Linux® containers have been employed for operating system-level virtualization since around 2008, but only recently they have started to gain tremendous popularity, fueled by open source projects such as Warden and Docker. Initially, container technologies have been used mainly for stateless web applications in platform-As-A-service (PaaS) clouds, but as the technology matures, they are being used for a larger variety of cloud workloads that are typically run on infrastructure-As-A-service (IaaS) clouds. For this reason, we developed the IBM Containers service, a cloud service that allows multiple developers to compose, deploy, and manage the lifecycle of complex application topologies with security and isolation on a shared infrastructure. The service provides developers with features of a PaaS cloud and flexibility of an IaaS cloud. In this paper, we discuss the challenges, architecture, security considerations, and capabilities of the service.