Container orchestrators have evolved significantly since Docker debuted more than five years ago. In many cases, what constituted state-of-the-art orchestration features in the past is just stock technology today. This fact, combined with the diversity of orchestrators now available, means that choosing the best orchestrator can be challenging.
To help provide some clarity, we look in this article at what to look for in an effective orchestration system today. We’ll then examine the top orchestration systems available currently, compare them based on critical features, and (last but not least) discuss their current adoption rates within the industry.
Components of a Production-Worthy Orchestrator for 2019
Container orchestration is a complex problem, and each orchestration system includes a custom blend of services within the offering. The best orchestration system for one organization might be different from the best system for another organization. System capabilities, resource requirements including technology, financial and human will all factor into the decision about which orchestrator to invest in for your platform.
Some of the components which a good orchestrator should include are:
- Provisioning, deployment, and maintenance of containers
- The balancing of containers across multiple hosts if applicable
- Service discovery
- Load balancing of incoming traffic
- Managing networking between containers and egress/ingress from clients
- Administration and application of security, including authentication, secrets management, and encryption
- Resource monitoring and management
- Health monitoring and alerting of failed containers
Current Container Orchestrator Offerings
Any discussion of containers and container orchestration these days includes references to Docker. While Docker is undoubtedly the most popular containerization technology in use, it is not an orchestration system per se. The systems we’ll be looking at in this article are:
- Amazon Elastic Container Service
- Docker Swarm
- Apache Mesos
Amazon Elastic Container Service
Amazon Elastic Container Service, or ECS is a popular choice for organizations seeking an orchestration system with a lower barrier to entry and ease of integration with existing AWS infrastructure. Users can deploy containers as “tasks,” specify service levels for the number of tasks to be running at any time, and manage connections through container agents.
Amazon ECS offers high availability, scalability, and security, and you only pay for the underlying compute instances which you use to support your clusters. The ease of compatibility with other AWS services is a two-edged sword that also requires you to maintain your container environment with Amazon.
AWS has offered a comparable Kubernetes service since the end of 2017, as a hosted Kubernetes environment. Slightly newer than ECS, EKS uses Kubernetes as its orchestration system. Thus, it provides a level of abstraction from AWS, and reduces the dependencies on AWS infrastructure if you want to explore moving to or co-hosting on other cloud providers.
In comparative data from Datanyse comparing containerization systems, first-place Docker enjoys an estimated market share of more than 48%. In second place, Kubernetes boasts a market share of slightly more than 29%. As we noted earlier, though, Docker by itself is only a containerization platform, and not a fully-fledged orchestration system. In another comparative study, G2 compared adoption between ECS and Kubernetes. While ECS showed a marginally higher rate of adoption in mid-size to enterprise-sized companies, Kubernetes showed more consistent adoption levels across all companies.
Developed out of the Borg project at Google, Kubernetes was donated to the Cloud Native Computing Foundation (CNCF) as a seed technology in 2015. The project has grown on its own merits as a CNCF open source project and has also been adopted by all the major cloud computing providers, including:
Kubernetes has a pluggable architecture, allowing you to choose different open source solutions for networking, storage, authentication, and other components, and allowing you to build a custom orchestration system around a robust and highly performant container orchestrator.
While most if not all players in the container orchestration space support Docker containers, Docker also offers its own orchestration system called Docker Swarm. Comparable to Kubernetes in many ways, including adoption by organizations seeking an orchestration solution, Docker Swarm scores slightly higher than Kubernetes when it comes to ease of setup, administration, and support.
Docker Swarm is an excellent solution for organizations looking to support a simple container environment without any complex configurations. An additional advantage is that Docker and Docker Swarm use similar CLI commands, further enabling engineers already familiar with Docker.
OpenShift is a flavor of Kubernetes curated into a supported product by RedHat. Where Kubernetes supports an open and pluggable architecture, OpenShift is a licensed product which is less flexible than its parent project, but that lack of flexibility leads to a generally more mature product.
While it tends to have lower adoption rates, likely due to its paid license and support model, and the fact that it lags behind the Kubernetes project, OpenShift scored slightly higher than Kubernetes in terms of ease of use, setup, and administration.
The Apache Mesos project shares an origin story with some of the notable open source projects of the past. The Mesos project began as a research project at the University of California at Berkeley and was later taken over by the Apache Software Foundation. Although Mesos shares many features in common with the other orchestrators listed here, its primary use case is as a management system for diverse and distributed systems.
Apache Mesos can function as a container orchestration system, but its abilities allow it to extend beyond containers to microservices, Big Data, analytics engines, and beyond. In terms of adoption as an orchestration system, Apache Mesos has wider adoption than RedHat OpenShift, but trails Kubernetes significantly.
Final Thoughts About Container Orchestrators
The current state of the container orchestration landscape is not that different from high school. There is a lot of excitement and energy, and it’s easy to spot the high achievers of the moment, but there is also a lot of change, development, and maturity still to come.
Follow us on Twitter
Follow us on Twitter for real time updates on the cloud native ecosystem, Twistlock product, and cloud native security threats.
How to Lock Down the Kernel to Secure the Container HostRead the Blog
One Chapter Ends, Another BeginsRead the Blog
The Greatest Security Risks Lurking in Your CI/CD PipelineRead the Blog
Cloud Platform Radar: Powerful Cloud Asset IdentificationRead the Blog
Securing Serverless Functions: Visibility with Serverless RadarRead the Blog