EvaluScale Insights for Container Management Services

Table of Contents

  1. Introduction
  2. Methodology and background
  3. Definition of Container Management Technology segments
  4. Definitions of EvaluScale Criteria
  5. Definitions of Business Drivers
  6. EvaluScale Insights by Business Drivers
  7. Container Management Services Vendor Profiles
    1. AWS
    2. Azure Kubernetes Service
    3. Google GKE and Anthos
    4. Mirantis
    5. Platform9
    6. Red Hat OpenShift
    7. SUSE Rancher
    8. VMware Tanzu

Click here to view the EvaluScale Insights for Container Management Platforms

Introduction

EvaluScale Insight is an evaluation and ranking methodology developed by Evaluator Group. For decades the company has published technology comparison and selection criteria known as EvaluScale Comparison Matrices.  The EvaluScale Insight now examines and ranks the vendor offerings with a based criteria and business drivers.
id=”methodology”

Methodology and background

The EvaluScale for each vendor product is determined through in-depth review and analysis attained from vendor interviews, reviews of user / administration guides, hands-on testing and/or client engagements. Each product is reviewed within a specific technology area and rated “Exceeds Criteria”, “Meets Criteria” or “Area for Development” for each Evaluation criterion. Evaluation criteria are developed through IT-client engagements and an understanding of system usage. The definitions of the criteria and explanations of how products are reviewed can be found in the Evaluator Series Evaluation Guides, which are reflected in the EvaluScale published in over individual Product Briefs.

Definition of Container Management Technology segments

Evaluator Group defines two distinct segments:

  • Container Management Platforms (CMPs) are packages of software (often open-source) delivered to the customer with vendor technical support to enable the customer to operate and maintain the CMP environment in their chosen infrastructure and configuration, with their own staff, at a service level of their own definition.  CMPs can be operated by the customer on either the customer’s own premises, in hosted environments or on IaaS
  • Container Management Services (CMSs) are managed service (often but not exclusively pay-as-you-go) offerings operated by the vendor on behalf of the customer, with a defined environment and service level agreement (SLA).  The SLA is typically financially backed, such that if the vendor fails to meet the SLA, the customer receives a discount or rebate.   For CMS, the vendor selects the hosting environment (a cloud service) for the container management.

Figure 1: Basic and Advanced functionality of Container Management

Definitions of EvaluScale Criteria

Below are the criterion and description.  Further details can be found in the Container Management Systems Evaluation Guide.

Criteria for Container Management Services

Definitions of Business Drivers

Evaluator Group has identified three primary Business Drivers that color the Container Management decision. Our research shows a wide variance of decisions and the weighting applied to the decision criteria.  Therefore we find it necessary to rank Container Management Platforms and Container Management Services offerings for each business driver.

  1. Container-Forward:

A customer following the pattern of Container Forward has made the decision to standardize his future computing architecture on Kubernetes containers and microservices application development.  Rather than focusing on the operational issues of managing the legacy environment, this buyer has decided to separate the legacy and future environments, manage the legacy with a defined level of resources, and maximize his future investment in modern architecture.   These customers place the highest value on Global Enterprise Functionality, the ability to manage a Hybrid Environment and Vendor Trust.  Professional Services and Training are also valued.

  1. Legacy-Integrate:

A customer following the pattern of Legacy-Integrate is focused on the challenge of finding the resources, skills and/or infrastructure to build and manage a new production Kubernetes (and microservices) environment while continuing to provide good quality service to the users from the large installed pool of vSphere virtual machines.   This buyer, seeks to modernize, and integrate the islands of Kubernetes POCs that have sprung up around the corporation, but more strongly desires to limit disruption.   This customer strongly values an integrated administrative approach for managing virtual machines and containers.  They will migrate applications, but with well-defined and managed risk. They are typically concerned with the ability of  current open-source migration tools being stable and resilient enough to address their issues, and they are concerned about integration with entrenched nests of applications.

  1. Fast Track Win:

This customer has the responsibility to rapidly build and deploy an application which will deliver visible innovation for his company as soon as possible.  Rather than simply accomplish this with a native cloud service, they have decided to build this in a modern, portable Kubernetes architecture. The technology decision is about this critical application, not the overall company architecture.

