Container management and monitoring dominate Amazon Re:Invent

Third-party solutions for monitoring, managing, and protecting containers on AWS step in to fill the gaps left by Docker or Amazon

What's hot on AWS these days? If you guessed containers, you'd be right. However, it's no longer simply about getting containers into Amazon's infrastructure, but about providing management, introspection, and protection functionality that Amazon can't -- or won't.

This week at Amazon Re:Invent, various third parties unveiled solutions for container-management issues on AWS. In many cases they're adding deeper integration with AWS to  existing third-party cloud-based monitoring services.


CoreOS, best known for its stripped-down, container-based Linux distribution, has fused its product with Google's Kubernetes container-management tool to create Tectonic, a full-stack product designed to be used by enterprises with a minimum of fuss. However, getting it to run on AWS hasn't been easy, so CoreOS is now providing an AWS installer for Tectonic.

CoreOS claims to provide a consistent environment for managing containers, both in the development environment and in production -- assuming you use Kubernetes or Tectonic as part of that workflow. What makes this interesting is the integration between Kubernetes and native AWS features like the Elastic Load Balancer and Auto Scaling; Tectonic makes use of what's already in AWS rather than reinventing the wheel.

Threat Stack

Threat Stack, which offers security monitoring solutions for those applications running on AWS, is also adding integration with Docker on AWS, with monitored events logged to AWS CloudTrail. A base rule set for Docker containers is included with the product, but it can be customized as needed.

New Relic

New Relic, which makes analytic tools for applications, is also highlighting closer integration with Amazon's native feature set. Its New Relic Software Analytics Cloud already harvests a great deal of customer data from AWS instances, but the newest version (currently in private beta) has features that enrich monitored apps with numerous AWS-specific details, such as AWS tags and metadata, or AWS's Identity and Access Management.


Sysdig also announced a Docker-on-Amazon monitoring system, one of many that offer detailed information about the contents of running containers. Like Threat Stack and New Relic, Sysdig Cloud's latest release adds support for monitoring AWS-specific metadata and tags.

As long as Docker's features -- including its security model -- are seen as incomplete, third parties will step up and fill the gaps. (In CoreOS's case, the company is offering a substitute for Docker.) And as long as Amazon keeps rolling out AWS features aimed at least-common-denominator uses, there'll continue to be plenty of room for third parties.

Copyright © 2015 IDG Communications, Inc.