| copyright | lastupdated | keywords | subcollection | content-type | services | account-plan | completion-time | ||
|---|---|---|---|---|---|---|---|---|---|
|
2022-08-25 |
onboard software, Terraform, virtual server image, virtual machine image, image, vm, vsi, validate, test, VSI image, VM image, private catalog, vpc, virtual private cloud |
account |
tutorial |
cloud-object-storage, vpc |
paid |
20m |
{{site.data.keyword.attribute-definition-list}}
{: #catalog-vsivpc-tutorial} {: toc-content-type="tutorial"} {: toc-services="cloud-object-storage, vpc"} {: toc-completion-time="20m"}
This tutorial walks you through how to onboard a sample virtual server image for virtual private cloud (VPC) to your account. By completing this tutorial, you learn how to create a private catalog, import the image, validate that it can be installed on a selected deployment target, and make the virtual server image available to users who have access to your account. As you complete the tutorial, adapt each step to match your organization's goal. {: shortdesc}
The tutorial includes steps for deploying a virtual server image to a target {{site.data.keyword.cloud_notm}} Virtual Private Cloud (VPC). As a result, you incur associated infrastructure charges. {: note}
{: #catalog-vsivpc-prereqs}
- Verify that you're using a Pay-As-You-Go or Subscription account. See Viewing your account type for more details.
- Virtual server images for VPC must first be imported and validated in your VPC. If your virtual server image is already imported and validated in your VPC, you can skip these steps:
- Create your VPC.
- Create an instance of {{site.data.keyword.cloud_notm}} Object Storage and upload your image to a bucket.
- Import and validate your custom image in your VPC. Do this for each region in which you want your software to be available and verify that the SHA or checksum matches for the imported image in each region.
- Make sure you're assigned the {{site.data.keyword.cloud_notm}} Identity and Access Management (IAM) editor role or higher on the catalog management service. See Assigning access to account management services for more information.
{: #catalog-vsivpc-create} {: step}
- In the {{site.data.keyword.cloud_notm}} console, go to Manage > Catalogs, and click Create a catalog.
- Select Product default as the catalog type.
- Enter the name of your catalog, for example,
Sample virtual server image. - Select No products to exclude all products in the {{site.data.keyword.cloud}} catalog from your catalog.
- Click Create.
{: #catalog-vsivpc-import} {: step}
-
From the Private products page, click Add.
-
Select Virtual server image for VPC as the deployment method.
-
Select Software as the kind of product that you're adding.
-
Select the image you'd like to onboard.
If the virtual server image you want to add is not included in the list of available images, click Import a new image to import it. Your image must be imported into IBM Cloud VPC, in an available status, with an x86 architecture in order for you to onboard it to a private catalog. Also, your image can't be used with a bare metal profile or instance groups, or encrypted. An image can only be added to one product within one private catalog at a time. If the image you want to import is already imported into another product, you must remove the image from that product or delete the product before you add the image to a new product. {: tip}
-
Enter the software version, for example,
1.0.0. -
Select Developer tools as the category.
-
Click Add product.
{: #catalog-vsivpc-review-images} {: step}
- From the Version list table, click the row that contains your virtual server image.
- Review your images and click Add region if you want to add an image from another region. Images that you add must have the same digest or checksum as the original image that you added in step 2.
- After you review your images, click Next.
{: #catalog-vsivpc-review-version} {: step}
Review the details of this version of your software, and click Next.
{: #catalog-vsivpc-cfg-license} {: step}
If users are required to accept any license agreements beyond the {{site.data.keyword.cloud_notm}} Services Agreement, provide the URL to each agreement. Or, if users can bring their own licenses, you can provide that URL as well.
- Click Add license.
- Enter the name and URL of the license, and click Add license.
- Click Next.
{: #catalog-vsivpc-onboard-readme} {: step}
Use the readme file template{: external} to document the instructions for installing your software. For the purposes of this tutorial, the following steps describe how to edit the description of the readme file.
- Click the Edit icon
. - Copy and paste the contents of the readme file template{: external} and make updates as needed.
- Click Save > Next.
{: #catalog-vsivpc-validate} {: step}
Validating your virtual server image involves running a test deployment of your software. Validating your image proves that it's provisionable with your VPC. The first image you added to your product is validated. Additional regions are not included in this validation.
-
Configure the validation target by selecting a VPC, an SSH key, a subnet, and a profile. Then, cilck Next.
-
Optionally, configure the Schematics workspace by specifying a name and selcting a resource group and a Schematics region. Then, click Next.
In the Tags field, you can enter a name of a specific tag to attach to your virtual server image. Tags provide a way to organize, track usage costs, and manage access to the resources in your account. {: tip}
-
In the Validation version section, select I have read and agree to the following license agreements.
-
Click Validate.
To monitor the progress of the validation process, click View logs. {: tip}
{: #catalog-vsivpc-controls} {: step}
The Security and Compliance Center scans determine adherence to regulatory controls as defined in a profile. Controls are safeguards that are used to meet security and compliance requirements. Only controls that are supported by Security and Compliance Center, formatted correctly, and validated by Code Risk Analysis and Security and Compliance Center scans appear in the catalog. For more information, see Adding compliance details. After you share or publish your product, users can view your controls on the About page for your product, which proves that your product meets specific industry regulations. For more information, see What is a profile?
{: #catalog-vsivpc-add-controls}
You can review the controls that were added from your readme file and add additional controls.
- Click Add controls.
- Choose a profile.
- Select the controls that you want to add to your version.
- Click Add.
{: #catalog-vsivpc-cra-scan}
Scan your source code with Code Risk Analyzer to identify any security vulnerabilities that you need to assess.
- Click Run scan.
- Wait for the scan to finish.
{: #catalog-vsivpc-scc-scan}
Add the scans that you previously ran in the Security and Compliance Center. Security and Compliance Center scans determine adherence to regulatory controls. For more information, see Scheduling a scan.
- Select the profile that you scanned.
- Select the Security and Compliance Center scan.
- Click Add scan.
- Click Next.
{: #catalog-vsivpc-review-reqs} {: step}
You must complete validation and any other requirements to share your product to your account. When you're ready to share your product, click Ready to share. As a result, the virtual server image is available only to users who have access to the Sample virtual server image private catalog in your account.
{: #catalog-vsivpc-publish}
If you want to share your product to your account or enterprise as well as your private catalog, click the name of the product in the navigation to go to the product details page. From the Actions menu, click Share. Select where you want to share your product, and click Share.
You can also use the Partner Center to publish your product to the IBM Cloud catalog. If you publish your product to the IBM Cloud catalog, it will be publicly available to all IBM Cloud users. For more information, see Publishing your software.