Platform as a Service (PaaS) is second level of cloud computing. These cloud services provide the users a complete development and operating environment, which are addressed via APIs of the respective provider.
PaaS allows companies and software developers to focus on their core competencies without having to worry about maintaining infrastructure, scaling, operations, and middleware all this at the responsibility of the provider. Although client companies and software developers has to pay for the provision of the service, this does offer the client a cost saving potential, as there are no acquisition costs and maintenance costs. Support is also the responsibility of the provider, this is contractually defined through SLA. The provider also ensures the security of the platform. Furthermore, the users have the opportunity to scale the required resources up and down according to their needs. Here is a Detailed Article Around the Requirements of Platform as a Service (Pass) in DevOps Explaining Development frameworks & Relevance to DevOps.
Requirements of PaaS in DevOps
The provider expected to ensures high availability. This is usually via the underlying infrastructure layer, but additional services such as monitoring, versioning and workflow systems must also be available at PaaS. Services like Azure from Microsoft advertise with an availability of 99.9% and write them down in their SLAs. Compared to the classic operation of own servers, a customer has to spend a lot of effort to ensure high availability. Redundancies of many components involved increase costs. Multiple connected instances and Internet connections, emergency power supplies or even redundant data centers make the operation of a server more expensive. All this is already done here by the PaaS provider and even beyond, because unlike IaaS there is also the risk of software errors (eg faulty patches).
One of the key factors for PaaS is the automatic expansion of resources for higher requirements, the so-called elasticity. These are available in two different ways. Vertical scaling is the addition of resources (CPU, RAM, etc) to a logical unit, such as an instance. With horizontal scaling, you can increase the number of instances to handle the increased requests. Both actions can be performed manually or automatically according to the application requirements. The automatic scaling is based on previously defined rules, so that when thresholds are exceeded, the measures are initiated without further interaction.
So-called APIs are able to create an ecosystem. Via the interfaces it is possible to reach other externally located data sources. These allow the company to disseminate a service. New contacts can be won and in the best case the company turnover is increased. Nevertheless, it is important to ensure a high standard of security, which can be met by the latest API security platforms. Access can be customized, SLAs adhered to and access by third parties restricted.
The provider of the PaaS platform provides the development environment. This is called IDE and operated either locally on the developer’s computer or recently displayed directly in the browser. It usually supports multiple programming languages and provides developers with numerous libraries and tools for modeling, implementing and testing developed applications. For locally working developers, the source code is written to the computer and then copied to the PaaS platform. Changes are also created locally and then transferred to the platform. Working from the cloud allows developers to develop and modify source code on the platform itself. The multi-tenancy architecture allows multiple developers to interact with the source code at the same time, which is a tremendous development and enhancement advantage. In both variants – depending on the provider – further different services can be used, eg external data sources can be integrated via web services. Depending on the provider, there are usually several development environments available. As an example PHP, Java, python or .NET can be mentioned here. There are also a few ready-to-use applications that need to be interfaced to their own applications.
Security in the cloud
The provider of a PaaS environment ensures the security of the platform and the underlying layers. The access rights and roles of those involved usually follow a uniform concept about the various services. Here then a registration (Single Sign On) for very different functions can be used. The hybrid services approach granularity decides what data goes into the cloud and what stays on-premises. VPNs (virtual private network) can secure access to the various clouds and enable secure communication in hybrid environments between instances.
Also can be used to strengthen the security of a multi-factor authentication, ie the use of another security feature except the password (eg mobile phone). This increased security requirement can secure access for employees, partners and even customers.
Of course, one should not hide the fact that security is lost through the services used. You placed in lot of hands of the provider and have to trust. Exploiting expert knowledge is lost through the benefits of ready-to-use services, and the ability to install additional layers of backup (encryption) is limited.
Relevance of PaaS to DevOps
In operation, the focus on availability is more weighted, but integrating development and team work now also makes developers dependent on the platform. Long-term failure can cause expensive idle times for larger development teams.
A new aspect of scaling can be the peak loads through automated tests that occur only briefly but regularly. For PaaS, this should be recognizable and able to be reduced again, since this load behavior differs from the operating load. Another advantage is the uniformity with which applications are written, tested and operated. The development team tests its code on the same architecture it will be used on later, allowing it to draw conclusions about load behavior in operation. You can also test the scaling abilities of your programming in your test environment. This drives the DevOps idea, as both benefit from the platform through this type of collaboration. Developers are less concerned about the test environment, and the Ops (operations administrators) are getting scalable applications safely.
