EvaluScale Insights for Container Management Platforms
Table of Contents
- Methodology and background
- Definition of Container Management Technology segments
- Definitions of EvaluScale Criteria
- Definitions of Business Drivers
- EvaluScale Insights by Business Driver
- Container Management Platform Vendor Profiles
- Azure Kubernetes Stack
- Red Hat OpenShift
- SUSE Rancher
- VMware Tanzu
Click here to view the EvaluScale Insights for Container Management Services
EvaluScale Insight is an evaluation and ranking methodology developed by Evaluator Group. For decades the company has published technology comparison and selection criteria known as EvaluScale Comparison Matrices. The EvaluScale Insight now examines and ranks the vendor offerings with a based criteria and business drivers.
Methodology and background
The EvaluScale for each vendor product is determined through in-depth review and analysis attained from vendor interviews, reviews of user / administration guides, hands-on testing and/or client engagements. Each product is reviewed within a specific technology area and rated “Exceeds Criteria”, “Meets Criteria” or “Area for Development” for each Evaluation criterion. Evaluation criteria are developed through IT-client engagements and an understanding of system usage. The definitions of the criteria and explanations of how products are reviewed can be found in the Evaluator Series Evaluation Guides, which are reflected in the EvaluScale published in over individual Product Briefs.
Definition of Container Management Technology segments
Evaluator Group defines two distinct segments:
- Container Management Platforms (CMPs) are packages of software (often open-source) delivered to the customer with vendor technical support to enable the customer to operate and maintain the CMP environment in their chosen infrastructure and configuration, with their own staff, at a service level of their own definition. CMPs can be operated by the customer on either the customer’s own premises, in hosted environments or on IaaS
- Container Management Services (CMSs) are managed service (often but not exclusively pay-as-you-go) offerings operated by the vendor on behalf of the customer, with a defined environment and service level agreement (SLA). The SLA is typically financially backed, such that if the vendor fails to meet the SLA, the customer receives a discount or rebate. For CMS, the vendor selects the hosting environment (a cloud service) for the container management.
Figure 1: Basic and Advanced functionality of Container Management
Definitions of EvaluScale Criteria
Below are the criterion and description. Further details can be found in the Container Management Systems Evaluation Guide.
Criteria for Container Management Platforms
Definitions of Business Drivers
Evaluator Group has identified three primary Business Drivers that color the Container Management decision. Our research shows a wide variance of decisions and the weighting applied to the decision criteria. Therefore we find it necessary to rank Container Management Platforms and Container Management Services offerings for each business driver.
A customer following the pattern of Container Forward has made the decision to standardize his future computing architecture on Kubernetes containers and microservices application development. Rather than focusing on the operational issues of managing the legacy environment, this buyer has decided to separate the legacy and future environments, manage the legacy with a defined level of resources, and maximize his future investment in modern architecture. These customers place the highest value on Global Enterprise Functionality, the ability to manage a Hybrid Environment and Vendor Trust. Professional Services and Training are also valued.
A customer following the pattern of Legacy-Integrate is focused on the challenge of finding the resources, skills and/or infrastructure to build and manage a new production Kubernetes (and microservices) environment while continuing to provide good quality service to the users from the large installed pool of vSphere virtual machines. This buyer, seeks to modernize, and integrate the islands of Kubernetes POCs that have sprung up around the corporation, but more strongly desires to limit disruption. This customer strongly values an integrated administrative approach for managing virtual machines and containers. They will migrate applications, but with well-defined and managed risk. They are typically concerned with the ability of current open-source migration tools being stable and resilient enough to address their issues, and they are concerned about integration with entrenched nests of applications.
- Fast Track Win:
This customer has the responsibility to rapidly build and deploy an application which will deliver visible innovation for his company as soon as possible. Rather than simply accomplish this with a native cloud service, they have decided to build this in a modern, portable Kubernetes architecture. The technology decision is about this critical application, not the overall company architecture.
