After more than a decade in use, Docker remains the de facto container standard because of its ability to integrate with a broad array of tools and platforms, such as Kubernetes. However, business changes at Docker and market forces have prompted organizations to search for new containerization options.
Docker’s current state in the market
On Jan. 31, 2022, the grace period for free commercial use of Docker Desktop in large enterprises ended. The replacement Docker Business subscription – an effort to boost revenue – targets businesses that use Docker’s tools to build containerized applications at scale.
Businesses with fewer than 250 employees and less than $ 10 million in annual revenue can still use Docker Personal for free. The new Docker Personal offering also remains free for individual developers, open source communities and educational purposes.
In November 2019, Docker sold its enterprise business to Mirantis, and it has been experiencing ongoing instability as a for-profit business ever since. Meanwhile, two years after buying Docker Enterprise, Mirantis is on a run rate of more than $ 100 million, making the sale a story about missed opportunities and internal management turmoil for Docker.
Docker migration triggers
Improving container security, uncertainty about Docker’s future, technology strategy changes and budget questions can all trigger enterprises to find an alternative to Docker as their standard container.
There’s no dispute about Docker’s innovative technology leadership, especially in the early days of containers. But the current container landscape is competitive, and cloud-native tools and container security vendors could take advantage of this situation to win over new customers. Docker must keep up with current and future innovations or risk becoming a footnote in the history of cloud-native development.
Let’s start with Kubernetes deprecating Docker as a container runtime with Kubernetes version 1.20. The move affects the Kubernetes cluster only, not the users. Nonetheless, depending on how they interact with Kubernetes, developers must analyze the amount of work – if any – this change could cause their IT teams.
The new subscription model could also hurt Docker. The lines around open source subscriptions can blur if companies support open source projects as part of their business model. For example, if you volunteer with an open source project in your spare time, you won’t need to pay. However, if you work with open source as part of your day job, you must buy a license.
Risk-averse enterprises that want to future-proof their container strategy might take this licensing as the time to move to another container platform. Cost-conscious enterprises might review their use of Docker in their cloud-native applications to maintain IT budgets and accommodate IT demands from remote and hybrid work.
Rising software supply chain concerns and new security tools could also influence Docker’s future in the market. While Docker joining the software supply chain security conversation is a positive for the company and its customers, the future of that space is still being written. The discussion is bound to get noisy before it shakes out and the true leaders reveal themselves.
5 Docker alternatives
Here are five popular alternatives to Docker to consider.
Buildah is an open source tool that supports Open Container Initiative container images. It’s available on GitHub for any Linux distribution, such as Fedora 32, 33 or 34 and Red Hat Enterprise Linux 8.5. The current release at the time of publication is version 1.24.2.
With Buildah, users have granular control over images and their layers. Users can make multiple changes that turn into a single layer. Buildah also enables users to build customized blank images from scratch. This is a valuable feature for large-scale cloud-native projects.
If you run a newer version of Docker, you might be familiar with BuildKit, a second-generation image-building Moby project.
BuildKit provides parallel build processing, which improves performance and results in faster builds. Both BuildKit and Docker run using a daemon.
Another open source container option is Containerd, a graduated project within the Cloud Native Computing Foundation. It’s available as a Linux or Windows daemon. Docker itself uses Containerd.
Containerd enables Kubernetes and other projects to access the low-level Docker components they need and provides a more accessible interface to the container runtime.
LXD is an open source container engine that supports LXC Linux containers only. Users can run containerized applications in isolated containers or virtual environments without the burden of managing individual kernels.
While a Docker best practice is to use a single process for container design pattern, LXC and LXD containers can run multiple processes. Unfortunately, LXD containers can run on Linux only. This makes them less portable than Docker containers.
Docker daemons have root privileges, which makes them a preferred target for attackers. Podman offers non-root privileges for containers to improve your security posture. Rootless containers are safer than containers with root privileges. Because Podman is rootless, users can run Podman either as a root or non-root while maintaining compliance and not compromising security.
Podman also enables users to store containers and images in different places, whereas Docker images can only be stored locally.
Changes in the Docker business model and increasing commercial and public sector security and compliance mandates have been chipping away at Docker’s market position. Paying for a subscription might not phase out the average large enterprise enough to switch, but mounting container security concerns could encourage companies to seek out other emerging container alternatives to future-proof their container security.