a white paper series - atos syntel...cloud computing has widened its scope to include platforms for...
TRANSCRIPT
A P P L I C A T I O N S
A W H I T E P A P E R S E R I E S
IN THE FOLLOWING PAGES, WE WILL DISCUSS THE VARIOUS IMPLEMENTATIONS OF PAAS AND HOW THE RIGHT OPTION WILL ENSURE PAAS SUCCESS.
WE WILL ALSO DISCUSS THE BENEFITS AND DRAWBACKS OF EACH OPTION.
Platform as a Service (PaaS) Demystified
SIDDARTH JAISWAR
ATOS SYNTEL
In most private cloud implementation scenarios we came across IaaS (Infrastructure as a
Solution) as the sole way of implementing cloud. In IaaS, the concept of very high scalability,
reliability, availability and on demand provisioning is limited to hardware/virtual machines.
Though implementing IaaS qualifies an organization to call itself “cloud-enabled,” there needs
to be a PaaS (Platform as a Service) that augments the cloud efficiency to maximize return on
investment and propel the organization further into the cloud maturity index.
The goal of this paper is to enable organizations make an informed choice of PaaS that meets
their requirements. On the following pages, we will discuss various strategies to ensure PaaS
implementation success, as well as the benefits and drawbacks of each option.
TABLE OF CONTENTS
EXECUTIVE SUMMARY
PAAS DEFINED
REQUIREMENTS OF AN IDEAL PAAS PLATFORM
CUSTOM PAAS
REFERENCE ARCHITECTURE FOR APPLICATIONS IN CUSTOM PAAS
COTS IMPLEMENTATIONS OF PAAS
CONCLUSION
REFERENCES
© 2 0 1 8 S Y N T E L , I N C .
1
2
3
4
5
6
7
8
Executive Summary
PaaS DefinedCloud computing has widened its scope to include platforms for developing and implementing custom applications, a term called “Platform as a Service” (PaaS). PaaS applications are also suggested as on-demand, web-based or Software as a Service (SaaS) option. However the most comprehensive definition is provided by Wikipedia, which says:
Platform as a Service (PaaS) is the delivery of a computing platform and solution stack as a service. PaaS offerings facilitate deployment of applications without the cost and complexity of buying and managing the underlying hardware and software and provisioning hosting capabilities, providing all of the facilities required to support the complete life cycle of building and delivering web applications and services entirely available on the Internet.
PaaS offerings may include facilities for application design, application development, testing, deployment and hosting. This includes the scope of application services such as team collaboration, web service integration and marshalling, database integration, security, scalability, storage, and developer community facilitation among others. These services may be provisioned as an integrated solution offering over the web.
In simple terms, PaaS provides a runtime environment for cloud applications. It refers to the almost negligible need to buy software, hardware and all related services since these are available on the Internet in a more “public cloud” manner. In a private cloud setting, one would still need to buy hardware and software to build the infrastructure, but PaaS will help manage and utilize it in a manner that meets cloud standards. In the next section, we will discuss the cloud standards that any PaaS platform must implement. Additionally, in private cloud scenarios, these services might be available through Intranet or other means.
After looking at the PaaS platforms available today, it appears that most true PaaS platforms are provide a runtime environment for applications developed for cloud. However, some PaaS providers target the development environment and provide an entire solution stack that can be used to build, test, deploy and manage code in the cloud. Those providing development and testing services look more like SaaS — offering development or testing tools on the cloud. Although this is still a topic of debate, for the purposes of this paper we consider PaaS to be a runtime environment for cloud applications, and we will discuss the requirements and architecture of a PaaS platform.
Requirements of a PaaS PlatformAs stated above, the main objective of PaaS is to improve the efficiency of the cloud and maximize its benefits. Keeping this objective in mind, below are the requirements of an ideal PaaS platform:
• HighScalabilityandOnDemandProvisioningInfrastructure as a Service (IaaS) provides scaling and on-demandhardware provisioning. In terms of cloud, this scaling is possibleuntil the last hardware resource is available in cloud. Likewise, PaaSis expected to scale applications across the hardware and the extentof scaling can be stretched to include the last hardware resourceavailable for deployment. This provides users of PaaS a feeling ofinfinite scalability. In addition, the application provisioning shouldbe an automated task that needs no IT intervention for deploymentand delivery.
• HighAvailabilityPaaS platforms should provide a runtime environment forapplications that features failover and load balancing capabilities. Theimportant question is “how is it different from a traditional clustered,load-balanced environment?”The answer is that failover and load balancing capabilities shouldbe scoped across the cloud rather than a few dedicated machines,as is the case in a traditional environment. This is over and abovethe hardware availability provided by IaaS. Thus, by deploying aPaaS platform, application availability is guaranteed in the event ofapplication runtime breakdown and not infrastructure breakdown.
