Many organizations lack the technical expertise to take on the significant engineering effort of deploying and maintaining container orchestration platforms in production. These organizations can choose from a variety of managed Container-as-a-Service (CaaS) platforms to offload some responsibilities of deploying and managing container clusters to a public cloud service provider. The leading infrastructure-as-a-service (IaaS) cloud providers all offer their own managed CaaS platforms, based on Kubernetes or other orchestrators, and several hosted services providers offer independent managed CaaS platforms that deliver their services based on public cloud IaaS platforms.
All of these CaaS offerings use cloud services to provide the basic infrastructure for hosting the container cluster nodes, but they may vary in the approach they take to actually manage the container clusters. A container orchestration platform fundamentally consists of a cluster of machines configured with daemons that automatically run containerized applications and services based on Docker or other container runtimes. The cluster usually has two components: the control plane, which represents the backbone of the cluster, maintaining its state and the API servers that control its operation, and the data plane consisting of worker nodes which actually run the containers.
The control plane is usually the most challenging component to deploy and maintain in a cluster, since it requires configuring virtual networks specifically for enabling containers to communicate, as well as key functions for maintaining security and reliability. Therefore, a container orchestration service that manages the control plane offers the most value for organizations that want to avoid the effort of setting up a container orchestration environment themselves, while still maintaining control over the part of the stack that actually runs applications in containers.
However, for organizations that want minimum visibility or control over any aspects of container infrastructure, cloud service providers can offer yet higher levels of abstraction by also operating the worker nodes as a service. In this “serverless” approach, administrators merely have to specify which containerized applications to run, along with broad guidelines for the resources that should be assigned to the applications. In exchange for greater ease-of-use and speedy deployment, users of these container instance services trade for a higher degree of vendor lock-in than with lower levels of abstraction.
When choosing a CaaS offering, users have to weigh a variety of factors, including lock-in vs. flexibility, ease-of-use and speed of deployment, portability for hybrid/multi-cloud purposes, depth of integration with a cloud platform’s native services, and other deployment and operational details. This document (Gartner subscription required) shows what to look for in positioning CaaS services as part of an infrastructure portfolio, focusing on offerings from AWS, Microsoft, and Google. In general, organizations should go with a managed CaaS unless there is a specific compliance or functional requirement that prevents the use of this kind of service, but they have to make sure the solution they choose is aligned with the key objectives for their container initiatives as well as their overall cloud strategy.