The Platform as a Service (PaaS) model is a higher-level offering than Iaas, where the cloud provider offers managed services for building blocks like databases, caches, and so on. This allows application developers to focus on business use cases without getting bogged down in infrastructure management. Compared to IaaS, the PaaS components are higher up in the software stack.
The advantage of PaaS should be immediately obvious. The software team can immediately get started with their development, spinning up utilitarian services as needed. Providers manage everything else, such as software versions, security, operating systems, and backups. Most of the services are very elastic and can be scaled vertically (for example, adding more IOPS) or horizontally (adding more numbers) on demand via a management console. The tradeoffs for PaaS services versus IaaS are listed here:
- Generally a higher cost than do-it-yourself solutions
- Vendor lock-in: If you code for a specific cloud service, it will be difficult to migrate the application onto another cloud stack
- Limited development setup: Developers generally share dev accounts on the cloud, because most PaaS services are not deployable on development machines
The following table offers insight into the vast array of AWS-managed services:
|
Databases |
Relational Database Service (RDS) (https://aws.amazon.com/rds/)is a managed ACID-compliant relational database-as-a-service (DBaaS) where the database's resilience, scale, and maintenance are primarily handled by the platform. RDS offers familiar engines like MySQL, MariaDB, PostgreSQL, Oracle, Microsoft SQL Server, and also lately a new, MySQL-compatible internally developed engine called the Amazon Aurora DB engine. The storage type can be configured from magnetics disks to SSDs. One important feature that RDS provides is multi-availability zone high-availablity (replication across infrastructure fault domains). |
|
|
AWS Redshift (https://docs.aws.amazon.com/redshift/latest/mgmt/welcome.html) is a fully managed elastic data warehouse. Its main objective is to act as a data lake where all business-relevant data is stored for long-term storage and enables multiple use cases like business intelligence and machine learning model training. Users can create clusters, where each cluster can host multiple databases. Each cluster comprises a leader node, and a set of compute nodes. The compute nodes actually host slices which are effectively shards of the data. The leader node receives queries and commands from client programs, parses them, and builds an execution plan for each compute node. The Leader creates compiled code and distributes it to the compute nodes (based on what data is a resident of each compute node). Once the Compute nodes processes the relevant code it passes on the results to the Leader node, which aggregates the result. Redshift stores the data in a columnar format. This, along with the Massively Parallel Processing (MPP) feature, makes it optimal for executing OLTP workloads. The compute node slices are databases based on PostgreSQL. Client applications can communicate with Redshift using standard open source PostgreSQL JDBC and ODBC drivers |
|
Networking |
AWS Virtual Private Cloud (https://aws.amazon.com/vpc) is an isolated, private network perimeter in the cloud. Once users get a VPC, they have control over their networking environment, including definition of IP ranges, route tables, subnets, and so on. Using a VPC, one usually creates a public internet-facing subnet for the web servers and another isolated subnet which has components like databases or application servers. The latter subnet does not have access to the internet. One can leverage multiple layers of security rules including security groups and network access control lists, to help control access to instances within subnets. The VPN gateway can be used to bridge external/current networks with the cloud VPCs. Sometimes the VPN connectivity does not offer the required bandwidth for interconnection of networks. AWS Direct Connect (https://aws.amazon.com/directconnect/) enables dedicated network connection from the current premises to AWS. AWS CloudFront (https://aws.amazon.com/cloudfront) is a content delivery network (CDN) service, which hosts content such as audio, video, applications, images, and even API responses close to where the clients are. This leverages the global AWS infrastructure files. CloudFront is also seamlessly integrated with other AWS infrastructure offerings like Web Application Firewall (WAF) and Shield Advanced to help protect applications from more threats, such as DDoS attacks. |
|
API management |
AWS Elastic Load Balancing (https://aws.amazon.com/elasticloadbalancing/) is a manager load balancer, which distributes incoming traffic across multiple backends, such as Amazon EC2 instances, containers, and IP addresses. It has L7 (application) and L4 (TCP) level load balancing features and can targets in a VPC. AWS API gateway (https://aws.amazon.com/api-gateway) is a hosted API gateway that enables features like traffic management, authorization and access control, monitoring, throttling, and version management. AWS Route 53 (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/Welcome.html) is a DNS service with additional features including the health monitoring of backend services. |
|
Orchestration, management, and monitoring |
AWS OpsWorks (https://aws.amazon.com/opsworks/) is a a managed Chef/Puppet which allows for CICD platforms and enables the automation of the configuration of the application/servers. AWS CloudWatch (https://aws.amazon.com/cloudwatch/) is a hosted service for monitoring cloud resources (like Amazon EC2 instances, Amazon DynamoDB tables, and Amazon RDS DB instances) , as well as application-level custom metrics and log files. One can also use Amazon CloudWatch to set alarms and automatically reacts to changes in these metrics. AWS X-Ray (https://aws.amazon.com/xray/) provides an end-to-end view of requests as they travel through different microservices/layers of an application. AWS Management Console is a unified console to manage all cloud infrastructure and services. |