BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
From the technologies they support to the functionality they offer, platform-as-a-service tools target different application types and sizes, which makes selecting the right one crucial.
Like all application hosting platforms, there is no single PaaS provider that is "right" for a business; each has its benefits and drawbacks. That said, there are certain features that all PaaS vendors should offer, and these capabilities can be broken down into two broad categories: productivity and stability.
Improved developer productivity is one of the key value propositions that PaaS provides. By combining low-overhead infrastructure with developer-focused tools and services, PaaS offers an excellent mechanism to increase application stability and developer output with relatively minimal investment.
Application development tools
PaaS vendors offer tools that are built specifically for application development, within the context of a particular service. Whether these tools come in the form of command-line utilities or integrated development environment integrations, the ultimate goal is to reduce the friction of developing for PaaS in a local environment.
A great example of this is Heroku's command-line interface tool. This tool provides developers with a mechanism to run, manage, deploy and test a Heroku-hosted application without leaving the context of their development environment. On the flip side, Google offers an official plug-in for IntelliJ IDEA that enables developers to run, test and deploy Java back ends directly to Google's PaaS offering, App Engine.
In modern application development, continuous integration (CI) is practically a requirement, but setting up an effective and stable CI platform in a traditional hosting environment can be challenging at best. While getting a test suite to work on a CI platform is hard on its own, the difficulty increases when admins have to select the CI technology, build the pipeline and manage the automation.
To help alleviate some of this stress, many PaaS vendors offer built-in CI tools, which users can spin up with minimal overhead. In some instances, the CI platform is part of a larger ecosystem, as is the case with AWS CodePipeline, which admins can use alongside hosting platforms in the AWS ecosystem, not just within Elastic Beanstalk, AWS' PaaS offering. In other cases, CI is more tightly coupled with the application infrastructure, such as in the case of Heroku CI.
In the same vein as CI, the setup of a deployment pipeline is one of the more troublesome housekeeping tasks in application development. It's not so much that the task is overly difficult, but there are so many ways to accomplish it that buyers can become overwhelmed. Because PaaS provides admins with the infrastructure, deployment procedures are already well-established.
That said, different PaaS vendors handle deployment differently. Engine Yard offers built-in automated deployment directly from an application's Git repository, while CenturyLink's AppFog integrates directly with provider-agnostic, third-party services, such as Jenkins, to handle deployment.
Over the past few years, there's been a sharp increase in developer collaboration tools on the market. From the growth of ChatOps services, such as Slack and HipChat, to increased collaboration functionality within development platforms, like GitHub and GitLab, communication and transparency are key pieces of effective application development.
While some PaaS vendors offer built-in collaboration tools, such as AWS CodeCommit -- a version control system with collaboration functionality similar to GitHub -- others integrate directly with third-party platforms to improve transparency and communication. Heroku, for example, accomplishes this with its ChatOps service, which integrates directly with Slack to provide a more manageable interface from within the collaboration tool a team already uses.
Stability is another key benefit that the right PaaS tools can provide. Where productivity focuses on enabling teams to write and deploy applications faster and more efficiently, stability focuses on keeping those applications running.
Most PaaS vendors offer application management tools to automatically scale and manage application resources. These tools -- typically available in the form of a web-based interface -- can do everything from managing database backups to increasing the number of services behind the application's load balancer. The individual features of these application management tools are dependent on the exact functionality offered by the PaaS provider, and their interfaces can vary wildly, which can drastically impact their ease of use.
While the scale of some systems can lead to complex tools with many options -- such as AWS' command-line utility -- other more focused tools, like Jelastic, offer web-based and command-line tools with functionality that is very specific to PaaS application management.
Not every PaaS provider exclusively focuses on PaaS. Many of them offer related services within a larger cloud-based ecosystem that an organization can use to augment and support an application. From databases to application monitoring and deployment pipelines, these services aren't technically a part of the PaaS offering but integrate directly within it to provide a more cohesive infrastructure.
Google Cloud Platform (GCP), AWS and Microsoft Azure are three great examples of this type of PaaS provider. Their PaaS offerings make up only a small fraction of the services they offer, and while using their additional services can lead to vendor lock-in, it can also drastically improve application stability and reduce the need for third-party dependencies.
Where large cloud providers, like Google, AWS and Microsoft, offer massive suites of services to augment their PaaS technology, smaller providers rely on third-party integrations to offer this type of functionality. Heroku, for example, has an extensive add-on marketplace with integrations to third-party services that offer everything from database hosting to application security. While increasing the dependency on third-party services introduces the need for more security-minded development, it also helps reduce vendor lock-in, making it easier to move from one PaaS provider to another with relatively minimal overhead.
A big benefit of PaaS is that the level of security effort admins must maintain is limited only to the application itself. Everything else -- such as platform security and attack mitigation -- often falls under the purview of the PaaS provider. While information security itself is a given, it is important to take special care to understand the level of security required, as many larger PaaS vendors -- such as AWS and GCP – offer Health Insurance Portability and Accountability Act and Payment Card Industry-compliant services -- for a cost.
Before you purchase a PaaS tool, it is important to consider how admins will interact with the service as a whole and how that interaction will impact the organization. To do that, there are a few important questions you should ask yourself when evaluating any PaaS offering.
What development technologies and languages does it support?
Technology support is crucial, and if a PaaS provider doesn't support your application's programming language or technology stack, it's a nonstarter.
Do I need to worry about vendor lock-in?
While being locked into a vendor can affect the portability of an application, it is up to the buyers to weigh whether the benefits a PaaS tool make this limitation worth it. Larger providers, like Microsoft or Google, tend to have a higher risk of vendor lock-in due to the benefits they offer by integrating with their extended proprietary tools -- the more of their cloud you use, the more difficult it can be to leave it.
What is the level of scalability, availability and security?
How much traffic do you expect your application to receive? What about security threats? Different providers offer different levels of scalability, availability and security per dollar -- often in exchange for usability -- so identify your particular needs to narrow it down to the right provider. Heroku, for example, is an incredibly user-friendly PaaS provider; however, when stacked against a more complex platform, like Elastic Beanstalk, the cost can be significantly higher.
Can you export data for use elsewhere?
Vendor lock-in shouldn't mean data lock-in, but what if you have to change providers or want to move to a multi-cloud model? Can you export your data and use it elsewhere? Is it easy to do that, or do admins have to massage the data to import into a different platform? Platform-agnostic PaaS providers, like Jelastic, avoid data lock-in by encouraging the deployment of nonproprietary open source data systems, such as MySQL and MongoDB.
What level of support does it have for emerging technologies, such as containers and microservices?
Is your team forward-thinking? Containers, microservices and serverless are just some of the new DevOps buzzwords that seem to keep changing the face of application development, but not every technology is right for every project. So, be sure to carefully consider your technical requirements.
Is there a low-code/no-code option available?