• HighReliabilityReliability is often used interchangeably with availability. Thoughthe motive of both is to provide a failover, there is a fine line thatdistinguishes one from the other. This difference can be made clearby means of an example: In the case of a business service that calculates an individual’s federaland state taxes, let’s first assume it is deployed in a cloud which
provides only availability. In this scenario, whenever there is a request for tax calculation the cloud will ensure that some service is always up and running to receive this request. However, other processes running on the same computing environment could cause the service to take a long time to respond and the request to time out. In this case, the request initiator would see an error page. Now, had the cloud been reliable, it would have sensed that the service was not responding within the specified time and would have tried to execute it in another computing environment. In this case, the user would have received a response and not an error. A successful PaaS platform should provide this reliability to all services/components deployed and running under them.
• OptimalUsageOne of the core requirements of any cloud computing platformis optimal usage of resources. In the case of PaaS, optimizationspecifically applies to resources utilized for executing applications.To apply resource optimization, the PaaS platform should havecomponents that monitor application execution and usage. Anotherpurpose of monitoring is to provide chargeback to the users. Thesecond reason is undecided about being required across all scenariosbut the former is certainly needed.Let us see how this requirement differs from its applicability to atraditional deployment. In traditional deployments, applications areload balanced using traditional hardware and software load balancersthat monitor a few application servers and distribute the load usingvarious load balancing strategies such as “round robin” or “leastrecently used.” In the PaaS context, since PaaS is the runtime forthe individual services of an application, load balancing should bemore granular. Here PaaS should monitor each service/component
within the application based on different parameters (number of requests being serviced, CPU usage of the VM running the machine, etc.) and then decide on the best candidate to service the incoming request.
PaaS is spread across the cloud, so this load balancing should not be limited to a few machines, but to the entire cloud where the PaaS exists. The other optimization scenario where PaaS distinguishes itself from a traditional deployment is that of a service orchestration. Wherever services are executed in a workflow or process based manner, PaaS should keep track of the current state of the workflow or process to ensure that work completed during execution of a process is not wasted if the process fails — rather than starting the process all over. This has the potential tosalvage the computing loss due to failure and improve the efficiency of the cloud.
• Auto-ScalingThe on-demand scenario could be based on a user request or inresponse to an increased load. In the latter scenario, the cloudbecause of its elastic nature expands and adds more resources tomeet the increased demand. This requires the PaaS to auto scale theapplications in the newly added computing resources.
• Admin/ManagementConsoleandReportsPaaS platforms should include some form of a user interfacethrough which all application components/services can be trackedand monitored. In case of private cloud this UI may be integratedwith the IaaS monitoring/tracking tool. Also this UI should have aprovision for requesting for additional deployments of applications/services along with access control for the same. PaaS platformsshould also have reporting capabilities to provide statistics related toapplication usage, execution and provisioning. If Reporting capabil-ities are not present in the form of UI then at least there should beAPIs or web service interfaces that users of PaaS can use to buildtheir own reports out of PaaS.
• MultiOSandMultiLanguageSupportAn organization might have different OS and applications writ-ten using different languages. PaaS platforms should enableruntimes which can run on multiple OS (Windows, Linux etc.)and should be able to run applications created in different lan-guages ( Java, .Net, C++ etc.).
PaaS — Bare BonesThe requirements discussed in the above section comprise both essential and useful to have features. Organizations can choose to have a partial implementation of these mandatory features to meet their requirements of PaaS. This is because each organization might have varying needs with respect to scaling, availability and reliability.. Let’s examine what constitutes the bare bones of a home grown PaaS platform, by revisiting each of the requirements mentioned above, while trying to figure out which of these would have to be necessarily implemented and to what extent:
HighScalability&OnDemandProvisioning: This is one of the most basic requirements of PaaS for implementation. However, the scope of scalability could be adjusted to suit the application need under cloud. Provisioning of applications has to be on-demand and without human intervention. Without implementing these two aspects, deploying PaaS would become futile.
HighAvailability: This prerequisite is also imperative but depending on the concerned organization’s needs, one could end up with finite points of failure. This means, if the custom PaaS components that provide availability are finite and if they all fail, there is a possibility of failure to accept request.
HighReliability: This precondition too can be exposed to finite points of failure rather than infinite controllers providing infinite (scope entire
cloud) reliability.
