/parameters.xsd">
  - <firewall>
    - <rule>
        <source>0.0.0.0/0</source> 
        <minport>1</minport> 
        <maxport>65535</maxport> 
      </rule>
    </firewall>
</parameters>

5. Upload the modified file (replacing the old parameters.xml) and make sure that you save the new image.
6. Provision a new instance from the modified image. Once the instance is active, the new firewall rules will supercede the old ones.

Changing the iptables rules

Changing the iptables rules is quicker. By default, the iptables firewall is not enabled in the instances. (To learn more about iptables, visit the project homepage.)

To enable it, you can do this:

1. Become root (sudo bash), navigate to /etc/sysconfig, and edit the file called iptables.
2. Add or remove the lines as desired; once you're done, start the service: service iptables start.
3. Check that the service is running and the rules are in effect: service iptables status.

You should be all set!

Back to top

Managing your assets

This section will provide step-by-step instructions to help you manage the assets you've created.

Manage your instances

On the control panel page, select Instances and you will get a list of your current instances. You can perform the following actions on your instances:

• Edit the instance name.
  1. Click Change name beside the instance name.
  2. Specify a new name and click Continue.
• Extend the expiration date. At present the expiration date can be extended to at most 30 days.
• Delete your instance. When you delete the instance, the instance is halted and the data in the ephemeral file system is deleted and is not recoverable, so you have to keep important data on other storage systems.
• Create an image. You can create images based on your customized instances.

Manage your images

On the control panel page, select Images and you will get a list of your current images. You can perform the following actions on your image:

• Delete an image.
• Create an instance based on the image.
  1. Click the Instances tab and click Add instance.
  2. In the Add Instance (step 1 of 4) select the image dialog, click My images in the upper right.
  3. Select the image that you want to instantiate and click Next.

As an end user, you can have only private images. You cannot share them with others inside or outside of your enterprise.

Manage your storage

On the control panel page, select Storage and you will get a list of your current storage. You can perform the following actions on your storage:

• Delete the storage.
• Create an instance based on the storage.
  1. Click Instances tab and click Add instance.
  2. Select an image.
  3. In the Add Instance (step 2 of 4) Configure Image dialog, select the storage you have created in the Mount Storage field and type the Mount Point (for example, /mnt/extra).
• Share the storage by setting up the NFS server.
  1. Configure your image firewall to open the NFS ports: 111 for portmap, 2049 for nfsd, 1011 for mountd, and 35000 for lockd. (Note that you can only make firewall configurations to images, not to instances, so you have to capture an image from your instance and configure your private image.)
  2. Specify the ports for mountd and lockd by editing the file /etc/services:
     mountd 1011
rpc lockd 35000
  3. Provision the image and connect to your instance using PuTTY or VNC.
  4. Configure a NFS server:
     # rpc.nfsd
# rpc.mountd
# vi /etc/exports
     In the file /etc/exports, change 0.0.0.0 into *.
  5. Start the NFS server: # service portmap start
# service nfs start
     

To use the shared storage in other instances, you can mount the storage to you local directory: # mount -t nfs <SERVER_NAME>:/<SERVER_DIR> <LOCAL_PATH> where

• <SERVER_NAME> is the host name of the NFS server.
• <SERVER_DIR> is the directory of the storage on the NFS server.
• <LOCAL_PATH> is the directory on which to mount the storage.

Manage your keys

On the account page, you can view a list of your current keys under Access. You can perform the following actions on your keys:

• View content of a key. Click Edit from the Actions column of the key table and you will be able to see content of the key.
• Edit a key.
  1. Before editing the key, you must get PuTTYgen for generating your own key pairs.
  2. Click Edit from the Actions column of the key table.
  3. Start PuttyGen.exe and click Generate.
  4. Specify a passphrase.
  5. Click Save public key.
  6. Specify the location where you want to save the key file.
  7. Copy content of the key file (excluding the header ssh-rsa and the endnote rsa-key-20091222) and paste it to the Key contents field.
  8. Click Save changes.
• Change the default key. If you have multiple keys, you can click Change the default key and select another key.
• Add a key. Click Add a key.
  1. Before adding a key, you must get PuTTYgen for generating your own key pairs.
  2. Start PuttyGen.exe and click Generate.
  3. Specify a passphrase.
  4. Click Save public key.
  5. Specify the location where you want to save the key file.
  6. Click Add a key, copy content of the key file (excluding the header ssh-rsa and the endnote rsa-key-20091222) and paste it to the Key contents field.
  7. Click Continue.
• Generate a new key. Click Generate a new key and you will get a key generated by the IBM Cloud service.

