Kubernetes , Docker, OpenShift – orchestration in the world of containers

Tools for orchestration help users manage container applications while programming, testing and implementing. There are many different container arrangement tools on the market, although the unquestioned leader is the Kubernetes platform.

People starting their adventure with containers often cannot understand the role played by the Kubernetes and Docker platforms. Are they alternatives to one another? How are they different? Which one should I choose? Is Docker a virtual machine? These types of questions often arise, for example on internet forums dedicated to containerization.

Docker and Kubernetes – understanding the difference


To better understand the differences between these two tools, we need to look at the tasks carried out by Docker. Docker is an open-source platform that allows the user to put applications and their libraries, configuration files etc. into a portable container. One of the characteristic features of containers is their ephemerality: they can appear and disappear much faster and much more easily than virtual machines. The latter are intended to replace physical equipment and their lifespan is relatively long. Even in the public cloud environment, where virtual machines are created on demand, the average time they are active is counted in days. Containers, however, can complete their task in minutes, to be deleted soon afterwards.

According to research conducted by the firm Sysdig, 95% of containers live less than a week. They also do not take up much space; a new container created from an existing image usually takes up a dozen or so kilobytes of disc space. The fact that they are so lightweight means they can be used in situations where the creating of another virtual machine would be unviable. The growing popularity of Docker has resulted in the technology being supported by leading suppliers of cloud computing. The community focused on this technology is also growing rapidly – in the course of the year there are more than 200 meetups dedicated to Docker. The Docker Hub repository contains a huge amount of ready-to-install container images.

Kubernetes has the upper hand

Supporting applications running on a dozen or more containers installed on one server can be done without much difficulty. However, when the environment grows to cover a greater number of servers, the situation starts to get out of hand. Administrators have to cope with challenges such as coordination and activity planning for multiple containers, as well as container scaling.

It would be hard to fulfil the tasks mentioned above without the help of appropriate orchestration tools. The most popular platform is Kubernetes, which has been widely accepted by entrepreneurs, cloud service providers and producers of ICT infrastructure and backup and DR software.

Kubernetes had its beginnings in Google, where a team of engineers developed the Borg system for cluster management. In 2014, an open-source version was made available, called Kubernetes. The platform was then taken under the wing of the Cloud Native Computing Foundation, which is still in charge of developing the project today. Kubernetes can operate both in a local environment as well as in the public cloud. The platform uses a single control plane to support deployment automation, application scaling and container management, and monitors processes and changes. Kubernetes allows clusters to be managed so that from the perspective of the user they look like one machine.

Competing solution from Docker

There is not much point comparing Kubernetes and Docker as they fulfil different roles in the container environment. Nevertheless, an alternative to the most popular container orchestration system can be found in Docker Swarm. So why is it worth implementing this tool, and who might be interested in it?

In both cases we are looking at open-source platforms, but Kubernetes has attracted an incomparably larger community than its competitor. Its superiority can be seen in the statistics posted on GitHub – Kubernetes has 55,000 GitHub stars and 19,100 forks, while Docker Swarm has 5,630 GitHub stars and 1,110 GitHub forks.

The tools are relatively similar to one another, but there are certain technical and functional nuances that allow the differences between them to be distinguished. The majority of developers think that Docker Swarm is easier to implement than Kubernetes. One of the reasons is that the tool is less complex and is addressed to smaller organizations. Articles on Docker Swarm contain information about the limited possibilities of this solution in supporting large numbers of nodes and containers. However, there are installations where the platform manages thousands of nodes and tens of thousands of containers in one cluster, although it is true that Docker Swarm can perform a limited number of tasks.

Using the recommended seven ‘Managers’ in a cluster, the platform may not be able to cope with the requirements made of it, although this concerns only the biggest projects. Meanwhile, Kubernetes offers a decidedly greater number of possibilities in terms of cluster scaling. Another argument in favor of Kubernetes is the ease of organizing services thanks to the use of pods. A pod creates a specific model for ‘virtual server’ applications, and can include various application containers that are relatively closely connected. Containers inside the pod share the IP address and port space, always run together in the same location, and share the runtime context on the same node.

The efficiency of the two platforms is a separate issue. Analysis of orchestration efficiency has shown that Docker Swarm implements and runs containers under heavy workload as much as five times faster than Kubernetes, one of the reasons for which is close integration with Docker Engine. The same research also emphasizes the ability of Docker Swarms to react considerably faster to API calls. Although the differences in responsiveness are not that significant, studies have shown that Docker Swarm operates without degradation at a load of around 90%, while Kubernetes degrades at a load of around 50%. Docker Swarm is more suitable for people who are already familiar with Docker Compose. What’s more, it is simple and uncomplicated, and does not require the use of additional software. However, as opposed to Kubernetes, it does not perform advanced functions such as built-in logging and monitoring.

OpenShift: security and flexibility

Although Kubernetes is for now the most popular container orchestration platform, a serious up-and-coming competitor is OpenShift. This is a solution based on an open-source project, although Red Hat also offers the Enterprise commercial version. Data from GitHub paints a clear picture of the superiority of Kubernetes over OpenShift. The former has 55,000 GitHub stars and 19,100 forks, while OpenShift in comparison has a poor 915 GitHub stars and 563 GitHub forks. However, Red Hat is intensively promoting the commercial version of OpenShift, sometimes called ‘Enterprise Kubernetes’ due to its extensive functionality.

As a side note, it is worth mentioning that Storware vProtect is a certified Red Hat OpenShift Operator, ready to protect both metadata and persistent volumes attached to pods.

The OpenShift Container platform is dedicated to comprehensive management of the lifespan of containerized applications – starting from building a container image, to its implementation and production maintenance. The solution is based on the open-source Kubernetes system, which allows for the automated implementation and the management of container applications. OpenShift is easier to use than its greatest rival because it has a complete infrastructure for launching Kubernetes: an operating system, support for mass memory and networks in various environments, as well as tools for building, implementing (CI/CD), monitoring and aggregation of containerized application logs. A distinguishing feature of OpenShift is its container image management module, Image Streams, without which, changing, for example, a single container image tag would require downloading the whole image, using an external application to make any changes, and then resending the image to the server. In addition, OpenShift has built-in support of Node.js, Ruby, Python, PHP, Perl and Java. OpenShift has a more rigorous approach to the issue of IT environment security. Many container images from the Docker hub will not run in OpenShift due to a default lock.

As can be seen, the Red Hat platform has several strong points, but they are as yet not convincing enough to knock the leader from the top spot in the near future. When asked by the stackshare.io portal why they chose Kubernetes, developers most frequently mentioned its popularity and domination among container management tools, as well as the lack of license fees, its simplicity and functionality, and the support provided by Google.

Paweł Mączka Photo

text written by:

Pawel Maczka, CTO at Storware