Microsoft is making its way into the container security market with its new Azure Container Service. How does it differ from other containers in terms of security, and which enterprises could benefit most from its use?
The Azure Container Service, which was announced in September and made available for preview in December, incorporates components from Microsoft's collaboration with Docker and Mesosphere, a leading commercial supporter of Apache Mesos. Mesos is an orchestration platform, and it serves as the foundation for the Mesosphere Data Center Operating System. Mesos includes Chronos, a fault-tolerant job scheduler, and Marathon, a tool for deploying and managing containers in the Apache Mesos environment.
Microsoft's choice to incorporate Apache Mesos into its Azure Container Service is a key differentiator. Mesos is a distributed system kernel; like the Linux kernel, it exposes services to applications that make use of them. Mesos is designed to manage resources and schedule jobs across multiple machines. It is an infrastructure fabric that runs Docker images and isolates tasks running on the same physical server using Linux Containers. Mesos can manage CPU, persistent storage, memory and network ports. The service only supports Linux containers in the initial release, but Microsoft is working on adding Windows Server containers, and Mesos is being ported to Windows as well.
Organizations that use Docker containers to deploy services can make use of the new Microsoft Azure Container Service. Mesos is designed to scale to tens of thousands of nodes, so it is a suitable choice for data centers or clouds. This should be especially appealing to cloud users already running -- or considering running -- Apache Mesos with on-premises infrastructures.
Read on for Cloud security considerations for Docker hosting
Discover the benefits of Microsoft's Azure Container Service