Platform as a Service

from Wikipedia, the free encyclopedia
Cloud computing architecture

As Platform as a Service ( PaaS ) refers to a service that the cloud is a computing platform for developers of Web applications provides. These can be runtime environments that can be used quickly (typically for web applications), but also development environments that can be used with little administrative effort and without having to purchase the underlying hardware and software . They support the entire software life cycle from design to development, testing and delivery to the operation of the web applications via the Internet . Platform as a Service is part of Everything as a Service .

Some offers also include services for collaborative work and versioning , for monitoring and for security, or middleware services for storing data or for communication between applications. PaaS offers are based on a scalable infrastructure ( IaaS ) of storage and computing power and can therefore also be scaled. Software as a Service (SaaS) offers can be created based on a PaaS environment . Thus PaaS is the middle layer in the cloud stack.

meaning

Between October 2009 and October 2010, more than 100 PaaS providers entered the market. They step in to relieve their customers of as many administrative tasks as possible, to enable scalability and high availability , to reduce fixed costs and total costs, to make users more flexible and to enable rapid application development and an early market entry. This enables customers to concentrate more on the actual development of business applications instead of worrying about frameworks , middleware or the operation of scalable, reliable and cost-efficient data centers .

At the moment, PaaS offers are only used by “leading-edge users”, while “mainstream users” are still skeptical about them. Gartner sees the more visionary Independent Software Vendors (ISVs) as the key to accepting the PaaS model, as they will offer their applications via the cloud. Only with these SaaS offers does the cloud become attractive for other IT projects.

In 2009 the topic of cloud computing had a high point on the Gartner hype curve . There have been many disappointments with the performance of cloud computing, but also positive effects. In Japan, large companies have already begun to use PaaS offers such as Force.com in order to be able to make customer applications available to a large number of users in a location-transparent manner. It turned out that PaaS offers are currently only suitable for self-contained applications that do not require complex data processing or complex application design. The data that these applications require is usually obtained from the company's own data centers via an ETL process, as it is not yet available in the cloud.

Differentiation from IaaS and SaaS

It is difficult to differentiate between PaaS and IaaS offers, as many PaaS providers use and bundle underlying IaaS offers. However, most PaaS offers do not allow direct access to the operating system; the PaaS services can only be addressed via APIs. The configuration of PaaS services can be done both via a web interface and again via an API. The user of a PaaS environment does not have to worry about the operating system, middleware and runtime environment for his application, as is the case with IaaS offers.

In order to be able to differentiate PaaS from SaaS offers, it is best to consult the target group. SaaS applications are usually intended explicitly for end users, have a graphical user interface and can be based on IaaS or PaaS offers. In contrast, PaaS offers are intended for developers and offer them a development environment as well as a container for their applications and other middleware services. Developers can thus distribute all of their applications in a PaaS environment. These middleware services are accessed via APIs.

However, there are also SaaS offers such as Google Drive , which provide developers with interfaces. However, they are mostly intended to expand the SaaS application or to communicate with it (see Add-on PaaS). There are also SaaS applications without a graphical user interface, but they are not widely used.

Types

Application PaaS (aPaaS) / Stand Alone environments

APaaS is a cloud environment for creating and operating business applications that is made available to users via a graphical user interface or a programming interface (API). An example would be a web application for managing appointments, which could run in the Google App Engine .

Integration and Governance PaaS (iPaaS)

In contrast, iPaaS is a cloud environment for mediating between heterogeneous, cloud-based applications through interoperability , integration and governance . An example would be an adapter that connects different cloud services as well as on-premises services and offers this in turn as a cloud service without necessarily providing a graphical user interface. iPaas should replace the previous integration middleware and be highly scalable according to the cloud paradigm. One of the first providers of such solutions is Mule iON.

Add-on development environments

Add-on development environments make it possible to adapt existing software-as-a-service applications. The procedure is similar, such as the customization of Microsoft Word or Lotus Notes by macro languages or from outside through APIs that are provided by the SaaS application. PaaS developers usually need access to the SaaS application itself, either through a subscription or a free developer license.

Application delivery only

Some PaaS offerings do not support the development, debugging or testing of applications, but only offer the operation of applications in a scalable environment and also offer security services.

Open PaaS

In the case of open PaaS offers, the developer is not given any programming language , database system , operating system or server .

Structure, properties and special features

Runtime and development environment

With the division of PaaS into development and execution environment, the developer should be able to commit himself to a development environment such as Django, but to be flexible in the choice of execution environment and to be able to switch between providers.

