OM023765

All set! This article has been sent to my@email.address.

All fields are required. For multiple recipients, separate email addresses with a semicolon.

Please make sure all fields are completed.

Please enter a valid e-mail address

Please make sure you have filled out all fields

Name

Please make sure you have filled out all fields

Subject:

Add a personalized message to your email

Cancel

Please Note: Only individuals with an active subscription will be able to access the full article. All other readers will be directed to the abstract and would need to subscribe.

Omdia Universe: Container Management Solutions, 2022–23

Vendor Assessment 28 Apr 2022 Roy Illsley

This Vendor Assessment is included in

Figures & Downloads

Contents

Managing microservices and container workloads requires new capabilities compared to managing VMs, this report compares the leading solutions

Download Omdia Universe Container Management Solutions 2022 2023 - 4.59mb | pdf

Summary

Catalyst

The growth in cloud-native applications(built to execute in the cloud independent of the underlying infrastructure) is synonymous with container use. However, container technology introduces specific challenges for CIOs, the not least of which is the lack of skills in managing large-scale container environments. It is important to understand the key challenges with adopting containers at scale from a management perspective and to discover some of the different vendor approaches to mitigating these challenges.

Figure 1: The Omdia Universe for container management solutions Source: Omdia

All vendors included in the report were approached and provided input to this study.

Omdia view

We are shifting from a predominantly VM-based world to a more mixed cloud-native and VM-based reality. Over the next five years, VMs’ dominance will erode as more workloads are developed and deployed in container-based environments. While Omdia does not believe that all workloads will become container-based, we expect this to represent a significant proportion of workloads by 2023. The developer community has been quick to see the potential of containers and has embraced the technology. However, this shift requires an equally significant cultural and skills shift to occur within operations and security teams, and this is one of the forces holding back the faster adoption of containers.

Software vendors and cloud service providers are responding to this resistance by designing solutions and services to simplify the management of a container environment. The important elements of any container management solution differ significantly from those of a traditional VM management solution. Customers are looking to build high-scale services consisting of microservices. This differs from a traditional VM management solution because containers are application-based, not machine-based. Even though container management is more application-based, the high-level capabilities required in any management solution are the same, but the detailed approach taken by container management solutions will differ. Container management solutions take into account that environments are distributed and that applications move and are ephemeral.

Analyzing the container management solutions universe

Market definition

Omdia believes 10 capabilities are key to any container management solution: developer experience, runtime and registries, scale and flexibility, security operations, operational management, pricing and TCO, observability, support and training, open source credentials, and automation.

Developer experience

Developers drive the adoption of cloud-native applications, and any container management solution must recognize their needs and make the developer experience as productive and intuitive as possible.

Runtime and registries

One of the aspects of a container management solution that differs from the existing VM management solutions is that it must accommodate the developers and operational teams. The runtime and registries are a critical component of the cloud-native ecosystem, and responsibility for managing these must be an integral part of any solution.

Scale and flexibility

The big challenge is for organizations to manage container environments irrespective of where the containers are executing (on-premises or in a cloud). The other significant challenge is managing the sheer number of container images, which in a microservices architecture are likely to be an order of magnitude greater than the VMs currently managed.

Security operations

The security requirements in a container environment are different from those in a VM environment. Any solution must deal with the specific security requirements of applications as well as more traditional infrastructure security concerns.

Operational management

Managing a container differs from managing a VM. A container requires the workload to be managed separately from the host VM. This means that in a container-based environment, the containers are more portable and significantly greater in number. Therefore, resource and service management must operate at the very granular resource level, the core infrastructure level (Kubernetes elements such as Pods, worker, and master nodes), and the service level (the combination of many different containers).

Pricing and TCO

This capability compares suppliers on the cost and total cost of ownership (TCO) for several scenarios. Each vendor has a different set of offerings made up of different features and elements (for instance, are the infrastructure resources included, is the offering a fully managed service or a partially managed service, etc.).

Observability

One of the key management activities in a cloud-native environment is the ability to move beyond monitoring and perform observability. Monitoring is tooling or a technical solution that allows teams to watch and understand the state of their systems. Observability is tooling or a technical solution that allows teams to actively debug their systems.

Support and training

One of the main reasons for the popularity of container management solutions is a skills shortage and the need for existing IT staff to manage containers with as much familiarity as possible. This is particularly important from a developer perspective because the correct solution will empower the developers and not get in the way.

Open source credentials

The containers market is still an evolving market and, as such, has a number of competing technology standards. The key element is that any platform can manage the most popular technologies and support industry-recognized standards.

Automation

Managing any container deployment at scale requires the underlying nodes to be managed correctly. The nodes must also remain up to date with current patch levels. Automation plays a significant role in simplifying management tasks—whether they are for the customer or being delivered as a managed service—and it is key to supporting containers at scale operationally.

Market dynamics

Containerization dates back to the 1970s, when the technology was initially used solely for isolating application code. The technology initially lacked the usability and portability benefits users have come to expect since the launch of Docker and the introduction of the container engine in 2013. The containerization movement then formed around the open source project, which addresses the common pain point of “dependency hell,” the challenge of making an ever-increasing set of applications, language(s), frameworks, and more interact properly with an ever-increasing set of hardware environments. Kubernetes has its roots in work done by Google, and it launched at DockerCon in 2014. Google had been running containerized workloads in production for more than a decade, and through an internal project named Borg, it developed an orchestration engine. Kubernetes traces its lineage directly from Borg. Many of the developers at Google working on Kubernetes were formerly developers on the Borg project. However, other approaches were also being developed, most notably Service Fabric, which is Microsoft’s container orchestrator solution for deploying microservices across a cluster of machines.

The container market is evolving rapidly, and therefore the container management solutions market is equally dynamic. The market is exhibiting great momentum for containers and equal momentum to drive standardization to accelerate adoption and industry growth. Kubernetes is a ubiquitous solution while AWS ECS and HashiCorp Nomad are widely used alternatives. Some approaches, notably Swarm and Mesos, are open source projects that did not survive. However, Kubernetes and other orchestrators and concepts are often alien to IT administrators, so the direct use of Kubernetes to orchestrate a large deployment can be challenging. The rise of container management solutions has helped IT administrators remove some of the complexities of using Kubernetes and bridge the new and existing operational activities, enabling organizations to transition at a pace that fits business demand and IT capability.

The evolution of the container management market will almost certainly be led by solutions that augment the use of new technologies in the storage, security, and network spaces into a single management offering. Current solutions mostly take the Kubernetes orchestration solution and wrap other management functions around it, creating more of an enterprise solution. However, as the use of these solutions expands, more gaps in capability will be discovered, and the solutions must be flexible enough to accommodate these changes. Many of the solutions are designed to be “open” and extensible to support vendor-specific hardware and new operating models. Omdia expects the market to rapidly expand, with many operational management, cloud service provider, and monitoring vendors producing solutions. Ultimately, the market will coalesce on a smaller number of solutions, almost exclusively built using “open source” as the design criteria.

Figure 2: Vendor rankings in the container management solutions Universe Source: Omdia

Market overview

While the Omdia Universe classifies all the vendors into three distinct groups (Figure 1) based on their scores, the separation between the best- and worst-performing vendors was only 8% in terms of the overall weighted total Universe score; this gap was 5% between the leaders and the challengers. These results demonstrate that most container management solutions share a similar core set of capabilities, and the differences are more about how the solutions add value and are used.

Market leaders

The leaders (Figure 2) all recorded a weighted total Universe score (average of capability, customer feedback, and market impact) of over 62%, and they also scored an average weighted capability score (average of all the capabilities measured and the calculated measures) of over 64%. The leader category consists of two distinct, tightly formed groups. AWS, Red Hat, and VMware recorded an average weighted capability score of over 66% and were clear leaders. However, Alibaba, Huawei, IBM, and Oracle recorded an average weighted capability score of over 64%. The formation of clusters shows that the leader’s market has some differentiation between offerings, but the differences are more nuanced than fundamental in nature. The leaders were also responsible for 70% of the sub-category leading scores, further underlining their difference from the challengers. The leaders did not demonstrate significant strength compared to any other classification in terms of customer feedback scores. However, the leaders’ willingness to recommend scores were consistent, with all recording scores between 83% and 88%.

Market challengers

The challengers (Canonical, Mirantis, Rafay, SUSE, and Tencent) are closely grouped as they all recorded a weighted total Universe score of 59% and a weighted capability score of 62%. The challengers were responsible for only 30% of the top sub-category scores. Again, it is evident that although the leaders and challengers show areas of clear separation, these were not in any fundamental capabilities but were more related to the way some challengers’ capabilities are solely based on the upstream Kubernetes capabilities whereas the leaders demonstrated they have augmented these as enhancements. The challengers were not inferior to the leaders in terms of customer feedback: a challenger achieved the top category score for customer feedback, and challengers recorded two top sub-category scores in customer experience out of the three measured. However, the challengers were less consistent as a group, with wider variation between the highest and lowest scorers.

