BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
Container management software is any of a range of products that simplify how an administrator adds or replaces software containers on IT infrastructure, and that facilitate the organization of large numbers of containers. Container management software automates the creation, destruction, deployment and scaling of containers.
Containerization is a technology to isolate processes that share an operating system (OS). Containers are used to create cloud-native, distributed applications, and to package legacy applications for increased portability and deployment simplicity. They bind together applications' or microservices' libraries and dependencies into one deployable unit, which reduces the resource usage and complexity on IT platforms when compared with virtual machines (VMs).
Containers have surged in popularity as IT organizations have embraced DevOps, which emphasizes rapid velocity in the deployment of applications.
The categories of container management and orchestration software encompass container schedulers, security tools, storage and virtual network management systems, and monitoring tools.
Container management software pros and cons
Since many more containers than VMs can reside on a server host, the chief benefit of container management software lies in the simplified administration of densely populated hosting environments. Without the automation provided by container management software, the sheer number of containers can quickly outstrip a human operator's ability to keep up with changes, particularly at rapid speed.
Another advantage of containers over VMs is that they are lightweight and have separate application configuration information from the host OS, which offers containerized applications increased interoperability, regardless of whether heterogeneous server OSes or public cloud infrastructures support them. Container management software automates the deployment of container-based applications to these various infrastructures.
A drawback to container management software, particularly container orchestration platforms such as Kubernetes and Mesos, is complexity. Administrators must understand the relationships between clusters of host servers, as well as the container network and how it corresponds to applications and dependencies. Also, container orchestration tools' installation and setup is arduous and error-prone.
Container management software usage
Containers are quickly deployable via management software, which suits the rapid change applications undergo in a DevOps strategy. Forward-thinking enterprise IT organizations and startups alike use containers and container management tools to quickly deploy and update continuously developed applications.
The lines between different container management software categories -- orchestration, security, networking and so on -- blur as container orchestration platforms, such as Kubernetes and Docker's Swarm mode, add native support for additional management capabilities. Container management technology is also being folded into or connected with larger software suites that manage underlying server hosts and VMs.
A number of container management software systems have been created by open source communities, and others are proprietary tools marketed by commercial vendors. Some commercial vendors offer support for open source components or embed them into products.
Major container management software vendors
Container schedulers and orchestration tools
Kubernetes is a popular open source container orchestration software based on Google's Borg cluster management tools.
Vendors and open source communities have created diverse distributions of Kubernetes, including CoreOS Inc.'s Tectonic, Red Hat OpenShift, Apprenda Kismatic Enterprise Toolkit, Google Container Engine (GKE), Ubuntu's Canonical Distribution of Kubernetes, Rancher Labs' Rancher, Univa Navops and VMware Photon Platform. Kubernetes support and partnerships crop up and evolve frequently.
The Kubernetes community maintains projects focused on host server cluster management utilities and configuration templates, such as Kubernetes Operations (kops) and Istio, as well as Ocado Technology's Kubermesh, Heptio's Quick Start for Amazon Web Services and eBay's TessMaster.
Vendors such as AppOrbit also manage the creation of Kubernetes clusters. The Kubo project, which is led by Pivotal, VMware and Google, manages cluster creation on Cloud Foundry's platform as a service.
Cloud containerization services abstract the management of Kubernetes clusters from users; those service products include GKE, Azure Container Service and Azure Container Instances from Microsoft, Amazon Elastic Compute Cloud (EC2) Container Service, StackPointCloud supported by DigitalOcean, and the IBM Container Service, among others.
Some open source Kubernetes-based container management software focuses on how applications and updates deploy to Kubernetes environments. These projects include ksonnet by Heptio, Helm, Applatix Argo, and numerous continuous integration and continuous deployment tools that integrate with Kubernetes.
Apache Mesos is an open source project that manages compute clusters, including container clusters. Mesosphere DC/OS, a commercial product based on Mesos, orchestrates containers with hybrid cloud portability. Mesosphere offers its own container scheduler, and it supports Kubernetes in DC/OS. Mesos enables an organization to manage clusters based on different versions of Kubernetes together.
Docker offers Swarm mode, a cluster management utility for containers, as well as other enterprise-focused container management software features, such as the Docker Secrets and Notary container security utilities. Some third-party vendors offer host cluster and container configuration templates for Docker Swarm mode. Examples include Puppet's Lumogon and Chef's Habitat. Cloud container management services also support Docker Swarm mode.
Container security tools
Container secrets management tools keep track of passwords and tokens in secure environments. Docker secrets management tech exists in upstream Kubernetes, as well as Mesosphere, CISOfy's Lynis and HashiCorp's Vault. Docker Notary and tools like it can certify container images as they move between test, development and production environments.
Static image and runtime container security scanning tools inspect container images before they are deployed and track behavior on the network after deployment. This software is available from several vendors, such as Aqua Security, Twistlock, NeuVector, StackRox, Deepfence and Tenable. Some traditional network security platforms, such as Trend Micro Deep Security, also support containers.
Persistent storage management
Containers are ephemeral, which means that they do not retain information between sessions. But stateful applications rely on some connection between external storage volumes and containers.
Container storage utilities also handle the transfer of container image files from registries to the storage systems assigned to apps in production. Docker makes storage volume plug-ins available from various vendors, such as the open source container storage orchestration engine Rex-Ray from Dell EMC's community.
Container persistent storage tools that offer true container portability for stateful applications come from Docker Infinit, Portworx, Blockbridge Networks and Red Hat Container-Native Storage based on Gluster.
Container networking tools
Given their density and ephemeral nature, containers tend to rely on virtual networks. Container-specific virtual networking tools are available from Contiv, CoreOS, Weaveworks and open source projects, such as Project Calico, which focuses on Kubernetes container network management.
Wider virtual network management platforms -- such as Ansible Container, VMware NSX and Cisco Application Centric Infrastructure -- also support container technology.
Container monitoring tools
Specialized monitoring tools track performance, bugs and security in containerized workloads. Container-specific monitoring tools are offered by Sysdig, Docker's Stats feature, Google's cAdvisor and the Prometheus tool for Kubernetes.
Some DevOps monitoring platforms monitor containers in addition to other hosting architectures. These products come from companies such as New Relic, Datadog, AppDynamics, IBM, Dynatrace and SignalFx.