Iaas-PaaS-SaaS
Iaas-PaaS-SaaS
App Engine of Google and Force.com are examples of PaaS offering vendors. Developer
may log on to these websites and use the built-in API to create web-based applications.
But the disadvantage of using PaaS is that, the developer locks-in with a particular vendor.
For example, an application written in Python against API of Google, and using App Engine
of Google is likely to work only in that environment.
The following diagram shows how PaaS offers an API and development tools to the
developers and how it helps the end user to access business applications.
Benefits
Customer need not bother about the administration because it is the responsibility of cloud
provider.
Customer need not purchase expensive hardware, servers, power, and data storage.
Scalable solutions
It is very easy to scale the resources up or down automatically, based on their demand.
It is the responsibility of the cloud provider to maintain software versions and patch
installations.
Issues
Like SaaS, PaaS also places significant burdens on customer's browsers to maintain reliable
and secure connections to the provider’s systems. Therefore, PaaS shares many of the issues
of SaaS. However, there are some specific issues associated with PaaS as shown in the
following diagram:
Lack of portability between PaaS clouds
Although standard languages are used, yet the implementations of platform services may
vary. For example, file, queue, or hash table interfaces of one platform may differ from
another, making it difficult to transfer the workloads from one platform to another.
The PaaS applications are event-oriented which poses resource constraints on applications,
i.e., they have to answer a request in a given interval of time.
Since PaaS applications are dependent on network, they must explicitly use cryptography and
manage security exposures.
Characteristics
PaaS Types
Based on the functions, PaaS can be classified into four types as shown in the following
diagram:
The stand-alone PaaS works as an independent entity for a specific function. It does not
include licensing or technical dependencies on specific SaaS applications.
The application delivery PaaS includes on-demand scaling and application security.
Open PaaS offers an open source software that helps a PaaS provider to run applications.
PaaS can be delivered through public, private, or hybrid clouds. With a public cloud PaaS,
the customer controls software deployment while the cloud provider delivers all the major IT
components needed to host the applications, including servers, storage systems, networks,
operating systems, and databases.
As with other types of cloud services, customers pay for PaaS on a per-use basis, with some
providers charging a flat monthly fee for access to the platform and applications hosted on
the platform.
One of the biggest advantages of PaaS is that enterprises can gain an environment in which to
create and deploy new applications without the need to spend time and money building and
maintaining an infrastructure that includes servers and databases.
This can lead to faster development and delivery of applications, a huge plus for businesses
looking to gain a competitive edge or that need to get products to market quickly.
PaaS also lets them test the use of new languages, operating systems, databases, and other
development technologies quickly, because they do not have to stand up the supporting
infrastructure for them. PaaS also makes it easier and faster to upgrade their tools.
And the use of PaaS forces enterprise software developers to use cloud techniques in their
applications, helping then adopt modern principles and take better advantage of cloud
infrastructure (IaaS) platforms.
Because organizations using PaaS can manage their applications and data, loss of control is
not a major issue as it often is when using cloud infrastructure or applications.
Providing a hosted environment for application development and testing is one of the most
common uses for PaaS. But it is hardly the only reason why enterprises use PaaS.
Research firm Gartner cites a variety of use cases for PaaS, including:
API development and management. Companies can use PaaS to develop, run,
manage, and secure application programming interfaces and microservices. This
includes the creation of new APIs and new interfaces for existing APIs, as well as
end-to-end API management.
Business analytics/intelligence. Tools provided via PaaS let enterprises analyze their
data to find business insights and patterns of behavior so they can make better
decisions and more accurately predict future events such as market demand for
products,
Business process management (BPM). Organizations can use PaaS to access a BPM
platform delivered as a service as with other cloud offerings. BPM suites integrate IT
components needed for process management, including data, business rules, and
service-level agreements.
Communications. PaaS can also serve as a delivery mechanisms for communications
platforms. This allows developers to add communications features such as voice,
video, and messaging to applications.
Databases. A PaaS provider can deliver services such as setting up and maintaining
an organization’s database. Research firm Forrester Research defines database PaaS
as “an on-demand, secure, and scalable self-service database platform that automates
provisioning and administration of databases and can be used by developers and non-
technical personnel.”
Internet of things. IoT is expected to be a big part of PaaS usage in the coming years,
supporting the wide range of application environments and programming languages
and tools that various IoT deployments will use.
Master data management (MDM). This covers the processes, governance, policies,
standards, and tools that manage the critical business data an enterprise owns,
providing a single point of reference for data. Such data might include reference data
such as information about customer transactions, and analytical data to support
decision making.
PaaS also includes resources such as development tools, programming languages, libraries,
database management systems. and other tools from the provider.