Market prospects

The prospects (HashiCorp) recorded a weighted total Universe score of less than 56% and a weighted capability score of less than 59%. This category shows some areas where there is clear differentiation between the leaders and challengers in terms of capabilities. However, much of the prospect’s scoring was due to an unwillingness/inability to provide answers to some critical questions.

Opportunities

The market for container management is growing rapidly as more organizations adopt the technology. However, in these early days of adoption, many organizations are not mature enough to have experienced all the challenges of managing containers at scale. Offering solutions that allow the customers to grow and use the most appropriate ways to manage their container estate is a key vendor capability. Omdia believes that vendor offerings that match customer needs will enable vendors to retain customers as they navigate and expand on their container journey.

Threats

The current market has many different vendor solutions that offer similar capabilities. However, customers are increasingly looking to adopt solutions for managing and executing containers in multiple environments that cross public cloud providers and on-premises and off-premises environments. According to Omdia’s research, the edge will be predominantly based on containers, representing a highly distributed and diverse environment. Omdia believes that any solution that does not address the need of the edge and include interoperability with different technology stacks will struggle to win and retain users. The other main threat to the market is forcing customers to only use a solution that has its control plane hosted in a single vendor’s environment. While this approach (central control plane) delivers the simplicity customers seek, it fails the flexibility test. Therefore, any container management solution must offer a choice of how the solution is managed (self-managed or managed service) and where any control plane is hosted (in a single vendor’s environment or in any environment).

Market outlook

The software forecast for container management solutions/platforms shows a CAGR of nearly 25% 2020 to 2025, and the market will be worth nearly $7.5 billion in 2025. Unlike some other technologies (i.e., the hybrid and multicloud management market), the container management market shows greater variation between industry verticals and geographies. The industry vertical with the slowest growth and smallest market worth by 2025 is the energy sector, with a CAGR of 19% and a market worth of $177 million in 2025. By contrast, the fastest-growing vertical with a CAGR of just over 28% is media and entertainment, and the largest market vertical by value in 2025 will be retail at $727 million (nearly 10% of the total market). Omdia’s IoT, Cloud, 5G, and Digital Workplace – IT Enterprise Insights 2022 survey data confirms this variation among industries. The percentage of workloads running cloud-native environments in 2021 for the retail sector was just over 35%, and the energy sector reported less than 30% of workloads running in cloud-native environments.

Indonesia is the fastest growing geography for container management solutions with a 2020–25 CAGR of 41%, and Japan is the slowest with a CAGR of just below 21%. Again, looking at cloud-native workloads, this time by geography, Indonesia has 35% of workloads running as cloud-native in 2021 compared to less than 33% in Japan. This variation in workload percentages appears too small compared to the difference in CAGR. However, Japan expects to show a minimal increase to just less than 34% of workloads in cloud-native environments in 2023, compared to Indonesia, where nearly 37% of workloads are expected to be in cloud-native environments, indicating faster growth in Indonesia. The other factor is the market size in these two countries: by 2025, Japan is expected to be worth $255 million ($99 million in 2020) and Indonesia $125 million ($22 million in 2020).

When it comes to market value, the US is the largest market with a forecast of $2.4 billion by 2025 (and a CAGR of just 22%), but China is the second-largest market with a forecast of nearly $1 billion by 2025 (actual figure $939 million) but a CAGR of 39%. The US expects 34% of workloads to be running in a cloud-native environment in 2023, up from 32% in 2021. In comparison, China in 2021 reported that 33% of workloads were running in cloud-native environments, which is expected to increase to 36% in 2023. In both cases, this shift is at the expense of virtualized workloads, with legacy non-virtualized workloads remaining fairly consistent at approximately 19%.

Vendor analysis

Alibaba (Omdia recommendation: Leader)

Alibaba should appear on your shortlist if you are looking for a consistent solution with robust capabilities in all sub-categories.

Overview

Alibaba is a leader in this report, with an overall weighted average capability score of 64.4% and a weighted average total Omdia Universe score of 62.3%. Alibaba was a consistent performer with scoring across all capabilities varying by only 15 percentage points—better than the 23 percentage point average variation for the cohort—and with the joint second-lowest variance overall. Alibaba was also one of only five vendors to score above 50% for all sub-categories in the capability questions, further demonstrating its consistency of performance. Another measure of Alibaba’s consistency is that it only recorded three sub-category scores below the average, which was in line with the leaders and better than the challenger average of six. The other observation from this degree of consistency is that Alibaba did not record any leading sub-category scores for capability or customer feedback. Alibaba’s overall score for customer experience was in line with the average, but it was above average in the recommendations score. Alibaba’s market impact score was above average as it has more than 20,000 customers globally and records more than 2 billion image pulls per month.

Figure 3: Omdia Universe ratings—Alibaba Source: Omdia

Strengths

Alibaba was strongest in the scale and flexibility sub-category, scoring 66%. The vendor has a few capabilities in this area that contributed to its score. Alibaba enables high availability by making sure the control plane of its managed Kubernetes service has multiple replicas across multiple availability zones. It also ensures that the data is protected with hot backup and cross-regional disaster recovery backup. Alibaba’s other noteworthy strength in this sub-category is the range of environments it supports, including various node operating systems: Alibaba Cloud Linux 2.x/3.x, CentOS 7.x, Windows Server 2019, and Windows Server version 1809 and later. It can also support existing nodes with customized images. The flexibility of Alibaba’s ACK ONE solution impressed Omdia, particularly in relation to providing consistent security management across the environments. Two noteworthy aspects are ACK’s ability to automate policy enforcement and perform security inspection. However, the real value is in ACK’s native container support, where its container security radar visualizes the real-time network topology and cluster assets, and the container firewall provides a granular, declarative policy for the container workload.

Alibaba’s second strongest sub-category was run time and registries, where it recorded a score of 65%, the third-highest sub-category score and behind only the top category score of 67%. One of Alibaba’s strengths is its range of supported container runtimes and registries; the vendor supports containers, Docker, and other open container initiative (OCI) containers. Although it is not the most comprehensive list in the cohort, it is above the average and standard offering. Alibaba also provides the operational management capabilities needed to ensure the containers are secure, including image scanning, vulnerability analysis, vulnerabilities repair, and image signing. Omdia also likes Alibaba’s approach to workflow, with its cloud-native application delivery chain feature. This feature allows developers and administrators to freely combine tasks such as image building, image security scanning, geo-replication, image distribution, and image deployment in a single delivery chain. The cloud-native delivery chain can be fully observable, traceable, and secure.

Alibaba’s third strongest sub-category was open source credentials, where it scored 63%, an impressive 8% above the average and 21% better than the lowest score from competitors in the sub-category. Alibaba is a platinum member of the Cloud Native Computing Foundation (CNCF) and a general member of OCI. The vendor has an impressive list of open source projects it has been active in over the past 12 months, such as Apache RocketMQ, Dragonfly, and KubeVela to name but a few.

Limitations

Alibaba’s weakest sub-category was automation, where it scored just over 51%, which was broadly in line with the average score of just over 54%. Alibaba provides some capabilities that are above the average, such as its Yida low code platform that helps users build simple automation applications. However, most of Alibaba’s automation capabilities were based on Kubernetes standard capabilities, which was a common response from most vendors, and hence why Alibaba was in-line with the average.

AWS (Omdia recommendation: Leader)

AWS should appear on your shortlist if you are looking for a vendor with a long history of managing containers at scale and an innovator in delivering solutions that solve customer challenges.

Overview

It should be no surprise that AWS is a leader in the Omdia Universe, as AWS has long been the environment where the majority of containers in production are executed. AWS has built an expertise in managing containers at scale, which it has translated into a set of solutions for its customers. AWS has faced more competition to its dominance in the execution market (where containers are being run) as a greater choice of environments now support containers. However, its management experience has enabled the vendor to develop solutions that meet the needs of customers who are new to managing fleets of containers. AWS is a leader in the container management solutions market with a weighted total capability score of 66.1% and a weighted total Universe score of 63% (the average of capability, customer feedback, and market impact). AWS was the most prolific in terms of top sub-category scores, with 6 out of the 15 recorded top sub-category leading scores. AWS has a range of solutions for its customers that provide choice, from a fully managed service to a DIY approach. The vendor also developed capabilities such as EKS Anywhere, which allows customers to run and manage containers anywhere from an on-premises location to a public cloud. AWS scored well in customer feedback for willingness to recommend, where it was third with 86%; overall, customers rated AWS as in line with the cohort average.

Figure 4: Omdia Universe ratings—AWS Source: Omdia

Strengths

AWS had sub-category leading scores of 73% for both support and training and operational management. In operational management, AWS provides a number of services with different options that offer higher degrees of opinionated control or management for customers. In general, AWS aims to remove undifferentiated heavy lifting, which is where most customers realize the greatest benefit. Omdia believes that AWS’s value add in this space is its ability to let customers choose how much is managed (or not) based on their own specific needs. AWS categorizes its services into a three-tiered hierarchy (capacity, orchestration, and provisioning) under a holistic offering.