These applications often leverage data science, machine learning or analytics tools, in combination with data currently stored in legacy data systems as well as new data streams. This customer is focused on two things: speed and success. They strongly value integrated solutions from container management vendors that speed time to production and decrease project risk. The highest priority requirements for this buyer are Integrated Tools (both AI/ML/DB and application modernization.
EvaluScale Insights for Container Management Platforms By Business Drivers
Click here to access the EvaluScale Insights Interactive Tool
EvaluScale Insights by Container Forward
EvaluScale Insights by Infrastructure Leverage
EvaluScale Insights by Fast-Track Win
Container Management Platform Vendor Profiles
AWS believes that customers are best served through a model which provides the highest possible level of abstraction to the user (whether an operator or a developer). The AWS strategy is to handle technical complexity “behind the curtain”, enabling the customer to maximize productivity (and speed innovation) through its cloud-native services such as Fargate and Lambda. This model departs from the more open Kubernetes approach, which can require the customer to have greater expertise (and take on more work for delivery), but which in turn allows the customer more flexibility and control.
For customers who need a self-managed container management platform offering, AWS offers basic container management features for standalone use (on-premises or in other public clouds) using EKS Anywhere. This is also the AWS solution for environments which are partially or fully disconnected. This offering is available with a software support agreement, but without an SLA for service availability. Customers can also leverage compatible open-source and ISV software (e.g., observability and security offerings), but these are not included in AWS Support.
All AWS managed Kubernetes offerings are based on a common CNCF-certified Kubernetes distribution which is integrated and maintained by AWS, EKS Distro. While customers can also make use of EKS Distro as a container management platform (customer self-managed) at no charge, Evaluator Group does not consider this to be a valid option for production, as it does not include vendor support.
Evaluator Group Opinion
AWS is the role-model for providing rich, well featured cloud native services, including containers in the cloud. But these services and features are often delivered using AWS proprietary code, rather than the typical open-source Kubernetes approach. Customers who select AWS for container management of Kubernetes-orchestrated containers are predominantly making a decision to use AWS, and then making a decision to use Kubernetes (not the other way around). Customers are also, by definition, making the decision to use a service. The AWS offering for a self-managed platform is very limited in capabilities, and requires the customer to add on a great deal of 3rd party functionality (and commercial service contracts) to create a whole solution. With this in mind, EG would not recommend use of EKS Anywhere, except in very specific circumstances.
If a customer has already committed his business to the AWS platform and operating (or controlling operation of) most of the company’s Kubernetes clusters in the cloud is well-suited to the company’s current and future needs, but there are specific environments or applications where a self-managed offering is needed (e.g., an air-gapped scenario) then AWS EKS Anywhere can fill this gap.
Azure Kubernetes Stack
Customers considering the use of Microsoft Azure solutions to build out and manage a new Kubernetes architecture have much to consider. Within the broader portfolio of Kubernetes-centric services and software, Microsoft Azure has options for creating Kubernetes solutions, including a self-managed platform, Azure Kubernetes Service (AKS) on Azure Stack Hub, Azure Stack HCI or Windows 2019 Datacenter. These offerings allow a customer to operate basic Kubernetes services provided by AKS on a standalone customer environment. Customers can leverage this standard stack to take advantage of Azure’s strengths in cluster services, including, for example, security features. Enterprises can also extend this solution with a number of edge-optimized platforms.
It should be noted however, that the richest feature set and options are reserved for customers who tie in these independent installations using the Azure Arc service, which then allows customer leverage of the broader suite of Azure cloud services.
The Azure Stack solution set can utilize many Azure tools for application development, including application frameworks, coding tools, CI/CD pipelines etc. A wide variety of AI/ML and data analytics tools – serving personas from data scientist and citizen scientist to application developer- are also available for rapid bring-up in the AKS architecture, both from Azure and its many ISV partners.
Training and professional services follow the typical Microsoft model, i.e., relying on partners for delivery. While there is some basic technical training (and certification paths) for the specific Microsoft Azure services, Microsoft is not the company to look to for direct help with strategic planning, deployment or building general staff skills in either Kubernetes or modern application development.