These applications often leverage data science, machine learning or analytics tools, in combination with data currently stored in legacy data systems as well as new data streams.  This customer is focused on two things:  speed and success.  They strongly value integrated solutions from container management vendors that speed time to production and decrease project risk.   The highest priority requirements for this buyer are Integrated Tools (both AI/ML/DB and application modernization.

EvaluScale Insights for Container Management Services

Click here to access the EvaluScale Insights Interactive Tool

EvaluScale Insights by Container Forward

EvaluScale Insights by Infrastructure Leverage

EvaluScale Insights by Fast-Track Win

Container Management Services Vendor Profiles

AWS

AWS approach – as a solution provider – is based on the core belief that customers are best served through a model which provides the highest possible level of abstraction to the user (whether an operator or a developer).  The AWS strategy is to handle technical complexity “behind the curtain”, enabling the customer to maximize productivity (and speed innovation) through its cloud-native services such as Fargate and Lambda.  This model departs from the more open Kubernetes approach, which can require the customer to have greater expertise (and take on more work for delivery), but which in turn allows the customer more flexibility and control.

AWS delivers the highest level of container management and application modernization functionality (details, below) with its Elastic Kubernetes Service (EKS) running in the AWS cloud. AWS commits to delivering this service to a financially-backed service level agreement of 99.95%.

A subset of these features, with an associated sustaining and technical support contract (but no SLA for availability) is delivered through EKS on AWS Outposts, as a service to support customer on-premises container management.  Customers can operate EKS, EC2 and RDS locally on the Outpost rack, but other applications or data services (e.g. CI/CD pipelines, registry etc.) must be operated remotely via a connection to the AWS region. Global management, user access management etc. are provided via the central AWS console.

Evaluator Group Opinion

Within the Managed Container Platform and Managed Container Services market, there is a spectrum of offerings, with vendors choosing to integrate “purely” open-source Kubernetes and associated software projects at one end, and cloud service providers offering Kubernetes-as-a-service, controlled by and attached to a very rich suite of (mostly) proprietary services at the other.  Clearly AWS is the role-model for this latter category.   Customers who select AWS for container management of Kubernetes-orchestrated containers are predominantly making a decision to use AWS, and then making a decision to use Kubernetes (not the other way around).

If a customer has already committed his business to the AWS platform, if operating (or controlling operation of) Kubernetes clusters in the cloud is well-suited to the company’s current and future needs and if the company’s next application or environment needed deployed yesterday, then AWS is a solid Kubernetes container management option and should be on the customer’s short list for consideration.  This service provider’s suite of application modernization, AI/ML and data services support rapid digital innovation, and the (largely) fully-managed operation of Kubernetes by technical experts avoids the need for talent-scarce enterprises to build their own stable of expert Kubernetes talent.    And while AWS itself does not provide training or custom consulting, an enterprise executive will have no difficulty finding a full range of AWS partner consulting service providers who are skilled in the platform, and extremely willing to help.

Azure Kubernetes Service

Microsoft Azure has a broad set of options for creating Kubernetes solutions.  Whether the buyer is considering a container management platform to manage with their own staff, a container management service managed by Azure, on-premises, hybrid, multi-cloud, fast path to AI/ML or data analytics and/or leveraging containers at the edge, there is at least one solution (and often several) in the Azure suite.

Azure offers three distinct Kubernetes solutions which each have different values, and which can be packaged together.  These solutions are:

  • Azure Kubernetes Service (AKS), a managed service for Kubernetes clusters running in Azure cloud
  • Azure Arc, a managed service to provide unified cluster management and governance across on Kubernetes clusters deployed on-premises, across multi-cloud and edge
  • Azure Kubernetes Service (AKS) on Azure Stack Hub, Azure Stack HCI and Windows 2019 Datacenter, a software platform based on AKS (and maintained by Azure) which allows a customer to operate basic Kubernetes services provided by AKS on a standalone customer environment.