To achieve a high level of reliability , at least two instances of each application must be running so that in the event of an error in one instance, the other can take over. Since applications in PaaS environments usually require computing as well as data and other middleware services, it should be noted that if one of the services used fails, the availability of the entire system can also suffer. In their SLAs, providers usually only promise availability of 99.5, 99.9 or 99.95 percent for each individual service, but not for all services together. If the provider violates the SLAs, usually only credits between 10 and 25 percent are reimbursed on the monthly invoice.

Programming model

The programming model in the cloud is comparable to enterprise applications ( clusters of application servers with load balancers ), since both must be scalable and fail-safe. So in order to be able to operate scalable applications in the cloud, this must rely on asynchrony and statelessness . Otherwise, you can only get hosting in a cloud environment, which has to do without good scalability and reliability.

The Windows Azure programming model, for example, requires three prerequisites that must be met in order to ensure scalability and reliability. Firstly, an application must be divided into one or more logical roles, secondly, several instances of a role must run simultaneously and thirdly, the application must also behave correctly if an instance of a role crashes. In addition, the application is not allowed to save a state because the load balancer does not use sticky sessions / cookies in contrast to, for example, Amazon's Elastic Beanstalk .

Changes to the operating system must, if they are at all possible, be made each time an instance is started, and data, if they can be saved locally, are usually not available for all instances and can be lost when an instance is restarted. In order to enable communication between instances, a message queuing system must generally be used, which in some cases even has to follow at least once semantics, so the processing of the messages must be idempotent .

When setting up a PaaS environment, existing enterprise programming models such as JEE or .NET can usually be used, but the developer may have to adapt to changes if he has not yet developed any scalable applications.

Development process

The development process is not that different from application development for application servers such as JEE. Applications are specified, designed, developed, tested, packaged and finally transferred to the cloud platform locally. Many providers such as Google App Engine , Microsoft Azure or Amazon's Elastic Beanstalk allow several versions of the same application to run in parallel, for example to offer live, stage and test environments and thus also to enable a rollback to an earlier version. The major providers also bring direct support for IDEs to transfer the applications directly from the IDE to the cloud environment.

A PaaS provider must therefore ensure that all versions of an application are saved and can also offer IDE convenience functions in order to distribute the applications from within the IDE.

The effort involved in porting an on-premises solution to the cloud so that it scales there can range from a few hours to a completely new development, depending on the programming model used.

In order to minimize the effort when only a low level of scalability is required, there are multi-tenancy patterns which, for example, make non -client-capable applications client-capable with little effort, but at the price of limited scalability.

Runtime environment

The runtime environment of a PaaS environment can be configured via APIs or a web interface. For example, applications can be started and stopped or the maximum and minimum number of instances can be specified. Monitoring and the associated auto-scalability of the applications can also be done via APIs or a web interface.

Some runtime environments, such as JEE in the Google App Engine , only offer a subset of the actual runtime environments in order to ensure scalability and reliability. In the Google App Engine, for example, it is not allowed to start Java threads or to access the file or operating system directly. These restrictions are usually compensated for by separate APIs in order to still offer the functions, but not to endanger scalability and reliability. Such APIs can also be used to enforce quotas such as those for HTTP requests or email dispatch , which guarantee the stability of the runtime environment. Some providers offer additional APIs for services such as memcached or image processing. All provider-specific APIs are bundled together with the runtime environments in SDKs .

The disadvantage of these adjustments to the runtime environments is that portability is more difficult, since the additional services are not available across providers via standardized APIs. There are standardization bodies such as OpenStack and Open Cloud Computing Interface (Occi). However, they focus their work more on standardizing the management and storage APIs than on the application containers.

Persistence

Almost every application has to save data, but in cloud environments this cannot happen on the hard disk of the runtime environment, since the runtime environments must be switched off and the applications must be restarted on other runtime environments. Most PaaS providers therefore offer various persistence options as a service via an API. Various services such as BLOB storage, SQL databases, NoSQL databases, highly available caches or memcache servers are therefore part of the service provided by the large PaaS providers.

Most of the persistence services of the PaaS providers are not based on relational databases because, according to the CAP theorem, they can only fulfill two of the three properties consistency, availability and partition tolerance at the same time in order to meet the scalability requirements. In the cloud, key value stores or schema-less NoSQL databases have become established, which scale much better because they do not have to fully comply with the ACID criteria.

