IBM Cloud Private is an application platform for developing and managing on-premises, containerized applications. It is an integrated environment for managing containers that includes the container orchestrator Kubernetes, a private image repository, a management console, and monitoring frameworks. This article is focused on IBM Cloud Private 3.1. For prior versions of IBM Cloud Private, see these related articles:
IBM Cloud Developer Tools CLI version 2.1.12 adds deployment support for IBM Cloud Private 3.1. This version of IBM Cloud Private includes the
cloudctlcommand line tool. IBM Cloud Developer Tools CLI support is not limited to this environment; it also deploys to any Kubernetes environment including on the public IBM Cloud and older versions of IBM Cloud Private. This means that you can use the IBM Cloud Developer Tools CLI to generate applications and perform deployments to all of your IBM Cloud Private and public IBM Cloud environments.
To install the IBM Cloud Developer Tools CLI which includes all prerequisites, follow these instructions.
Deploy to IBM Cloud Private
First things first, you need to create an application using the
ibmcloud dev create command. Follow the prompts of the
create command, selecting the language and Starter Kit that you’d like to use. I recommend the Backend Service for Python Django starter as something that is quick and simple, but you can choose any language and Starter Kit you like. Once the app is created,
cd into the new directory on your system. You can also enable an existing application for Kubernetes deployment by using the
ibmcloud dev enable command. In either case,
ibmcloud dev build the app before proceeding to the following steps.
Now that you have an application, you need to configure your local machine to deploy to the IBM Cloud Private environment.
Set up IBM Cloud Private 3.1 security dependencies
To begin, download the Helm client compatible with your IBM Cloud Private deployment. For version 3.1, this is Helm version 2.9.1. To install this Helm version, use the following instructions:
Complete these commands:
curl -sL https://raw.githubusercontent.com/kubernetes/helm/master/scripts/get | bash
Download and install the binary at https://github.com/kubernetes/helm/releases/tag/v2.9.1
From the PowerShell terminal, you will use the following for deployment:
Set-Item HELM_HOME C:\.helm\
Tip: You can use another location for HELM_HOME, but it must be set before you proceed.
Tip: Do not run helm init at this time, even if the installation instructs you to do so.
Next, IBM Cloud Private 3.1 adds the
cloudctl CLI for security configuration. To install this CLI, download it directly from your IBM Cloud Private deployment as described here.
Finally, use the
cloudctl command to do the following:
- Configure the IP and port of the IBM Cloud Private master.
- Add a certificate for your Helm client to communicate with IBM Cloud Private.
- Choose the cluster that you intend to use for deployment.
Log in to IBM Cloud Private using a valid user account created on that system as follows:
cloudctl login -a https://<master_ip_address>:8443 --skip-ssl-validation
<master_ip_address> is the same IP address that you use to access the IBM Cloud Private management console. The user and password are the same that you use to access the console, as well.
After you log in, the dialog asks you to choose the account that you use for deployment from a list of possible accounts. You will also choose the cluster to use for your deployments and the namespace. Be sure to pick the namespace to which you will deploy your application and make note of it, as you will use this information again later in these instructions.
Configure Docker registry access
First, create an entry in your hosts file that maps to
# Replace <master_ip_address> with the IP address of your IBM Cloud Private system
This is added in
/etc/hosts on MacOS and Linux or
C:\Windows\System32\drivers\etc\hosts on Windows.
Next, add the registry
mycluster.icp:8500 for IBM Cloud Private to the list of insecure Docker registries on your local machine as follows:
- Click the Docker icon in the menu bar.
- Select Preferences.
- Add the insecure registry on the Daemon tab.
- Click the Docker icon in the system tray.
- Select Settings.
- Add the insecure registry on the Daemon tab.
Finally, log in to the IBM Cloud Private Docker registry by using the appropriate user and password from your IBM Cloud Private server and the hostname you defined above:
docker login mycluster.icp:8500
Configure kubectl for access
In the IBM Cloud Private management console, click your username in the top right corner and then select the Configure client option.
To ensure that the credentials for your client are valid, complete a fresh login to the IBM Cloud Private management console. If you need help logging into IBM Cloud Private, see these instructions. The Configure client button provides a set of commands like the following example that you then run on your local system (below is just an example):
kubectl config set-cluster mycluster.icp --server=https://<master_IP_address>:8001 --insecure-skip-tls-verify=true
kubectl config set-context mycluster.icp-context --cluster=mycluster.icp
kubectl config set-credentials mycluster.icp-user --token=eyJhbGciOiJSUzI1NiIs...
kubectl config set-context mycluster.icp-context --user=mycluster.icp-user --namespace=default
kubectl config use-context mycluster.icp-context
To ensure that the correct namepace is used, execute the following command substituting the
[mycluster.icp-*] variables with the real values. For example, the namespace you chose when logging in via
kubectl config set-context cluster.local-context --user=[mycluster.icp-user] --namespace=[mycluster.icp-namespace]
Deploy an app
For the simplest deployment experience, you can update your application’s
cli-config.yml file to point to the IBM Cloud Private Kubernetes environment by adding these entries:
<Namespace> is the namespace on IBM Cloud Private to which you are deploying that you chose with the
cloudctl command. For example,
<App-Name> is the name of your application deployment.
deploy-target value instructs the CLI to target a Kubernetes/container environment, and the
deploy-image-target value tells the CLI what to tag your image with for the IBM Cloud Private registry. If you do not update the
cli-config.yml, you must specify
-t container for the deploy command and then the deployment action queries you for the
Tip: For public IBM Cloud users, you must run
ibmcloud logout before you deploy to IBM Cloud Private.
You’re now ready to deploy your Kubernetes application to IBM Cloud Private. Just use the
deploy command to kick off the deployment:
ibmcloud dev deploy
In this case, the
deploy command will do the following:
- Build and upload the Docker image of your application to the IBM Cloud Private image repository
- Perform a deployment to your IBM Cloud Private Kubernetes cluster using the Helm chart that was generated by the
ibmcloud dev create or
ibmcloud dev enable command
You have now generated and deployed your first application to IBM Cloud Private using the IBM Cloud Developer Tools CLI. You can launch a browser window to your deployed app by entering this command in the app directory:
ibmcloud dev view