Evaluator Group Opinion
Azure offers a strong solution suite for container management, with a broad portfolio of services, software, and appliances to serve Kubernetes-orchestrated containers. The suite delivers a relatively consistent view and interface across all platforms, enabling customer ecosystem flexibility. Azure Arc enables a global pane of glass and governance across a customer’s Kubernetes clusters in Azure, on-premises, on AWS and GCP Iaas, as well as EKS native clusters in AWS. While the standalone AKS on Azure Stack offering does not deliver all the functionality available with AKS on Azure, customers can use Arc to get access to some add-on functionality from Azure cloud and do so with a common look and feel. One of the biggest challenges of the Azure solution set; however, it its complexity. There are offerings which could be viewed as overlapping, with the right choice being dependent on the customer’s specific use case.
The Azure cloud’s security is regarded as the strongest in the industry; all its Kubernetes offerings inherit this capability (although customers utilizing Azure Stack can also choose to use their own security model).
Customers with Hyper-V virtual machines can manage these in combination with containers; however, customers with a large inventory of existing vSphere virtual machines will not find a solution here for common administration.
D2IQ offers a multi-product solution suite under its DKP (D2IQ Kubernetes Platform) brand. These solutions are container management platforms, with software and support delivered by D2IQ in a more traditional model, with the software to be managed by the customer. Perhaps because D2IQ has (to this point) chosen to not offer a service-based offering, this platform is strongly in ease-of-use features, and combined with the company’s customer-centric support practices. The offerings enable a customer to manage Kubernetes-orchestrated containers with added support for scaling out, as well as fast time to use configurations for AI/ML and Big Data use cases. The solutions are cloud-agnostic, allowing enterprises to leverage containers across hybrid and multi-cloud environments while providing developers a common development experience across cloud platforms.
D2IQ builds and delivers a solution which is tightly aligned to upstream open-source, to allow customers full portability across hybrid and multi-cloud environments.
The company includes what it calls “white glove” professional services, training, and end-to-end support for the entire platform of Kubernetes and its support services, including a broader than typical ecosystem of open-source software from which customers can make selections (e.g., for continuous deployment, they support Helm, Jenkins, and flux).
As the originator of KUDO (the Kubernetes Universal Declarative Operator), a toolkit for rapidly writing Kubernetes Operators, D2IQ also provides services to help customers wanting to more quickly bring up and automate their Kubernetes cluster environments using this automation technology.
Evaluator Group Opinion
D2IQ has a strong focus on professional services and Kubernetes/distributed computing talent. This makes D2IQ a solid alternative for customers needing access to talent, and (for larger enterprises) a partner with a more open-source approach who is willing and able to be more flexible in serving their unique requirements for support.
For companies focused on digital transformation, DKP is a good self-managed platform for those buyers who have already selected their application modernization tools – or are not averse to choosing, integrating, and separately supporting third-party software or add-on open source to fill out these requirements. The tiering of features in Konvoy and Kommander allows customers to add function (and cost) as added scalability and capability are required. For enterprises moving from pilot to production phase, D2IQ’s focus on creating an easier and faster initial deployment and operation platform makes DKP a good production system for customers with less Kubernetes skill in-house, and the platform’s alignment with open source, deployment flexibility (across on-premises and clouds) and portability means these customers can adapt their use of the system (or even select an alternative) as needs change.
Customers needing to rapidly bring up a data science environment or big data application will see the Kaptain and catalog modules as providing fast-time-to usage. D2IQ’s long-standing expertise in distributed big data applications may also provide customers with the assistance they need to get big data applications properly configured and in production quickly.
Mirantis offers a suite of container management offerings for Kubernetes-orchestrated containers including a customer self-managed container management platform. While Mirantis’ recent investments have been predominantly around its full featured managed service offering (Mirantis Flow), the platform offering is well-featured and includes the deployment, update and support of Kubernetes-orchestrated containers operating on AWS and Azure public clouds as well as on premises. Customers choosing to operate Kubernetes clusters in cloud infrastructure can do so; the solution is cloud-agnostic, allowing enterprises to easily leverage containers across hybrid and multi-cloud (AWS or Azure) environments.
