Kate's Comment

Thoughts on British ICT, energy & environment, cloud computing and security from Memset's MD

IaaS vs. PaaS vs. SaaS definition

For a less technical description of IaaS/PaaS/IaaS, see this article: What is cloud computing?.

One of the areas on which we reached clear agreement in the G-Cloud and App Store phase 2 was the definition the layers of the stack, infrastructure, platform and software, and their scalable, standardised “as a service” modes. Pleasingly, our delinations were very similar to prior work from two decades ago by IBM, except that ours incorporate virtualisation.

The diagram shows what we agreed we mean by Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (right hand side) and the areas encompassed by the individual terms infrastructure / platform / software on the left. A better term than “software” might be “application” since the platform part is also really just software, but SaaS has already gained wide acceptance.

IaaS vs. PaaS vs. SaaS stack layers definition

It is assumed that “as a service” means all services within the definition are fully integrated up to and including the respective level, thus incorporating any sub-levels. Therefore, SaaS providers could either sub-contract to a PaaS provider, or would incorporate the PaaS themselves and provide it as part of the SaaS “stack”. In turn the IaaS could be sub-contracted or incorporated. The customer would see an integrated service.

It is also worth explaining the overlap between ‘platform’ and ‘software’; that is because some advanced platforms are built on complex software solutions which go well beyond just operating systems and a bit of infrastructure software.

For example, one could consider bare operating system as the platform, with the bespoke software application incorporating its own software infrastructure elements (eg. a bespoke CRM solution). One might also consider a Linux-Apache-MySQL-PHP stack as the platform in its entirety, with only the PHP code and databate structure being the software/application layer. The key differentiator between ‘platform’ and ‘software’ is that a platform is standardised and to an extent commoditised, with the software being the bespoke / custom element. A platform would also often, but not always, be highly scalable across multiple servers.

Standardised / commoditised software (hosted application) services, as opposed to bespoke / custom deployments, would most likely be considered to be SaaS.

Virtual differences

Until this point many experienced readers might be saying, “Yes, that that is just hardware, middleware and software renamed!”. To a large extent you would be right, with one small exception being subtle differences between modern platform or middleware, but there is an important difference between the old concept of “hardware” and ours of “infrastructure”: virtualisation.

It was agreed among the G-Cloud team that the virtualisation should now be considered as part of the hardware layer since it has become such an integral method of dividing and provisioning hardware resources. It is important to note that we drew the line precisely between the virtualisation layer (ie. the hypervisor) and operating system, viewing a bare-bones virtual machine without operating system or kernel as the unit(s) of hardware.

Of course, virtualisation is not ubiquitous. Indeed for many systems including highly scalable ones upon which PaaS and SaaS stacks are built do not use any virtualisation (Google App Engine does not, for example). In such cases one would simply view the stack without the virtualisation layer with the boundary between infrastructure and platform being between the physical hardware and operating system layers.

Network

Another critique of this model could be that the “interconnecting network” appears to link directly from the software layer through to the client device. In reality, of course, all network traffic has to sink back down through the layers from the software to via the networking & firewalling layer, then on to the client device. To keep the stack looking like a stack, however (which is correct from a logical perspective), it is better to stick the client device on top rather than off to one side. In the full postulated functional of the G-Cloud logical architecture the connections are more explicitly shown in a 2D rather than linear model. Hopefully that will be in the public domain soon!

36 comments

  1. Ankit Sep 22, 2010 21:49 Hi, could u tell me why PaaS is better than SaaS and IaaS and what are the drawbacks of each of these. Thank you.
  2. robert fink Sep 23, 2010 01:33 Hi Kate,

    Thanks for your comments on this topic. I frequently get asked this question and it is nice to have a clear and concise definition to point folks to for additional reading on the subject.

    Regards,
    -Robert
  3. Yahping Wang Sep 28, 2010 05:31 Hi Kate,

    I think the picture of Service Layers Definition in this article presents the IaaS, PaaS, and SaaS very well. Can I have your permission to reuse the picture when I explain the distinctions to others?

    Thanks,

    Yahping Wang
  4. Andrew Leatherland Oct 18, 2010 11:44 Hi Kate
    How do you think, the G-Cloud will address the Digitial Rights Management and IPR.

    Andy
  5. katecw Jan 5, 2011 19:35 @Andy That is less of an issue for government since they tend to be dealing with others' data rather than creating their own IPR. Handling data is definitely going to be a major issue though, both in terms of protecting sensitive information and enabling access to the vast quantities of data that could be helpfully used interdepartmentally, and externally.
  6. katecw Jan 5, 2011 19:41 @Ankit They each have their own merits and disadvantages. IaaS gives you complete price transparency, but at the cost of easy of use and simplicity (ie. you have to manage it yourself and usually write your own code).

    PaaS is a bit easier to use since you're not concerned at all with the OS or underlying infrastructure, but the actual infrastructure requirements are obscured and there is scope for vendors to put in large margins.

