Module-2

Cloud Service Models

What is SaaS?

SaaS, or software-as-a-service, is application software hosted on the cloud and used over an
internet connection via a web browser, mobile app or thin client. The SaaS provider is
responsible for operating, managing and maintaining the software and the infrastructure on
which it runs. The customer simply creates an account, pays a fee, and gets to work.

Some industry historians trace the origins of SaaS to the 1950s, when applications running on
mainframes were delivered to remote terminals. But SaaS as we know it today began in 1999,
when Salesforce launched its customer relationship management (CRM) system built from
the ground up as cloud-hosted software delivered to web browsers.

Today SaaS is the most common public cloud computing service, and the dominant software
delivery model. Much of the software that workforces use - from everyday tools like Slack (for
messaging) and Dropbox (for file storage and sharing), to core business applications such as
enterprise resource planning (ERP) and human resources/workforce optimization
platforms—is delivered via the SaaS model. Compared to traditional software installed on
premises, SaaS offers businesses of all sizes—from startups to giant global organizations—the
benefits of rapid time-to-value, low-to-no management overhead, and predictable costs.

How SaaS works

SaaS takes advantage of cloud computing infrastructure and economies of scale to provide
customers a more streamlined approach to adopting, using and paying for software. All SaaS
applications share the following characteristics:

SaaS applications are built to be hosted on the cloud. The SaaS software vendor can host the
application on its own cloud infrastructure or with a cloud service provider (such as Amazon
Web Services (AWS), Google Cloud, IBM Cloud or Microsoft Azure). Hosting with an
established cloud service provider enables the SaaS provider offer the scalability and global
accessibility some customers may require.

SaaS applications are accessible to any customer with an internet connection and an internet-
connected end-user device (e.g. a computer, mobile phone or tablet). SaaS applications
typically run in any web browser; on mobile devices, SaaS applications may run more
effectively on (or may require) a mobile or tablet app. A few SaaS applications, such as Adobe
Acrobat, may offer or require a dedicated thin client that users download and install on their
computers.

SaaS applications exploit multi-tenant architecture, in which a single instance of the

application serves every customer. For security and data privacy, each customers’ application
data, user data, system data and custom configurations are segregated from those of other
customers.

Perhaps most important, SaaS applications require little to no management and zero
maintenance from the customer. The SaaS vendor is responsible for

 Provisioning, managing and maintaining all the servers, networking equipment,

storage hardware and operating software required to run the application
 Applying feature fixes and security patches as needed
 Providing load balancing, redundant infrastructure, data backup, cloud security and
disaster recovery services to prevent outages and meet the performance, availability
and data protection standards specified in the service level agreement (SLA).
Many SaaS vendors also provide an application programming interface (API) their customers
can use to integrate the SaaS application with other SaaS or traditional software applications.

SaaS pricing

SaaS applications are available in a wide variety of subscription pricing schemes—all of them
very different from traditional software licensing, which provided access to the software and
related services for a specified period of for a fixed price (or menu of fixed prices).
Free or ‘freemium’ pricing

Most SaaS vendors offer a free version of the software that customers can try for a short
period of time, usually a week or a month. Typically these free trials offer access to all of the
software’s features, but limit the number of times or extent to which those features can be
used; some don’t even require a credit card.

Some SaaS companies offer ‘freemium’ versions of their applications: versions that are always
free, with a limited but useful subset of the full products features—or that aren’t limited in
any way, but that periodically display advertisements that the user must click away before
continuing work. SaaS providers hope that freemium users will eventually graduate to a paid
version of the software.

Monthly or annual tiered subscription pricing

For small and mid-sized businesses, SaaS products typically offer pricing ‘tiers’ based on
feature set or usage level. For example, a SaaS email marketing solution may offer a ‘standard’
tier for up to 5,000 contacts for USD 250 per month, a ‘pro’ tier for up to 20,000 contacts for
USD 500 per month, and an ‘business’ tier for 100,000 contacts plus landing page design and
hosting for USD 600 per month. For very large companies SaaS vendors my offer an
‘enterprise’ tier that allows a more granular selection of features, priority support, special SLA
terms, and even negotiable pricing.

Tiered pricing lets customers choose the best plan for their functional needs and their budget,
and makes scalability as easy as moving up to the next tier. Most tiered subscription pricing
offers a discount to customers who pay for an entire year at once, and pro-rated price
adjustment for customers who change tiers mid-subscription.