As the home of the original developers of Docker (and Swarm), Mirantis has onboard talent and expertise in containers. They offer packaged solution architecture consulting, custom professional services, and Kubernetes infrastructure training.
Evaluator Group Opinion
For customers seeking a well-featured infrastructure–centric container management solution serving multi-site hybrid and/or multi-clouds (and who do not need to include GCP), Mirantis is a solid alternative to consider. The company appears to have constructed a good out-of-the-box experience for getting started with a self-managed container management platform, and should the customer later decide to move to a managed service, Mirantis is one of few container management solution providers who will provide a true hybrid-multi-cloud managed service. With the operating plane of the Mirantis offerings built in tight alignment to upstream open source, and with a reasonable breadth of APIs to related open-source projects and a non-agnostic approach to the cloud, the platform has reasonably good portability; however, a customer who chose to later move away from Mirantis to another offering would, as with most container management platforms, need to invest and learn a new control plane.
Finally, on the services side, with the company’s long history in containers, it appears to have a reasonably deep bench of talent, expertise, and services to support larger enterprises.
Red Hat OpenShift
Red Hat offers a portfolio of solutions for managing Kubernetes-orchestrated containers and application modernization under its Red Hat OpenShift brand. The solutions are cloud-agnostic, allowing enterprises to leverage containers across hybrid and multi-cloud environments while providing developers a common development experience across cloud platforms. Higher tiers enable greater functionality in observability, security, and developer support services.
While Red Hat offers both a container management service and a container management platform, the container management platform (software suite) delivers the highest level of capability – both in terms of scalability features, but also in the breadth of environments that it can supports (e.g., hybrid and multi-cloud). Customers deploying this offering can manage hundreds to thousands of Kubernetes clusters from a single pane of glass, with both cluster and application lifecycle management, integrated application development tools (e.g., CI/CD pipeline, and an IDE), a private registry and extensive security and governance capabilities. Customers can create nested policy automation across teams and divisions, enabling higher development and operational productivity.
Evaluator Group Opinion
Red Hat is one of the leaders in the container managed platform market, with extensive investment in the relevant open-source development community, and a strong portfolio of complementary partners listed in their marketplace.
The Red Hat solution portfolio’s greatest strength is its ability (with self-managed Open Platform Plus) to cover both hybrid and multi-cloud environments in a common, cloud-agnostic operating platform managed by a global control plane.
Red Hat’s managed services also enable enterprises to begin their journey to application modernization and containerization (or leverage it for selected use cases) with the fast time to delivery of a fully managed service. The enterprise who sees its final deployment as a self-managed platform can still use these services to get started without investing in all the infrastructure and skills required for a self-managed deployment. But – to get the full scale-out capabilities – the customer will eventually need to adopt some or all of the self-managed platform.
Red Hat’s focus is clearly centered on the enterprise, as evidenced by their focus on security and governance features, as well as their packaging of a full solution stack, serving those customers who may desire to leverage open source but also desire a single vendor support solution.
While Red Hat does offer operations-focused planning and deployment services and training for customers needing to deploy a self-managed platform, these offerings are not as extensive or strong as some of their competitors. For a stronger set of strategic consulting, customers should look to Red Hat’s corporate owner, IBM.
SUSE acquired Rancher Labs in 2020 and offers both a platform and a service solution for managing Kubernetes-orchestrated containers under the SUSE Rancher brand. The container management platform (SUSE Rancher) delivers functionality via a software subscription with a support contract while the container management service (SUSE Rancher Hosted) offers exactly the same functionality, but with SUSE staff performing the system operations, management and sustaining tasks, with a defined (financially-backed) service level agreement.
SUSE’s strategy has historically been to maintain tight alignment with upstream open-source code to enable customer interoperability and portability between environments. The solution suite includes single pane of glass management of heterogenous, multi-cluster customer environments, allowing customers to leverage containers across hybrid and multi-cloud environments. Unlike many other companies, SUSE has chosen to not integrate specific application modernization services into SUSE Rancher but instead to address these requirements by offering customers the access to common open-source and ISV offerings.