    SaaS is the simplest to use, but has the real costs are entirely obscured. For example, I estimate that Salesforce.com's infrastructure costs are at least 2 orders of magnitude below what they charge (~$1,000/year/user vs. ~$10/year/user), but you are paying for the software and support in that so the customers don't mind.
  7. katecw Jan 5, 2011 19:42 @Yahping Please do, so long as you link back to this page as the source.
  8. Egill Másson Feb 9, 2011 11:52 Clear and concise definition - thank you.
  9. Fred Rowell Apr 10, 2011 15:43 Kate,

    I'm working on several whitepapers that are trying to address the confusion around the "Cloud". I think that your diagram would be a good source for presenting this topic. I would like your permission to use your diagram as the base of diagram that I'm working on....

    Many Thanks
    Fred Rowell, VP / CTO
  10. Nigel Apr 24, 2011 00:37 Kate;
    Bit of a late post in response to your blog. Like Yahping I too am seeking permission to use your graphic. Also saw a good graphic on G Cloud that was displayed during one of your excellent talks. This too would be of value, interest and very relevent.

    Purpose is info sec training (accredited BCS-ISEB and others). Will link back to your blog and or Memset as required.

    Many thanks in advance
    Nigel Landman
    MD, QT&C Ltd.
  11. Bhabani Apr 28, 2011 14:20 Thank you very much. You have explained highly confusing and inter-tangled terminologies in the simplest possible manner.
  12. katecw May 6, 2011 16:36 Hi Fred, I'd be happy for you to use the graphic. Please just link back to the article in any Web-based usage, and if using it in offline documents credit me and Memset Ltd.
  13. Mark Easton May 11, 2011 12:28 Kate,

    Ditto to the request to use our graphic for an internal presentation (ref to you and memset to be included) please?

    I'm actually hoping to draw a new version to fit with the presentation's visual style, but this is by far the best visual representation of cloud classification I've seen.

    TIA,

    Mark
  14. Henk Jun 20, 2011 12:56 Thanks for the clear explenation! I was looking for a way to tell the difference between old school IT and the cloudy SaaS concept. This helps a lot, I just have to translate it to dutch!
  15. Andy Jun 28, 2011 20:38 Thanks Kate for that brief outline of what Paas,Iaas and Saas are. Not scarey terms to intimiate middle managers in Power Point presentations, just more terms for what's already out their. Of course, sitting somewhere above, below, behind or infront, must be Daas? Data as a service which can be anywhere at any level, provided it's Rest architecture compliant. Oops, more jargon :-)

    Andy
  16. Abhishek Jul 4, 2011 15:52 Hey Kate,
    A very good post and a very good "anatomy" of cloud, and as others have requested can I please use the visualization in an offline presentation to be given to students of my class (I would credit you and Memset Ltd.)?

    Thanks,
    Abhishek
  17. Akram Sep 18, 2011 23:09 Thanks, the diagram is very well done!
  18. bud Nov 2, 2011 05:40 Kate

    If it is possible, could you provide an example of and SaaS application, like box.net that was developed (and runs?) on a PaaS (like ??) and is hosted on a IaaS like Amazon. I am guessing the above scenario could be true but I can't find an example of it.

    thanks for any help

    Bud
  19. Jan Martens Nov 5, 2011 14:20 Hi Kate

    Can I have your permission to reuse the "Service Layers Definition" picture in an offline article? I'll make sure to mention the URL and you as the author.

    Thakns in advance
    Jan Martens
  20. Marina Nov 16, 2011 12:06 Hi Kate! Very good stuff! What PaaS can you recommend to try?
  21. katecw Dec 8, 2011 19:29 I don't think there are any properly mature PaaS plays out there to be honest. The next best thing in my view is to take a cloud IaaS offering with a managed service level agreement that looks after the operating system and infrastructure software. For example, many of our customers rent VMs from us with a LAMP (Linux-Apache-MySQL-PHP) stack, or if at scale the MySQL bit is separated out onto dedicated database machines, with us looking after the operating system (Linux) and infrastructure software (Apache & MySQL, configured to host PHP) and they just look after the software (PHP in this case).

    I hate to say it but the most interesting pure PaaS play at present looks to be Azure - provided that they can crack the gnarly problem of seamlessly scaling a relational database. Google App Engine (GAE) is a poor cousin by comparison with its huge restrictions on coding and its non-relational data store. Also, GAE have recently priced themselves out of the market.
  22. katecw Dec 8, 2011 19:30 @Jan Yes please do - just link back to the original.
  23. katecw Dec 8, 2011 19:43 @Bud At present I don't believe anyone is offering a PaaS that sits on top of someone else's IaaS, but I could be wrong. Since PaaS technology is relatively immature the players making moves in that space tend to also own the IaaS.

    However, one possible example, going back to my LAMP stacks again, would be some of our customers who rent IaaS (virtual machines etc) from us, install and manage the application infrastructure software themselves (Linux-Apache-MySQL-PHP/Python etc - "LAMP" stacks), and then provide managed Web hosting services to their customer who are less technical and just want a platform to run their e-commerce shop or whatever. Those Web hosting resellers, for want of a better name, are in effect providing PaaS, though usually not on the granular level we tend to think of with cloud.

