Managing containers at scale!
Gartner recently released the Market Guide for Container Management Software – a sure sign that this space is maturing and adoption is becoming mainstream! The report highlights a key point – that while container orchestration is a key capability to be considered, other areas including application lifecycle management, policy management, monitoring, security governance, API, management UI etc. need to be considered as well when selecting an enterprise grade solution. At Nirmata, we fully agree!!
In this post, I will list the attributes Gartner identifies for evaluating container management solutions and discuss how Nirmata addresses these requirements.
Here is a quick summary of what Nirmata provides for each of the attributes listed in the report.
|Management User Interface||Yes|
|Image Registry||Yes, via integrations|
|Service Discovery and Registration||Built-in, DNS based|
|Ingress Service Routing||Built-in service gateway|
|Orchestration||Built-in and Kubernetes|
|Scheduling||Built-in and Kubernetes|
|Container Runtime||Docker engine|
|Security||RBAC, SSO with SAML 2.0, Network Segmentation, Others via integration|
|Governance||Policy based resource control|
|Monitoring||Built-in, Alarms, Notifications and Actions|
Details of how Nirmata addresses each attribute:
Management User Interface – Building a great user experience is hard! A graphical UI, if it is intuitive and well-designed, quickly becomes the primary user interface, especially for complex applications. At Nirmata, we obsess over providing delightful user experience and have built a feature rich and intuitive graphical UI to help users manage their containerized applications. Our UI leverages our REST APIs ensuring that all product capabilities can be directly accessed via APIs, if needed.
API – Today, we are in the age of extreme automation, every product needs to take an API first approach. At Nirmata, we have incorporated industry best practices to build a robust and comprehensive REST API. The API supports advanced operations, including transactions, queries, bulk updates, and easy navigation across an object model. In addition to using the API from our graphical UI, our customers use the API directly from their tools, such as Jenkins, to automate application deployment and management. APIs are also leveraged for monitoring applications, governing and alerting users when necessary.
DevOps Workflows – DevOps workflows are arguably the most important capability for a container management solution. Automating these workflows, while providing extensibility, is where Nirmata shines. DevOps workflows can span multiple systems such as container registry, public or private cloud etc. At Nirmata, we have worked closely with our enterprise customers to identify mundane, time consuming tasks, such as redeploying entire application environments or automating feature testing, so that our users can spend their precious time working on more important tasks. DevOps teams can easily setting up end to end continuous delivery pipelines accelerating feature velocity without sacrificing quality.
Image Registry – When using containers, an image registry is required. Nirmata does not provide a built-in image registry but we integrate with all the popular image registries currently available including Docker Hub, JFrog Artifactory, Sonatype Nexus etc. Since most image registries comply with the docker registry API format, adding new integrations into Nirmata is very easy. Nirmata also integrates with Amazon ECR which uses AWS IAM for user access control. Check out our recent post for some more information on various image registries that are available.
Service Discovery and Registration – For modern applications, service discovery and registration is mandatory. These applications tend to be dynamic with microservices being deployed (in containers) on demand. Nirmata has built-in DNS based service discovery eliminating a need for any external solutions. Once the application is deployed, Nirmata performs periodic health checks and ensures that healthy services can be reached with the unhealthy ones are not reachable resulting in fewer retries and lower latencies.
Ingress Service Routing – An ingress service gateway acts as an API/request router for the application. Nirmata provides an optional service gateway which can be added to any application so that external clients can communicate with the services of an application without knowing the exact location/address of the service. Service gateway routes are automatically updated whenever a service gets deployed or removed. Service gateway metrics also provide visibility into the health and performance of the application.
Orchestration – Orchestration engine forms the heart of any container management solution. Nirmata is built on a flexible and extensible orchestration engine which not only orchestrates application containers but also underlying resources (VMs, storage, networking etc.). Users can not only perform rolling upgrades and rollbacks but also scale the application up or down based on predefined policies and provision the infrastructure accordingly.
Scheduling – Placing containers based on available resources is a fundamental requirement for container management. Nirmata includes a built-in placement engine for deploying containers based on available resources. More recently, Nirmata also supports Kubernetes for container scheduling and orchestration giving users a choice and flexibility.
Container Runtime – Container runtime performs operations related to individual containers. Nirmata currently supports docker engine as the container runtime. However as more container runtimes emerge, e.g. containerd, runc, etc., they will be supported in Nirmata as well.
Security – Several aspects of security need to be considered when using containers. Nirmata provides role-based access control as well as network segmentation to improve container security. Recently, Nirmata also added support for Single Sign On (SSO) using the Security Assertions Markup Language (SAML) 2.0. Nirmata also integrates with other solutions for image signing, security scanning etc.
Governance – In an enterprise environment with multiple users and teams, governance and audit trail are necessary. Nirmata’s policy based approach ensures that appropriate resources are used when an application is deployed. Operations team can set up infrastructure policies which can be used in applications. This ensures that developers don’t have to deal with infrastructure and the application deployments are always compliant.
Monitoring – Monitoring is necessary to close the feedback loop with the orchestration layer once an application is deployed. Nirmata, has built-in monitoring for application and infrastructure states as well as various metrics. Users can create alarms based on state changes or metrics thresholds. These alarms not only notify users about any abnormal condition but can also remediate the condition if an action is configured.
Based on our experience, I believe that the attributes listed in the Gartner report are a great guide to evaluating and choosing enterprise-grade container management solution. Nirmata is one of the few solutions that provides a comprehensive set of capabilities to help enterprises successfully accelerate their adoption of containers and ultimately gain significant business agility. And our focus continues to be to work with our customers to build the best-in-class solution for container-native application management across public and private clouds. For more insights on selecting a container management solution, check out our Evaluator’s Guide to Enterprise-Grade Container Management.