SUSE has two solution delivery models for SUSE Rancher – the dominant installed model is customer self-managed, but customers can also avoid capital investment and some operations training while enabling faster time-to-usage by leveraging a SUSE-operated container management service (with defined SLA) offered on top of the AWS cloud (SUSE Rancher Hosted). This hosted offering supports management of hybrid and multi-cloud environments.
Evaluator Group Opinion
SUSE is one of the leaders in the container managed platform market, with a large SUSE Rancher install base, a strong investment in the relevant open-source development community, and a portfolio of complementary partners.
The SUSE solution portfolio has its greatest strength in its ability to support a customer’s requirements from low-cost entry to a scaled-out hybrid and multi-cloud environment with an offering with full functionality from the first install (no need to upgrade for advanced functionality) and which is closely aligned with upstream open source. This means SUSE Rancher is highly portable, giving customers the opportunity for flexibility in deployment with minimal lock-in to the solution. SUSE also focuses heavily on ease of use, giving customers pre-packaged features for fast deployment and easier operation, and on advanced security features, added via the company’s recent acquisition of NeuVector.
SUSE Rancher does not include a solution to integrate management of containers into ongoing operational management of existing VMware vSphere systems from a single console, nor pre-integrated offerings for AI, data science or database.
SUSE has a solid foundation (and appears to be continuing to invest) in a solid suite of offerings for the Edge, including at the industrial level.
Customers who are looking for a solid technical approach to containerization, with the minimum risk of vendor lock-in, will be well-served by this offering.
VMware offers a portfolio of container management and application modernization solutions, under the Tanzu brand. These offerings provide container management of both hybrid and multi-cloud environments, including operating on all three major public clouds. Customers desiring integrated application modernization tools – and easy integration of relational database will find a rich suite of services to choose from.
While the container management offerings include both software platform options for the customer to control and operate, and managed service offerings operated by Tanzu staff from the cloud, the options are not functionally equivalent. The VMware container management platform (customer-managed) offerings are focused on allowing customers to manage Kubernetes clusters one-at-a-time; there is no global pane of glass. The requirements of larger, scaled-out Enterprise environments are served through Tanzu-managed container services.
Customers choosing a Tanzu platform have the choice of whether to adopt a Kubernetes native approach (using Tanzu Kubernetes Grid), or to continue to leverage their vSphere management approach, integrating containers into the virtual machine operation. For a customer who is just getting started with Kubernetes, and who is concerned about having access to sufficient native Kubernetes talent, this option to leverage existing operational skills may be attractive. Customers should, however, note that as their use of Kubernetes scales, they will need to migrate to a native Kubernetes approach.
VMware is highly focused on assisting customers with professional expertise; the company is best-in-market for providing professional services to assist customers with creating and executing a Kubernetes orchestration and application modernization strategy.
Evaluator Group Opinion
VMware’s Tanzu portfolio includes many assets, and their expertise and professional services capabilities in application modernization and the container market (inherited from Pivotal) is best in class, but there are gaps in the portfolio as customers attempt to address some of the most common use cases in container management.
Tanzu Basic is an excellent solution for vSphere customers getting started with containers. Smaller enterprises who do not foresee themselves outgrowing a “cluster at a time” management model should strongly consider this offering. But – for larger enterprises (or those foreseeing multi-cluster growth), buyers should consider that they will still need to cross the disruptive transition to native Kubernetes (as offered by Tanzu Kubernetes for Operations) to achieve multi-cluster, hybrid and multi-cloud functionality. This is not only a technical transition, but also a move from self-managed to a managed service model.
Tanzu offerings for application modernization are also service, rather than platform, focused. Tanzu’s offerings for automating data access (e.g., Tanzu SQL) are part of the platform suite, but they are virtual machine, not Kubernetes-based. Customers looking to rapidly deploy a data science or analytics toolkit will need to provision these pieces from a Tanzu partner, requiring separate support. And for customers seeking a strong edge solution, the VMware edge deliverables (and references) are clearly trailing some key competitors in delivery for thin/far/industrial edge use cases.