I read a blog recently (that I sadly can’t find again) about how important it is to use a Platform as a Service (PaaS). It made the argument that everyone running at any sort of scale has had to solve the same basic problems. This got me thinking about how every company doing software development already has a PaaS of some sort. It just might not be in software or explicitly defined.
Regardless of your organization’s complexity or the scale you have to deal with, operational activities like provisioning, security, logging, and networking are still being done. These are processes that will happen naturally. They might be done trivially on the developers’ laptops then redeploying over a weekend into a public server. Or they might be done in the most headache inducing way through an email to the understaffed IT department for just booting servers.
While this argument might be completely wordsmithing (and it probably is…), I believe that breaking the idea of a PaaS can produce some good insight. There’re likely some ideas we can take from this about how to use your PaaS of choice.
So, what is a Platform as a Service anyways?
If I’m going to make the claim that we are all running a PaaS of some sort, let’s break down what is actually required by a PaaS. The main functions are:
- Provisioning — Setting up new environments on demand
- Security — Tracking and negating potential vulnerabilities
- Scaling — Responding to changes in demand/traffic
- Authentication/Auditing — Blocking bad actors and tracking actions
- Logging — Looking back in time at what has happened in the application
- Metrics — Tracking current usage to predict future needs or potential issues
- Connectivity — Making sure that services can be accessed from the correct applications.
- Updating — Keeping up with new abilities
The Unautomated Approach
There are a lot of IT departments and software development shops where the provisioning is a person watching for emails requesting a server or virtual machine. Logging is provided by SSHing into every different machine hunting for the one that returned the 500 (praying that it hasn’t already rotated). Security is crossed fingers or hours/days of downtime. Authentication and auditing are phone calls. Scaling is pager duty. Updating is even more downtime. And Metrics are non-existent (or scattershot).
While this is a fairly extreme example, these are things that happen. Frequently. Most of these business processes have likely been developed and locked in over time. You might have worked at companies that this description reminds you of.
The pain and frustration are very real and the increase in HR costs, reduction in throughput, and reduction in profit mean this is a problem worth addressing at all sizes of companies.
I’d argue that regardless of if these are documented processes or just understood as “that’s just how we do it here”, these are platforms. They solve the same problems. I’d also argue that as soon as you have different teams with different roles doing this work, you now have this platform as a service.
There you go, this maze of business processes with no automation is actually a PaaS! It’s just not a very good one.
A Better Way
Once we accept the fact that this platform already exists, we can start making strides to improve it. This would require understanding and codifying the current processes. Then we can start changing these into processes that allow for automation (or at least better tooling) to get better (and more efficient) operator and developer experiences.
We can start to do things like build a bunch of scripting to automate deployments, log scraping to pull different streams together, and tools like monit to maintain uptime. And this is a good step but it’s hard to get the buy-in to spend engineering time building out.
We are reinventing the wheel for each of these new processes. Much of this work is already done for us in ways that have been proven out and are fully supported without needing to find dedicated headcount.
An Even Better Way
There are already a bunch of different PaaSes out there all touting similar sounding but different features sets and inherent processes.
Arguably the most popular open source PaaS framework is Cloud Foundry. A big benefit of Cloud Foundry over competing offerings is that, not only is it open source, but it is backed by more than one company (and a really cool foundation). Companies like SUSE, Cisco, Google, IBM, Microsoft, Pivotal, SAP, and dozens of others you’re familiar with are committed to the project, so it is unlikely to become abandoned.
While Cloud Foundry is open source, there are several commercial offerings available as well, so you can use a supported distribution in production if you wish. Using an offering with support and services built in allows for confidence and speed when making changes. As you are pushing out new features, you can know that the platform you are running on is rock solid and can handle all that you throw at it. You can also know that when you do run up against platform issues, they can be resolved without the need for a huge internal engineering investment.
With SUSE Cloud Application Platform (our Cloud Foundry distribution), you can get started easily as it installs on top of Kubernetes. This means that you can spin up a Kubernetes cluster in the public cloud (Azure, AWS, Google are well documented!) or in your private cloud using a solution such as SUSE Container as a Service. Due to everything being deployed on Kubernetes, there’s a much smaller footprint than other distributions.
Changes are hard regardless and a change in PaaS will be as well. Much of the pain and frustration can be mitigated by doing you due diligence in planning as well as picking a flexible and well supported solution. One big part of knowing how to make a successful changeover is knowing where you are currently to know what sticking points you might encounter.
Regardless of what stage you are in, there are always tweaks and improvements to be made as your organization is continually learning and adapting. Having a platform that can do that with you is crucial to your ongoing success.