Benefits of SaaS

The benefits and advantages of SaaS are best understood in comparison to traditional
software - software installed and managed on on-premises infrastructure:

 SaaS provides faster—even instant—adoption and time-to-benefit. Customers can

purchase and start using SaaS applications immediately, sometimes in minutes, for a
minimal upfront cost (essentially the first month’s subscription cost). Compare to
traditional software, which could require purchasing and provisioning servers,
installing software on every end-user device, and budgeting for and purchasing a full
license for every user.
 SaaS provides access to new features and versions as soon as they’re available. SaaS
providers often upgrade features and add functionality several times a week, without
customers even noticing; they can even upgrade the interface and user experience
without disrupting the customers’ work. Compare to traditional on-premises
software, for which periodic upgrades are often so costly and disruptive that
customers might wait months for the functionality in a new version (if they don’t
choose to skip some upgrades altogether).
  SaaS enables cost-effective, on-demand scalability. Customers can scale SaaS
applications up and down as needed, by simply upgrading or downgrading tiers or
purchasing more capacity. Compare to traditional software, which requires customers
to purchase additional capacity in anticipation of usage spikes—capacity that sits idle
and wasted until needed.
 SaaS offers predictable costs and dramatically lower overhead. With SaaS there’s no
need to budget for infrastructure on which to run the software, for periodic software
upgrades and the infrastructure to support them, and—perhaps most important—for
in-house IT staff to install, upgrade and maintain the software. Almost all of the
expense goes directly to use of the software.

Potential challenges

Despite its advantages, SaaS does introduce potential risks and challenges that customers,
particularly enterprise customers, need to be aware of.

Because SaaS apps are so easy for users to start using, they can proliferate an organization
without the IT staff’s knowledge. This phenomenon, called ‘shadow IT,’ can pose security
risks. At a basic level, if IT staffers don’t know what software users are using, they can’t ensure
the software is secure. Shadow IT can also exacerbate existing bad security practices—such
as using the same password for even more applications—and consequently increase the
organization’s overall vulnerability to attackers.

Another potential risk is vendor lock-in, or difficulty moving to another SaaS vendor when the
current vendor’s application no longer meets the customer’s performance, functionality or
business requirements. For example, if a SaaS application relies on proprietary business logic
or a proprietary technology stack, it may be difficult or impossible to move from that SaaS
application to another without making significant trade-offs.

What is PaaS?

PaaS, or Platform-as-a-Service, is a cloud computing model that provides customers a

complete cloud platform—hardware, software, and infrastructure—for developing, running,
and managing applications without the cost, complexity, and inflexibility that often comes
with building and maintaining that platform on-premises.

The PaaS provider hosts everything—servers, networks, storage, operating system software,
databases, development tools—at their data centre. Typically, customers can pay a fixed fee
to provide a specified amount of resources for a specified number of users, or they can choose
'pay-as-you-go' pricing to pay only for the resources they use. Either option enables PaaS
customers to build, test, deploy run, update and scale applications more quickly and
inexpensively they could if they had to build out and manage their own on-premises platform.

Every leading cloud service provider—including Amazon Web Services (AWS), Google Cloud,
IBM Cloud and Microsoft Azure—has its own PaaS offering. Popular PaaS solutions are also
available as open-source projects (e.g., Apache Stratos, Cloud Foundry) or from software
ventors (e.g. Red Hat OpenShift and Salesforce Heroku).
Benefits of PaaS

The most commonly-cited benefits of PaaS, compared to an on-premises platform, include:

 Faster time to market. With PaaS, there is no need to purchase and install the
hardware and software you use to build and maintain your application development
platform—and no need for development teams to wait while you do this.

 Affordable access to a wider variety of resources. PaaS platforms typically offer

access to a wider range of choices up and down the application stack— including
operating systems, middleware, databases and development tools—than most
organizations can practically or affordably maintain themselves.

 More freedom to experiment, with less risk. PaaS also lets you try or test new
operating systems, languages and other tools without having to make substantial
investments in them, or in the infrastructure required to run them.