Among the leading PaaS vendors are Amazon Web Services, Microsoft, Google,
IBM, Salesforce.com, Red Hat, Mendix, and Heroku. Most widely used languages, libraries,
containers, and related tools are available on all the major PaaS providers’ clouds.
It’s no accident that several of these are also leading providers of software development tools.
Gartner estimates there are about 200 PaaS providers today.
PaaS risks
Given that PaaS is a cloud-based service, it comes with many of the same inherent risks that
other cloud offerings have, such as information security threats. PaaS is based on the concept
of using shared resources such as networks and servers, so the security risks include placing
critical data into this environment and having they data stolen due to unauthorized access or
attacks by hackers or other bad actors.
On the other hand, the major cloud providers have been more effective at warding off such
breaches than the typical enterprise datacenter, so the information security risk has not proven
to be what many in IT initially feared.
With PaaS, enterprises are beholden to service providers building appropriate access controls
and other security provisions and policies into their infrastructures and operations.
Enterprises are also responsible for providing their own security protections for their
applications.
Also, because organizations are relying on a particular service provider's infrastructure and
software, there is a potential problem of vendor lockin with PaaS environments. A legitimate
question for IT to ask is will the PaaS it chooses interoperate with its current and future IaaS
and SaaS deployments?
Another risk with PaaS is when the service provider’s infrastructure experiences downtime
for whatever reason, and the impact that might have on services. Also, what if the provider
makes changes in its development strategy, programming languages, or in other areas?
Don’t expect these possible hurdles to keep you from taking the plunge into PaaS. It provides
more flexibility precisely because the vendor handles the platforms while you handle the
programming.
Examples of PaaS
AWS Elastic Beanstalk, Windows Azure, Heroku, Force.com, Google App Engine, Apache
Stratos, OpenShift
IAAS:
All of the above resources are made available to end user via server virtualization.
Moreover, these resources are accessed by the customers as if they own them.
Benefits
IaaS allows the cloud provider to freely locate the infrastructure over the Internet in a cost-
effective manner. Some of the key benefits of IaaS are listed below:
IaaS allows the customer to access computing resources through administrative access to
virtual machines in the following manner:
Customer issues administrative command to cloud provider to run the virtual machine
or to save data on cloud server.
Customer issues administrative command to virtual machines they owned to start web
server or to install new applications.
It is possible to maintain legacy between applications and workloads between IaaS clouds.
For example, network applications such as web server or e-mail server that normally runs on
customer-owned server hardware can also run from VMs in IaaS cloud.
Issues
IaaS shares issues with PaaS and SaaS, such as Network dependence and browser based risks.
It also has some specific issues, which are mentioned in the following diagram:
Because IaaS offers the customer to run legacy software in provider's infrastructure, it
exposes customers to all of the security vulnerabilities of such legacy software.
The VM can become out-of-date with respect to security updates because IaaS allows the
customer to operate the virtual machines in running, suspended and off state. However, the
provider can automatically update such VMs, but this mechanism is hard and complex.
The customer uses virtual machines that in turn use the common disk resources provided by
the cloud provider. When the customer releases the resource, the cloud provider must ensure
that next customer to rent the resource does not observe data residue from previous customer.
Characteristics
In an IaaS model, a cloud provider hosts the infrastructure components traditionally present
in an on-premises data center, including servers, storage and networking hardware, as well as
the virtualization or hypervisor layer.
The IaaS provider also supplies a range of services to accompany those infrastructure
components. These can include detailed billing, monitoring, log access, security, load
balancing and clustering, as well as storage resiliency, such as backup, replication and
recovery. These services are increasingly policy-driven, enabling IaaS users to implement
greater levels of automation and orchestration for important infrastructure tasks. For example,
a user can implement policies to drive load balancing to maintain application availability and
performance.
IaaS customers access resources and services through a wide area network (WAN), such as
the internet, and can use the cloud provider's services to install the remaining elements of an
application stack. For example, the user can log in to the IaaS platform to create virtual
machines (VMs); install operating systems in each VM; deploy middleware, such as
databases; create storage buckets for workloads and backups; and install the enterprise
workload into that VM. Customers can then use the provider's services to track costs, monitor
performance, balance network traffic, troubleshoot application issues, manage disaster
recovery and more.
Any cloud computing model requires the participation of a provider. The provider is often a
third-party organization that specializes in selling IaaS. Amazon Web Services (AWS) and
Google Cloud Platform (GCP) are examples of independent IaaS providers. A business might
also opt to deploy a private cloud, becoming its own provider of infrastructure services.
IaaS pros and cons
Organizations choose IaaS because it is often easier, faster and more cost-efficient to operate
a workload without having to buy, manage and support the underlying infrastructure. With
IaaS, a business can simply rent or lease that infrastructure from another business.