Manage your IP addresses

On the account page, you can view a list of your current IP addresses under Your IPs. You can perform the following actions on your IPs:

• Add an IP. Click Add IP under the IP table, select the data center, and an IP address will be allocated.
• Delete an IP. Click Delete from the Actions column of the IP table.
• Create an instance with the IP address.
  1. From the control panel, click Instances and click Add instance.
  2. Select an image.
  3. In the Add Instance (step 2 of 4) Configure Image dialog, select the IP address in the dynamic or static IP field.

More information for working in the Cloud

In addition, there is an updated how-to wiki (see Resources) that provides other getting-started-type instructions such as:

• Adding a base operating system and SDK DVDs as a YAST installation source (in case you're planning to install additional software onto your virtual machine).
• More on interacting programmatically with the Cloud environment (via the REST API).
• How to become root on any VM.
• Sync'ing your local time with NTP.
• How to configure IPv6 (if you have a software dependency that requires IPv6).
• Creating a clone of your running instance (to save your work if your old instance is about to expire or to create identical VMs).

Back to top

In conclusion

Try the IBM SmartCloud Enterprise.

Resources

Learn

• Two more introductory articles can help you get started with cloud computing:
  • "IBM on the cloud: What do you want to know?" is a list of the answers to the most common questions on using the IBM Cloud.
  • "A quick overview of the IBM Cloud" provides just that plus some benefits why a cloud environment might be right for your applications and services.
  
  
• The developerWorks cloud computing site offers updated resources on cloud computing, including
  • An introduction to the world of cloud computing.
  • Updated technical articles and tutorials and pod- and Webcasts to ease your development efforts, as well as a window in professional workshops and recorded sessions to make you an efficient cloud developer.
  • Connections to IBM product downloads and information designed for use in cloud environments.
  • An active feed into the topics the community is buzzing about.
  
  
• The IBM Developer Cloud Blog gives you the latest details on the Developer Cloud from the experts in cloud computing.
  
  
• The how-to wiki is always being updated with common use scenarios for the developer cloud.
  
  
• The IBMdevcloud channel on YouTube offers all kinds of hands-on demos such as using a range of IBM products on the Test Cloud and creating and accessing instances.
  
  
• My developerWorks is both a professional network and unified set of community tools for connecting, sharing, and collaborating. Immerse yourself in IT development:
  • You start by registering or signing into My developerWorks. (Individualized features are not available unless you register.)
  • At My Home, you can drag and drop modules to customize your view. (Individualized.)
  • Profiles help you find individuals to share knowledge and let you show the community what you know.
  • Blogs let you share your knowledge or discover the innovative ideas of peers: Here's cloud computing topics on the blogs.
  • Groups provide communities you can join or create that interested in similar topics: Here's cloud computing topics on groups.
  • Forums are the ultimate e-exchange for interactive problem solving: Here's cloud computing topics on the forums.
  • Bookmarks help you create an organized collection of information, much like a private (or shareable) library: Here's bookmarks tagged for cloud computing.
  • Files gives you a space to collaborate on files: Here's cloud computing topics on the files.
  • Wikis let you manage knowledge and content in one central place: Here's cloud computing topics on the wikis.
  • Activities lets you create your own topic-oriented calendar. (Individualized.)
  
  
• Stay current with developerWorks technical events.
  
  
• The ibm.com/cloud portal serves up a high-level overview of IBM Cloud offerings.
  
  

Get products and technologies

• Experience the IBM SmartCloud Enterprise:
  • The IBM SmartCloud Enterprise site is your place to see how to start developing your applications for the cloud. (Here's a list of software images available on the IBM Cloud.)
  
  
• With IBM trial software, available for download directly from developerWorks, build your next development project on the cloud.
  
  

Discuss

• Get involved in the developerWorks community (developer blogs, groups, forums, podcasts, profiles, newsletters, wikis, and community topics) through developerWorks community, a professional network and unified set of community tools for connecting, sharing, and collaborating.
  
  

About the authors

Rate this article

Comments

Back to top

Table of contents

• Description of the IBM Cloud
• Opening an IBM SmartCloud Enterprise account
• Creating your assets
• Accessing your assets
• Configuring the firewall for your instances
• Managing your assets
• In conclusion
• Resources
• About the authors
• Comments

Next steps from IBM

Learn more, join the cloud community

---

• Community: Cloud computing conversations led by IBM community members
• Buy: Try IBM software on IBM SmartCloud Enterprise

Dig deeper into Cloud computing on developerWorks

IBM SmartCloud trial. No charge.

Unleash the power of hybrid cloud computing today!

---

Public and private solutions in one trial.

Special offers