 Easy, cost-effective scalability. With an on-premises platform, scaling is always

expensive, often wasteful and sometimes inadequate: You have to purchase
additional compute, storage and networking capacity in anticipation of traffic spikes;
much of that capacity sits idle during low-traffic periods, and none of it can be
increased in time to accommodate unanticipated surges. With PaaS, you can purchase
additional capacity, and start using it immediately, whenever you need it.

 Greater flexibility for development teams. PaaS services provide a shared software
development environment that allows development and operations teams access to
all the tools they need, from any location with an internet connection.

 Lower costs overall. Clearly PaaS reduces costs by enabling an organization to avoid
capital equipment expense associated with building and scaling an application
platform. But PaaS also can also reduce or eliminate software licensing costs. And by
handling patches, updates and other administrative tasks, PaaS can reduce your
overall application management costs.

How PaaS works

In general, PaaS solutions have three main parts:

 Cloud infrastructure including virtual machines (VMs), operating system software,

Storage, networking, and firewall
 Software for building, deploying and managing applications
 A graphic user interface, or GUI, where development or DevOps teams can do all
their work throughout the entire application lifecycle
Because PaaS delivers all standard development tools through the GUI online interface,
developers can log in from anywhere to collaborate on projects, test new applications, or roll
out completed products. Applications are designed and developed right in the PaaS using
middleware. With streamlined workflows, multiple development and operations teams can
work on the same project simultaneously.
PaaS providers manage the bulk of your cloud computing services, such as servers, runtime
and virtualization. As a PaaS customer, your company maintains management of applications
and data.

Use cases for PaaS

By providing an integrated and ready-to-use platform—and by enabling organizations to
offload infrastructure management to the cloud provider and focus on building, deploying
and managing applications—PaaS can ease or advance a number of IT initiatives, including:
 API development and management: Because of its built-in frameworks, PaaS makes
it much simpler for teams to develop, run, manage and secure APIs (application
programming interfaces) for sharing data and functionality between applications.

 Internet of Things (IoT): Out of the box, PaaS can support a range of programming
languages (Java, Python, Swift, etc.), tools and application environments used for IoT
application development and real-time processing of data generated by IoT devices.

 Agile development and DevOps: PaaS can provide fully-configured environments for
automating the software application lifecycle including integration, delivery,
Security, testing and deployment

 Cloud migration and cloud-native development: With its ready-to-use tools and
integration capabilities, PaaS can simplify migration of existing applications to the
cloud—particularly via replat forming (moving an application to the cloud with
modifications that take better advantage of cloud scalability, load balancing and other
capabilities) or refactoring (re-architecting some or all of an application using
microservices, containers and other cloud-native technologies).

 Hybrid cloud strategy: Hybrid cloud integrates public cloud services, private cloud
services and on-premises infrastructure and provides orchestration, management and
application portability across all three. The result is a unified and flexible distributed
computing environment, where an organization can run and scale its traditional
(legacy) or cloud-native workloads on the most appropriate computing model. The
right PaaS solution allows developers to build once, then deploy and mange anywhere
in a hybrid cloud environment.

Purpose-built PaaS types

Many cloud, software and hardware vendors offer PaaS solutions for building specific types
of applications, or applications that interacting with specific types of hardware, software or
devices.
 AIPaaS (PaaS for Artificial Intelligence) lets development teams build artificial intelligence
(AI) applications without the often prohibitive expense of purchasing, managing and
maintaining the significant computing power, storage capabilities and networking
 capacity these applications require. AiPaaS typically includes pre-trained machine learning
and deep learning models developers can use as-is or customize, and ready-made APIs for
integrating specific AI capabilities, such as speech recognition or speech-to-text
conversion, into existing or new applications.

 iPaaS (integration platform as a service) is a cloud-hosted solution for integrating

applications. iPaaS provides organizations a standardized way to connect data, processes,
and services across public cloud, private cloud and on-premises environments without
having to purchase, install and manage their own backend integration hardware,
middleware and software. (Note that Paas solutions often include some degree of
integration capability—API management, for example—but iPaaS is more
comprehensive.)

 cPaaS (communications platform as a service) is a PaaS that lets developers easily add
voice (inbound and outbound calls), video (including teleconferencing) and messaging
(text and social media) capabilities to applications, without investing in specialized
communications hardware and software.

 mPaaS (mobile platform as a service) is a PaaS that simplifies application development

for mobile devices. mPaaS typically provides low-code (even simple drag-and-drop)
methods for accessing device-specific features including the phone's camera,
microphone, motion sensor and geolocation (or GPS) capabilities.