OptimalUsage: This implementation could be confined to load balancing to give the cloud advantage, it has to be granular and should be able to load balance individual services rather than the runtimes that these services run on.
Self-ServicePortal: Instead of full-fledged dashboard, one could provide a simple portal that provides UI to request for cloud resources including applications/services deployed in the PaaS.
The rest of the prerequisites may or may not be implemented in a custom PaaS and would depend on the specific needs of the user organization.
Reference Architecture for Applications in Custom PaaS
The diagram shown below depicts a typical logical reference architecture for a custom PaaS solution. The components and constituents of the PaaS platform depicted above represent the implementation of the minimal needs discussed in the previous section. There are two major groups of components and services that form the building blocks of a basic custom PaaS model.
These are the CommunicationLayer and ManagementLayer. The Communication Layer is responsible for meeting the availability, reliability and optimization needs of the applications running on cloud. The Management Layer comprises components and services that provide provisioning and management capabilities, thereby catering to scalability, on-demand and reporting requirements of the custom PaaS. The scale of deployment of these components across the cloud can decide the extent of failover provided by this architecture. This means that if these components are finite in number, one will get finite scalability.
Let’s have a closer look at each of these layers in the custom PaaS platform:
CommunicationLayerThis consists of components/services that manage communication between the requests coming from the outer world to the business services/components deployed in the cloud runtime. These components/services ensure the applications are failure-resistant and optimize the execution of these applications initiated through these requests. The following are the key components of this layer:
PaaS Components
Man
agem
ent L
ayer
Mon
itori
ng &
Man
agem
ent S
ervi
ce P
orta
l
Vir
tual
Im
age
Con
figur
ator
Ale
rt &
Mon
itori
ngPr
ovis
ioni
ng
Cloud Hosted Applications/Services
Application Runtime ( Java/.Net/C++)
Private Cloud Infrastructure
Operating System
Virtualized InfrastructureM
essa
ging
Secu
rity
Load Balancer
Cloud Service Orchestration
Cloud Service Interaction
Caching
Virtual Machine Management
PaaS Constituents
LoadBalancer: This component keeps track of all application services and number of requests being serviced by each of them. This component handles availability, reliability and optimal usage aspect of the services. Some of the key features to be implemented are:
• An http/https listener that can handle any http/https requestentering the cloud
• Configurable rules to specify rules-related to routing of web requeststo application service instances. For example, a rule which says routethe request to a service that has least CPU utilization
• Synchronization across various instances of load balancers under thecloud to ensure non duplication of execution and availability throughredundancy of instances
• A registry of currently running services and log/trace of eachexecution
• A way of registering services with the load balancer to ensureavailability and reliability of individual services.
CloudServiceinteraction: Services deployed in the cloud do not have a permanent address as they might move from one VM to another. This calls for a component in PaaS that knows at a given point of time where all these service instances are running. Cloud Service interaction component ensures the interaction with these services do not fail, thereby guaranteeing availability. The Load balancer discussed above always interrogates the cloud service interaction component to get a list of addresses of services deployed in the cloud. Following are the key features to be implemented for this component:
• A reliable central registry of services and their end-points/addresses• A poller that ensures the validity of each address
• A configurable pool of services with settings for threshold• A service creator that creates services on increase in demand keeping
threshold in check• Redundant instances to avoid failure due to unavailability of this
component
CloudServiceOrchestration: One of the application service usage sce-narios is where multiple services have to be invoked to complete a busi-ness process. As discussed in the above sections on requirements of PaaS, optimal usage of resources is one of the key needs. Hence, under the cloud service orchestration, each execution is conserved and reused later when the process has to be restarted in the event of failure. Here are the key features required to build this component:
• Temporary cloud storage to store intermediate state of a businessprocess
• A way to define a workflow/process• A pool of choreographers with ability to take over each other’s
responsibility in the event of a failure
Caching: This simply said, is a common cache for the entire cloud. The only difference from a traditional cache is that it may not reside on a single virtual machine and could be redundant to ensure maximum reli-ability of the cache. The key features for its implementation are:
• Ability to cache objects in multiple locations• Ability to update all cache locations• Ability to configure number of cache locations• Use reliable messaging to synchronize cache across the cloud
Messaging: This is a reliable messaging component. It is able to oper-ate from multiple virtual machines. It ensures there is no single point of
ManagementLayerThis layer provides monitoring and management capabilities to the PaaS. Most of the components used have an overlap with IaaS implemented for the cloud.