IaaS is an effective model for workloads that are temporary, experimental or that change
unexpectedly. For example, if a business is developing a new software product, it might be
more cost-effective to host and test the application using an IaaS provider. Once the new
software is tested and refined, the business can remove it from the IaaS environment for a
more traditional, in-house deployment. Conversely, the business could commit that piece of
software to a long-term IaaS deployment, where the costs of a long-term commitment may be
less.
In general, IaaS customers pay on a per use basis, typically by the hour, week or month.
Some IaaS providers also charge customers based on the amount of virtual machine space
they use. This pay-as-you-go model eliminates the capital expense of deploying in-house
hardware and software.
When a business cannot use third-party providers, a private cloud built on premises can still
offer the control and scalability of IaaS -- though the cost benefits no longer apply.
With IaaS, it’s like leasing a car. Keeping the car repaired is someone else’s problem, you
just need to supply it with fuel (setting it up, maintaining software, etc.) and you get to go
pretty much wherever you want to.
PaaS is a bit like getting a cab. You get in and choose where you want to go to and how to
get there. Keeping the car running and figuring out the details is up to the driver.
SaaS is a bit like public transport. Cheap, someone else takes care of pretty much everything,
you just get to use it. This comes at the price of not always getting as close as you want (less
customizability)
Difference between IaaS PaaS & SaaS
In the following tabular format we will be explaining the clear difference between IaaS PaaS
& SaaS
There are many different situations in which SaaS may be the most beneficial, including:
If you are a startup or small company that needs to launch ecommerce quickly and
don’t have time for server issues or software
For short-term projects that require collaboration
If you use applications that aren’t in-demand very often, such as tax software
For applications that need both web and mobile access
There are many situations that utilizing PaaS is beneficial or even necessary. If there are
multiple developers working on the same development project, or if other vendors must be
included as well, PaaS can provide great speed and flexibility to the entire process. PaaS is
also beneficial if you wish to be able to create your own customized applications. This cloud
service also can greatly reduce costs and it can simplify some challenges that come up if you
are rapidly developing or deploying an app.
Just as with SaaS and PaaS, there are specific situations when it is the most advantageous to
use IaaS. If you are a startup or a small company, IaaS is a great option so you don’t have to
spend the time or money trying to create hardware and software. IaaS is also beneficial for
large organizations who wish to have complete control over their applications and
infrastructures, but are looking to only purchase what is actually consumed or needed. For
rapidly growing companies, IaaS can be a good option as you don’t have to commit to a
specific hardware or software as your needs change and evolve. It also helps if you are unsure
what demands a new application will need as there is a lot of flexibility to scale up or down
as needed.
At its level, nothing is done for allowing multiple tenants running on the same instance. The
only way to support multiple customers is to serve them with different copies of the software.
Furthermore, because little is done to allow customization through configuration, each copy
includes specific customer customizations, in the forms of custom extension code, custom
processes, custom data extensions. Needless to say that although “technically” the software is
delivered as a service (i.e. the software does not run on premise) economy of scale cannot be
achieved as each customer runs a different instance of the software. Although this could be a
starting point to validate the business model, one has to move quickly up. Managing 1000s of
customer at this level is very difficult.
Level 1: (Configurable)
At level 1, the software can be tailored for each tenant via configurations (no custom code),
all the tenants use the same code. However at level 1, the architecture is still not multi-tenant,
each customer runs its own copy (albeit the same). The separation can be either virtual
(virtual machines on a same server) or physical (running on separate machines). Although
much better than previous level, the architecture allows customization through
configuration (code base is the same), the computing power is not shared among the instances
and therefore the provider cannot achieve economy of scale, putting it at a competitive
disadvantage vs. a multi-tenant solution.
At this level. the application architecture includes the multi tenancy concepts. Akin to level 1,
the UI can be customizable per tenant, so can the business rules and the data model. The
customization per tenant is fully performed through configuration and is performed through a
self-service tool, getting around the need of provider intervention. It is almost the SaaS
"perfect case"; the only big piece missing at Level 2 is the capacity to scale out; the data
partitioning is such at this level that growth can only be achieved by scaling up.
The highest level in this model. At this level, the architecture allows all the capabilities of
level 2 (multi-tenancy, configuration) plus the scale out of the application. New instances of
the software can transparently be added onto the instance pool to dynamically support the
increasing load. Appropriate data partitioning, stateless component design, shared metadata
access are part of the design. In this model a Tenant Load Balancer (round robin, rule
based…) is introduced, maximizing the utilization of hosting resources (CPU, storage etc.);
the total load is adequately distributed over the entire infrastructure. The data is also
periodically moved to average the data load per instance. At level 3, the architecture is
scalable, multi-tenant and customizable via configuration.