cs_why.md

copyright	lastupdated	keywords	subcollection
years 2014, 2019	2019-10-01	kubernetes, iks, containers	containers

{:new_window: target="_blank"} {:shortdesc: .shortdesc} {:screen: .screen} {:pre: .pre} {:table: .aria-labeledby="caption"} {:codeblock: .codeblock} {:tip: .tip} {:note: .note} {:important: .important} {:deprecated: .deprecated} {:download: .download} {:preview: .preview}

Why {{site.data.keyword.containerlong_notm}}

{: #cs_ov}

{{site.data.keyword.containerlong}} delivers powerful tools by combining Docker containers, the Kubernetes technology, an intuitive user experience, and built-in security and isolation to automate the deployment, operation, scaling, and monitoring of containerized apps in a cluster of compute hosts. For more information about certification, see Compliance on the {{site.data.keyword.cloud_notm}} . {:shortdesc}

Benefits of using the service

{: #benefits}

Clusters are deployed on compute hosts that provide native Kubernetes and {{site.data.keyword.IBM_notm}}-specific capabilities. {:shortdesc}

Ready to get started? Try out the creating a Kubernetes cluster tutorial.

Benefit	Description
Choice of container platform provider	Deploy clusters with OpenShift or community Kubernetes installed as the container platform orchestrator. Choose the developer experience that fits your company, or run workloads across both OpenShift or community Kubernetes clusters. Built-in integrations from the {{site.data.keyword.containerlong_notm}} console to the Kubernetes dashboard or OpenShift web console. Single view and management experience of all your OpenShift or community Kubernetes clusters from {{site.data.keyword.containerlong_notm}}. For more information, see Comparison between OpenShift and community Kubernetes clusters.
Single-tenant Kubernetes clusters with compute, network, and storage infrastructure isolation	Create your own customized infrastructure that meets the requirements of your organization. Choose between {{site.data.keyword.cloud_notm}} Classic or VPC on Classic infrastructure providers. Provision a dedicated and secured Kubernetes master, worker nodes, virtual networks, and storage by using the resources provided by IBM Cloud infrastructure. Fully managed Kubernetes master that is continuously monitored and updated by {{site.data.keyword.IBM_notm}} to keep your cluster available. Option to provision worker nodes as bare metal servers for compute-intensive workloads such as GPU. Store persistent data, share data between Kubernetes pods, and restore data when needed with the integrated and secure volume service. Benefit from full support for all native Kubernetes APIs.
Multizone clusters to increase high availability	Easily manage worker nodes of the same flavor (CPU, memory, virtual or physical) with worker pools. Guard against zone failure by spreading nodes evenly across select multizones and by using anti-affinity pod deployments for your apps. Decrease your costs by using multizone clusters instead of duplicating the resources in a separate cluster. Benefit from automatic load balancing across apps with the multizone load balancer (MZLB) that is set up automatically for you in each zone of the cluster.
Highly available masters	Reduce cluster downtime such as during master updates with highly available masters that are provisioned automatically when you create a cluster. Spread your masters across zones in a multizone cluster to protect your cluster from zonal failures.
Image security compliance with Vulnerability Advisor	Set up your own repo in our secured Docker private image registry where images are stored and shared by all users in the organization. Benefit from automatic scanning of images in your private {{site.data.keyword.cloud_notm}} registry. Review recommendations specific to the operating system used in the image to fix potential vulnerabilities.
Continuous monitoring of the cluster health	Use the cluster dashboard to quickly see and manage the health of your cluster, worker nodes, and container deployments. Find detailed consumption metrics by using {{site.data.keyword.mon_full}} and quickly expand your cluster to meet work loads. Review logging information by using {{site.data.keyword.la_full}} to see detailed cluster activities.
Secure exposure of apps to the public	Choose between a public IP address, an {{site.data.keyword.IBM_notm}} provided route, or your own custom domain to access services in your cluster from the internet.
{{site.data.keyword.cloud_notm}} service integration	Add extra capabilities to your app through the integration of {{site.data.keyword.cloud_notm}} services, such as Watson APIs, Blockchain, data services, or Internet of Things.
{: caption="Benefits of the {{site.data.keyword.containerlong_notm}}" caption-side="top"}

Comparison of offerings and their combinations

{: #differentiation}

You can run {{site.data.keyword.containerlong_notm}} in {{site.data.keyword.cloud_notm}} Public, in {{site.data.keyword.cloud_notm}} Private, or in a hybrid setup. {:shortdesc}