Capacity: This is where the resources needed to run the container are managed; this includes AWS-managed services such as EC2 and AWS Fargate. AWS also supports customer-managed capacity, which can be characterized as the “DIY” option.
Orchestration: Amazon EKS, ECS, and Red Hat OpenShift on AWS (ROSA) manage control planes for customers, which let them run complex applications with a high degree of control and without worrying about management of infrastructure.
Provisioning: This is a set of products and tools that interface with the orchestrators and hide (or do not hide) the complexities of the orchestration layer. This layer includes services such as Docker Composer, AWS App Runner, AWS Copilot, AWS IoT Greengrass, AWS Elastic Beanstalk, AWS Amplify, Amazon Lightsail, and AWS Batch.

The other strongest sub-category was support and training, where AWS is the clear leader by almost 10% above the second-place vendor and over 15% above the cohort average score. AWS has developed a series of offerings that meet enterprise customers’ support and quality training needs. Services covering migration, training, implementation support, and professional services for development are offered through AWS Professional Services. AWS Professional Services created the AWS Cloud Adoption Framework (AWS CAF) to help organizations develop and execute efficient and effective plans for their cloud adoption journeys. The guidance and best practices provided by the framework help customers build a comprehensive approach to cloud computing across their organizations and throughout the IT lifecycle. Using the AWS CAF helps customers realize measurable business benefits from cloud adoption faster and with less risk. AWS Digital Training offers free, on-demand courses developed by the experts at AWS. With its new learning center, AWS Skill Builder, customers can explore learning plans and more than 500 digital courses to help develop individual careers. In fact, millions of learners have already accessed these free digital training courses, which are available in 16 different languages.

AWS’s third strongest sub-category was security operation, where it had another sub-category leading score of 71%. One of AWS’s key strengths is the approach it has taken to separate the control plane from the data plane by using two VPCs, which provides added security compared to other approaches where they are on a single network. This separation remedies most common security issues or misconfigurations encountered in self-managed systems. Internal control plane hardening is conducted under the guidelines and review of the AWS Security team and is consistent with the procedures used by other AWS services. Another key strength is there is no direct access to the control plane nodes or etcd from the internet or the customer network. The only service exposed is the API server, and that is gated by authentication (AuthN) and authorization (AuthZ). Using a defense-in-depth approach, AWS Config enables customers to assess, audit, and evaluate the configurations of AWS resources, including AWS container services. This demonstrates AWS’s commitment to security management and is why it was the sub-category leader.

Limitations

AWS’s weakest sub-category was open source credentials, where it scored 42%, which was affected by AWS not being able to answer all of the questions. In fact, AWS could or did not answer 50% of the questions, so this must be taken into account when considering this as a weakness.

Canonical (Omdia recommendation: Challenger)

Canonical should appear on your shortlist if you are looking for a vendor with a flexible, innovative solution that delivers highly in terms of price and TCO.

Overview

Canonical is classified as a challenger in the Omdia Universe; the vendor recorded a weighted total capability score of 62% and a weighted total Universe score of 59%. Canonical was the clear customer choice, with the top customer feedback average score of 90% and a second highest category score for pricing and TCO of 75%. However, Canonical was too inconsistent overall, with 10 scores in line or just below the average score among the 15 different classifications, 3 scores well above the average, and 2 scores well below the average.

Figure 5: Omdia Universe ratings—Canonical Source: Omdia

Strengths

Canonical’s strongest sub-categories were in pricing and TCO and scale and flexibility, where it scored 75% in each. Canonical had the top sub-category score for pricing and TCO and was 9% ahead of the second-place vendor in this category and 14% above the average. One of Canonical’s strengths is the approach it takes to pricing. Canonical Kubernetes is freely available for all users to download and use. It is only for companies that need support for Kubernetes clusters that involve a cost to the customer. Canonical provides a security maintenance and support subscription called Ubuntu Advantage. The pricing is based on physical or virtual node count; for example, if a customer wants 24/7 support for a Kubernetes cluster running on 12 virtual machines, they would need to pay 12 x $500 = $6000. However, cost is only one aspect of TCO. In terms of value, Canonical leverages the Juju Operator Lifecycle Management tool to automate application and infrastructure lifecycle operations, improving the efficiency of managing cloud-native estates at scale. Canonical support and managed services teams use the same tool, which is why it can offer a competitive price-to-performance ratio to its customers.

Canonical also scored 75% for scale and flexibility, but this was the third highest score at only 5% behind the sub-category leader. Omdia believes Canonical’s strength is its approach to APIs. The Charmed Kubernetes platform is deployed using Juju and interacts with the underlying API(s) provided by the target platform. When deployed on private clouds and public clouds, scaling with Juju is possible because it can create and destroy machines and deploy services onto the machines with all the relationships and configuration information. A simple example exemplifies the user-friendly commands: in etcd, if a customer wants to add an extra node, they can use the command juju add unit etcd.

The default Charmed Kubernetes architecture is not fixed, and scaling can be achieved at the Pod level for horizontal and vertical autoscaling using Kubernetes.

Canonicals’ third strongest category was operational management, where it scored 62%, which was in line with the average. Most of Canonical’s strength is due to the approach Canonical Kubernetes takes to Day-2 operations. The Juju Operator Lifecycle Manager (OLM) handles these activities. Charmed operators—typically written in Python—drive individual software components. The Charmed operators’ code defines specific actions and configurations and is designed to automate operational activities such as backup/restore, change configuration, etc. Omdia likes that the Charmed operators are all delivered as part of the solution.

Limitations

Canonical’s weakest sub-category was observability, where it recorded a score of 49%. However, there are two key reasons why Canonical scored poorly: it does not integrate with third-party AIOps solutions, and it currently does not use AI/ML techniques. However, Omdia did like that Canonical Kubernetes is deployed and integrated with the Canonical Observability Stack (COS). Support for the Kubernetes cluster and COS components are covered under the same subscription.

HashiCorp (Omdia recommendation: Prospect)

HashiCorp should appear on your shortlist if you are looking for an alternative to the Kubernetes-based solutions that form the majority of the market.

Overview

HashiCorp is classified in this Universe as a Prospect, which reflects the fact that the questions asked focused on the Kubernetes ecosystem, and HashiCorp is an open source project that offers an alternative to Kubernetes. HashiCorp could not answer 33 of the 92 questions, which is the main reason it only scored a weighted total capability score of 58% and a weighted Universe total score of 56%. Considering that for nearly a third of the questions, HashiCorp scored zero or a nominal partial capability score (based on Omdia’s secondary research), its performance was very good. HashiCorp scored above average for two categories; one of these was customer feedback, which is a significant indicator of how its users rate the vendor. The other area was developer experience, where HashiCorp also achieved a top sub-category score. Another key factor to consider is that Nomad is focused only on cluster management and scheduling, and although Nomad is directly affixed to Kubernetes, Nomad supports container network interface (CNI), container storage interface (CSI), and many other leading open source projects for container management.

Figure 6: Omdia Universe ratings—HashiCorp Source: Omdia

Strengths

HashiCorp’s strongest capability was developer experience, where it scored 75%, the top sub-category score. From a developer experience perspective, the fact that HashiCorp Nomad integrates seamlessly with HashiCorp Consul for service discovery and HashiCorp Vault for secrets management was a strength, but Nomad’s ability to use other service discovery tools made it so developer friendly. In fact, Nomad has an extensible plug-in system for task drivers. This allows users to use Docker, ContainerD, or Podman for their container runtime or not to use containers altogether. Tasks can be run using virtual machines, BSD Jails, LXC, raw executables, remote runtimes like AWS Lambda, or any runtime of choice with a custom driver. Nomad also integrates with leading APMs, including Prometheus, Datadog, and Splunk. This flexibility is a real strength for developers, and Omdia considers HashiCorp to be noteworthy in its approach to GitOps. For example, Nomad exposes the API for the CLI and HTTP(s), so it is not really limited in any way, no matter the tools used. Nomad Pack is currently in tech preview, but it is a package manager and templating tool that can also support CI/CD pipelines by having the CI tool invoke the pack on merge and then reconcile the new job spec.

HashiCorp’s second strongest capability was scale and flexibility, where it scored in line with the average at 68%. Omdia liked its approach to edge and Nomad’s ability to enable the use of a simple topology with a single cluster across multiple regions and data centers, or multiple clusters respectively, without the need for an overarching control plane. Nomad’s lack of a built-in service mesh allows it to fit into most networking topologies used with edge compute. Nomad also supports device plug-ins that enable it to take advantage of hardware running on specialized devices.

Limitations

HashiCorp’s difficulty in answering the questions meant its weakest category was open source credentials, where it was unable to answer nearly all of the questions. This was because the wording of the questions focused on the Kubernetes open source projects as examples, and HashiCorp does not participate in these groups. This was the major contributing factor why HashiCorp recorded a score of 34%. However, Omdia does not believe that this truly reflects HashiCorp’s open source credentials—it is primarily an open source company, just not part of the Kubernetes open source projects.

Huawei (Omdia recommendation: Leader)

Huawei should appear on your shortlist if you are looking for a solution that supports a wide range of environments and a vendor that is active in the open source community.