The solution set also inherits Microsoft’s strong heritage in application development, presented in a multitude of application frameworks, coding tools, CI/CD pipelines etc.   A wide variety of AI/ML and data analytics tools – serving personas from data scientist and citizen scientist to application developer- are also available for rapid bring-up in the AKS architecture.  Azure Security is also known for its strength and breadth. On the edge, Azure offers five different configurations for compute, all of which can be implemented with the Azure Kubernetes management stacks noted above.

Customers with Hyper-V virtual machines can manage these in combination with containers; however, customers with a large inventory of existing vSphere virtual machines will not find a solution here for common administration.

Training and professional services follow the typical Microsoft model, i.e., relying on partners for delivery.  While there is some basic technical training (and certification paths) for the specific Microsoft Azure services, Microsoft is not the company to look to for direct help with strategic planning, deployment or building general staff skills in either Kubernetes or modern application development.

Evaluator Group Opinion

Azure offers a strong and broad portfolio of services, software, and appliances to serve Kubernetes-orchestrated containers. The suite delivers a relatively consistent view and interface across all platforms, enabling customer ecosystem flexibility.   Azure Arc enables a global pane of glass and governance across a customer’s Kubernetes clusters in Azure, on-premises, on AWS and GCP IaaS, as well as EKS native clusters in AWS.  While the standalone AKS on Azure Stack offering does not deliver all the functionality available with AKS on Azure, customers can use Arc to get access to some add-on functionality from Azure cloud and do so with a common look and feel. One of the biggest challenges of the Azure solution set; however, it its complexity.  There are offerings which could be viewed as overlapping, with the right choice being dependent on the customer’s specific use case.

And, like all Kubernetes management offerings delivered from a cloud service, customers who desire to leverage the extended functionality of the service must utilize proprietary operational capabilities which are then available only in Azure, making later portability of the application to be more of a challenge.

Google GKE and Anthos

As the original developer of Kubernetes and many associated open-source projects, Google offers a rich solution suite for enterprises to consider when selecting an enterprise standard for container management. These container management services offerings (Integrated and supported by Google staff) include support for hybrid and multi-cloud environments. However, while Google makes extensive use of open-source Kubernetes (and associated projects), the company’s container management portfolio is not environment-agnostic; it includes significant leverage of proprietary operational capabilities.  Google, like other cloud service providers, offers its strongest functionality inside the GCP cloud.

Google supports a multi-cloud architecture, and its approach to hybrid (on-premises) does not require specialized hardware.  It also provides a common management approach including single-pane of glass visualization and cluster lifecycle management across cloud native and on-premises clusters.

Google offers two service models for customers wanting a managed Kubernetes service.  Customers wanting to operate containers solely in GCP will use a managed (integrated and supported) Kubernetes orchestration service, Google Kubernetes Engine (GKE).  Customers who need (or plan in the future to need) to operate containers both on GCP and on-premises or in other cloud infrastructure use Google Anthos, which allows customers to leverage the Google Control Console to provide single pane of glass visualization and centralized policy-managed governance of all clusters and pods which the customer “registers” with the service.  However the service capabilities are not identical to those provide by GKE.

Evaluator Group Opinion

As a cloud service provider, Google follows the model of offering container management services (“Kubernetes-as-a-service”), controlled by and attached to a very rich portfolio of largely proprietary operational capabilities.  The company is the Kubernetes industry leader.  Much of what they develop in this area of technology later becomes the open-source standard (examples being Kubernetes itself, as well as Knative for serverless and the Istio service mesh).  This gives them a unique value as a service provider, as the market ‘expert’ in containers.  In addition, the company has taken the unique step of enabling its services to control and run managed Kubernetes (and associated applications) on customer selected hardware on-premises as well as on top of other cloud infrastructure creating a true hybrid and multi-cloud container management offering.  However, at this point, none of the Google functionality can operate independently on customer self-managed infrastructure, limiting future portability.