Since many customers still require SQL databases for simple application migration to the cloud, these are now also offered, but with poorer performance than the key value stores. The BLOB memories of the PaaS providers, such as the S3 service from Amazon, usually do not use standard software or protocols, but have a provider-dependent API. In order to facilitate the portability of the applications from one PaaS provider to the next, the JPA or JDO API is often implemented for the databases in the Java environment .

Concurrency and communication between application instances

In order for the application response time to be always acceptable to the end user, some applications need the ability to start asynchronously for larger computations. In cloud environments, however, an application instance can be shut down at any time. This means that the calculation can be canceled before it is finished. In addition, the Google App Engine , for example, does not offer the possibility to start new threads in its applications. This is to prevent the stability of the Google App Engine from being compromised.

Most PaaS providers have a messaging infrastructure in their program to guarantee the execution of asynchronous calculations or to enable them at all. The Google App Engine allows asynchronous tasks to be initiated, for example using the Scheduled Tasks and Task Queue services. At Amazon there is the Amazon Simple Queue Service and at Microsoft Azure the Queue Service API from Microsoft Azure Storage Services. Although Microsoft Azure and Amazon's Elastic Beanstalk allow new threads to be started, it is recommended to use message queues for the reasons mentioned above in order to achieve better scalability.

Access layer

Applications in the cloud can be accessed via the Internet or within the company via the intranet. Above all, web and network protocols such as HTTP / S and TCP / IP play a role, but protocols for special applications such as XMPP or WebSocket are also partially supported.

The most important role is played by the HTTP protocol, since applications that are transferred to a PaaS environment are usually accessed via HTTP. The HTTP protocol was created as an access protocol for resources on the Internet and is therefore also suitable for cloud applications. Protocol properties such as statelessness and caching support a scalable infrastructure. A load balancer can statelessly forward HTTP requests to the corresponding instances of the applications or a CDN can bring the resources close to the user.

In order to keep the cloud environments stable, some providers restrict network access from applications and make it available again in a controlled manner via provider-dependent APIs. The Google App Engine allows, for example, no free network communications, an API used by Google for this must support the HTTP / S (URL Fetch), XMPP and WebSocket (Channel).

In order to increase security of applications that allow providers like Amazon integrated firewall settings as Black - or whitelisting of IP address ranges or TCP / UDP - Port constraint to make. This means that access to an application can be more secure and restricted to your own company. Connections between the public cloud and the on-premises infrastructure secured by IPsec VPN are also possible, for example with Amazon's virtual private cloud service.

There are also services such as Microsoft Azure Connect (beta) to enable direct communication between the public cloud and on-premises services via the IP protocol. For example, a public cloud application can access an on-premises database or an on-premises Active Directory .

Multi-tenancy

Since not only individual companies outsource their in-house applications to the cloud, but ISVs also like to use cloud platforms for new applications, funds are required to enable multi-tenancy.

Here may clients are assigned session-dependent or independent individual application instances (Multiple Instances multi-tenancy). Or the application is aware that it is serving several clients (native multi-tenancy), then the request can be processed by any previously undefined application instance. The type of client service has a major impact on scalability. In addition, aspects such as data security, performance, isolation, availability, SLAs or application configurations also play a major role. The data of the individual clients must not be mixed up, the performance should be distributed equally across all clients, and yet each client should be able to configure its application individually.

PaaS providers like Google respond to this, for example, with namespaces . Each client can be assigned a subdomain as a namespace. After that, only access to objects of the datastore, memcache or the task queue associated with this namespace is permitted. This ensures at a higher level than the application itself that no customer has access to the data of other customers. Alternatively, different patterns can be used.

Another problem that a cloud platform should solve is running multiple versions of an application at the same time. On the one hand, this is advantageous when developing applications in order to carry out tests such as regression tests. It then offers the option of rollback in the event that errors occur in live operation after the upgrade to the latest version, and it gives clients the option of deciding themselves when they want to upgrade to a new version.

costs

Running a small web application with one computing instance, 15 GB of incoming and 15 GB of outgoing traffic and 1 GB of storage costs between US $ 38 and US $ 65 per month for providers such as Google, Amazon or Microsoft.

criticism

Most providers do not offer support in the form of technical instructions or even tools for migrating from on-premises to PaaS applications. They only offer tools to import and export data to the cloud and to upload virtual machine images to the cloud. That alone does not allow the applications to scale, but is more comparable to a remote hosting solution.

The large PaaS providers all offer the basic functions for running simple web applications in the cloud. Professional support is also offered by many services, although some of these offers are still in a beta phase. The general data protection problem in cloud computing is not addressed by the services for German companies because the data is not in German data centers, which is important for many companies.