Overview

Huawei is classified as a leader in the Omdia Universe with a weighted capability score of 64% and a weighted total Universe score of 62%. Overall, Huawei scored consistently across the 13 sub-categories in the capability section, with six above average, six in line with the average, and only one below-average score. Huawei did not record any leading sub-category scores but did have three second-highest sub-category scores and one third-highest score. In terms of the customer experience, Huawei scored an average of 81% for all categories rated by the customers, and its scores were consistent, with less than 5% variation across the different sub-categories. It is also important to note that the customer scores were from a mixture of customers in different countries. Analysis of the key reasons customers selected Huawei showed that product quality was overwhelmingly the most important selection criterion, with 42% of customers citing it as top reason for selection. The second most important selection criterion was features and functions with 21% of customers, and support and maintenance was third with 15%.

Figure 7: Omdia Universe ratings—Huawei Source: Omdia

Strengths

Huawei’s strongest sub-category was scale and flexibility, where it scored 70%. It can support any cloud platform or private cloud environment and has a list of certified environments, including Huawei Cloud ECS, FusionCompute, OpenStack, VMWare, QingCloud, and Alibaba Cloud Apsara Stack. Omdia considered the vendor’s ability to manage from the edge to the central core to be noteworthy. Huawei Cloud uses a distributed, cloud-native approach to manage distributed Kubernetes clusters and edge nodes with different specifications. Its solutions align with the capabilities needed in a hybrid and multi-environment world. For example, Ubiquitous Cloud-Native Service (UCS) centrally manages clusters that run on Huawei Cloud, private clouds, third-party clouds, and on-premises. This approach enables customers to centrally manage Kubernetes clusters in different locations on one management console. Huawei also supports multiple network access modes, such as public network, private line, and VPNs. In fact, Huawei unifies many of the required management capabilities such as permissions, security controls, and audit compliance. Its Operator Service Center (OSC) supports Helm and its own operator frameworks. Using OSC customers can interconnect with each cluster in the distributed cloud and deploy third-party cloud-native services in the clusters.

Huawei’s second strongest sub-category was open source credentials, where it scored 69%, which was the second-highest score, only behind the sub-category leading score of 70%. Huawei has taken the open source market seriously and boasts an impressive list of credentials, including a CNCF governing board seat, a CNCF ambassador seat, a CNCF TAG runtime chair seat, a CNCF TOC contributor seat, SIG chair seats, and maintainer seats in Kubernetes; it was also a founder of the CNCF KubeEdge Project, the CNCF Volcano Project, and the CNCF Karmada Project. Huawei benefits from its large customer base and reports an impressive 2.6 million developers using its cloud, which makes it the largest among vendors that provided an answer. Huawei was also one of the largest in terms of cluster size under management, with 10,000 nodes, which was jointly second behind the largest cluster size under management of 13,000. Huawei also reported that it was the number-one contributor as measured by accumulated committed code in Asia and Oceania and number 24 for Kubernetes globally.

Huawei’s third strongest sub-category was developer experience, where it scored 68%. Omdia particularly liked Huawei’s approach to development for multiple environments. Huawei Cloud DevCloud (full-code platform) and AppCube (low-code platform) provide public cloud and hybrid cloud delivery modes. DevCloud’s application development and deployment capabilities are multi-modal and use various technologies to reduce the burden on the developer, such as the ability to deploy applications on physical machines, VMs, containers, or functions. AppCube is Huawei’s low-code platform that enables capabilities, processes, and modules to be built quickly without the user needing to write any code. AppCube also has a low-code capability for more complex applications.

Limitations

Huawei’s weakest capability was automation, where it scored 51%. Huawei’s score was in line with the average and therefore is not a significant weakness. Huawei lacked some of the advanced features of competitors, but its automation capabilities demonstrate a solid, pragmatic approach delivered through its low- and no-code capabilities.

IBM (Omdia recommendation: Leader)

IBM should appear on your shortlist if you are looking for a solution that emphasizes the security of the management process by integrating with DevSecOps.

Figure 8: IBM Voice of the Customer Source: Omdia

Overview

IBM is classified as a leader in this Omdia Universe with a weighted capability score of 64% and a weighted total Universe score of 62%. IBM was the most consistent of all the participants, with a variance between its best and worst scores of just 10 percentage points, compared to the average 23 percentage point variance. IBM also had eight above-average sub-category scores in the capability section, three in-line with average scores, and two below-average scores out of the 13 sub-categories in the capabilities section. The vendor recorded one leading sub-category score and two second-highest sub-category scores. Figure 8 shows a Voice of Customer statement from the customer reviews collected, supported by the fact IBM received the second-highest average customer feedback score of 88%. A detailed analysis of IBM’s customer reviews shows it received the second-highest recommendation score of 88%, the top score for product experience of 95%, and an above-average vendor experience score of 83%.

Figure 9: Omdia Universe ratings—IBM Source: Omdia

Strengths

IBM’s strongest sub-category was runtime and registries, where it scored 66%, just behind the top sub-category score of 67%. IBM supports any registry with a network connection; the default registry is a multi-tenant private registry. However, IBM was noteworthy in its approach to authentication. IBM enables DevSecOps administrators to require multifactor authentication (MFA) for every user in the account (or this could be just users with non-federated IDs who do not use SSO). All users with an IBMid use a time-based one-time passcode (TOTP) MFA method, and any users with a different type of ID must be enabled to use the TOTP, security questions, or external authentication factor separately. This focus on security is key in the runtime and registries, and IBM continues this approach to enable developers to trust the code they pull from these registries.

IBM’s security approach is to provide insights throughout the lifecycle. The Vulnerability Advisor in IBM Cloud Container Registry inspects every layer in each Docker image, regardless of image source, prior to instantiating a live container from that image. IBM enables DevSecOps administrators to set a policy to allow or block users from deploying images that have known vulnerabilities to the clusters. IBM cloud container registry (ICCR) integrates with Docker Notary for image signing capabilities within the platform. Vulnerability Advisor also supports live container scanning, providing insights into newly applicable vulnerabilities discovered by the ecosystem. These capabilities are platform-native, but users have the freedom to leverage the security solutions they choose. IBM has partnered with a number of vendors including Twistlock, NeuVector, Aqua Security, and Aporeto.

IBM’s second strongest sub-categories were operational management and support and training, with each scoring 64%. In operational management, IBM Cloud Satellite provides managed OpenShift clusters running on infrastructure outside of IBM’s control. The products enabled for Satellite are designed to run consistently in any environment. IBM also uses this approach when it comes to application deployment. The vendor supports blue-green application deployments, which work consistently across IBM cloud-native solutions (IBM Cloud Kubernetes Service and Red Hat OpenShift on IBM Cloud) and with distributed cloud offerings (Red Hat OpenShift on IBM Cloud on IBM Cloud Satellite). Overall, Omdia believes that the Kubernetes Service and Managed OpenShift provide simplified Day-2 operations by seamlessly updating the operating system, vulnerability remediation, and Kubernetes, allowing the customer to focus on building applications. The Razee project, which was started to help with scaling out deployments and operational management, has become a full-fledged OS project with an emphasis on scale and visibility.

IBM recorded the second-highest score for support and training, and its support offerings were considered above average compared to its competitors. IBM Cloud has three support plans: basic, advanced, and premium. The basic support is included with an IBM Cloud Pay-As-You-Go or Subscription account and has no additional cost, advanced support price starts at $200 per month and is based on consumption, and premium support pricing starts at $10,000 per month and is based on consumption. All of the support options are provided 24/7, 365 days a year. Support by local technical account managers is available during local business hours in any of the supported national languages listed. IBM also has multiple support centers with bilingual technical support professionals who support local languages as needed. Its supported national languages are Brazilian Portuguese, English, French, German, Japanese, Korean, Italian, Spanish, Simplified Chinese, and Traditional Chinese.

Limitations

IBM’s weakest capability was automation, where it still scored 56%, which was above average. IBM’s automation capabilities were still strong, and IBM Cloud-managed Kubernetes and OpenShift services support the automated deployment of applications through CI/CD pipelines using Kubernetes and OpenShift command-line tools (e.g., kubectl), Helm charts, operators, terraform providers, and third-party integration and tools. This level of capability was the standard and provided by most competitors, which shows that although this was IBM’s weakest capability, it was still above the average standard expected capability.

Mirantis (Omdia recommendation: Challenger)

Mirantis should appear on your shortlist if you are looking for a solution that offers flexibility to easily switch between Kubernetes, Swarm, and mixed-mode operations on Linux and Windows worker nodes.

Overview

Mirantis is classified as a challenger in the Omdia Universe; it recorded a weighted capability score of 62% and a weighted Universe total score of 59%. Mirantis was a consistent performer, with the variance between its highest scoring and lowest scoring sub-categories being 17 percentage points, which was above the average of 23 percentage points. This consistency was further demonstrated in its scores when compared to the cohort average. Mirantis scored four above-average scores, six in line with the average, and three below-average scores for the 13 different sub-categories in the capabilities section. In terms of customer feedback, Mirantis was above average in all three categories, with a recommendation score of 88%, which was the second-highest score. Mirantis scored 91% for product experience, again the second-highest score. It recorded 89% for vendor experience, the third-highest score. This resulted in Mirantis recording a weighted average customer experience score of 89%, the second-highest score and only just behind the 90% top customer experience score.

