+

Search Tips   |   Advanced Search

IBM Cloud services and third-party integrations

We can use IBM Cloud® platform and infrastructure services, and other third-party integrations to add extra capabilities to the cluster.

IBM Cloud services

Review the following information to see how IBM Cloud platform and infrastructure services are integrated with Red Hat OpenShift on IBM Cloud and how we can use them in the cluster.

IBM Cloud platform services

All IBM Cloud platform services that support service keys can be integrated by using Red Hat OpenShift on IBM Cloud service binding.

Service binding is a quick way to create service credentials for an IBM Cloud service and store these credentials in a Kubernetes secret in the cluster. The Kubernetes secret is automatically encrypted in etcd to protect your data. Your apps can use the credentials in the secret to access your IBM Cloud service instance.

Services that do not support service keys usually provide an API that we can directly use in the app.

IBM Cloud classic infrastructure services

Because Red Hat OpenShift on IBM Cloud lets you create a cluster on IBM Cloud classic infrastructure, some classic infrastructure services, such as Virtual Servers, Bare Metal Servers, or VLANs are fully integrated into Red Hat OpenShift on IBM Cloud. You create and work with these service instances by using the Red Hat OpenShift on IBM Cloud API, CLI, or console.

Supported persistent storage solutions, such as IBM Cloud File Storage, IBM Cloud Block Storage, or IBM® Cloud Object Storage are integrated as Kubernetes flex drivers and can be set up by using Helm charts. The Helm chart automatically sets up Kubernetes storage classes, the storage provider, and the storage driver in the cluster. We can use the storage classes to provision persistent storage by using persistent volume claims (PVCs). For more information, see Plan highly available persistent storage.

To secure the cluster network or connect to an on-prem data center, we can configure one of the following options:

• strongSwan IPSec VPN Service
• IBM Cloud Direct Link
• Virtual Router Appliance (VRA)
• Fortigate Security Appliance (FSA)

IBM Cloud VPC infrastructure services

With Red Hat OpenShift on IBM Cloud, we can create a standard cluster in a Virtual Private Cloud (VPC). A VPC gives you the security of a private cloud environment with the dynamic scalability of a public cloud.

Before we can create a VPC cluster, we must have a VPC and at least one VPC subnet that you provision by using the IBM Cloud console, CLI, or API. You manage these resources in the VPC dashboard directly. When you create the cluster, worker nodes are automatically provisioned as Virtual Servers for VPC instances and we can view and manage these instances in Red Hat OpenShift on IBM Cloud only.

To add persistent storage to your VPC cluster, we can enable the Block Storage for VPC add-on. The add-on sets up pre-defined Kubernetes storage classes, the storage provider, and the storage driver in the cluster so that we can provision Block Storage for VPC by using Kubernetes persistent volume claims (PVCs). To use the add-on, all your VPC subnets must be configured with a public network gateway.

To secure the cluster network traffic, we can modify the default security group for the worker nodes. For more information, see Security in your IBM Cloud VPC.

To connect to a different VPC or to an on-prem data center, use the VPN for VPC service.

Kubernetes community and open source integrations

Because you own the standard clusters that you create in Red Hat OpenShift on IBM Cloud, we can choose to install third-party solutions to add extra capabilities to the cluster.

Some open source technologies, such as LogDNA, Sysdig, or Portworx are tested by IBM and provided as managed add-ons, Helm charts, or IBM Cloud services that are operated by the service provider in partnership with IBM. These open source tools are fully integrated into the IBM Cloud billing and support system.

We can install other open source tools in the cluster, but these tools might not be managed, supported, or verified to work in Red Hat OpenShift on IBM Cloud.

Supported integrations depend on the container platform, the infrastructure provider, and the cluster type that you choose. For more information, see Supported IBM Cloud and third-party integrations.

Integrations operated in partnership

For more information about Red Hat OpenShift on IBM Cloud partners and the benefit of each solution that they provide, see Red Hat OpenShift on IBM Cloud partners.

Managed add-ons

Red Hat OpenShift on IBM Cloud integrates popular open source integrations by using managed add-ons. Managed add-ons are an easy way to install an open source tool in the cluster that is tested by IBM and approved to be used in Red Hat OpenShift on IBM Cloud.

Managed add-ons are fully integrated into the IBM Cloud support organization. If we have a question or an issue with using the managed add-ons, we can use one of the Red Hat OpenShift on IBM Cloud support channels. For more information, see Getting help and support.

If the tool that you add to the cluster incurs costs, these costs are automatically integrated and listed as part of our monthly IBM Cloud billing. The billing cycle is determined by IBM Cloud depending on when you enabled the add-on in the cluster.

Other third-party integrations

We can install any third-party open source tool that integrates with Kubernetes. For example, the Kubernetes community designates certain Helm charts stable or incubator. Note that these charts or tools are not verified to work in Red Hat OpenShift on IBM Cloud. If the tool requires a license, we must purchase a license before you use the tool. For an overview of available Helm charts from the Kubernetes community, see the kubernetes and kubernetes-incubator repositories in the Helm charts catalog.

Any costs that incur by using a third-party open source integration are not included in your monthly IBM Cloud bill.

Installing third-party open source integrations or Helm charts from the Kubernetes community might change the default cluster configuration and can bring the cluster into an unsupported state. If you run into an issue with using any of these tools, consult the Kubernetes community or the service provider directly.

Extending OpenShift API and software with CRDs and Operators

We might use custom resource definitions (CRDs) to extend the OpenShift API to create and orchestrate custom objects in the cluster. Operators combine custom resources and controllers to automate the lifecycle of app, such as installing and rolling out updates to a customized app from a catalog in the cluster.

For more information, see Operators.