Containers as a Service (CaaS)

Containers as a service (CaaS) is a cloud service that allows software developers and IT departments to upload, organize, run, scale, manage and stop containers by using container-based virtualization. A CaaS provider will commonly provide a framework which allows users to make use of the service. Providers typically make use of application programming interface (API) calls or a web portal interface.

Within the spectrum of cloud computing services, CaaS falls somewhere between Infrastructure as a Service (IaaS) and Platform as a Service (PaaS). However, CaaS is most commonly positioned as a subset of IaaS. The basic resource for CaaS is a container, rather than a virtual machine (VM) or a bare metal hardware host system, which are traditionally used to support IaaS environments.


Benefits of using containers as a service include:

  • Users pay only for the CaaS resources they use – such as compute instances, load balancing and scheduling capabilities.
  • It is easier to scale up a container using CaaS.
  • CaaS services can be responsive, secure and stable thanks to the support and management from the provider.
  • Allows developers to deploy a container environment quickly, negating the need to build clusters or test container infrastructure beforehand.


Public cloud providers including Google, Amazon Web Services (AWS), IBM, Rackspace and Joyent all have some type of CaaS offering. For example, AWS has its Amazon EC2 Container Service (ECS), a high-performance container management service for Docker containers on managed Amazon EC2 instances. Amazon ECS eliminates the need for users to have in-house container or cluster management resources. Google's Container Engine service offers similar cluster management and orchestration capabilities for Docker containers.

The key difference between providers' CaaS offerings is typically the container orchestration platform, which handles key tasks, such as container deployment, cluster management, scaling, reporting and lifecycle management. CaaS providers can use a variety of orchestration platforms, including Google Kubernetes, Docker Machine, Docker Swarm, Apache Mesos, fleet from CoreOS, and nova-docker for OpenStack users.


It is important to choose a CaaS provider which provides secure hosts, virtual OS images and hypervisors.

Even though the provider will manage the container, there are still best practices the end-user can perform to ensure security. For example, in EC2, users should audit access of changes to EC2 to ensure the only changes that appear are authorized changes. Users should also only install the required components to an EC2 container. Amazon EC2 will provide services such as security groups that act as virtual firewalls, stateless network access control list (ACL) as well as subnet route table rules.

This was last updated in February 2019

Continue Reading About Containers as a Service (CaaS)

Dig Deeper on Containers and virtualization

Software Quality
App Architecture
Cloud Computing
Data Center