Provisioning: This component provisions application services based upon on-demand request made through the portal. This provisioning engine may be coupled with the VM provisioning engine to facilitate the creation of an integrated provisioning component. The key features of its implementation are:
• Ability to deploy application services on provisioned VMs• Use of a cloud store to get application images to be deployed on
VMs
Alerts&Monitoring: This component specifically monitors the execu-tion of the application services and alerts the stakeholders of any failures. This again can be part of the organizational monitoring tool for the cloud. Following are the key features to be implemented for this compo-nent:
• Ability to send e-mail alerts and online messages to dashboard in theevent of failure of application services
• Monitor health (CPU Usage, inactivity etc.) of individual servicesthrough well defined interfaces
• Monitor process execution and provide ways to intervene in theexecution of the process
ImageConfiguration: This should ideally be part of the IaaS where one
can define standard virtual machine images for the cloud. However, in a pure IaaS implementation these images would have no correspondence to application services. The key features for its implementation are:
• A reliable cloud store that allows storage of application images asblobs
• Provision to create new images and map them to VM profiles
Management&MonitoringServicePortal: consists of a dashboard for monitoring application services and UI to provision new services. Following are the key features to be deployed for this component:
• Simple intuitive user interface with different menus and screens fordifferent roles
• Application provisioning request screen• Application event and health check screens for admin• Reporting capabilities related to execution of application services in
cloudAll these components and services can be built by using open source technologies which provide avenues of customization related to cloud. A classic example is tc Server, an offering from VMWare and SpringSource, which is built by customizing tomcat, which is a Java based open source servlet-engine. RabbitMQ and MemCache being examples for messaging and cache respectively.
failure and services can easily communicate with each other even if one of these VMs fails. Here are the key features that need to be considered when implementing this component:
• Redundant queues and queue manager with synchronization acrossall line ups to eliminate duplicate queues without compromising onreliability
• Ability to broadcast messages across the cloud
VirtualMachineManagement: This component forms the media-tion between the underlying virtualization solution and the application services. A usage example of this component is that, the load balancer could use it to query a virtual machine for its CPU utilization. Following are the key features to be implemented for this component:
• Ability to interface with multiple (at least a couple) virtualizationengines
Security: Depending on the security policy of the organization, this could be a federation service that talks to an on premise identity ser-vice or could be an identity service on its own exclusively for the cloud. Following are the key features to be implemented for this component:
• A federation engine that creates security token based on identityservice interaction
• A cloud storage to store identity information in case of identityservice inside cloud
• A UI to create identities in case of identity service inside cloud
Commercial Off-the-Shelf Software (COTS) Implementations of PaaSWith cloud adoption gaining momentum, it has led to many new providers entering the business of PaaS in recent times. Some of these providers are big players like Google, Microsoft, Salesforce and VMware and there are some small ones like Gridgain, Appistry etc. Some of these platforms are closed offerings where these PaaS platforms are only available on the providers datacenters like for example, Microsoft Azure. Some of these are available to be deployed in one’s private cloud infrastructure or any other infrastructure. Most of the PaaS vendors today concentrate mainly on providing deployment and application provisioning services. Let’s take a look at some of these providers:
• Windows®Azure:It’sacloudservicesoperatingsystemthatservesasthedevelopment,servicehostingandservicemanagementenvironmentfortheWindowsAzurePlatform.Thesearesomeoftheimportantfeaturesofthisplatform:
• Provides on-demand computation and storage to host, scale, andmanages web applications on the Internet through Microsoft®data centers
• Supports applications developed using .Net, Java etc.• Supports popular standards and protocols including SOAP, REST,
XML, and PHP• Provides Windows Azure Table storage, which is a non relational
scalable data storage alternative for applications hosted in Azure• Provides SQL Azure, which is the scaled out version of SQL
Server for people who prefer to use RDBMS for data storage withdata size not exceeding 50 GB
Currently, the Windows® Azure platform is only available in Microsoft Data Centers as part of their public cloud offering. In addition,
applications deployed in Azure get locked into the platform – thereby rendering their porting to any other platform difficult.
• GoogleAppEngine:GoogleAppEnginemakesiteasytobuildanapplicationthatrunsreliably,evenunderheavyloadandwithlargeamountsofdata.AppEngineincludesthefollowingfeatures:
• Dynamic web serving, with full support for common webtechnologies
• Persistent storage with queries, sorting and transactions• Automatic scaling and load balancing• APIs for authenticating users and sending email using Google
Accounts• A fully featured local development environment that simulates
Google App Engine on your computer• Task queues for performing work outside of the scope of a web
request• Scheduled tasks for triggering events at specified times and
regular intervals
Applications deployed in Google App Engine run in a secure sandbox environment that provides limited access to the underlying operating system. Just as Azure, the Google App Engine is available only through Google data centers. There are also portability concerns relating to moving away from App engine because of the various proprietary/closed APIs of app engine, especially the data store.• Force.com:ItisacloudcomputingPaaSsystemfromSalesforce.