What is IaaS (Infrastructure-as-a-Service)?

Infrastructure-as-a-Service, commonly referred to as simply “IaaS,” is a form of cloud

computing that delivers fundamental compute, network, and storage resources to consumers
on-demand, over the internet, and on a pay-as-you-go basis. IaaS enables end users to scale
and shrink resources on an as-needed basis, reducing the need for high, up-front capital
expenditures or unnecessary “owned” infrastructure, especially in the case of “spiky”
workloads. In contrast to PaaS and SaaS (even newer computing models like containers and
serverless), IaaS provides the lowest-level control of resources in the cloud.

IaaS emerged as a popular computing model in the early 2010s, and since that time, it has
become the standard abstraction model for many types of workloads. However, with the
advent of new technologies, such as containers and serverless, and the related rise of the
microservices application pattern, IaaS remains foundational but is in a more crowded field
than ever.

IaaS platform and architecture

IaaS is made up of a collection of physical and virtualized resources that provide consumers
with the basic building blocks needed to run applications and workloads in the cloud:

Physical data centers. IaaS providers will manage large data centers, typically around the
world, that contain the physical machines required to power the various layers of abstraction
on top of them and that are made available to end users over the web. In most IaaS models,
end users do not interact directly with the physical infrastructure, but it is provided as a
service to them.

Compute. IaaS is typically understood as virtualized compute resources, so for the purposes
of this article, we will define IaaS compute as a virtual machine. Providers manage the
hypervisors and end users can then programmatically provision virtual “instances” with
desired amounts of compute and memory (and sometimes storage). Most providers offer
both CPUs and GPUs for different types of workloads. Cloud compute also typically comes
paired with supporting services like auto scaling and load balancing that provide the scale and
performance characteristics that make cloud desirable in the first place.

Network. Networking in the cloud is a form of Software Defined Networking in which

traditional networking hardware, such as routers and switches, are made available
programmatically, typically through APIs. More advanced networking use cases involve the
construction of multi-zone regions and virtual private clouds, both of which will be discussed
in more detail later.

Storage. The three primary types of cloud storage are block storage, file storage, and object
storage. Block and file storage are common in traditional data centers but can often struggle
with scale, performance and distributed characteristics of cloud. Thus, of the three, object
storage has thus become the most common mode of storage in the cloud given that it is highly
distributed (and thus resilient), it leverages commodity hardware, data can be accessed easily
over HTTP, and scale is not only essentially limitless but performance scales linearly as the
cluster grows.

IaaS vs. BMaaS (bare metal as a service)

BMaaS provides an even lower level of control than traditional IaaS. In a BMaaS environment,
resources are still provisioned on-demand, made available over the internet, and billed on a
pay-as-you-go basis (typically in monthly or hourly increments).

Unlike traditional IaaS, BMaaS does not provide end users with already virtualized compute,
network, and storage; instead, it gives direct access to the underlying hardware. This level of
access offers end users almost total control of their hardware specs. Given the hardware is
neither virtualized nor supporting multiple virtual machines, it also offers end users the
greatest amount of potential performance, something of significant value for use cases like
HPC and GPU computing, high-performance databases, analytics workloads, and more.

For end users familiar with operating in traditional data centers, BMaaS environments will
also feel the most familiar and may best map to the architecture patterns of existing
workloads.

However, these advantages can also come at the expense of the benefits of traditional IaaS,
namely the ability to really rapidly provision and horizontally scale resources by simply making
copies of instances and load balancing across them.
When it comes to BMaaS vs. IaaS, one model is not superior to the other—it’s all about what
model best supports the specific use case or workload.
Data centers, availability zones, and regions

To promote greater availability and resiliency of resources, most cloud providers today offer
a hierarchy around how workloads map to physical and virtual infrastructure as well as
geography.

Virtual Private Cloud and IaaS

For many end users, particularly companies with sensitive data or strict compliance
requirements, additional security and privacy within a public cloud is a desirable. A virtual
private cloud (VPC) can be a way of creating additional isolation of cloud infrastructure
resources without sacrificing speed, scale, or functionality.

