Docker Tools

Learn about the top tools in the Docker ecosystem, including Kubernetes Guide, ECS, and Google Container Engine.

In this page: everything you need to know about Docker tools.

Docker and containerization bring a new way of building and deploying software. The new technology makes development more dynamic, distributed, faster, and more capable of handling failures at every step. However, to reap these benefits, you need a completely different toolset than traditional servers or virtual machines. As you begin your journey with Docker, you may be wondering which are the top Docker tools used today, and how you can leverage them. Let’s take a tour of the top Docker tools, by category.

Which are the top open source Docker tools available today?

Kubernetes is by far the most powerful open source container tool today. However, its parent foundation - the Cloud Native Computing Foundation (CNCF) has a fast-growing list of open source container management tools. The CNCF is driving standardization in the container ecosystem.

Orchestration

What is container orchestration?

Container orchestration is a way of managing containers at large scale so that they are scalable, automated, secure, and production-ready. Container orchestrators act as a layer of abstraction between the containers and the infrastructure that powers them.

Docker is the standard container runtime, and you can easily spin up a container locally on your laptop using the Docker CLI. However, to run Docker containers at scale, you need a container orchestrator. This is a management layer for Docker containers and is essential to run containers in production.

Kubernetes

This is the most popular container orchestrator today and is supported by almost every container vendor. It organizes containers into a collection of pods and has powerful features for deployment, load balancing, security, and more.

Get started with Kubernetes

Swarm

Docker’s default orchestration tool, Swarm, is simpler to use than Kubernetes and is well integrated into the Docker workflow. With the rising popularity of Kubernetes, Swarm has now added support for Kubernetes, and has conceded the orchestration throne to Kubernetes.

Get started with Swarm

Mesos

Mesos has its own container orchestration tool called Marathon. With the dominance of Kubernetes, Marathon is taking a back seat as its parent company, Mesosphere, shifts focus to give users the choice of Kubernetes.

Get started with Mesos

For a deeper comparison of the orchestration tools, go to our Swarm 101 page.

CaaS services

What is a CaaS service?

A container-as-a-service (CaaS) is a container management tool that is used to control the operation of containers end-to-end. The most popular CaaS tools are provided by the top cloud vendors like AWS, but there are many other smaller CaaS solutions available today that focus on managing container using Kubernetes.

ECS

Coming from the AWS Stable, Amazon Elastic Container Service is one of the early container services. It has been slow to adopt Kubernetes, but has finally jumped on the Kubernetes bandwagon this past year. It runs containers inside EC2 instances and has deep integration with the wider AWS platform. It’s been the most recent vendor to embrace Kubernetes support, announcing their EKS service for Kubernetes management.

Get started with ECS

GKE

Google Container Engine (GKE), the container service from Google Cloud is the most deeply integrated with Kubernetes among the CaaS platforms. It is the first to bring upstream Kubernetes releases into its platform and is a great choice if Kubernetes is your priority.

Get started with GKE

AKE

Azure Container Engine (AKE), Microsoft’s container service has deep integration with the Azure platform and is taking significant steps to be the best place to manage Kubernetes. It has hired Brendan Burns, Kubernetes' co-founder to help with this mission.

Get started with AKE

Other CaaS Services

There are numerous other CaaS platforms with a focus on simplifying Kubernetes management. Some of them are Pivotal Container Service (PKS), Platform9, Heptio, Kismatic, StackPoint, and Giant Swarm, to name a few.

Security

Security is the first priority when running containers in production. However, there isn’t a single do-it-all tool, instead, you need to use a combination of tools.

Kernel Security Tools

Docker has borrowed core Linux kernel security features like namespaces, cgroups, apparmor, SELinux, and SecComp. These features provide the first and most foundational layer of security for containers.

Project Calico

Securing network connections is essential for containers. This is achieved by Calico, a tool that creates micro-firewalls around each containerized service and provides granular security controls.

Get started with Project Calico

Vault

Coming from the house of HashiCorp, creators of the popular Terraform scheduler, Vault is a secrets management tool for containers. Vault stores and encrypts secret data on physical storage and requires multiple keys to access and read the secrets. Vault simplifies secrets management and makes it more powerful.

Get started with Vault

Aqua Security

In production, containers need to be shielded from outside attacks and internal configuration lapses. This kind of threat detection is done using a proactive security tool like Aqua Security. It is able to track every part of the container stack and leverages machine learning to spot threats at any stage.

Get started with Aqua

Networking

Containerized applications are typically based on the microservices architecture. In these systems, networking plays a key role in performance of the applications.

Linkerd

Linkerd provides a service mesh to connect microservices to one another. Its goal is to provide a uniform layer of communication.

Get started with Linkerd

Istio

Istio provides APIs and operates a layer above Linkerd. Together, they provide a powerful and feature-rich networking solution for containerized applications.

Get started with Istio

Weave

Service discovery, load balancing, and security are important criteria for container networking, and Weave brings all this together in a single package. It secures communication over the network using encryption, isolation, and segmentation. It provides a ‘micro DNS’ at each node and helps make service discovery easy.

Get started with Weave

Flannel

Flannel is a Layer 3 overlay network for Kubernetes. Flannel is a powerful tool for connecting hosts within Kubernetes by allocating a subnet for each host. In so doing, it controls how traffic flows between the hosts.

Get started with Flannel

Monitoring

Keeping track of changes and events as they occur is an important part of running containers in production. Fortunately, the Docker ecosystem has a range of monitoring tools to choose from.

Prometheus

Prometheus is by far the most popular monitoring tool for Kubernetes. It focuses on capturing and analyzing time-series data in real-time. It can be integrated with other tools like Kibana for visualization.

Get started with Prometheus

Pagerduty

A vendor tool, Pagerduty has become essential to many DevOps teams that want to be alerted in real-time of downtimes, errors, attacks, and more. Its mature routing system ensures the right people are informed of anything going wrong with the system as soon as it happens.

Get started with Pagerduty

Datadog

Datadog is a container runtime monitoring tool that focuses on live reporting of performance data. It can identify parts of a Kubernetes stack automatically and, with its powerful visualizations, makes monitoring Kubernetes simple.

Get started with Datadog

Slack

Slack enables integration with other tools and streams events to a live chat stream for the entire team to view. It makes troubleshooting and collaboration among team members faster and simpler.

Get started with Slack

Logging

Logs give you the real picture of what’s happening with your containerized applications and infrastructure. They are vital for managing containers in production.

The Elastic Stack

The Elastic stack is primarily powered by Elasticsearch, the full-text database engine that can query large quantities of unstructured data in real-time. It is bolstered by Kibana, an open source visualization tool. Together, they bring deep visibility into container logs without breaking the bank.

Get started with Elastic

Sumo Logic

A logging service provider, Sumo Logic takes the pain out of log analysis with easy setup and a maintenance-free logging service. It can capture logs from Kubernetes or any other container tool via API integration.

Get started with Sumo Logic

The list of tools is not exhaustive, but these are the cream of the crop and are vital to running container workloads in production. What stands out from this list is that the tooling around Docker has really matured, and containers are all set to hit the mainstream in every organization.

Further Reading


  • No labels