Frequently asked questions

Get answers to the most commonly asked questions about IBM Cloud Kubernetes Service.

How does a container-based platform work?

IBM Cloud® Kubernetes Service provides a fully managed container service for Docker (OCI) containers, so clients can deploy containerized apps onto a pool of compute hosts and subsequently manage those containers. Containers are automatically scheduled and placed onto available compute hosts based on your requirements and availability in the cluster.

How is the Kubernetes-based container service managed?

Every cluster is provisioned with a Kubernetes master IBM operates and manages, and worker nodes deployed into the client-owned infrastructure. Your worker nodes are single-tenant and dedicated to you, the client. Manage your worker nodes by using IBM-provided tools for operating system patch deployment, container runtime updates and new Kubernetes versions.

How can I run Docker containers on my own infrastructure?

With IBM Cloud Kubernetes Service, you can deploy Docker containers into pods that run on your worker nodes. The worker nodes come with a set of add-on pods to help you manage your containers. Install more add-ons through Helm, a Kubernetes package manager. These add-ons can extend your apps with dashboards, logging, IBM Cloud and IBM Watson® services and more.

How does autoscaling work for my Docker containers in Kubernetes?

In the IBM Cloud Kubernetes Service, you can enable horizontal pod autoscaling to automatically increase or decrease your app pods in response to your workload needs.

How is container hosting managed when using service provider instances?

You want control and access to compute infrastructure running containerized workloads to ensure your app has the resources it needs. You also want a stable environment for your apps and lower maintenance costs. IBM Cloud Kubernetes Service manages the master, freeing you from having to manage the host OS, container runtime and Kubernetes version-update process.

Can I integrate block storage with my apps?

You can provision block storage for your cluster and use the storage by your application as a persistent data store. IBM Cloud Kubernetes Service provides predefined Kubernetes storage classes you can use to choose the block storage capacity and performance characteristics that meet your application requirements.

How does networking work in a cluster?

The IBM Cloud Kubernetes Service fully integrates with the IBM Cloud platform’s IP addressing, network routing, ACL, load balancing and firewall capabilities. When you deploy standard clusters, you can specify the virtual network for your worker nodes that provide network segmentation and isolation. Every cluster is set up with predefined network policies.

How are security controls integrated?

Every cluster is set up as a single-tenant cluster dedicated to you only. To secure the communication between the Kubernetes API server and your worker nodes, the IBM Cloud Kubernetes Service uses an OpenVPN tunnel and TLS certificates, and monitors the master network to detect and remediate malicious attacks. You control user access to cluster resources.

How do I store Docker images in the cloud?

Obtain a private Docker image registry as a service in the platform. Each tenant in the IBM Cloud Container Registry has a private hosted registry, built using Docker v2 registry to secure storage of Docker images in the cloud. Integrated Vulnerability Advisor scans images with IBM® X-Force® Exchange and its ISO27k policy scans live containers and packages.

Can I set up my own Kubernetes scheduler to place containers in a cluster?

With IBM Cloud Kubernetes Service, you are in control of your cluster and can implement your own custom Kubernetes scheduling and affinity logic for your Kubernetes deployments.

Get a cluster at no cost

Create an IBM Cloud account and get a cluster to try for 30 days.