    The big issue I see with PaaS at the moment is that no one has worked out the right way to bill for it. Google App Engine's new billing is more like IaaS (instances etc). I think charging per-user would be best for PaaS, but then you're having to poke up into the software layer in most cases.
  24. Jos Dec 12, 2011 21:01 Hi Kate,

    Reading through the comments, I wonder why you are disqualifying PaaS vendors like LongJump and force.com as "true PaaS"? Could you elaborate on that? Based on your classification and explanations, these to me seem prime examples.

    Thank!
  25. katecw Jan 28, 2012 11:17 force.com and longjump.com are examples of why on my layers definition above there is an overlap between SaaS and PaaS - they are restricted versions of platforms with quite a lot of vendor lock in and restrictions around what you can do. What I am hoping to see is PaaS where you can do just about anything with the supported generalised language(s) (Python, java, whatever), databases and messaging layer and the provider adds value by taking away the scaling headaches, as well as other stuff like patching, OS's and hardware.
  26. katecw Jan 28, 2012 11:21 Further to my reply to Bud, I was wrong. Two examples of PaaS software that can sit on top of an IaaS provider of your choice (to some extent) are VMware's Cloud Foundry and Redhat's OpenShift (still beta). Also, to be clear, lots of PaaS players do use IaaS, my favourite example being Heroku which sits on top of Amazon EC2, but you can't choose to host it one someone else's IaaS cloud.
  27. Stephan Zehrer Jan 30, 2012 12:03 I only saw that the NIST (http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf) defined those terms in a standard.
    Is there another standard known?
  28. katecw Feb 24, 2012 10:34 @Stephan NIST is the leading standard but there are many others which are more technical and operational. NIST is very much a conceptual standard. Also here in the UK though we are in broad alignment with NIST, programmes like G-Cloud and our UK Cloud Industry Forum are doing some of their own work. I am planning a blog post on cloud standards soon so watch this space!
  29. Damien Smyth Mar 7, 2012 16:31 Hi Kate,

    Fantastic representation of Cloud Service Layer Definition. Very clear and concise which is very hard to find. Would you mind if I used your diagram in a presentation?

    Regards,

    Damien
  30. katecw Mar 29, 2012 12:59 @Damien Yes you may use my diagram so long as you link back to my blog. :)
  31. air max 1 Aug 1, 2012 08:05 Thanks for the recommendations you have shared here. Something else I would like to talk about is that laptop or computer memory needs generally go up along with other advancements in the engineering. For instance, when new generations of processors are introduced to the market, there's usually a corresponding increase in the scale calls for of both computer memory and hard drive space. This is because software program operated through these cpus will inevitably rise in power to leverage the new engineering.
  32. Sam Meston Sep 18, 2012 08:32 Hi Kate,
    As many others, am requesting to use your diagram as well. It's very good -- clear, concise and makes the points easily.
    Regards,
    Sam
  33. katecw Nov 8, 2012 16:46 @Sam please do use my diagrams, just link back to source. :)
  34. Don Ward Jan 17, 2013 11:12 Hi Kate, excuse the necro post but I'm not entirely in agreement with you as to where the IAAS layer stops in your diagram as I understood the IAAS service to include providing the VM guests to the customers and therefore this would be defined as the OS which in your diagram is the PAAS layer. Is this because your definition is quite literally a service provider building a complete VMware cloud environment and effectively handing it over to the customer for their control up to a certain level so they can place what ever OS and VM configuration they wish on it?

    Thanks Kate
    PS love the Desmo RR, would love one but the R1 big bang will do for now!
  35. katecw Jan 18, 2013 09:58 Hi Don. :)

    You are right insofar as an IaaS service would normally include at least an initial operating system. However, with most IaaS providers (us included when talking about our "self-managed" service which is analagous to EC2's SLA) the operating system is outside the provider's SLA scope for management purposes.

    Further, most heavy IaaS users would actually spool up VMs with their own operating system which is stored with the provider via a snapshot/imaging service; that's what we and Amazon do and how our main cloud users use the service.

    Finally, during phase 2 of the G-Cloud programme we all concurred that the operating system would be part of the "platform" layer; often the specific infrastructure applications being used to provide a platform layer are tightly linked to the OS itself.

    This does highlight the fact that there is a certain amount of "greyness" in these definitions, however. The boundary between PaaS and SaaS for instance is most certainly not clearly defined! To my mind it generally comes down to the service level; what is within the scope provider's SLA and what is not.
  36. katecw Mar 12, 2013 21:28 @Don Interesting point. We are having to address this issue to an extent with our G-Cloud IL3 hosting solution which initially is IaaS only. The key element there is that we will not b providing any managed services, which means we can't really touch the OS.

    However, we do need to provide a "bootstrap" OS in most cases, though in an ideal world the customer spins up VMs from their own images which they have uploaded to us. Equally, we will actually be retaining root on IaaS-only customer VMs by default since it is generally helpful to be able to access the OS when diagnosing issues - even with an IaaS-only SLA.

    So, I would maintain that in the pure sense my layering is right (and it is what G-Cloud have adopted) but concede that the line is a little more blurry than I make out!

Add your comment

Page optimized by WP Minify WordPress Plugin