Cloud Service Model · 6 of 6

Containers as a Service

Bring your container image; the cloud runs it, schedules it, scales it, and gives you Kubernetes (or something simpler). The middle ground between IaaS & PaaS — and the dominant compute model in the enterprise.

KubernetesManaged Control PlaneAuto-scalingPortableCloud-native
← Back to Cloud
Quick Facts

At a Glance

Basic Concepts

  • Container = your app + its dependencies, packaged as a portable image.
  • Orchestration = scheduling containers across many machines, restarting failed ones, scaling them.
  • Control plane (the "brains") is managed by the cloud; data plane (worker nodes) is where your containers run.
  • Kubernetes is the de-facto standard; simpler alternatives exist for smaller workloads.
  • Container registry stores your images (ECR, GCR, ACR, Docker Hub, GHCR).
Landscape

The Major Options

TierServiceNotes
Managed KubernetesEKS (AWS), AKS (Azure), GKE (GCP), OKE (Oracle), DOKSYou manage workloads & node pools; cloud manages the control plane.
Serverless containersAWS Fargate, Azure Container Apps, Cloud Run, ACINo nodes to manage — just deploy a container, scale to zero.
Simple orchestratorsAWS ECS, Docker Swarm, HashiCorp NomadLighter than K8s for small fleets.
Container registriesECR, ACR, Artifact Registry, Docker Hub, GHCR, QuayWhere images live.
K8s ecosystemHelm, ArgoCD / Flux, Istio / Linkerd, Knative, KEDAPackaging, GitOps, service mesh, autoscaling.
K8s distributionsOpenShift (Red Hat), Rancher, Tanzu, k3s, k0sOpinionated K8s for on-prem & edge.
Mechanics

How CaaS Works

The Workflow
  1. Build the container image (Dockerfile / buildpacks / Buildah).
  2. Push to a registry.
  3. Declare what you want running (Deployment, Service, Ingress in YAML).
  4. Apply via kubectl / Helm / ArgoCD.
  5. The control plane schedules pods onto nodes, watches for drift, restarts on failure.
Kubernetes Concepts You'll Meet
  • Pod — one or more containers scheduled together.
  • Deployment — desired state for a set of pods (with rolling updates).
  • Service — stable virtual IP / DNS for a set of pods.
  • Ingress — HTTP routing into the cluster (paired with an Ingress Controller).
  • ConfigMap / Secret — configuration & sensitive values.
  • Namespace — logical isolation inside one cluster.
  • HPA / VPA / KEDA — horizontal / vertical / event-driven autoscaling.
Serverless Containers — A Sweet Spot

Cloud Run, Fargate, and Container Apps let you deploy a container without ever touching a node. You get:

  • Scale to zero when idle.
  • Auto-scale on requests / CPU / event load.
  • Pay per vCPU-second + memory-second.
  • HTTPS, custom domains, IAM out of the box.

For most teams, serverless containers replace both K8s and traditional FaaS.

Operational Patterns
  • GitOps — desired cluster state lives in Git; ArgoCD / Flux reconciles.
  • Service mesh — Istio / Linkerd for mTLS, retries, observability.
  • Helm charts — templated manifests; like a package manager for K8s apps.
  • Operators — controllers that manage stateful apps (DBs, queues) as K8s resources.
  • Observability — Prometheus + Grafana + Loki + Tempo (or commercial: Datadog, New Relic).
Trade-offs

Strengths & Weaknesses

Strengths
  • Portable — same image runs on AWS, Azure, GCP, on-prem.
  • Right balance of control vs ops for most teams.
  • Massive open-source ecosystem (CNCF).
  • Standardizes deployment across many languages & teams.
Weaknesses
  • Kubernetes is genuinely complex — steep learning curve.
  • YAML sprawl; needs Helm / Kustomize discipline.
  • Cluster ops still requires expertise (upgrades, networking).
  • For small workloads, K8s is overkill — use serverless containers.
When to Use

Sweet Spots

Microservices Platforms

Many services, many teams, polyglot — K8s shines here.

Hybrid / Multi-cloud

Same workloads on AWS, Azure, on-prem.

Stateful Workloads

Operators run Postgres, Kafka, Cassandra reliably on K8s.

Single Service / Modest Scale

Skip K8s; use serverless containers (Cloud Run, ACA, Fargate).

Continue

Other Service Models

IaaSPaaSSaaSFaaS / ServerlessDBaaS ↑ Back to Cloud