com,thatdevelopersusetobuildmulti-tenantapplicationshostedontheirserversasaservice.ThisistheplatformonwhichtheSalesforce.comCRMSaaSapplicationruns.Thesameplatformhasbeenextendedforusetoothercloudapplications.DevelopersdonotprovisionCPUtime,disk,orinstancesofrunningoperatingsystems.Instead,Force.comprovidesacustomapplicationplatformcenteredontherelationaldatabase.ListedaresomeimportantfeaturesofForce.com:
• Provides users a cloud-based environment for the rapiddevelopment of web applications and web sites
• Provides Apex and VisualForce languages for implementation ofapplications’ business logic and user interface respectively
• Provides SOQL for querying the relational database.• Prebuilt application services, which can be directly included into
the application
Like the earlier two PaaS platforms discussed above, this one is also a closed platform and not portable easily
• CloudFoundry:ItisanopensourcePaaSofferingfromVMwareallowingeasydeploymentofcloudapplicationsusingSpringforJavadevelopers,RailsandSinatraforRubydevelopers,Node.jsandotherJVMframeworksincludingGrails.ThefollowingarefeaturesofCloudFoundry:
• It includes a self-service application execution engine, anautomation engine for application deployment and lifecyclemanagement
• It includes a scriptable command line interface (CLI)• Provides integration with development tools to ease development
and deployment processes• Provides an open architecture for quick development framework
integration; application services interface and cloud providerinterface
• No vendor lock for deployment on any cloud (both public andprivate)
• Provides a micro cloud version deployable on single desktop/laptop for development
• Appistry:Itcomprisesthreeproducts:AppistryCloudIQEngine,AppistryCloudIQManagerandAppistryCloudIQStorage.TogetherthesethreeproductsbringtogetherthecapabilitiesofPaaS.Someofthesalientfeaturesofthisplatformare:
• Ability to scale application across the cloud, synchronizingversions throughout without any downtime, using the AppistryCloud IQ Manager.
• High reliability and availability of applications guaranteed byAppistry Cloud IQ Engine.
• Reliability and availability of file system on the cloud by using theAppistry Cloud IQ Storage product
• Supports Java and .Net based applications• Can be deployed in both public and private cloud infrastructure• Provides proprietary APIs for service interaction, but also offers
means to avoid vendor lock-in using Spring framework.
It currently does not support any web protocol for deployment of web services directly inside its cloud fabric.
ConclusionPaaS can have varying implementations. There are many implementations available and one has to carefully analyze the target deployment (public or private), and the specific organizational needs before confirming the selection of PaaS platform.
In a simple scenario, a custom PaaS implementation would be best suited, whereas in more complex scenarios, a COTS product would be a better option. The general requirement to be fulfilled by all PaaS platforms is to provide a runtime that is more available, reliable, scalable and optimized as compared to a traditional application runtime environment. Also, the concept of a cloud runtime for applications is the primary or key requirement and all other things are secondary. Any PaaS that does not offer this is not a true PaaS.
References1. http://en.wikipedia.org/wiki/Platform_as_a_service2. http://www.forceprepare.com/forcedotcom.html3. http://en.wikipedia.org/wiki/Google_App_Engine4. http://www.springsource.com/products/cloud5. http://www.neovise.com/paas-providers
about Us
For more information, visit us at www.atos-syntel.net
Atos Syntel is a leading global provider of integrated information technology and knowledge process services. Atos Syntel helps global enterprises evolve the core by leveraging automation, scaled agile and cloud platforms to build efficient application development and management, testing and infrastructure solutions. Our digital services enable companies to engage customers, discover new insights through analytics, and create a more connected enterprise through the internet of things. Our "Customer for Life" philosophy builds collaborative partnerships and creates long-term client value by investing in IP, solutions and industry-focused delivery teams with deep domain knowledge.
To learn more, visit us at www.atos-syntel.net
About the Author
Siddharth Jaiswar is Principal Architect with Atos Syntel's Cloud Computing Center of Excellence. He is a Sun Certified Enterprise Architect (SCEA) and has extensive experience in design-ing and architecting Java/J2EE solutions.
Siddarth leads Atos Syntel's Private Cloud Center of Excellence, using vFabric, Appistry and other best-of-breed private cloud platforms to architect private cloud solutions for Atos Syntel clients. He also leads Atos Syntel's Cloud Consulting practice.