The need for speedy development and deployment of applications is a real one — which is why organizations shouldn’t pass on PaaS.
That was the gist of a talk on platform as a service by Mike Edwards, who works on cloud computing standards at IBM.
“That’s where PaaS fits,” Edwards said in a webinar Thursday. “It’s about supporting the economic pressure for the need to develop more and better software — because ultimately your business is implemented through software.”
The Cloud Standards Customer Council, an advocacy organization for cloud services customers, aired the webinar to present the paper “Practical Guide to Platform-as-a-Service,” which gives an overview of PaaS plus recommendations on deployment and operation. The paper was written by Edwards, John Meegan, program manager for IBM’s Open Cloud, and other CSCC members.
PaaS sits in a unique spot in the cloud computing horizon, Edwards said. Like infrastructure as a service (IaaS) and software as a service (SaaS), it eliminates the need for the customer to manage things like servers, storage and networking. But while IaaS offers full-on data center capabilities in the cloud, customers still have to deal with applications, data, runtime and operating systems. And SaaS applications, though appealing — the provider handles all the hardware and software on its end — don’t always meet an organization’s specific needs.
PaaS, though, may be just right: The provider sets up the servers and hardware and configures and operates them. The customer just has to put in application code and data, an easy-to-follow recipe for creating customer software, Edwards said.
“The whole idea here is to simplify the whole task of building custom applications and running them, making it much easier than it would have been on-premises or even with infrastructure as a service,” he said.
There are a number of PaaS products on the market — Microsoft Azure, IBM Bluemix and HP Helion, to name three high-profile examples — but all of them share certain characteristics. Most important is the support for custom applications that are native to the cloud. They also support a number of runtimes — important if you’re developing a number of applications. For example, there is the Java JDK runtime for Java applications and Node.js runtime for Node.js apps. The capability is sometimes called “polyglot.”
“Basically it means PaaS can support the most appropriate technology for your application,” Edwards said.
There are 12 shared characteristics in all, including coming equipped with mechanisms for deploying quickly — PaaS environments can take “minutes or seconds in some cases” — security and middleware capabilities and developer tools.
Organizations that are thinking about PaaS have a lot more to think about. They need to build a cross-functional team involving not just the IT department but also business units, which have all the end users. That way, IT will know what capabilities people need to have. They also need to carefully examine the cloud service agreement with the provider so that the PaaS does what’s needed. And they need to take costs and charges, software licensing, and compliance requirements into account.
And then there’s governance: having a communication channel open to the provider, having the right security controls in place and knowing the physical whereabouts of your data. Edwards brought up the recent scrapping by the European Union of the Safe Harbor pact, which allowed Europeans’ personal data to be hosted on U.S. servers. It’s now illegal.
“It’s all about knowing where your data is and that the appropriate data controls are put in place and for the processes that you’re handling,” Edwards said.