Figure 10: Omdia Universe ratings—Mirantis Source: Omdia

Strengths

Mirantis’s strongest sub-category was scale and flexibility, where it scored 66%. Mirantis is an open solution that can be run on any environment, whether public cloud or on-premises. It also enables customers to easily switch between Kubernetes, Swarm, and mixed-mode operations on Linux and Windows worker nodes. Mirantis has many capabilities designed to make the scaling of any deployment as automated and straightforward as possible. The combination of Mirantis Kubernetes Engine and Mirantis Container Cloud supports the ability to auto-scale horizontal Pods, which works in concert with applications to scale the available resource (worker nodes) dynamically. Mirantis Container Cloud supports Amazon AWS, Microsoft Azure, and Equinix Metal, with more options to come soon. With Mirantis Kubernetes Engine, customers can centrally manage all of the computing resources available to them, such as nodes, volumes, and networks. Omdia also considers that customers can start with a small footprint (one controller, one worker) and grow the number of controllers and workers as needed. Controllers can also have additional resources (CPU, RAM, etc.) added as needed. This demonstrates the flexibility of Mirantis to support the growth of an organization’s container estate in line with the organization’s deployment plans.

Mirantis’s second strongest sub-categories were runtime and registries and security operations, which both scored 64%. Mirantis was above average for runtime and registries, with support for non-native registries. In fact, all Kubernetes, Swarm, and Docker compatible image registries will work with Mirantis Kubernetes Engine as Mirantis implements the standard upstream APIs. Mirantis was also above average when it came to automating registry operations. Mirantis Secure Registry supports configurable image pruning rules to remove old images from repositories. If customers want to clean up dangling image layers, Mirantis Secure Registry supports garbage collection, which frees up unused disk space. As an added bonus, Mirantis Secure Registry not only provides registry functionality but also enables scanning of images in the registry for known security vulnerabilities.

In terms of security operations, Mirantis was again above average. Mirantis Kubernetes Engine has a built-in authentication mechanism and integrates with LDAP services. It also has role-based access control (RBAC) so that customers can control who can access and make changes to an organization’s cluster and applications. Omdia particularly likes the Mirantis approach to security, where permissions must be explicitly granted, thus requiring explicit awareness and action to enable specific actions. As mentioned above, Mirantis Kubernetes Engine integrates with Mirantis Secure Registry so that the Docker images used for the applications can exist safely behind the company’s firewall.

Limitations

Mirantis was weakest in the observability sub-category, where it scored 49%, which was below the average. However, much of this performance is because Mirantis does not have an application monitoring or network connection monitoring capability; it uses a third-party solution to provide these capabilities. Mirantis did score well in the reporting capabilities where the platform includes Mirantis Stacklight, which provides capabilities for monitoring events, alerting, capacity monitoring, and log management. Stacklight is included in Mirantis Container Cloud, and Secure Registry reports on vulnerabilities and licenses inside open source code used in container images.

Oracle (Omdia recommendation: Leader)

Oracle should appear on your shortlist if you are looking for a solution that separates the control and data plane, giving the customer complete data protection and control.

Figure 11: Oracle Voice of the Customer Source: Omdia

Overview

Oracle is classified as a leader in the Omdia Universe because it obtained a weighted capability score of nearly 64.5% and a weighted total Universe score of 62%. Oracle recorded one top sub-category score. The vendor was above average in 11 of the sub-category scores, in line with the average in 3 sub-categories, and below average in only 1 of the 15 sub-categories across the total capabilities in all sections. Oracle performed well in the customer experience questions and was selected for a Voice of the Customer statement (Figure 11). Its weighted average customer experience score was above average at 86% and not far behind the top score of 90%. Oracle recorded 85% willing to recommend the vendor, in line with the average. For product experience and vendor experience, Oracle was well above average with scores of 89% and 87%, respectively. In both instances, Oracle was the fourth-highest at only 6% behind the top score for product experience and 4% behind the top score for vendor experience. However, as Oracle was unable to answer some questions in one sub-category, its variance score (the difference between its strongest and weakest scores) was 24 percentage points, which was marginally above the average.

Figure 12: Omdia Universe ratings—Oracle Source: Omdia

Strengths

Oracle’s strongest sub-category was scale and flexibility, where it recorded a score of 68%. Omdia considers Oracle’s approach to the control and data planes to be impressive. Oracle has opted to completely and transparently manage the cluster control plane for customers using Oracle Kubernetes Engine (OKE). The control plane is automatically patched, updated, and scaled to meet the cluster workload needs without any user involvement. Customers manage the OKE cluster data plane, and they are provided with cluster node autoscaling, horizontal Pod autoscaling, and vertical Pod autoscaling mechanisms to dynamically optimize the data plane resources to fit the application needs. This approach provides a separation of responsibility between the control and data planes and has the added benefit of being a more secure way to deal with the management of any cluster.

Oracle’s other key strength is that there are no theoretical limits to how the platform scales to meet demand. OKE customers have a default limit of 1,000 nodes per cluster and 110 Pods per node. However, by requesting an increase to the default service limit for clusters (15 for customers who pay monthly and 1 for pay-as-you-go customers), customers can have more than 100 clusters per account. This translates to up to 5,000 nodes per cluster and up to 110 Pods per node, which can support up to 150,000 Pods and 300,000 containers. Oracle was also strong in its flexible charging for control plane management. Oracle does not charge a fee for fully managing the OKE cluster control plane and includes enterprise support for free. It makes OKE available as a Day-1 service in every new region where it launches and currently offers managed container orchestration in more regions in the world than any other public cloud provider (37 versus 35 from the next closest competitor).

Oracle’s second strongest sub-categories were runtime and registries and operational management, both scoring 67%. In runtime and registries, Oracle was above average in the supported runtimes because with the release of Kubernetes version 1.20 in July 2021, OKE switched from Docker to CRI-O as the container runtime. CRI-O is an Open Container Initiative compliant implementation of Container Runtime Interface (CRI). Omdia believes that Oracle’s key strength in runtime and registries is how the resources are linked to the runtime. Customers can choose the infrastructure resources they anticipate for their applications at the time of OKE cluster creation. They can further leverage cluster node scaling, horizontal Pod autoscaling, and vertical Pod autoscaling mechanisms to optimize OKE cluster resources dynamically to fit their application needs. OCI also offers flex compute shapes so customers can pick the exact CPU and memory resources needed for rightsizing the compute needs of Kubernetes nodes. Another notable strength of Oracle in this sub-category is how it deals with auto-restart of applications that have an error condition. OKE provides a self-healing platform for automatically managing the “desired” state of Kubernetes workloads. Therefore, if a worker node or Pod is accidentally removed, a new node or Pod is automatically spun up to meet the desired state of the cluster. In addition, all OKE worker nodes ship with a utility called Node Doctor, which can troubleshoot and remediate any issues with the worker nodes that prevent Pods from being properly scheduled to run on them.

In terms of operational management, Oracle was noteworthy for its approach to managing storage and ensuring downtime is minimized. OKE offers broad container storage options through native integration with OCI Block, File, and Object storage services. Customers can use either Container Storage Interface (CSI) or Flex Volume drivers for provisioning storage resources using Kubernetes constructs such as Persistent Volumes (PVs) and Persistent Volume Claims (PVCs). To protect against region-level disaster scenarios, customers can use cross-region replication capabilities provided by OCI storage services. OCI Storage services replicate data across fault and availability domains at all times so that no single failure impacts the availability of application data. Customers can also provision the Kubernetes cluster to ensure that the worker nodes are deployed across fault/availability domains to automatically take advantage of the resilient fault isolation patterns built into OCI.

Limitations

Oracle’s weakest sub-category was open source credentials, where it scored 44%. However, it must be noted that Oracle did not answer four of the eight questions, which seriously influenced the score. In fact, Oracle is actively involved with several Kubernetes project contributions. The list includes but is not limited to Kubernetes operators for Oracle services (e.g., ATP/ADW, Oracle DB, MySQL, Streaming, Coherence, Weblogic.), Verazzano for on-premises/hybrid/multi-cloud orchestration of containers, Kubernetes Cloud Control manager implementation for Oracle Cloud, Kubernetes Cluster Autoscaler, and ExternalDNS.

Rafay (Omdia recommendation: Challenger)

Rafay should appear on your shortlist if you are looking for a new developer-focused solution designed and built for the cloud-native era.

Overview

Rafay is classified as a challenger in the Omdia Universe because it scored a weighted capability score of nearly 63% and a weighted total Universe score of 59%. Rafay performed marginally better than the average in terms of variation between the strongest and weakest sub-categories, with nearly 22 percentage point variance compared to the average of 23 percentage points. This metric measures the degree of consistency across all the scored capabilities. Rafay was unique for a challenger in that it recorded 2 top sub-category scores out of the 15 total capabilities in all sections. Rafay was less successful when viewed by the metric of scores relative to the average. The vendor had five above-average scores, four in line with the average, and six below-average scores. For customer experience, Rafay had a comparatively small number of reviews, and only a few of them answered all the questions. As a result, Rafay recorded a weighted average of 75%. The impact of customers not answering all the questions becomes evident when analyzing the sub-categories in the customer experience section. Rafay scored 74% for willingness to recommend and vendor experience, below the average. However, for product experience, more customers answered this question, and Rafay scored 82%, in line with the average.