DevOps ensures that the IT environment of a business has knowledge of APIs of large cloud platforms and is familiar with their implementation and functionality. A simple exchange of data about third parties may be important and supportive, but the focus is still on security. Therefore, DevOps pays attention to an ordered rights system and regulations before developing new APIs. In the future, safety regulations will become more and more complex as there will be more and more opportunities. With the help of Paas and its scalability, however, a high level of security can be ensured in the future in combination with DevOps.
The development frameworks for PaaS remain the same as described above, whether they are used for DevOps or not. As a rule, a company uses only one vendor, who then provides this service. The entire team then has access to this interface and can work together on the source code of an application or software.
Especially the hybrid operating concepts are suitable for DevOps. The development and the test environment can be operated in a private cloud, but the operation takes place in a public cloud. This results in advantages in various areas:
- Security – Development teams can develop their code in isolated environments without accessing user data. External employees can also get some isolated areas to make their contribution.
- Flexibility – As the development team grows or shrinks, the environment can follow in a timely manner. Workflow systems facilitate the incorporation of additional labor.
But even for in-house applications, an exclusive private cloud strategy can make sense. Especially with new developments, this should be taken into account as future corporate changes, such as mergers or divisions are hereby easier to map. In addition to the scaling of resources, later operational concept changes are simpler than with the classic server approach. For example, a private cloud quickly becomes a hybrid solution, or two private clouds synchronize shared data in a community cloud.
The support services provided by PaaS vendors focus on operations rather than developer support, but a stable environment and workflow-driven processes help developers do their very best: developing solutions. The operations team can provide more comprehensive support to developers and end users through a variety of solutions, providing performance data at all stages at all times and pinpointing performance bottlenecks with metrics.
DevOps is more committed to teamwork, especially in less-connected departments such as development and operations. This must be taken into account in the safety concept of PaaS. Very good for the cooperation is, for example, the possibility of SingleSignOn, so the one-time registration for the integrated services. Here too, developers can increase security through multifactor authentication. Especially good for developers are PaaS environments that already bring authentication mechanisms and make them usable for the development environment. Widespread identity systems from third-party providers such as Google or Facebook or GitHub can be integrated. These possibilities can also be used as SingleSignOn by the users for the different services.
This allows developers to easily build robust security systems into their applications and apps. The operator team receives traceable, reusable identity systems that also reduce the maintenance effort.
The use of established identity systems also reduces the inhibition threshold for logging in and the use of weak passwords. If these login accounts are also combined with another factor one can speak of an increase in security.
As already described in requirements of PaaS operation, PaaS considerably simplifies the work of the operator (ops). But what are the benefits for the DevOps approach? By simplifying the implementation of, for example, new virtual machines or SQL servers, these resources are more likely to be made available to developers (devs), as the inhibition threshold decreases and there is less time to think about dependencies or successor requirements. For example, requesting mobile apps may end up being an existing software for the administrators in a nightmare for their operation.There may be new developer teams with different programming languages for the many mobile platforms (Apple iOS, Android, Windows Phone). Security requirements and availability issues (scaling, high availability, backup) are then confusing and difficult to manage. With a PaaS environment like Azure, this is just another service that can be made available, and its dependencies, security requirements, and management are already resolved and not different from those of the “normal” servers. This means not only a test scenario is quickly provided for developers, but the questions following a successful test have already been answered. Backup, availability, authorization, work processes and costs for operation are to be answered immediately with concrete numbers.The operating administrators have the components of the new service to manage in their familiar environment and thus better control new solutions. From this security, the operator team can respond faster to the wishes of the developers. Likewise, an idea can also be tried out more cheaply on the market. Services such as new mobile apps can be developed and released to the market without fear of the cost of unused infrastructure. Should the use decrease after initial heavy use, only the resources that are currently required are paid.From this security, the operator team can respond faster to the wishes of the developers. Likewise, an idea can also be tried out more cheaply on the market. Services such as new mobile apps can be developed and released to the market without fear of the cost of unused infrastructure. Should the use decrease after initial heavy use, only the resources that are currently required are paid.From this security, the operator team can respond faster to the wishes of the developers. Likewise, an idea can also be tried out more cheaply on the market. Services such as new mobile apps can be developed and released to the market without fear of the cost of unused infrastructure. Should the use decrease after initial heavy use, only the resources that are currently required are paid.
This dynamic type of cost structure is also very helpful for decision-makers, as the scaling of costs is well-justifiable in line with usage. So far, the start-up costs for new ideas have been very high and only the fixed cost degression through high user numbers made the investment economical. That blocked so many ideas, since the chances of success were unclear and the decision-maker decided against it. Companies that are experiencing these changes can lead to a fundamental rethink and IT decision makers, administrators and developers may come up with a culture of experimentation and align their IT strategy. So far, only a few successful companies and startups show this culture. Here Google serves as an example: this company is constantly launching new services,will try the success for a while and not restoring so successful services.