If a customer has already committed his business to Google cloud platform, if little future portability is required, and the company’s next application or environment needed to be deployed yesterday, then the Google GKE and Anthos solutions, built and supported by the industry’s Kubernetes leader, should be on the customer’s short list for consideration.  Google’s incredible suite of AI/ML and data services support rapid digital innovation.  Its investments (particularly with ISV partners) are worth researching for customers looking to deploy new applications at the edge.  And while Google itself does not provide custom consulting, an enterprise executive can leverage one of many partner consulting service providers who are highly skilled in the platform, and extremely willing to help.

Mirantis

Mirantis offers a suite of container management offerings for Kubernetes-orchestrated containers – both a container management platform (customer self-managed) and a container management solution, managed services under which Mirantis deploys and operates the same capabilities (plus some added developer tooling) on behalf of the customer.  Mirantis’ recent investments have been predominantly around its full featured managed service offering (Mirantis Flow), which includes added developer productivity tools (Lens Spaces) as well as the capability for customers to share virtual machine/container workloads on a container-based architecture.

Both container management platform and container management service offerings include the deployment, update and support of Kubernetes-orchestrated containers operating on AWS and Azure public clouds as well as on premises.  For the managed service, Mirantis operates the entire environment for the customer from a management plane operated in Equinix Metal datacenters with a defined, financially-backed service level of 99.99%.  The solution is cloud-agnostic, allowing enterprises to easily leverage containers across hybrid and multi-cloud (AWS or Azure) environments.

As the home of the original developers of Docker (and Swarm), Mirantis has onboard talent and expertise in containers.  They offer packaged solution architecture consulting, custom professional services, and Kubernetes infrastructure training.

Evaluator Group Opinion

For customers seeking a well-featured infrastructure–centric container management solution serving multi-site hybrid and/or multi-clouds (and who do not need to include GCP), Mirantis is a solid alternative to consider.  The company appears to have constructed a good out-of-the-box experience for getting started with a self-managed container management platform, and, on the managed service side, Mirantis is one of few container management solution providers who will manage a true hybrid-multi-cloud managed service.   And the company appears to have a reasonably deep bench of talent, expertise, and services to support larger enterprises.

With the operating plane of the Mirantis offerings built in tight alignment to upstream open source, and with a reasonable breadth of APIs to related open-source projects and a non-agnostic approach to the cloud, the platform has reasonably good portability; however, a customer who chose to later move away from Mirantis to another offering would need to invest and learn a new control plane.

Platform9

Platform9 offers a container management service, i.e., a managed service under which Platform9 personnel perform all of the management and maintenance tasks associated with managing a Kubernetes-orchestrated environment.

The PMK service includes the integration, deployment, operation, and support of Kubernetes-orchestrated containers operating on public clouds as well as on premises with a defined, financially-backed service level of 99.99%.  The solution is cloud-agnostic, allowing enterprises to leverage containers across hybrid and multi-cloud environments. Platform9 also includes a separate add-on managed service for virtual machines which have been migrated to operate on a container architecture (based on the Kubevirt open-source project).

Platform9 builds and delivers a solution which is tightly aligned to upstream open-source, to allow customers portability across hybrid and multi-cloud environments.

Platform9 delivers its solutions as managed service offerings only; there is no container management platform (customer-managed) option.   The company includes what it calls “proactive management” (deployment, lifecycle management and 1-click upgrades) in its services.  The company provides custom professional services and Kubernetes infrastructure training to support customers.  The PMK solution also includes an application catalog offering 1-click deployment of common (and customer built) application blueprints.

Evaluator Group Opinion

Platform9 has built (and is continuously improving) a container management service optimized for customers deploying Kubernetes across hybrid, multi-cloud, and edge environments.  The service should be attractive to companies who do not desire to build their own skills and capabilities for self-management but who want or need a service with a financially-backed SLA which provides stronger support of on-premises containers and/or is fully agnostic across multiple cloud service provider environments.

Enterprises whose development teams have already selected and deployed a standardized suite of tools for application modernization (including image security) will find this a good complement to the Platform9 approach of providing a managed Kubernetes infrastructure.  The embedded multi-tenant architecture should also be a good fit for companies who desire to distribute container usage (and ‘ownership”) across separate development teams.