Figure 13: Omdia Universe ratings—Rafay Source: Omdia

Strengths

Rafay’s strongest sub-category was developer experience, where it scored 69%, which was above average and the third-highest score at only 6% behind the top score. Omdia likes that the Rafay Kubernetes Operations Platform is agnostic to how applications are developed. Application development is performed “to the left” of the platform, and as a result, it does not impose or require any constraints or limitations. The vendor has clearly put effort into its solution, and the Rafay Kubernetes Operations platform was designed and optimized to help organizations implement the fundamental DevOps principles (shared ownership, workflow automation, and rapid feedback). Turnkey workflows and security (roles, etc.) have been implemented so that organizations can use this in a turnkey manner, avoid reinventing the wheel, and employ best practices. Rafay also delivers on developer experience in DevOps. The Rafay Kubernetes Operations unifies the lifecycle management of Kubernetes clusters and containerized applications. Operations personnel can leverage Rafay to streamline operations by automating lifecycle management of Kubernetes clusters in any cloud, in data centers, or at the edge. This enables organizations to operate infrastructure efficiently in hybrid and multi-cloud environments. Developers can streamline application operations using policy-based, multi-cluster application deployments spanning hybrid and multi-cloud environments.

Rafay’s second strongest sub-category is scale and flexibility, with 68%. Omdia was impressed with how Rafay incorporates edge computing, and this is one of the biggest advantages of the Rafay Kubernetes Operations platform. Using the platform, the customer has the flexibility to start anywhere on the spectrum and evolve the architecture when needed. For example, customers can start with a single-node, converged edge form factor and then add master and/or worker nodes to it to expand or shrink capacity. Rafay was also above average in the different cloud environments supported, including Amazon AWS (EKS), Azure (AKS), GCP (GKE), and Oracle Cloud (OKE). For data center and edge environments, Rafay supports upstream K8s, K3s, Rancher, and OpenShift on-premises.

Rafay’s third strongest sub-category is also one of its top sub-category scores: it recorded 67% for runtime and registries. The vendor supports public and private registries, and it has invested in developing deep integrations with third-party container registry providers. Administrators can securely create, store, and manage images that are pulled by a “secret” from their private container registry repositories (a Kubernetes cluster uses the Secret of kubernetes.io/dockerconfigjson type to authenticate with a container registry to pull a private image). Developers can use these as references/pointers in their workloads. The Rafay platform will securely deliver and automatically provision and deprovision these “secret pulled” images on remote clusters where the workloads need to be deployed. This approach ensures there is no manual handling of secret pulled images by developers or operations personnel. There is also no need to embed secret pulled images in Kubernetes yaml files. They are automatically provisioned and deprovisioned on clusters where workloads are deployed, ensuring that there are no dangling or orphaned secret pulled images on clusters. These secret pulled images can be automatically rotated/refreshed to ensure a higher security posture.

Limitations

Rafay’s weakest sub-category is open source credentials, where it recorded a score of 48%, which was 7% below the average. This score was due to Rafay being the smallest vendor in the Universe, and although the vendor did contribute to several projects, it is not currently a member or above in any cloud-native groups. However, Rafay has publicly announced it will open source its Zero-Trust Access and GitOps Services within the first half of 2022.

Red Hat (Omdia recommendation: Leader)

Red Hat should appear on your shortlist if you are looking for an open solution that can run on a wide range of environments and provides customers with fully managed cloud services and self-managed environments.

Figure 14: Red Hat Voice of the Customer Source: Omdia

Overview

Red Hat is classified as a leader in the Omdia Universe as it had a weighted capability score of 66% and a weighted total Universe score of 63%. Red Hat is 100% open source and has strong representation in the open source community, including Kubernetes and many other related projects. Red Hat was also one of the best performers for sub-category scores compared to the average. Out of the 15 total sub-categories across all sections, Red Hat was above average in 11, in line with the average in 3, and below average in 1. Red Hat only recorded one top sub-category score but received 3 second highest sub-category scores. In terms of consistency, Red Hat’s variance metric (the difference between the strongest and weakest sub-category scores) was just above the average with 25 percentage points, compared to the average of 23 percentage points. Red Hat received a mixed set of results for customer experience; overall, it was in line with the average, scoring 82%. The detailed scores show that customers rated Red Hat above average at 84% for vendor experience, but the product experience was below average at 76%, with the willingness to recommend being average at 84%. Some of the difference in the scores is due to customers not answering all the questions in the review, which meant some questions received fewer responses, making them more susceptible to the impact of erroneous scores.

Figure 15: Omdia Universe ratings—Red Hat Source: Omdia

Strengths

Red Hat’s strongest sub-category was scale and flexibility, where its scored 78%, which was the second-highest score, just behind the leading score of 79%. Omdia likes Red Hat’s approach to control and data plane separation and how this makes the solution more agile in terms of scalability. The Kubernetes architecture (upon which Red Hat OpenShift is built) features a strong separation between the control and data planes. The control plane nodes run only the services required for cluster functionality, while applications and other cluster services run on compute (and optionally infrastructure) nodes. These infrastructure nodes are non-control plane nodes dedicated to running cluster infrastructure services rather than application workloads. This approach means that when dealing with the capacity, Red Hat can be flexible in optimizing the resources needed. Red Hat OpenShift uses the standard Kubernetes scheduler for managing Pod-to-node assignments. However, both the administrator and application developer can add further constraints, selectors, and preferences based on their needs. For example, scheduler profiles express a preference for evenly spreading Pods across all nodes or scheduling Pods to as few nodes as possible. Similarly, the application team can use (anti)affinity between Pods or between Pods and nodes to achieve workload preferences. Finally, tools such as the “de-scheduler” proactively take action to keep node utilization within the defined boundaries by terminating Pods on nodes that exceed the defined threshold so that they may be rescheduled to other nodes.

Red Hat’s second strongest sub-category was operational management, where it recorded another second-highest sub-category score with 71%, compared to the leading score of 73%. Red Hat supports a fully managed offering (including Azure Red Hat OpenShift, Red Hat OpenShift Service on AWS, and OpenShift Dedicated for Google Cloud) and a self-managed offering (which can be deployed on-premises, on public cloud, or in edge deployments), allowing customers to select the approach that best meets their needs. Red Hat also provides persistent storage for customers’ stateful applications and cluster services via its Red Hat OpenShift Platform Plus. The vendsor is in line with most competitors that support all data protocols (file, block, object), but it provides above-average capabilities for other data management tasks, such as data efficiency, resiliency, security, governance, observability, and discovery. Omdia also liked Red Hat’s approach to other management tasks, such as patching. Red Hat has also simplified the installation and operations activities through Kubernetes Operators. Operators are a method of packaging, deploying, and managing a Kubernetes-native application. They enable the Kubernetes-native application to be deployed on Kubernetes and managed using the Kubernetes APIs and kubectl tooling. For self-managed customers using Red Hat Enterprise Linux CoreOS as the underlying operating system within the cluster, all Red Hat OpenShift updates are delivered automatically via container images.

Red Hat’s third strongest sub-category with 69% is developer experience; it has the joint third-highest sub-category score. Red Hat has invested much time in ensuring that the developer experience meets the needs of this audience. Developers can use various IDEs and development environments:

CodeReady Workspaces
CodeReady Containers OpenShift (laptop)
Red Hat CodeReady Studio Eclipse-based IDE with JBoss tools
VS Code OpenShift Extension Pack
Azure DevOps Plugins

Limitations

Red Hat’s weakest sub-category was automation with a score of 53%. Red Hat suffered in the scoring because it lacked low/no-code capabilities. It is worth noting that OpenShift Serverless addresses the low/no-code weakness—but only to an extent. Red Hat advanced cluster management (ACM) and Red Hat advanced cluster security (ACS) provide automated policy enforcement in conjunction with Ansible. However, it was one of the very few vendors to have some sort of solution for environmental sustainability. Red Hat enables administrators to optimize the packing of container hosts in an effort to reduce environmental footprint and increase utilization.

SUSE (Omdia recommendation: Challenger)

SUSE should appear on your shortlist if you are looking for a vendor with impeccable open source credentials and an open and agile solution.

Overview

SUSE is classified as a challenger in the Omdia Universe because it had a weighted capability score of 62% and a weighted total Universe score of 59%. SUSE recorded five scores above average, six below average, and four in line with the average out of the total sub-categories across all sections. SUSE also recorded a variance score of 23 percentage points, in line with the average. Its performance was broadly similar to the other vendors in the challenger category; still, it did demonstrate one key difference in that it recorded a leading sub-category score, one of only six recorded by any vendor not in the leader category. SUSE was again in line with the average for customer experience, recording 83% as an average score. Customers place SUSE as the joint top scorer in the willingness to recommend sub-category with 90% and an above-average score of 88% for product experience. However, its vendor experience score of 67% was below average due to customer ratings for its contract terms and pricing.

