Skip to main content
Redhat Developers  Logo
  • Products

    Platforms

    • Red Hat Enterprise Linux
      Red Hat Enterprise Linux Icon
    • Red Hat AI
      Red Hat AI
    • Red Hat OpenShift
      Openshift icon
    • Red Hat Ansible Automation Platform
      Ansible icon
    • View All Red Hat Products

    Featured

    • Red Hat build of OpenJDK
    • Red Hat Developer Hub
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenShift Dev Spaces
    • Red Hat OpenShift Local
    • Red Hat Developer Sandbox

      Try Red Hat products and technologies without setup or configuration fees for 30 days with this shared Openshift and Kubernetes cluster.
    • Try at no cost
  • Technologies

    Featured

    • AI/ML
      AI/ML Icon
    • Linux
      Linux Icon
    • Kubernetes
      Cloud icon
    • Automation
      Automation Icon showing arrows moving in a circle around a gear
    • View All Technologies
    • Programming Languages & Frameworks

      • Java
      • Python
      • JavaScript
    • System Design & Architecture

      • Red Hat architecture and design patterns
      • Microservices
      • Event-Driven Architecture
      • Databases
    • Developer Productivity

      • Developer productivity
      • Developer Tools
      • GitOps
    • Automated Data Processing

      • AI/ML
      • Data Science
      • Apache Kafka on Kubernetes
    • Platform Engineering

      • DevOps
      • DevSecOps
      • Ansible automation for applications and services
    • Secure Development & Architectures

      • Security
      • Secure coding
  • Learn

    Featured

    • Kubernetes & Cloud Native
      Openshift icon
    • Linux
      Rhel icon
    • Automation
      Ansible cloud icon
    • AI/ML
      AI/ML Icon
    • View All Learning Resources

    E-Books

    • GitOps Cookbook
    • Podman in Action
    • Kubernetes Operators
    • The Path to GitOps
    • View All E-books

    Cheat Sheets

    • Linux Commands
    • Bash Commands
    • Git
    • systemd Commands
    • View All Cheat Sheets

    Documentation

    • Product Documentation
    • API Catalog
    • Legacy Documentation
  • Developer Sandbox

    Developer Sandbox

    • Access Red Hat’s products and technologies without setup or configuration, and start developing quicker than ever before with our new, no-cost sandbox environments.
    • Explore Developer Sandbox

    Featured Developer Sandbox activities

    • Get started with your Developer Sandbox
    • OpenShift virtualization and application modernization using the Developer Sandbox
    • Explore all Developer Sandbox activities

    Ready to start developing apps?

    • Try at no cost
  • Blog
  • Events
  • Videos

4 container usage takeaways from the 2019 Sysdig report

November 8, 2019
David Strom
Related topics:
Kubernetes
Related products:
Red Hat OpenShift

Share:

    You probably already knew that most of the containers created by developers are disposable, but did you realize that half of them are only around for less than five minutes? That and other fascinating details are available in the latest annual container report from Sysdig, a container security and orchestration vendor.

    This is the company’s third such report. The results are obtained from their own instrumentation collected from a five-day period last month of the more than 2 million containers used by their own customers. This means the results could be somewhat skewed toward more experienced container developers.

    Nevertheless, the report merits some scrutiny. Here are four important takeaways.

    1. Containers are more disposable than most of us thought

    Last year’s report found that only a fifth of the containers lasted for less than five minutes. This year found a fifth of containers operated for fewer than 10 seconds. That is a pretty significant jump. The report also found that half of the container images were replaced within a week. Taken together, these data points indicate a greater adoption of containers for more specific application and processing needs. But it also serves as a motivation for developers to ensure that no matter how short-lived, these containers need appropriate security measures.

    2. More than half have known security issues

    That brings up the next data point, where more than half of the containers that Sysdig tools scanned were found to have known security vulnerabilities. These include common runtime mistakes, such as allowing files to be created below the /etc and /root directories, which could be sloppy programming or could indicate a potential malware threat. The report found a median of 21 containers running as root on the hosts surveyed, which again indicates a lack of rigor in how they are consumed and deployed by developers because a root-level container could potentially be used in a privilege escalation attack.

    3. Container density has doubled

    The report also found that hosts were carrying twice the number of containers from last year, and a tenth of their customers are operating multiple public clouds to run their containers. Both show an increasing sophistication and maturity level, at least among Sysdig users. “With container density doubling since our last report, it’s evident that the rate of adoption is accelerating as usage matures,” said Suresh Vasudevan, Sysdig’s CEO, in their report.

    4. Red Hat OpenShift is in demand

    If you neglect the number of customers who are using Sysdig’s PaaS platform for on-premises deployments, Red Hat OpenShift comes out as being used by 43% of the customers for container orchestration and deployment. The report authors say this shows that larger and more risk-averse organizations want the advantages of using Kubernetes but want to deploy it on a commercially supported platform.

    Sysdig report
    Image used with permission from Sysdig.
    Image used with permission from Sysdig.">

    Also of interest to Red Hat developers is the report’s rise in usage of the CRI-O to 4% of containers. This tool is a lightweight container runtime for Kubernetes. The report’s authors “expect CRI-O’s use to climb over the coming years, especially as customers running Red Hat OpenShift migrate from v3 to v4, where CRI-O replaces the previously provided Docker engine.”

    Last updated: July 1, 2020

    Recent Posts

    • Cloud bursting with confidential containers on OpenShift

    • Reach native speed with MacOS llama.cpp container inference

    • A deep dive into Apache Kafka's KRaft protocol

    • Staying ahead of artificial intelligence threats

    • Strengthen privacy and security with encrypted DNS in RHEL

    Red Hat Developers logo LinkedIn YouTube Twitter Facebook

    Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform

    Build

    • Developer Sandbox
    • Developer Tools
    • Interactive Tutorials
    • API Catalog

    Quicklinks

    • Learning Resources
    • E-books
    • Cheat Sheets
    • Blog
    • Events
    • Newsletter

    Communicate

    • About us
    • Contact sales
    • Find a partner
    • Report a website issue
    • Site Status Dashboard
    • Report a security problem

    RED HAT DEVELOPER

    Build here. Go anywhere.

    We serve the builders. The problem solvers who create careers with code.

    Join us if you’re a developer, software engineer, web designer, front-end designer, UX designer, computer scientist, architect, tester, product manager, project manager or team lead.

    Sign me up

    Red Hat legal and privacy links

    • About Red Hat
    • Jobs
    • Events
    • Locations
    • Contact Red Hat
    • Red Hat Blog
    • Inclusion at Red Hat
    • Cool Stuff Store
    • Red Hat Summit
    © 2025 Red Hat

    Red Hat legal and privacy links

    • Privacy statement
    • Terms of use
    • All policies and guidelines
    • Digital accessibility

    Report a website issue