The company’s investment in 5G Telco integration, particularly radio-tower use cases make deliver faster time to usage for customers needing to rapidly deploy edge environments with this capability.

Finally, the company’s focus on providing a managed service to address the common requirement of customers who are in the (sometimes extended) architectural shift from virtualization to containerization is unique in the market, and may represent a lower risk offering for customers needing to support both legacy and modern environments, particularly if the company (and/or the open source community) can develop a proven model for moving vSphere virtual machines more easily (and with less risk) to VMs supported by Kubevirt.

Red Hat OpenShift

Red Hat offers a portfolio of solutions for managing Kubernetes-orchestrated containers and application modernization under its Red Hat OpenShift brand.  The solutions are cloud-agnostic, allowing enterprises to leverage containers across hybrid and multi-cloud environments while providing developers a common development experience across cloud platforms.   Higher tiers enable greater functionality in observability, security, and developer support services.

Red Hat offers both a container management platform, functionality which is delivered via a software subscription with a support contract, and a series of container management services.  The container management platform (software) is deployed and operated by the customer.  Red Hat delivers technical support (break-fix) and maintenance, but the customer is responsible for the resulting operation (and availability) of the platform.  The container management services, by contrast, are operated by Red Hat, in partnership with a cloud service provider (e.g., AWS, Azure or Google).  Update timing is determined by the vendor, but customers using a service can rely on Red Hat and/or its partner to deliver the service to a defined (and financially-backed) service level.

In Red Hat’s portfolio, the container management platform (software suite) delivers a higher level of capability – both in terms of actual features, but also in the breadth of environments that it can supports (e.g., hybrid and multi-cloud). The cloud-based services, however, offer a less burdensome alternative with faster time to customer usage from a Red Hat-managed service (with defined SLA) offered in each of the major clouds (AWS, Azure, Google).

Evaluator Group Opinion

Red Hat is clearly one of the leaders in the container managed platform market, with extensive investment in the relevant open-source development community, and a strong portfolio of complementary partners listed in their marketplace.

The Red Hat solution portfolio’s greatest strength is its ability – with self-managed Open Platform Plus, containing Advanced Cluster Management (ACM) and Advanced Cluster Security (ACS) – to cover both hybrid and multi-cloud environments in a common, cloud-agnostic operating platform managed by a global control plane.

Red Hat’s managed services enable enterprises to begin their journey to application modernization and containerization (or leverage it for selected use cases) with the fast time to delivery of a fully managed service.  This allows customers to get started without investing in all the infrastructure and skills required for a self-managed deployment.   Buyers should note, however, that they cannot leverage these managed services to manage a multi-cloud or hybrid environment without managing the ACM and ACS services themselves.

Red Hat’s focus is clearly centered on the enterprise, as evidenced by their focus on security and governance features, as well as their packaging of a full solution stack, serving those customers who may desire to leverage open source but also desire a single vendor support solution.

While Red Hat does offer operations-focused planning and deployment services and training for customers needing to deploy a self-managed platform, these offerings are not as extensive or strong as some of their competitors.  For a stronger set of strategic consulting, customers should look to Red Hat’s corporate owner, IBM.

SUSE Rancher

SUSE acquired Rancher Labs in 2020 and offers both a platform and a service solution for managing Kubernetes-orchestrated containers under the SUSE Rancher brand.  The container management platform (SUSE Rancher) delivers functionality via a software subscription with a support contract while the container management service (SUSE Rancher Hosted) offers exactly the same functionality, but with SUSE staff performing the system operations, management and sustaining tasks, with a defined (financially-backed) service level agreement.

SUSE’s strategy has historically been to maintain tight alignment with upstream open-source code to enable customer interoperability and portability between environments.  The solution suite includes single pane of glass management of heterogenous, multi-cluster customer environments, allowing customers to leverage containers across hybrid and multi-cloud environments.  Unlike many other companies, SUSE has chosen to not integrate specific application modernization services into SUSE Rancher but instead to address these requirements by offering customers the access to common open-source and ISV offerings.