Figure 16: Omdia Universe ratings—SUSE Source: Omdia

Strengths

SUSE’s strongest sub-category was open source credentials, where it scored 70%, the top score in the sub-category. In the past 12 months, SUSE was active in over 200 open source projects of its own and others too numerous to mention. SUSE claims that open source projects drive its innovation and SUSE engineers work closely with open source community members to build and refine the technologies that enable customers to innovate everywhere. SUSE also scored well in this sub-category because of its largest customer deployment, with over 10,000 clusters under its management, and its double-digit annual growth rate for the solution. Although open source credentials do not infer anything specific, they provide evidence to back up a vendor’s claims that its services and solutions are born out of open source. Open source is in SUSE’s DNA, and as such, its involvement in the community is an excellent way to demonstrate this to a wider audience. Omdia believes SUSE does not make sufficient use of its strengths in open source; it appears to consider involvement in these projects as the way it does business.

SUSE’s second strongest sub-category was scale and flexibility, where it scored 67%, which was due to the vendor’s ethos and the fact that customers can start with a small, single cluster deployment and scale to a multi-cluster, multi-cloud approach without changing their strategy. This ability is predicated on SUSE Rancher's ability to support any enterprise Linux, including SLES, RHEL, Ubuntu, and Oracle Linux. It also supports any CNCF-certified Kubernetes distribution (not just RKE and K3S). It is also platform and cloud-agnostic and can be run anywhere. SUSE also offers full cluster lifecycle management across major cloud distributions, including EKS, AKS, and GKE.

SUSE’s third strongest sub-category was operational management, where it scored 65%, which was the fourth-highest sub-category score. SUSE allows customers to choose how much—or how little—they want to be involved in operational management activities. SUSE Rancher is offered as a customer-managed solution or a hosted platform that SUSE maintains. SUSE also provides support from its services team to customers who need help with defining the operational strategy.

Limitations

SUSE’s weakest sub-category was automation, where it scored 47%, which was below average. The main reason for SUSE’s performance in this sub-category was that it uses the standard Kubernetes automation capabilities, which all other vendors also use. SUSE also supports third-party solutions such as Ansible, and it contributes to Project Fleet, which helps customers who use GitOps automate parts of their cluster management. SUSE did not have any environmental sustainability capabilities to help organizations ensure they are automatically using the most sustainable environments. Although this seems like a minor issue, Omdia believes that in 2022/2023, helping customers ensure they are being as environmentally sustainable as possible will become a “must-have” capability. We also believe customers will begin to report on their progress toward being net carbon zero, and this will require visibility into the current situation.

Tencent (Omdia recommendation: Challenger)

Tencent should appear on your shortlist if you are looking for a vendor with an agile and flexible solution that supports the many classifications of developers.

Overview

Tencent is classified as a challenger in the Omdia Universe because it scored a weighted capability score of 63% and a weighted total Universe score of 60%. Tencent was one of the most consistent vendors in the Omdia Universe, with a variance score (the difference between the highest score and the lowest score) of 15 percentage points, better than the average of 23 percentage points. Tencent replicated this degree of consistency in its scores across all the sub-categories, where it recorded five above average, two below average, and eight in line with average. Tencent was above average overall for customer experience with a total score of 84%. Detailed customer responses were equally consistent, with the willingness to recommend score of 85% and a product experience score of 81% in line with the average. However, in vendor experience, Tencent was above average with 86%, the fourth-highest score.

Figure 17: Omdia Universe ratings—Tencent Source: Omdia

Strengths

Tencent’s strongest sub-category was developer experience, where it scored 67%. Tencent’s ability to support the different classifications of developers, from the traditional coding of IT professionals to the citizen developer no-code and the many different approaches in between. Omdia likes Tencent’s CODING DevOps, which is designed for the DevOps workflow. It automates code inspection, unit testing, compilation and build, automated deployment, and automated code release. CODING DevOps aims to reduce the work burden on developers by removing many unnecessary process duplications. One side benefit is that developers can continuously improve code quality and development efficiency. Enabling developers’ freedom of choice is key, and Tencent delivers this through its support for multiple languages, such as Python, Node.js, PHP, Golang, Java, Rust, Deno, C#, Swift, and Shell, to name the most popular. Omdia likes that these are all natively supported. In addition to this degree of choice, Tencent Kubernetes Engine (TKE) application market provides a variety of products and services for developers, including Helm Chart, Tencent Container Registry (TCR), and many other software services.

Tencent’s other strongest sub-category is scale and flexibility with 67%. The vendor supports a good range of operating systems, including Linux (CentOS, Ubuntu, Debian, CoreOS, OpenSUSE, and SUSE) in both 32-bit and 64-bit. Tencent supports Windows Server 2008, Windows Server 2012, and Windows Server 2016–related versions in 32-bit and 64-bit. Omdia likes Tencent’s approach to resource mapping. Like many other vendors, it uses the standard Kubernetes scheduling Pods to specific nodes in the cluster using the Kube-scheduler. The default behavior of this component is to filter nodes based on the resource requests and limits of each container in the created Pod. Feasible nodes are then scored to find the best candidate for the Pod placement. In addition, Tencent uses an add-on to achieve an advanced scheduler. DeScheduler is a plug-in provided by TKE based on the DeScheduler Kubernetes native community; it can implement rescheduling based on actual node loads. Tencent also includes Dynamic Scheduler, another add-on provided by TKE for pre-selection and preferential selection based on actual node loads.

Tencent’s third strongest sub-category is open source credentials, where it scored 66%, which was the third highest sub-category score. Although Tencent was not the most prolific vendor in terms of projects, it was involved in 20 projects in the past year, which is above the average. Tencent was also involved in 13 different cloud-native groups at the member level or above, again more than the average. Another significant strength of Tencent is its number of active customers each month: it has between 10,000 and 25,000, with an average cluster size of 500 nodes.

Limitations

Tencent’s weakest sub-category is observability, where it scored 52%, which was slightly below the average. While Tencent provides the basic capabilities at the cluster level, such as resource monitoring of CPU, storage, memory, network, and GPU, all vendors do this. However, even Tencent’s ability to support multi-cluster resource monitoring and aggregate queries was not different from the rest of the market. These are relative weaknesses, as much of the market shared very similar capabilities, and the scores in this sub-category were all closely clustered around the average.

VMware (Omdia recommendation: Leader)

VMware should appear on your shortlist if you are looking for a vendor that bridges the VM-to-containers world in a single solution that offers flexibility of choice for the execution environment.

Overview

VMware is classified as a leader in this Omdia Universe because it scored a weighted capability score of 65.5% and a weighted total Universe score of 64%. VMware’s performance was generally very strong, with 9 sub-category scores above average, 3 in-line with average and only 3 below average out of the 15 sub-categories in total. VMware, however, was not consistent; its variance score was the second worst at 35 percentage points compared to the average of 23 percentage points. The variance score indicates where outliers exist. For VMware, its two below-average sub-categories were why the variance was so high, and discounting these two sub-categories would make VMware’s variance score one of the most consistent. When we consider that VMware also recorded two top sub-category scores, its performance (excluding the two low sub-categories) is impressive—this is why it was one of the clear leaders.

VMware scored below average for customer experience, with a weighted average score of 76%. In terms of the detailed analysis, its willingness to recommend score of 83% was in line with the average, but product and vendor experience were below average. On deeper inspection, 10% of respondents provided poor customer feedback in the product and vendor experience categories, which adversely affected VMware’s scores in these areas. Analyzing the customer responses, Omdia found that 20% of respondents selected VMware for its features and functions, 15% for its product quality, and 15% for product usability. However, only 2% selected VMware for value for money.

Figure 18: Omdia Universe ratings—VMware Source: Omdia

Strengths

VMware’s strongest sub-category was scale and flexibility, where it scored 79%, which was also a top sub-category score. VMware was above average in terms of the software environments it supports. Tanzu Kubernetes Grid (part of Tanzu for Kubernetes Operations) releases support Ubuntu 20.04, Ubuntu 18.04, RHEL 7, Photon OS 3, Amazon Linux 2, Windows Pods (supported with Tanzu Kubernetes Grid 1.5), and it can support clusters in various formats. However, the way VMware deals with the node mapping demonstrates its real strength. Using CloudHealth by VMware (a separate product), customers can rebalance fragmented Kubernetes clusters at scale with automation. The placement engine provides a step-by-step migration plan of Pods across nodes in order to fit a new Pod that cannot be placed anywhere in the existing Pod. The balancing engine reduces the inconsistencies and imbalances in the clusters by carrying out a series of swaps—swapping out two Pods on different nodes. The intention is to h balance different types of resource-consuming applications together so that all types of resources are consumed fairly. Tanzu Mission Control is a centralized management hub with a robust policy engine that simplifies multicloud and multi-cluster Kubernetes management. For example, Tanzu Mission Control Advanced includes built-in security policies and cluster inspection capabilities so a customer can apply additional controls on multi-cloud Kubernetes deployments.

