Friday, August 10, 2012

PaaS: Battleground of the Future and it's Dirty Little Secret

I believe most will agree that today in cloud IaaS is the battleground.  Stalwarts Amazon, Rackspace, Microsoft, and Terremark have been joined by AT&T and now even Google.  The key challenge in the IaaS world is getting public companies to trust the concept of public cloud including its multitenant model.  Without multitenancy the public cloud economic model falls apart.  Many don't realize this is why storage in the cloud is more expensive than compute power; I can over provision and sell the same compute power to multiple users because most applications sit waiting for user input.  However in storage, a bit stored is a bit stored and I can't store anything else in that location until that bit is no longer needed.  So although public cloud has a compelling economic model, the security concerns have relegated it to the background.  Some of the walls are slowly coming down: dev/test environments, marketing web sites, web content storage.  However few companies are running production enterprise applications in a public cloud.  In fact Google's move into IaaS lends credence to the corporate argument by trying to give companies a lower level sense for Google's abilities.  The argument goes if I can run a server for you for your software, shouldn't I be able to take that same server and have you build your own application on top?  It's a sound argument.

What's interesting is that IaaS is the focus of today because cloud companies need to generate revenue, but the real battleground for the future is in PaaS.  The competition pits the status quo including private clouds against Private PaaS and Public PaaS.  Today companies seem to be happy with standard applications running in virtualized environments.  However at some point the needle will move due to the compelling arguments of cloud and companies will want to build native cloud applications.  When they make this shift, companies will need a cloud platform on which to build this software.  Microsoft focused on this early but hasn't gained many new additional developers because of their cloud offerings instead migrating more of their existing .NET experienced crowd to cloud.

Cloud application development requires a new approach to applications.  It is expected that backend systems will be service enabled and preferably accessible via REST-ful web services.   A cloud application is the combination of a UI built in HTML5, CSS3 and the ubiquitous but annoying JavaScript and a business logic layer written in PHP, Python, Ruby, Scala, Rebol, or several other languages.  Yes, Java and .NET are also used, but the vast majority of solutions in my experience from Facebook and Twitter to eBay and Netflix use server side scripting languages simply because they work.  Cloud applications are built on the concept of reliable software on unreliable hardware where the application takes responsibility for ensuring its own survival.  Applications properly written test for error conditions and identify ways to continue operation rather than simply ending with those confusing exception dumps on poorly formatted web pages.

Platforms for cloud provide several key foundation elements for building cloud enabled applications.  First and foremost they provide the underlying infrastructure so the application developer doesn't need to know or worry about the compute and storage resources.  Second the platforms provide developer tools to expedite development.  In the case of Amazon they provide several tools that are common across applications: the need to send emails, queues, payment processing, SQL database, and others.  Third the platforms deal with scaling the resources up and down to meet the needs of the applications based on its traffic.  Implicit in this is that the Platform must, by necessity, limit access to developers.

There are vendors going after the Private PaaS (deployed to an on-premise private cloud) such as Apprenda, Stackato, LongJump, GigaSpaces, and CloudSoft.  There are many vendors as discussed with Public PaaS offerings.  However everyone agrees the future of cloud is a hybrid, so the only possible winners will be those who can take their existing solution and extend it to run on the other side some how.  Private PaaS vendors will have to engage cloud solution providers to run their platforms which is difficult considering the majority of cloud solution providers have their own PaaS entries.  Vice versa the Public PaaS vendors haven't built their solutions as commercial software ready to be installed in a private cloud.  Obviously the two sides will need to work together and the ones with the best "seamless" story will be in the best position to win.

What this means to the enterprise is do your research and pick a platform based on the future, not today, or risk lock-in.  The dirty little secret of PaaS: all the platforms are proprietary.  I hope cloudstack or openstack steps up with a universal option, but today none exist.  So whichever direction is chosen remember the first priority is a platform on which you can build and run applications seamlessly across on-premise and off-premise clouds, that meets your development needs, and on which you are comfortable building a generation of software, because once you start down the road, changing roads means starting over.