Caution should be exercised with some services that claim to have PaaS offers, but which use this term to denote off-premises hosting without scalability.

providers

There are a number of providers of public and private PaaS offers that differ more or less. All of them offer application hosting and a development environment, along with integration services.

Public and private PaaS offerings include:

Web links

Individual evidence

  1. a b c G. Raines and L. Pizette. Platform as a Service: A 2010 Marketplace Analysis. 2010-10, http://www.mitre.org/work/tech_papers/2010/10_4138/cloud_platform_service_paas.pdf , accessed June 2, 2012
  2. a b c d e f g Y. V. Natis, T. Jones, BJ Lheureux, K. Iijima, E. Knipp and DM Smith. Predicts 2011: Platform as a Service: The Architectural Center of the Cloud. Gartner, November 24, 2010
  3. a b M. Fouquet, H. Niedermayer and G. Carle. Cloud Computing for the Masses. December 1, 2009
  4. B. Lobaugh. Deploying a Java application to Windows Azure with Command-line Ant. Microsoft, February 17, 2011, archived copy ( Memento of the original from April 25, 2017 in the Internet Archive ) Info: The archive link was inserted automatically and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice. , Access date: June 2, 2011 @1@ 2Template: Webachiv / IABot / java.interoperabilitybridges.com
  5. a b K. Friedmann. Cloud computing in Germany: the market for cloud services will double by the end of 2011. ( Memento of September 10, 2012 in the Internet Archive ), August 3, 2010, access date: June 2, 2011
  6. unknown. Cloud Hype at Height: Gartner. Cloud Computing Journal, August 17, 2009, http://cloudcomputing.sys-con.com/node/1067894 , accessed on May 6, 2011
  7. unknown. AWS Elastic Beanstalk (beta). http://aws.amazon.com/elasticbeanstalk/ , Amazon, 2010, accessed June 2, 2011
  8. ^ W. Tonninger. The Cloud Gretchen question: IaaS or PaaS ?. February 25, 2011, http://businessreadyblog.wordpress.com/2011/02/25/die-cloud-gretchen-frage-iaas-oder-paas/ , access date: June 2, 2011
  9. unknown. Welcome to Google Drive. Google, 2011, http://drive.google.com , accessed April 26, 2012
  10. unknown. iPaaS: Integration for the Cloud Era. MuleSoft, 2011, http://www.mulesoft.com/ipaas-integration-platform-as-a-service , accessed June 3, 2011
  11. Open Platform as a Service
  12. unknown. Django | The Web framework for perfectionists with deadlines. 2011, https://www.djangoproject.com/ , accessed June 3, 2011
  13. A. Lenk, M. Klems, J. Nimis, S. Tai and T. Sandholm. What's inside the cloud? An Architectural Map of the Cloud Landscape. ICSE'09 workshop, March 23, 2009
  14. a b http://www.microsoft.com/windowsazure/sla/
  15. http://aws.amazon.com/ec2-sla/
  16. http://aws.amazon.com/de/s3-sla/
  17. http://code.google.com/intl/de-DE/appengine/sla.html ( Memento from January 16, 2012 in the Internet Archive )
  18. a b c Chang Jie Guo, Wei Sun, Ying Huang, Zhi Hu Wang and Bo Gao. A Framework for Native Multi-Tenancy Application Development and Management. cec-eee, pp. 551–558, The 9th IEEE International Conference on E-Commerce Technology and The 4th IEEE International Conference on Enterprise Computing, E-Commerce and E-Services (CEC-EEE 2007), 2007
  19. a b c R. Mietzner, T. Unger, R. Titze and F. Leymann. Combining Different Multi-Tenancy Patterns in Service-Oriented Applications.
  20. unknown. StartingPage - Wiki. openstack, May 30, 2011, http://wiki.openstack.org/ , accessed June 5, 2011
  21. unknown. Open Cloud Computing Interface | Open Standard | Open community. 2011, accessed June 5, 2011
  22. App Engine Java Overview - Google App Engine - Google Code ( Memento from February 25, 2012 in the Internet Archive ), retrieved on: June 5, 2011
  23. unknown. Amazon Web Services (German). 2011, http://aws.amazon.com/de/ , accessed June 5, 2011