VMware’s second strongest sub-categories were developer experience and operational management with 70% each. Tanzu Application Platform provides tooling and a pre-paved path to production. To start a new application, the Tanzu Application Platform provides an “Application Accelerator” feature that allows enterprise architects to add “application templates,” known as accelerators, as a starting point for stateful and stateless applications. This application scaffolding allows developers to have a starting point that includes their organization’s best practices and architectures. Once an accelerator is selected, the developer leverages tooling for the IDEs already in use, such as VSCode. This allows developers to build, iterate, debug, and deploy into their personal development environments natively in their IDE. Once the development is complete and the code is committed, supply chains handle the choreography to deploy the application to production, allowing operators to define a pre-approved path to production, including integration tests, vulnerability scanning, and container image builds. As part of the supply chain, the yaml required to run the application in Kubernetes is dynamically generated based on metadata derived from the application build process, so developers and operators do not have to build the “wall of yaml” typically associated with getting an application deployed in Kubernetes.

Operational management was VMware’s second strongest sub-category with 70%. Omdia likes the ability of Tanzu Mission Control (part of Tanzu for Kubernetes Operations) to offer data protection capabilities for Kubernetes clusters and the persistent data contained within. Currently, any S3-backed storage target can be used for these purposes, providing the capability to backup and restore clusters/namespaces/resources by label. Data can be restored to a different cluster by directly interacting with the Velero plugin; this functionality is not yet built-in to the Tanzu Mission Control UI.

Limitations

VMware’s weakest sub-category is open source credentials and market with a score of 44%. VMware is the number three contributor to open source code overall, holding leadership roles in the Cloud Native Computing Foundation and contributing to VMware-originated projects and many others. Although VMware has evident strength in open source, it did not answer specific questions on market and customer usage in this section, which led to below-average scores.

Appendix

Methodology

Omdia Universe

The process for writing a Universe is comprehensive and extensive :

Omdia analysts perform an in-depth review of the market using Omdia’s market forecasting data and IT Enterprise Insights survey data.
Omdia creates a matrix of capabilities, attributes, and features that it considers to be important now and in the next 12–18 months for the market.
Vendors are interviewed and provide in-depth briefings on their current solutions and future plans.
Analysts supplement these briefings with other information obtained from industry events and user conferences.
Customer experience is measured by using TrustRadius as a partner and taking the scores from verified customers. This data can be supplemented/replaced by an anonymous customer survey with the vendors supplying the contact names of willing participants and Omdia sending the customers a questionnaire.
The vendor capability responses are scored by a group of analysts using a scoring model, and the average score is recorded for each category.
The Universe is peer reviewed by other Omdia analysts before being proofread by a team of dedicated editors.

Omdia ratings

The scoring for the Universe is performed by independent analysts against a common maturity model, and the average score for each sub-category and dimension is calculated. The overall position is based on the weighted average score, where each sub-category in a dimension is allocated a significance weighting based on the analyst’s assessment of its relative significance in the selection criteria:

Market leader: This category represents the leading solutions that Omdia believes are worthy of a place on most technology selection shortlists. The vendor has established a commanding market position with a product that is widely accepted as best of breed.
Market challenger: The vendors in this category have a good market positioning and are selling and marketing the product well. The products offer competitive functionality and a good price-performance proposition and should be considered as part of the technology selection.
Market prospect: The solutions in this category provide the core functionality needed but either lack some advanced features or suffer from a low customer satisfaction rating. A niche or relatively new vendor with select innovative products and strategies may fall into this category and should be explored as part of the technology selection.

Inclusion criteria

The criteria for the inclusion or exclusion of a vendor solution in the Omdia Universe: Container Management Solutions, 2022–23 are as follows.

Inclusion criteria

The vendor must be a global solution provider and have customers in three of the four regions: Asia & Oceania, EMEA, Latin America & the Caribbean, and North America.
The vendor must have at least 500 customers, and they must be a mixture of mid-sized enterprises and large enterprises.

Exclusion criteria

The vendor’s offerings are only applicable to 5 of 10 different classifications in the feature’s questionnaire.
The vendor’s services are more than 50% made up of partner solutions or third-party solutions.

Author

Roy Illsley, Chief Analyst, Cloud and Data Center Practice Area

[email protected]

An error occured. Please try again later

You are now following this Analyst

You unfollowed this Analyst

The Analyst Team

Roy Illsley

Follow Analyst

Chief Analyst, IT Operations

Roy’s key areas of research include cloud computing, cloud-native technologies, IT strategy, IT operational management, and data center technologies. He also advises on quantum computing, automation, virtual desktop infrastructure (VDI), and workspaces. Roy uses his extensive experience combined with Omdia’s surveys and market data to understand how technologies will add benefit to businesses.

He works in the enterprise team and has over 40 years’ experience in the IT sector working for a variety of consultancy and end-user companies with experience in defense, utilities, automotive, retail, and fast-moving consumer goods industries. He joined Butler Group as a senior analyst in January 2006. Roy has worked on many major report projects, white papers, and primary research. He also delivers keynote speeches globally. He has a Bachelor of Science (Hons.) in electronic engineering and telecommunications, an international MBA, and is a Member of the Institute of Engineering Technology (MIET) that holds the registered status of a Chartered Engineer (CEng).

Companies Show all

Geographies Show all

Global

Become A Client

Find out more about our full suite of products and solutions.

Become A Client

You must sign in to use this functionality

Authentication.SignIn.HeadSignInHeader

Omdia Recommends

These are Omdia driven recommendations based on content that is both similar, and has been frequently visited by other users in combination with the content you are currently viewing.

Omdia Recommends

Our expert analysts will review your question and the Ask an Analyst team will get back to you. We aim to respond within 24 hours, but we’re often quicker.

Our team of experts are here to answer your questions. From advice on market trends to a query on research point, and everything in between, we want to hear from you.

Ask an analyst is available as part of a subscription. If you'd like access, contact us today.

Please make sure all fields are completed.

From

Your Question

This question field is mandatory

Preferred response PREFERRED ANALYST/S

Cancel

Become a client

Email Article

Omdia Universe: Container Management Solutions, 2022–23

Contents

Figures & Downloads

Summary

Catalyst

Omdia view

Analyzing the container management solutions universe

Market definition

Developer experience

Runtime and registries

Scale and flexibility

Security operations

Operational management

Pricing and TCO

Observability

Support and training

Open source credentials

Automation

Market dynamics

Market overview

Market leaders

Market challengers

Market prospects

Opportunities

Threats

Market outlook

Vendor analysis

Alibaba (Omdia recommendation: Leader)

Alibaba should appear on your shortlist if you are looking for a consistent solution with robust capabilities in all sub-categories.

Overview

Strengths

Limitations

AWS (Omdia recommendation: Leader)

AWS should appear on your shortlist if you are looking for a vendor with a long history of managing containers at scale and an innovator in delivering solutions that solve customer challenges.

Overview

Strengths

Limitations

Canonical (Omdia recommendation: Challenger)

Canonical should appear on your shortlist if you are looking for a vendor with a flexible, innovative solution that delivers highly in terms of price and TCO.

Overview

Strengths

Limitations

HashiCorp (Omdia recommendation: Prospect)

HashiCorp should appear on your shortlist if you are looking for an alternative to the Kubernetes-based solutions that form the majority of the market.

Overview

Strengths

Limitations

Huawei (Omdia recommendation: Leader)

Huawei should appear on your shortlist if you are looking for a solution that supports a wide range of environments and a vendor that is active in the open source community.

Overview

Strengths

Limitations

IBM (Omdia recommendation: Leader)

IBM should appear on your shortlist if you are looking for a solution that emphasizes the security of the management process by integrating with DevSecOps.

Overview

Strengths

Limitations

Mirantis (Omdia recommendation: Challenger)

Mirantis should appear on your shortlist if you are looking for a solution that offers flexibility to easily switch between Kubernetes, Swarm, and mixed-mode operations on Linux and Windows worker nodes.

Overview

Strengths

Limitations

Oracle (Omdia recommendation: Leader)

Oracle should appear on your shortlist if you are looking for a solution that separates the control and data plane, giving the customer complete data protection and control.

Overview

Strengths

Limitations

Rafay (Omdia recommendation: Challenger)

Rafay should appear on your shortlist if you are looking for a new developer-focused solution designed and built for the cloud-native era.

Overview

Strengths

Limitations

Red Hat (Omdia recommendation: Leader)

Red Hat should appear on your shortlist if you are looking for an open solution that can run on a wide range of environments and provides customers with fully managed cloud services and self-managed environments.

Overview

Strengths

Limitations

SUSE (Omdia recommendation: Challenger)

These are Omdia driven recommendations based on content that is both similar, and has been frequently visited by other users in combination with the content you are currently viewing.

Omdia Recommends

These are Omdia driven recommendations based on content that is both similar, and has been frequently visited by other users in combination with the content you are currently viewing.

Omdia Recommends