SUSE has two solution delivery models for SUSE Rancher – the dominant installed model is customer self-managed, but customers can also avoid capital investment and some operations training while enabling faster time-to-usage by leveraging a SUSE-operated container management service (with defined SLA) offered on top of the AWS cloud (SUSE Rancher Hosted).  This hosted offering supports management of hybrid and multi-cloud environments.

Evaluator Group Opinion

SUSE is one of the leaders in the container managed platform market, with a large SUSE Rancher install base, a strong investment in the relevant open-source development community, and a portfolio of complementary partners.

The SUSE solution portfolio has its greatest strength in its ability to support a customer’s requirements from low-cost entry to a scaled-out hybrid and multi-cloud environment with an offering with full functionality from the first install (no need to upgrade for advanced functionality) and which is closely aligned with upstream open source.  This means SUSE Rancher is highly portable, giving customers the opportunity for flexibility in deployment with minimal lock-in to the solution.   SUSE also focuses heavily on ease of use, giving customers pre-packaged features for fast deployment and easier operation, and on advanced security features, added via the company’s recent acquisition of NeuVector.

SUSE Rancher does not include a solution to integrate management of containers into ongoing operational management of existing VMware vSphere systems from a single console, nor pre-integrated offerings for AI, data science or database.

SUSE has a solid foundation (and appears to be continuing to invest) in a solid suite of offerings for the Edge, including at the industrial level.

Customers who are looking for a solid technical approach to containerization, with the minimum risk of vendor lock-in, will be well-served by this offering.

VMware Tanzu

VMware offers a portfolio of container management and application modernization solutions, under the Tanzu brand.  These offerings provide container management of both hybrid and multi-cloud environments, including operating on all three major public clouds. Customers desiring integrated application modernization tools – and easy integration of relational database will find a rich suite of services to choose from.

VMware is highly focused on assisting customers with professional expertise; the company is best-in-market for providing professional services to assist customers with creating and executing a Kubernetes orchestration and application modernization strategy.

While the container management offerings include both software platform options for the customer to control and operate, and managed service offerings operated by Tanzu staff from the cloud, the options are not functionally equivalent. The VMware container management platform (customer-managed) offerings are best suited to managing one to a few Kubernetes clusters.  The requirements of larger, scaled-out Enterprise environments are served through Tanzu-managed container services, via Tanzu Mission Control, as part of Tanzu Kubernetes for Operations.

As a managed service, VMware takes full responsibility for site reliability engineering of all Tanzu elements, including deployment, update, operations, sustaining engineering and problem management.  The underlying infrastructure required to operate the global control functionality is also structured and managed by VMware, and the service is covered by a financially-backed service-level agreement (SLA).

Evaluator Group Opinion

VMware’s Tanzu portfolio includes many assets, and their expertise and professional services capabilities in application modernization and the container market are best in class, but there are meaningful gaps in the portfolio as customers attempt to address some of the common use cases in container management.

Tanzu Basic is an excellent solution for vSphere customers getting started with containers.  Smaller enterprises who do not foresee themselves outgrowing a “cluster at a time” management model should strongly consider this offering.  But – for larger enterprises (or those foreseeing multi-cluster growth), buyers should consider that they will still need to cross the disruptive transition to native Kubernetes (as offered by Tanzu Kubernetes for Operations) to achieve multi-cluster, hybrid, and multi-cloud functionality.

Tanzu offerings for application modernization are (potentially) headed to being world-class, but customers need to understand the future of Tanzu Application Services, as well as how Tanzu Application Platform will fit (or not) into the core Tanzu suite.

The Tanzu AI/ML strategy also appears to have migrated its customer engagement from providing use case templates to customers, to leveraging a a partner relationship with Nvidia (whose strength historically is hardware).  Customers choosing Tanzu Kubernetes for Operations but looking to rapidly deploy a data science or analytics toolkit will need to provision these pieces from another vendor, requiring separate support.

And for customers seeking a strong edge solution, the VMware edge deliverables (and references) are clearly trailing some key competitors in delivery for thin/far/industrial edge use cases.

Forgot your password? Reset it here.