9 Enterprise Kubernetes Management PlatformsJPG

Which Kubernetes Management Platform is Right for Your Enterprise?

It is clear that 2017 was the year that Kubernetes underwent explosive growth, emerging as the clear winner in the battle between orchestration tools. In a survey by 451 Research, 71% of IT decision makers use enterprise Kubernetes to manage their container infrastructure. Several major cloud service providers support Kubernetes, and even Docker added Kubernetes support to their container management platform. Surrounding Kubernetes' explosive growth is an ecosystem of tools designed to simplify installing and managing Kubernetes clusters.

“The focus is on your applications, not infrastructure. #Kubernetes #K8s #cloudnativeAlen Komeljen

Many of these tools provide features such as web-based interfaces, real-time monitoring, automatic updates, and faster deployments. Some offer a fully managed cluster, allowing you to focus strictly on deploying applications. The solution you choose depends on how much effort you want to put into managing a Kubernetes cluster, and whether that cluster exists on-premise or in the cloud. Because of this, this list is split into two categories: hosted solutions, and solutions you can use in your own data center.

Cloud Provider Solutions

Implementing a Kubernetes cluster can be difficult and time-consuming. To reduce the time to deployment, several cloud providers provide fully managed Kubernetes clusters.

Google Kubernetes Engine (GKE)

As the original creator of Kubernetes, Google has the most experience managing Kubernetes clusters. GKE is Google's fully managed platform for running Kubernetes applications on Google Cloud. In addition to managing the master node for you, GKE provides additional features such as automatic repairing for stopped applications, IP address range reservation, integrated logging and monitoring, and private container registries. Since the service runs on upstream Kubernetes, you can transfer microservices with little to no configuration changes.

Since GKE leverages Google Compute Engine for cluster nodes, pricing follows the model for Compute Engine. Agent nodes are charged individually, but master nodes are free.

Watch Our Webinar on Kubernetes and the Need for Enterprise-Grade Security

Azure Container Service (AKS)

Azure Container Service (previously ACS) began as an orchestrator-agnostic platform supporting Kubernetes, Mesosphere DC/OS, and Docker Swarm. In late 2017, Microsoft began offering Kubernetes management services and as a result rebranded ACS as AKS. As with GKE, AKS offers a managed upstream Kubernetes environment with automatic upgrades and cluster monitoring. While Microsoft will continue supporting other orchestration tools, the company is focused on making Kubernetes top priority.

AKS is currently in a preview state. Pricing is based on the number of agent nodes, while the master node is free.

Amazon Elastic Container Service for Kubernetes (EKS)

EKS expands Amazon's existing ECS service by integrating Kubernetes support. EKS removes the need to configure a Kubernetes cluster by providing a fully managed Kubernetes master. EKS runs the latest upstream Kubernetes and integrates with CloudWatch Logs for logging, CloudTrail for auditing, and IAM for fine-grained access permissions.

EKS is currently in a preview state.

Flexible or On-Premise Solutions

The following companies provide a management layer over Kubernetes that adds features without restricting you to a specific vendor. These solutions can be deployed to almost any infrastructure including your own datacenter.

Red Hat OpenShift

As the company with the second most prolific contributions, Red Hat understands Kubernetes almost as well as Google. Their product, OpenShift, is a complete Kubernetes distribution that adds features such as multi-tenancy, extended support for CI/CD using Jenkins, improved networking, and a built-in private image registry.

OpenShift also provides improved automation for images. Most containers are built using the Source-to-Image (S2I) tool, which creates images simply by copying source code into existing images. This results in readily deployable images without the need for Dockerfiles. Red Hat provides several enterprise-ready S2I images through the Red Hat Container Catalog.

At the heart of the OpenShift platform is OpenShift Origin, an open source community project. Origin powers OpenShift Online and OpenShift Dedicated, which are both hosted solutions managed by Red Hat. OpenShift Online is a public cloud service, while OpenShift Dedicated is a fully managed solution hosted on a private cluster. Origin also powers OpenShift Container Platform, which is the commercially supported version of Origin.

OpenShift is based on Kubernetes but is an “opinionated” development of upstream Kubernetes, meaning that the added controls may require adaptation if moving to or from “vanilla” Kubernetes.