VPCs enable end users to create a private network for a single tenant in a public cloud. They
give users control of subnet creation, IP address range selection, virtual firewalls, security
groups, network ACLs, site-to-site virtual private networks (VPNs), and load balancing.

IaaS pricing

IaaS is typically priced on a consumption basis, meaning users are only charged for what they
use. Over time, the pricing models of cloud infrastructure have come to span many different
levels of granularity:

 Subscriptions and reserved instances: Many providers offer discounts off the sticker
price for clients willing to commit to longer contract terms, typically around one to
three years.

 Monthly billing: Monthly billing models are most common in the BMaaS market,
where physical infrastructure typically implies steady state workloads without spiky
characteristics.

 By the hour/second: The most common granularity for traditional cloud

infrastructure, end users are charged only for what they use.

 Transient/spot: Some providers will offer up unused capacity at a discount via

transient/spot instances, but those instances can be reclaimed if the capacity is
needed.

IaaS advantages

Taken together, there are many reasons why someone would see cloud infrastructure as a
potential fit:

 Pay-as-you-Go: Unlike traditional IT, IaaS does not require any upfront, capital
expenditures, and end users are only billed for what they use.
  Speed: With IaaS, users can provision small or vast amounts of resources in a matter
of minutes, testing new ideas quickly or scaling proven ones even quicker.

 Availability: Through things like multizone regions, the availability and resiliency of
cloud applications can exceed traditional approaches.

 Scale: With seemingly limitless capacity and the ability to scale resources either
automatically or with some supervision, it’s simple to go from one instance of an
application or workload to many.

 Latency and performance: Given the broad geographic footprint of most IaaS
providers, it’s easy to put apps and services closers to your users, reducing latency and
improving performance.

IaaS use cases

 IaaS represents general purpose compute resources and is thus capable of supporting
use cases of all types. Today, IaaS is most commonly used for dev and test
environments, customer-facing websites and web applications, data storage, analytics
and data warehousing workloads, and backup and recovery, particularly for on-
premises workloads. IaaS is also a good fit for deploying and running common business
software and applications, such as SAP.
 And while IaaS is capable of supporting a very diverse array of workloads, as we will
explore in later sections, there are emerging compute models that might be better
positioned to support certain types of workloads or application architectures, such as
microservices.
IaaS use cases

IaaS represents general purpose compute resources and is thus capable of supporting use
cases of all types. Today, IaaS is most commonly used for dev and test environments,
customer-facing websites and web applications, data storage, analytics and data warehousing
workloads, and backup and recovery, particularly for on-premises workloads. IaaS is also a
good fit for deploying and running common business software and applications, such as SAP.

And while IaaS is capable of supporting a very diverse array of workloads, as we will explore
in later sections, there are emerging compute models that might be better positioned to
support certain types of workloads or application architectures, such as microservices.

IaaS vs. containers vs. serverless

More recently, the discussion around cloud workloads has become increasingly dominated
by containers and serverless. In many ways, IaaS was a step in the journey to the platonic
ideal of cloud.

IaaS does offer end users much more granularity to pay for what they use, but they rarely pay
only for what they use. Even virtual servers often involve long-running processes and less than
perfect capacity utilization.
IaaS abstracts away many low-level components so developers can focus on business logic
that differentiates the business, but it does still require end users to manage operating
systems, middleware, and runtimes.

IaaS is often more resource and financially efficient than traditional compute, but spinning up
a VM can still be somewhat time-consuming, and each VM brings with it overhead in the form
of operating systems.

This model of IT could support almost anything from a workload perspective but had room
for evolution when it came to certain underlying philosophies and values that make cloud,
cloud.

Containers and serverless are the two newer cloud models that are challenging the traditional
IaaS model for supremacy around certain classes of cloud native applications and workloads.

In some cases, the container has begun replacing the VM as the standard unit of process or
service deployment, with orchestration tools like Kubernetes governing the entire ecosystem
of clusters.

Serverless goes the furthest of any model, abstracting away nearly everything but the
business logic, scaling perfectly with demand, and really delivering on the promise of paying
only for what you use.

As the world moves more toward microservices architectures—where applications are

decomposed to their small piece parts, deployed independently, manage their own data, and
communicate via API—containers and serverless approaches will only become more
common.

