Using Codeship Pro To Deploy Workloads to IBM Container Service

7 min read

Using Codeship Pro To Deploy Workloads to IBM Container Service

In this blog post we discuss how Codeship integrates with IBM Container Service to provide another cloud destination for your production workloads.  This blog was written in conjunction with Ethan Jones, a Customer Success Engineer at Codeship, responsible for helping customers to successfully utilize containers for Continuous Integration and Delivery.  We are excited to partner together to demonstrate how quickly and easily users can deploy a Kubernetes cluster in the IBM Cloud and then deploy applications using the same delivery pipeline.

About IBM Cloud 

Bluemix was announced in June 2014 as the IBM Cloud platform, providing users with a variety of compute choices as well as over 140 IBM and third party services. IBM Bluemix Container Service combines Docker and Kubernetes to deliver powerful tools, an intuitive user experience, and built-in security and isolation to enable rapid delivery of applications all while leveraging Cloud Services including cognitive capabilities from Watson. We have integrated pipeline tooling in the platform, but we know that our customers operate in a multi-cloud environment and we’re excited to partner with Codeship to provide users that operational consistency across environments, as well as cutting edge deployment capabilities.

About Codeship 

Codeship Pro is a Continuous Integration Platform based on Docker. We’ve built it to be unique in its design, both Docker-native as well as more flexible and open-ended than other cloud-based CI/CD tools. As a result, you have a lot of control to build CI/CD pipelines that are very specific to your needs and your organizations.

If you’re not at all familiar with Codeship Pro, we recommend reading through the five-part Codeship Pro Getting Started Guide or watching the introductory webinar before we get started on this specific tutorial.

Once you have a sense of how Codeship Pro works, we’ll get started showing you how to use IBM Bluemix’s Container Service to orchestrate your Kubernetes clusters via Codeship Pro.

The Container Service

IBM Bluemix Container Service is powered by Kubernetes and provides all the dynamic scaling and horizontal service integration you’d expect from a cloud platform. Their offering includes both container-operations and a Docker image registry.

By minimizing the amount of custom “IBM stuff” you need, they’ve made a cloud container platform that’s incredibly easy to get set up with very little customization needed for standard Docker and Kubernetes workflows.

Note that this article will not get into configuring your IBM Bluemix account itself. To make sure your IBM Bluemix account is set up and ready to use, see the IBM Bluemix documentation.

Codeship Setup

To get started with pushing images and running your clusters on IBM Bluemix via Codeship Pro, it helps to have some familiarity with Codeship Pro itself first.  As mentioned above, the five-part Codeship Pro Getting Started Guide and the introductory webinar would both be great resources to learn more about how Codeship Pro works at a high level. If you want to get a quick overview we also recommend viewing this 9 minute summary video of Codeship Pro.

Also, note that we have a sample repository showing reusable code examples for all the scenarios discussed in this article.

Using the codeship-services.yml file to set up your environment

The first thing you’ll need to do is create or modify your codeship-services.yml file with a couple of special services: one with the Bluemix CLI, for deploying your cluster, and one for generating a Bluemix authentication token for the registry.

Fortunately, we provide Docker images for both, as you see on Docker Hub with our Bluemix registry authentication image and our Bluemix deployment image.

Simply add these two images to new services in your codeship-services.yml file, as seen here:



    image: your-org/your-app

    path: .

    dockerfile_path: Dockerfile


    – ./deployment/:/deployment



  image: codeship/ibm-bluemix-dockercfg-generator

  add_docker: true

  encrypted_env_file: bluemix.env.encrypted



  image: codeship/ibm-bluemix-deployment

  encrypted_env_file: bluemix.env.encrypted


    – ./deployment/:/deployment

 There are a few things here to take note of. First, we define our `app` service, which is just our application itself. In your case, you may have multiple services. Note, though, that our `app` service is mounting a Docker host volume to allow it to share the code directory with our ‘deployment’ service further down.

The next two services, `dockercfg_generator` and `deployment`, both pull from the Codeship Docker Hub account to use the images we maintain and add security credentials to them via encrypted environment variables.

