cs_why.md

copyright	years 2014, 2018
lastupdated	2018-04-11

{:new_window: target="_blank"} {:shortdesc: .shortdesc} {:screen: .screen} {:pre: .pre} {:table: .aria-labeledby="caption"} {:codeblock: .codeblock} {:tip: .tip} {:download: .download}

Why {{site.data.keyword.containerlong_notm}}

{: #cs_ov}

{{site.data.keyword.containerlong}} delivers powerful tools by combining Docker and Kubernetes technologies, an intuitive user experience, and built-in security and isolation to automate the deployment, operation, scaling, and monitoring of containerized apps in a cluster of compute hosts. {:shortdesc}

Benefits of using the service

{: #benefits}

Clusters are deployed on compute hosts that provide native Kubernetes and {{site.data.keyword.IBM_notm}}-specific capabilities. {:shortdesc}

Benefit	Description
Single-tenant Kubernetes clusters with compute, network, and storage infrastructure isolation	Create your own customized infrastructure that meets the requirements of your organization. Provision a dedicated and secured Kubernetes master, worker nodes, virtual networks, and storage by using the resources provided by IBM Cloud infrastructure (SoftLayer). Fully managed Kubernetes master that is continuously monitored and updated by {{site.data.keyword.IBM_notm}} to keep your cluster available. Option to provision worker nodes as bare metal servers with Trusted Compute. Store persistent data, share data between Kubernetes pods, and restore data when needed with the integrated and secure volume service. Benefit from full support for all native Kubernetes APIs.
Image security compliance with Vulnerability Advisor	Set up your own secured Docker private image registry where images are stored and shared by all users in the organization. Benefit from automatic scanning of images in your private {{site.data.keyword.Bluemix_notm}} registry. Review recommendations specific to the operating system used in the image to fix potential vulnerabilities.
Continuous monitoring of the cluster health	Use the cluster dashboard to quickly see and manage the health of your cluster, worker nodes, and container deployments. Find detailed consumption metrics by using {{site.data.keyword.monitoringlong}} and quickly expand your cluster to meet work loads. Review logging information by using {{site.data.keyword.loganalysislong}} to see detailed cluster activities.
Secure exposure of apps to the public	Choose between a public IP address, an {{site.data.keyword.IBM_notm}} provided route, or your own custom domain to access services in your cluster from the internet.
{{site.data.keyword.Bluemix_notm}} service integration	Add extra capabilities to your app through the integration of {{site.data.keyword.Bluemix_notm}} services, such as Watson APIs, Blockchain, data services, or Internet of Things.

Comparison of offerings and their combinations

{: #differentiation}

You can run {{site.data.keyword.containershort_notm}} in {{site.data.keyword.Bluemix_notm}} Public or Dedicated, in {{site.data.keyword.Bluemix_notm}} Private, or in a hybrid setup. {:shortdesc}

Review the following information for the differences between these {{site.data.keyword.containershort_notm}} setups.

{{site.data.keyword.containershort_notm}} setup	Description
{{site.data.keyword.Bluemix_notm}} Public	With {{site.data.keyword.Bluemix_notm}} Public on [shared or dedicated hardware or on bare metal machines](cs_clusters.html#shared_dedicated_node), you can host your apps in clusters on the cloud by using {{site.data.keyword.containershort_notm}}. {{site.data.keyword.containershort_notm}} on {{site.data.keyword.Bluemix_notm}} Public delivers powerful tools by combining Docker and Kubernetes technologies, an intuitive user experience, and built-in security and isolation to automate the deployment, operation, scaling, and monitoring of containerized apps in a cluster of compute hosts. For more information, see [{{site.data.keyword.containershort_notm}} technology](cs_tech.html#ibm-cloud-container-service-technology).
{{site.data.keyword.Bluemix_notm}} Dedicated	{{site.data.keyword.Bluemix_notm}} Dedicated offers the same {{site.data.keyword.containershort_notm}} capabilities on the cloud as {{site.data.keyword.Bluemix_notm}} Public. However, with an {{site.data.keyword.Bluemix_notm}} Dedicated account, available [physical resources are dedicated to your cluster only](cs_clusters.html#shared_dedicated_node) and are not shared with clusters from other {{site.data.keyword.IBM_notm}} customers. You might choose to set up an {{site.data.keyword.Bluemix_notm}} Dedicated environment when you require isolation for your cluster and the other {{site.data.keyword.Bluemix_notm}} services that you use. For more information, see [Getting started with clusters in {{site.data.keyword.Bluemix_notm}} Dedicated](cs_dedicated.html#dedicated).
{{site.data.keyword.Bluemix_notm}} Private	{{site.data.keyword.Bluemix_notm}} Private is an application platform that can be installed locally on your own machines. You might choose to use {{site.data.keyword.containershort_notm}} in {{site.data.keyword.Bluemix_notm}} Private when you need to develop and manage on-prem, containerized apps in your own controlled environment behind a firewall. For more information, see [{{site.data.keyword.Bluemix_notm}} Private product information ](https://www.ibm.com/cloud-computing/products/ibm-cloud-private/) and [documentation ](https://www.ibm.com/support/knowledgecenter/en/SSBS6K_1.2.0/kc_welcome_containers.html).
Hybrid setup	Hybrid is the combined use of services that run in {{site.data.keyword.Bluemix_notm}} Public or Dedicated and other services that run on-premise, such as an app in {{site.data.keyword.Bluemix_notm}} Private. Examples for a hybrid setup: Provisioning a cluster with {{site.data.keyword.containershort_notm}} in {{site.data.keyword.Bluemix_notm}} Public but connecting that cluster to an on-prem database. Provisioning a cluster with {{site.data.keyword.containershort_notm}} in {{site.data.keyword.Bluemix_notm}} Private and deploying an app into that cluster. However, this app might use an {{site.data.keyword.ibmwatson}} service, such as {{site.data.keyword.toneanalyzershort}}, in {{site.data.keyword.Bluemix_notm}} Public. To enable communication between services that are running in {{site.data.keyword.Bluemix_notm}} Public or Dedicated and services that are running on-prem, you must [set up a VPN connection](cs_vpn.html).

Comparison of free and standard clusters

{: #cluster_types}

You can create one free cluster or any number of standard clusters. Try out free clusters to get familiar and test a few Kubernetes capabilities, or create standard clusters to use the full capabilities of Kubernetes to deploy apps. {:shortdesc}

Characteristics	Free clusters	Standard clusters
In-cluster networking
Public network app access by a NodePort service to a non-stable IP address
User access management
{{site.data.keyword.Bluemix_notm}} service access from the cluster and apps
Disk space on worker node for non-persistent storage
Persistent NFS file-based storage with volumes
Public or private network app access by a load balancer service to a stable IP address
Public network app access by an Ingress service to a stable IP address and customizable URL
Portable public IP addresses
Logging and monitoring
Option to provision your worker nodes on physical (bare metal) servers
Option to provision bare metal workers with Trusted Compute
Available in {{site.data.keyword.Bluemix_dedicated_notm}}

{: #responsibilities} Note: Looking for your responsibilities and container terms when you use the service?

{: #terms} See {{site.data.keyword.containershort_notm}} responsibilities.