Differences between {{site.data.keyword.containershort_notm}} setups

{{site.data.keyword.containershort_notm}} setup	Description
{{site.data.keyword.cloud_notm}} Public, off-premises	With {{site.data.keyword.cloud_notm}} Public on [shared or dedicated hardware or on bare metal machines](/docs/containers?topic=containers-planning_worker_nodes#planning_worker_nodes), you can host your apps in clusters on the cloud by using {{site.data.keyword.containerlong_notm}}. You can also create a cluster with worker pools in multiple zones to increase high availability for your apps. {{site.data.keyword.containerlong_notm}} on {{site.data.keyword.cloud_notm}} Public delivers powerful tools by combining Docker containers, the Kubernetes technology, an intuitive user experience, and built-in security and isolation to automate the deployment, operation, scaling, and monitoring of containerized apps in a cluster of compute hosts. For more information, see [{{site.data.keyword.containerlong_notm}} technology](/docs/containers?topic=containers-ibm-cloud-kubernetes-service-technology). You can also create your cluster in a Virtual Private Cloud (VPC), which gives you the security of a private cloud environment with isolated networking features along with the dynamic scalability of the public cloud. For more information, see [Overview of Classic and VPC infrastructure providers](/docs/containers?topic=containers-infrastructure_providers).
{{site.data.keyword.cloud_notm}} Private, on-premises	{{site.data.keyword.cloud_notm}} Private is an application platform that can be installed locally on your own machines. You might choose to use Kubernetes in {{site.data.keyword.cloud_notm}} Private when you need to develop and manage on-premises, containerized apps in your own controlled environment behind a firewall. For more information, see the [{{site.data.keyword.cloud_notm}} Private product documentation ](https://www.ibm.com/support/knowledgecenter/en/SSBS6K_1.2.0/kc_welcome_containers.html).
Hybrid setup	Hybrid is the combined use of services that run in {{site.data.keyword.cloud_notm}} Public off-premises and other services that run on-premises, such as an app in {{site.data.keyword.cloud_notm}} Private. Examples for a hybrid setup: Provisioning a cluster with {{site.data.keyword.containerlong_notm}} in {{site.data.keyword.cloud_notm}} Public but connecting that cluster to an on-prem database. Provisioning a cluster with {{site.data.keyword.containerlong_notm}} in {{site.data.keyword.cloud_notm}} Private and deploying an app into that cluster. However, this app might use an {{site.data.keyword.ibmwatson}} service, such as {{site.data.keyword.toneanalyzershort}}, in {{site.data.keyword.cloud_notm}} Public. To enable communication between services that are running in {{site.data.keyword.cloud_notm}} Public or Dedicated and services that are running on-prem, you must [set up a VPN connection](/docs/containers?topic=containers-vpn). For more information, see [Using {{site.data.keyword.containerlong_notm}} with {{site.data.keyword.cloud_notm}} Private](/docs/containers?topic=containers-hybrid_iks_icp).

Comparison of free and standard clusters

{: #cluster_types}

You can create one free cluster or any number of standard clusters. Try out free clusters to get familiar with a few Kubernetes capabilities, or create standard clusters to use the full capabilities of Kubernetes to deploy apps. Free clusters are automatically deleted after 30 days. {:shortdesc}

If you have a free cluster and want to upgrade to a standard cluster, you can create a standard cluster. Then, deploy any YAMLs for the Kubernetes resources that you made with your free cluster into the standard cluster.

Characteristics	Free clusters	Standard clusters
In-cluster networking
Public network app access by a NodePort service to a non-stable IP address
User access management
{{site.data.keyword.cloud_notm}} service access from the cluster and apps
Disk space on worker node for non-persistent storage
Provision OpenShift clusters
Create clusters in a Virtual Private Cloud (VPC)
Ability to create cluster in every {{site.data.keyword.containerlong_notm}} region
Multizone clusters to increase app high availability
Replicated masters for higher availability
Scalable number of worker nodes to increase capacity
Persistent NFS file-based storage with volumes
Public or private network app access by a network load balancer (NLB) service to a stable IP address
Public network app access by an Ingress service to a stable IP address and customizable URL
Portable public IP addresses
Logging and monitoring
Option to provision your worker nodes on physical (bare metal) servers
{: caption="Characteristics of free and standard clusters" caption-side="top"}