Founded by two of Kubernetes' original creators in their Google days, Heptio provides a suite of tools to help monitor and manage Kubernetes clusters, as well as implementation services:

  • Sonobouy is a diagnostic test that reports the state of your Kubernetes cluster. It runs a variety of tests including conformance tests, workload debugging tests, and custom tests. Heptio also provides a browser-based interface for installing and running Sonobuoy called Sonobuoy Scanner.
  • ksonnet is a framework and CLI application for writing Kubernetes configurations. It uses Jsonnet to produce more concise manifest files compared to those written in YAML.
  • Contour is an Ingress Controller that uses Envoy as a reverse proxy and load balancer.
  • Ark is a disaster recovery utility that lets you backup and restore snapshots of your cluster.

These tools can be used on any existing Kubernetes cluster. All of these tools are open source.


Platform9 is a Kubernetes management service that integrates with multiple different infrastructures. Platform9 provides an upstream Kubernetes master that can deploy to a variety of cloud providers and manage them through a unified web-based UI. These providers include Google Cloud, Azure, AWS, VMWare vSphere, Nutanix AHV, and bare metal. Platform9's Kubernetes management platform also includes Fission, a serverless framework for writing short-lived functions that trigger events in your Kubernetes cluster.

For pricing information, visit Platform9's website.

Giant Swarm

Like Platform9, Giant Swarm provides a fully managed Kubernetes cluster that uses the standard Kubernetes API. You can deploy Giant Swarm to AWS or on-premise. In addition, Giant Swarm comes pre-installed with the Calico networking plugin, KubeDNS, alpha resources enabled, and an Ingress Controller using Nginx. Because it's fully managed, Giant Swarm will maintain your infrastructure regardless of where it's running.

Giant Swarm is currently invite only.

CoreOS Tectonic

Recently acquired by RedHat, Tectonic is a hybrid Kubernetes solution that lets organizations deploy to multiple cloud providers or on-premise. It provides a unified container management platform including automatic monitoring and alerting, refined user access controls, and rolling updates to Tectonic and Kubernetes. Tectonic is built on upstream Kubernetes with support for extensions via Operators, such as the etcd Operator which automatically provisions and configures etcd clusters.

Through Tectonic, CoreOS hopes to simplify switching between cloud hosts and eliminate vendor-lock in. Terraform, the CLI-based installer utility, supports AWS, Azure, OpenStack, Google Cloud, and bare metal installations. Tectonic also supports installations to AWS and bare metal using a GUI.

Tectonic is free for up to 10 nodes with per-node pricing after 10.

It’s anyone’s guess what RedHat will do with Tectonic post-acquisition, but my guess is that they will continue to maintain it as a simpler, more accessible managed K8S solution for companies that won’t go down the OpenShift route.

Watch Our Webinar on Kubernetes and the Need for Enterprise-Grade Security


As an official offering from Docker Inc, Docker EE is perhaps the most well-integrated solution for orchestrating Docker containers. It supports both Docker Swarm and Kubernetes and allows you to run both simultaneously. Both orchestrators benefit from the benefits of Docker EE such as support directly from Docker, certified container images and plugins, infrastructure management through Docker Datacenter, and a web administration UI.

Docker EE is available for both Linux and Windows Server and is priced per node per year. There are two different levels available with different feature sets. Kubernetes support is currently in beta, but is expected to become generally available in February.


Rancher, in addition to running its own orchestrator Cattle, has an open source Kubernetes distribution. It lets you manage and monitor multiple Kubernetes clusters through a single interface, and provides a container-based installer called the Rancher Kubernetes Engine (RKE), which supports both on-premise and cloud deployments. Containers are networked together using Flannel, although this can be swapped out for Calico or Canal.

Rancher aims to be a platform-agnostic solution. RKE can deploy to GKE, AKS, EKS, and other cloud providers. In addition, Rancher can import existing clusters created using Kops and KubeSpray, as well as manage clusters built using other Kubernetes management platforms.

As Kubernetes continues to grow, so will its ecosystem of tools and platforms. For enterprises planning to use containers, these enterprise Kubernetes management platforms offer the benefits of Kubernetes without the cost of deploying and managing a cluster.

Picture of Rani Osnat

Rani Osnat

Rani is the VP of Strategy at Aqua. Rani has worked in enterprise software companies more than 25 years, spanning project management, product management and marketing, including a decade as VP of marketing for innovative startups in the cyber-security and cloud arenas. Previously Rani was also a management consultant in the London office of Booz & Co. He holds an MBA from INSEAD in Fontainebleau, France. Rani is an avid wine geek, and a slightly less avid painter and electronic music composer.

Cloud Native Computing, Container Tools, Kubernetes Security, Management Platform