Learn how to create a Continuous Integration/Continuous Deployment (CI/CD) environment for VPC instance images.

Using a common set of approved base images will improve consistency across your development teams. You can ensure security and reliability through the consistent use of OS versions with the latest updates and security patches. Level up your operational environment by pre-installing agents for powerful cloud logging and metrics services.

See Part 1 of the series: “Automate the Migration of a Workload Based on Virtual Servers from Classic Infrastructure to VPC” 

Create the toolchain, step-by-step

The toolchain is captured in the Toolchain repository. Click the Create Toolchain button to get started—the toolchain is free and there is a free version of the Continuous Integration service. The resources deployed will incur charges.

You have the option to change the toolchain parameters. I suggest changing the Toolchain Name to the name of the virtual private cloud (VPC) image that you are creating. For me, it is the CentOS production image, so I named it centos-prod:

If the values in the GitHub panel are not changed, a clone of the repository that is input into the toolchain’s Delivery Pipeline will be the default in the GitHub integration configuration. Notice that it will have the same name as the toolchain—centos-prod—which will make it easy to find. Your new repository will be a clone of the vpc-tutorials repository and vpc-migrate-from-classic will be the directory that contains the files required:

The Delivery Pipeline panel must be configured. The API keys, classic name, and API key are a little tricky but the handy information button will help you locate the values that you need. For classic, remember you are looking for Classic infrastructure API key. You may need to create the classic API key by clicking the Create button in the Identity and Access Management (IAM) part of the IBM Cloud UI.

Back in the toolchain, clicking Create will create the toolchain and start the first build. You should see the following:

Click on the Delivery Pipeline:

Click on the pipeline settings in the upper right to see some additional fine-grain settings. This gives a hint of what is going to be created. The defaults should be fine—the region, resource group, and secrets came from the toolchain create dialog.  

Special notes:

  • PREFIX defaults to the the name of the toolchain. Note that it will be sanitized during the execution of the pipe line scripts. For detail, see the the pipeline_build.sh script in the GitHub repository that is input to the pipeline.
  • DATE is calculated during the execution of the first stage of the pipeline.
  • REGION is ibm:yp:us-south and will be converted to us-south during the execution of the scripts. The property COS_REGION with the value \$REGION will have the value us-south. If you want a different region, insert the simple name (like eu-de). You can find a list of regions in the docs.

Now, take a look at the stages. They match pretty closely to the Part 1 blog post. Open the first stage to take a look:

The input panel is configured to be invoked when source code is pushed to the GitHub repository:

The jobs in all of the stages are similar, and they kick off the steps defined in Part 1. This one executes parts 000, 010, and 020:


The final stage in the pipeline will clean up everything except the following:

  • COS instance
  • COS bucket
  • VPC custom image

If everything went well, there will be an image in the Custom images for VPC page—it will be the name of the pipeline with the date appended. The date is the time the first stage started execution.

Configuring Github

See the docs on Configuring GitHub to connect GitHub to the toolchain GitHub integration. When complete, changes to your clone of the vpc-tutorials repository will automatically start the first stage of the toolchain pipeline.

Changing the image contents

In your clone of the vpc-tutorials repository, you will see the vpc-migrate-from-classic/create-classic/main.tf file. You will need to replace this portion with your desired content:

If the GitHub integration is configured (see previous step), pushing a new change to your cloned repository will start the toolchain pipeline. 

Final cleanup

The final stage in the pipeline is not triggered automatically. It will remove the COS instance and all COS buckets and contents; click the start button on this stage to do this final cleanup.  

You can manually delete the VPC custom images when they are no longer in use.

Check for the existence of VPC instances and Classic instances from failed runs.


This toolchain pipeline handles the simple creation of a VPC custom image for use when provisioning a VPC instance.  Extend this example to automatically create exactly the image that you need in production and keep it up to date.

For more information on the topics covered in this blog see these resources:

If you have feedback, suggestions, or questions about this post, please reach out to me on Twitter (@powellquiring).


More from Cloud

Kubernetes version 1.28 now available in IBM Cloud Kubernetes Service

2 min read - We are excited to announce the availability of Kubernetes version 1.28 for your clusters that are running in IBM Cloud Kubernetes Service. This is our 23rd release of Kubernetes. With our Kubernetes service, you can easily upgrade your clusters without the need for deep Kubernetes knowledge. When you deploy new clusters, the default Kubernetes version remains 1.27 (soon to be 1.28); you can also choose to immediately deploy version 1.28. Learn more about deploying clusters here. Kubernetes version 1.28 In…

Temenos brings innovative payments capabilities to IBM Cloud to help banks transform

3 min read - The payments ecosystem is at an inflection point for transformation, and we believe now is the time for change. As banks look to modernize their payments journeys, Temenos Payments Hub has become the first dedicated payments solution to deliver innovative payments capabilities on the IBM Cloud for Financial Services®—an industry-specific platform designed to accelerate financial institutions' digital transformations with security at the forefront. This is the latest initiative in our long history together helping clients transform. With the Temenos Payments…

Foundational models at the edge

7 min read - Foundational models (FMs) are marking the beginning of a new era in machine learning (ML) and artificial intelligence (AI), which is leading to faster development of AI that can be adapted to a wide range of downstream tasks and fine-tuned for an array of applications.  With the increasing importance of processing data where work is being performed, serving AI models at the enterprise edge enables near-real-time predictions, while abiding by data sovereignty and privacy requirements. By combining the IBM watsonx data…

The next wave of payments modernization: Minimizing complexity to elevate customer experience

3 min read - The payments ecosystem is at an inflection point for transformation, especially as we see the rise of disruptive digital entrants who are introducing new payment methods, such as cryptocurrency and central bank digital currencies (CDBC). With more choices for customers, capturing share of wallet is becoming more competitive for traditional banks. This is just one of many examples that show how the payments space has evolved. At the same time, we are increasingly seeing regulators more closely monitor the industry’s…