Load Balancing

Load balancing is the process of distributing network traffic efficiently among multiple servers
to optimize application availability and ensure a positive end-user experience.
Because high-traffic websites and cloud computing applications receive millions of users
requests each day, load balancing is an essential capability for modern application delivery.

How load balancing works

Load balancing can be implemented in a couple of ways. Hardware load balancers are physical
appliances that are installed and maintained on premises. Software load balancers are
applications installed on privately-owned servers, or delivered as a managed cloud service
(cloud load balancing).

In either case, load balancers work by mediating incoming client requests in real time and
determining which backend servers are best able to process those requests. In order to
prevent a single server from becoming overloaded, the load balancer routes requests to any
number of available servers on premises or hosted in server farms or cloud data centers.
Once the assigned server receives the request, it responds to the client by way of the load
balancer. The load balancer then completes the server-to-client connection by matching the
IP address of the client with that of the selected server. The client and server are then able to
communicate and carry out requested tasks until the session is complete.
If there is a spike in network traffic, a load balancer may bring additional servers online to
keep up with demand. Or, if there is a lull in network activity, the load balancer may reduce
the pool of available servers. It can also assist with network caching by routing traffic to cache
servers where previous user requests are temporarily stored.

Benefits of load balancing

Availability
Load balancers perform health checks on servers before routing requests to them. If one
server is about to fail, or is offline for maintenance or upgrades, load balancing automatically
reroutes the workload to a working server to avoid service interruptions and maintain high
availability.

Scalability
Load balancing enables an on-demand, high performance infrastructure that can handle the
heaviest or lightest network traffic loads. Physical or virtual servers can be added or removed
as needed, making scalability simple and automated.

Security
Load balancers can include security features such as SSL encryption, web application firewalls
(WAF) and multi-factor authentication (MFA). They can also be incorporated into application
delivery controllers (ADC) to improve application security. By safely routing or offloading
network traffic, load balancing can help defend against security risks such as distributed
denial-of-service (DDoS) attacks.

Load balancing algorithms

The method for routing a request to a particular server is defined by a load balancing
algorithm. Load balancing algorithms provide different capabilities and benefits to satisfy
different use cases.

Round Robin
This algorithm uses the Domain Name System (DNS) to sequentially assign requests to each
server in a continuous rotation. It is the most basic load balancing method, as it uses only the
name of each server to determine which one will receive the next incoming request.
Weighted round robin
In addition to its DNS name, each server in this algorithm is also assigned a ‘weight.’ The
weight determines which servers should have priority over others to handle incoming
requests. An administrator decides how each server will be weighted based upon its capacity
and the needs of the network.

IP hash
In this algorithm, a computation simplifies (or hashes) the IP address of the incoming request
into a smaller value called a hash key. This unique hash key (which represents the user’s IP
address) is then used as the basis to decide how to route the request to a specific server.

As the name indicates, this algorithm gives priority to the server with the fewest active
connections when a new client request is received. This method helps to prevent servers from
becoming overloaded with connections, and to always maintain a consistent load across
servers.

Least response time

This algorithm combines the least connection method with the shortest average server
response time. Both the number of connections, and the time it takes for a server to perform
requests and send a response, are evaluated. The fastest server with the fewest active
connections will receive the incoming request.

Types of load balancers

While the primary purpose of any load balancer is to distribute traffic, there are several types
of load balancers that serve specific functions.

Network load balancers

Network load balancers optimize traffic and reduce latency across local and wide area
networks. They use network information such as IP addresses and destination ports, along
with TCP and UDP protocols, to route network traffic and provide enough throughput to
satisfy user demand.

Application load balancers

These load balancers use application content such as URLs, SSL sessions and HTTP headers to
route API request traffic. Because duplicate functions exist across multiple application
servers, examining application-level content helps determine which servers can full fill
specific requests quickly and reliably.

Virtual load balancers

With the rise of virtualization and VMware technology, virtual load balancers are now being
used to optimize traffic across servers, virtual machines, and containers. Open-source
container orchestration tools like Kubernetes offer virtual load balancing capabilities to route
requests between nodes from containers in a cluster.

Global server load balancers

This type of load balancer routes traffic to servers across multiple geographic locations to
ensure application availability. User requests can be assigned to the closest available server,
or if there is a server failure, to another location with an available server. This failover
capability makes global server load balancing a valuable component of disaster recovery.