IBM Cloud Docs
IBM Cloud services and third-party integrations

IBM Cloud services and third-party integrations

You can use IBM Cloud® platform and infrastructure services, and other third-party integrations to add extra capabilities to your cluster.

IBM Cloud services

Review the following information to see how IBM Cloud platform and infrastructure services are integrated with IBM Cloud Kubernetes Service and how you can use them in your cluster.

IBM Cloud platform services

All IBM Cloud platform services that support service keys can be integrated by using IBM Cloud Kubernetes Service service binding.

Service binding is a quick way to create service credentials for an IBM Cloud service and store these credentials in a Kubernetes secret in your cluster. The Kubernetes secret is automatically encrypted in etcd to protect your data. Your apps can use the credentials in the secret to access your IBM Cloud service instance.

Services that don't support service keys usually provide an API that you can directly use in your app.

IBM Cloud classic infrastructure services

Because IBM Cloud Kubernetes Service lets you create a cluster on IBM Cloud classic infrastructure, some classic infrastructure services, such as Virtual Servers, Bare Metal Servers, or VLANs are fully integrated into IBM Cloud Kubernetes Service. You create and work with these service instances by using the IBM Cloud Kubernetes Service API, CLI, or console.

Supported persistent storage solutions, such as IBM Cloud File Storage for Classic, IBM Cloud Block Storage, or IBM Cloud® Object Storage are integrated as Kubernetes drivers and can be set up by using Helm charts. The Helm chart automatically sets up Kubernetes storage classes, the storage provider, and the storage driver in your cluster. You can use the storage classes to provision persistent storage by using persistent volume claims (PVCs). For more information, see Planning highly available persistent storage.

To secure your cluster network or connect to an on-prem data center, you can configure one of the following options:

IBM Cloud VPC infrastructure services

With IBM Cloud Kubernetes Service, you can create a standard cluster in a Virtual Private Cloud (VPC). A VPC gives you the security of a private cloud environment with the dynamic scalability of a public cloud.

Before you can create a VPC cluster, you must have a VPC and at least one VPC subnet that you provision by using the IBM Cloud console, CLI, or API. You manage these resources in the VPC dashboard directly. When you create your cluster, worker nodes are automatically provisioned as Virtual Servers for VPC instances and you can view and manage these instances in IBM Cloud Kubernetes Service only.

To add persistent storage to your VPC cluster, you can use the Block Storage for VPC cluster add-on. The add-on sets up pre-defined Kubernetes storage classes, the storage provider, and the storage driver in your cluster so that you can provision Block Storage for VPC by using Kubernetes persistent volume claims (PVCs).

To secure your cluster network traffic, you can modify the default security group for your worker nodes. For more information, see Security in your IBM Cloud VPC.

To connect to a different VPC or to an on-prem data center, use the VPN for VPC service.

Kubernetes community and open source integrations

Because you own the standard clusters that you create in IBM Cloud Kubernetes Service, you can choose to install third-party solutions to add extra capabilities to your cluster.

Some open source technologies, such as Istio or Portworx are tested by IBM and provided as managed add-ons, Helm charts, or IBM Cloud services that are operated by the service provider in partnership with IBM. These open source tools are fully integrated into the IBM Cloud billing and support system.

You can install other open source tools in your cluster, but these tools might not be managed, supported, or verified to work in IBM Cloud Kubernetes Service.

Supported integrations depend on the container platform, the infrastructure provider, and the cluster type that you choose. For more information, see Supported IBM Cloud and third-party integrations.

Integrations operated in partnership

Review the IBM Cloud Kubernetes Service partners and the benefit of each solution that they provide.

Managed add-ons

IBM Cloud Kubernetes Service integrates popular open source integrations, such as Istio by using managed add-ons. Managed add-ons are an easy way to install an open source tool in your cluster that is tested by IBM and approved to be used in IBM Cloud Kubernetes Service.

Managed add-ons are fully integrated into the IBM Cloud support organization. If you have a question or an issue with using the managed add-ons, you can use one of the IBM Cloud Kubernetes Service support channels. For more information, see Getting help and support.

If the tool that you add to your cluster incurs costs, these costs are automatically integrated and listed as part of your monthly IBM Cloud billing. The billing cycle is determined by IBM Cloud depending on when you enabled the add-on in your cluster.

Other third-party integrations

You can install any third-party open source tool that integrates with Kubernetes. For example, the Kubernetes community designates certain Helm charts stable or incubator. Note that these charts or tools are not verified to work in IBM Cloud Kubernetes Service. If the tool requires a license, you must purchase a license before you use the tool. For an overview of available Helm charts from the Kubernetes community, see the kubernetes and kubernetes-incubator repositories in the Helm charts catalog.

Any costs that incur by using a third-party open source integration are not included in your monthly IBM Cloud bill.

Installing third-party open source integrations or Helm charts from the Kubernetes community might change the default cluster configuration and can bring your cluster into an unsupported state. If you run into an issue with using any of these tools, consult the Kubernetes community or the service provider directly.

Extending Kubernetes API and software with CRDs and Operators

You might use custom resource definitions (CRDs) to extend the Kubernetes API to create and orchestrate custom objects in your cluster. Operators combine custom resources and controllers to automate the lifecycle of app, such as installing and rolling out updates to a customized app from a catalog in your cluster.

To get started, see the Kubernetes documentation for Custom resources and Operators.