  24. unknown. Windows Azure Platform Features. Microsoft, 2011, http://www.microsoft.com/windowsazure/features/ , accessed June 5, 2011
  25. ^ N. Lynch and S. Gilbert. Brewer's conjecture and the feasibility of consistent, available, partition-tolerant web services. ACM SIGACT News, Volume 33 Issue 2 (2002), pages 51-59.
  26. A. Carter. The CAP Theorem as it Applies to Contemporary NoSQL Storage Systems. April 5, 2011, https://github.com/igor-kalashnikov/nebulous/raw/master/Knowledge%20Base/Distributed%20DBMS/The%20CAP%20Theorem%20as%20it%20Applies%20to%20Contemporary%20NoSQL%20Storage % 20Systems.pdf , accessed June 5, 2011
  27. a b The Java Servlet Environment, Google ( Memento of May 13, 2010 in the Internet Archive ), access date: June 2, 2011
  28. Task Queue Java API Overview - Google App Engine - Google Code ( Memento of March 7, 2010 in the Internet Archive ), retrieved on: June 2, 2011
  29. unknown. Amazon Simple Queue Service (Amazon SQS). Amazon, 2010, http://aws.amazon.com/de/sqs/ , accessed June 2, 2011
  30. unknown. Queue Service API. Microsoft, 2011, http://msdn.microsoft.com/en-us/library/dd179363.aspx , accessed June 2, 2011
  31. C. Baun, M. Kunze, J. Nimis and S. Tai. Cloud Computing: Web-based dynamic IT services.
  32. unknown. Elastic load balancing. Amazon, 2011, http://aws.amazon.com/elasticloadbalancing/ , accessed June 2, 2011
  33. Windows Azure CDN. Microsoft ( Memento of April 18, 2012 in the Internet Archive ), access date: June 2, 2011
  34. R. Fielding, J. Gettys, J. Mogul, H. Frystyk, L. Masinter, P. Leach and T. Berners-Lee. Hypertext Transfer Protocol - HTTP / 1.1. 1999-06, http://tools.ietf.org/html/rfc2616 , accessed June 2, 2011
  35. Quotas - Google App Engine - Google Code ( Memento from February 27, 2012 in the Internet Archive ), retrieved on: June 2, 2011
  36. Java Service APIs ( Memento of August 24, 2011 in the Internet Archive ), access date: June 2, 2011
  37. unknown. Amazon Elastic Compute Cloud (Amazon EC2). 2011, http://aws.amazon.com/de/ec2/ , accessed on June 5, 2011
  38. unknown. Windows Azure Virtual Network | Windows Azure Platform. 2011, http://www.microsoft.com/windowsazure/virtualnetwork/ , accessed June 5, 2011
  39. Overview of Multitenancy and the Namespaces Java API - Google App Engine - Google Code ( Memento of August 22, 2011 in the Internet Archive ), retrieved on: June 2, 2011
  40. Developer's Guide - Google App Engine - Google Code ( Memento from February 19, 2012 in the Internet Archive ), accessed June 2, 2011
  41. unknown. Windows Azure Platform Consumption. Microsoft, 2011, http://www.microsoft.com/windowsazure/offers/popup/popup.aspx?lang=en&locale=en-us&offer=MS-AZR-0003P , accessed June 2, 2011
  42. unknown. AWS Elastic Beanstalk (beta). http://aws.amazon.com/elasticbeanstalk/ , Amazon, 2010, accessed June 2, 2011
  43. ^ R. Blackwell. Azure Northern Europe is Dublin and Western Europe is Amsterdam. April 12, 2011, http://www.robblackwell.org.uk/2011/04/12/azure-northern-europe-is-dublin-and-western-europe-is-amsterdam.html , accessed June 2 2011
  44. unknown. Amazon Web Services: Service Health Dashboard. http://status.aws.amazon.com/ , accessed June 2, 2011
  45. unknown. Issue 193 - googleappengine - Country-specific Storage - Google App Engine - Google Project Hosting. http://code.google.com/p/googleappengine/issues/detail?id=193 , accessed on June 2, 2011
  46. YV Natis, T. Jones, BJ Lheureux, K. Iijima, E. Knipp and DM Smith. Predicts 2011: Platform as a Service: The Architectural Center of the Cloud. Gartner, November 24, 2010
  47. D. Chappell. THE WINDOWS AZURE PROGRAMMING MODEL. Microsoft, 2010-10, http://www.microsoft.com/windowsazure/Whitepapers/ProgrammingModel/default.aspx , accessed June 2, 2011
  48. John R. Rymer, “Enterprise Public Cloud Platforms, Q4 2014” Forrester , December 29, 2014