The credentials you need to set, at a minimum, in these encrypted files are:

  • BLUEMIX_API_KEY – Your Bluemix API key

  • BLUEMIX_API_ENDPOINT – The API endpoint, which defaults to

  • BLUEMIX_CONTAINER_SERVICE_HOST – The region endpoint specified on your account

  • BLUEMIX_CONTAINER_SERVICE_CLUSTER_NAME – What IBM Bluemix is aware of as the name of your container cluster

Once you have your codeship-services.yml file set up with the IBM Bluemix services and your account credentials set, we can move on to the steps in our pipeline to push our images and run our containers.

Using the codeship-steps.yml file to push to the IBM Container Registry

The next thing we’ll do is modify our codeship-steps.yml file. This is the file where we run our tests and create build artifacts, typically. In this case, we want to kick off our deployment steps with an image push to the IBM Bluemix registry. Here’s how we’ll do that:

– name: Your tests

  service: app



– name: Push Image To IBM Bluemix Registry

  service: app

  type: push



  dockercfg_service: dockercfg_generator

Let’s take a look here. First, you’ll see a step to run our tests in the `app` service we defined earlier in our codeship-services.yml file. In your case, this is likely to be multiple steps with multiple tests, perhaps in parallel — and maybe using multiples services.

If the tests step passes, it will move on to the next step: an image push to a Docker registry. You can see in the code example that we’re specifying `type: push` for the step and then specifying the IBM Container Registry endpoint in the `registry` directive.

The next thing you’ll see is the `dockercfg_service` directive, and this is a bit tricky. Some registries — like Dockerhub and Quay — simply use a JSON auths file to authenticate. Others, though — including IBM — need a more programmatic login, either via CLI or with a token. Because of that, we’ve created the concept of a `dockercfg_service`, allowing you to use a separate container as an authentication vehicle for the login instruction on a push step.

In this case, as you can see, we are using the `dockercfg_generator` service we defined earlier in our codeship-services.yml file, which uses the image Codeship maintains for exactly this purpose. When Codeship goes to push your image, we will use that service to log in to IBM using the API key and credentials provided in the associated encrypted environment variables.

Now that we’ve got our image push set up, let’s configure our deployment.

Deploying to IBM Bluemix with Kubernetes and Codeship Pro

As mentioned earlier, IBM Bluemix uses Kubernetes to orchestrate containers. So deploying to IBM Bluemix is as simple as using Kubernetes commands.

Let’s go back to the codeship-steps.yml file and add a new step, after our image push, for deploying the containers.

– name: Your tests

  service: app



– name: Push Image To IBM Bluemix Registry

  service: app

  type: push



  dockercfg_service: dockercfg_generator


– name: Kubernetes Deployment

  service: deployment


You’ll notice first that we’re  using the `deployment` service, as defined in our codeship-services.yml file. This service uses the image Codeship maintains to install the Bluemix CLI, letting you use your account credentials set again via the encrypted environment variables to log in and run native CLI commands.

As you can see, we are passing this service a script file to run, ``. Let’s take a look at what’s in that script:


set -e

# login to IBM Bluemix via credentials provided via (encrypted) environment

# variables

bluemix login \

  –apikey “${BLUEMIX_API_KEY}” \



bluemix cs init \



# Get the required configuration for `kubectl` from Bluemix and load it

bluemix cs cluster-config \


  > .kubectl_config

source .kubectl_config && rm -rf .kubectl_config


# run the commands required to deploy the application via `kubectl`

kubectl version

kubectl cluster-info

Hopefully, this looks pretty straightforward. The first thing we’re doing is log in to Bluemix, making use of our environment variables. Then we’re running the ` bluemix cs cluster-config` command, which the Bluemix CLI uses to set parameters on a cluster. After that, it’s normal Kube commands as you would be used to anywhere else!


This has been a high-level look at pushing images and deploying via Kubernetes to IBM Bluemix with Codeship Pro. Your use case will very likely be somewhat different, but hopefully, you can see how straightforward and easy it is to configure the fundamentals of this kind of deployment.

For more information, we recommend you check out:

Be the first to hear about news, product updates, and innovation from IBM Cloud