Building the foundation: infrastructure as a service (IaaS)

Just like any other construction, we need to establish a good foundation for the company's infrastructure. In the public cloud, it is attractive to use advanced services such as artificial intelligence, data warehouses or managed container services. But in most cases we build the infrastructure foundations from the most ordinary services, which can, of course, mess with our heads. I'll try to spare you that.

More flexibility means more responsibility (and vice versa)

In the cloud environment, there are three basic types of services that can be drawn upon: Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS). They differ not only in the way they are managed and drawn upon, but also in the level of flexibility according to other needs. We will discuss PaaS and SaaS services in detail in the next articles, but for the time being we will suffice with a basic idea to illustrate a shared responsibility model, the so-called shared responsibility model (which has already been discussed in the article about cloud types):

SaaS: Software as a Service

As shown in the figure, in the case of SaaS the provider supplies a complete software solution. This eliminates any concern about the assigned computing power in which the application is running, including possible failures. All responsibility is delegated to the provider and you are left with only concern for datathat we provide to the application - who can access them and how?

An example of a SaaS service could be Salesforce or Microsoft 365. In most cases, SaaS services are charged on a pay-as-you-go basis, i.e. according to actual consumption (e.g. number of users, GB of data, etc.).

PaaS: Platform as a Service

In the case of PaaS, our responsibility for the service is already growing significantly. We are no longer talking about the final consumed application, but about a service that is partly managed by the cloud provider and partly by the client. Typically, this is the case with databases, where we are concerned with how our application works with the database, how to access it, and whether (and how) to configure it.

Configuration of PaaS services can sometimes be limited because we don't have full control over the system, and sometimes not even the version on which the service is running. In this case, the provider performs basic administration of e.g. the database - they guarantee that it is available, updated, and solve any system and platform problems.

IaaS: Infrastructure as a Service

And then there's IaaS, an essential service for all public cloud providers. While I try to guide clients to be progressive in their use of cloud services, IaaS is something we can't do without. Despite the fact that IaaS represents the cornerstone of any cloud architectureI always warn clients against excessive use of this service. Why?

Please VaaS, what is IaaS?

Today, you can get virtual infrastructure as a service from the vast majority of domestic "public cloud" providers. But they usually don't offer no other PaaS or SaaS services. This is why increasingly, even large and regulated companies are turning to foreign providers such as Microsoft Azure a Amazon Web Services.

Infrastructure as a Service most closely resembles what we know from the regular on-premise world. Therefore, clients tend to gravitate towards this service when adopting the cloud, which can lead to more frequent lift and shift of existing technologies (and new ones!) to the cloud. If you are going to use pure IaaS services, you don't use the cloud efficiently and you'll miss out on a lot of the other benefits it offers.

As is usually the case, each service has its advantages and disadvantages. IaaS brings with it significantly increased flexibility and control over what I can do with the service (especially compared to what we know from on-premise virtualization environments).

IaaS and virtual servers

Popular representatives of IaaS are virtual servers (VMs)that demonstrate the different approach of cloud services. If you use an IaaS VM, you have full control over it, you can install whatever software you want on it and configure everything as you like.

However, I also have to take care of such a VM and keep it updated. If I want to keep it highly available, for example, I will have to deal with other VMs in terms of backup nodes and perhaps components like loadbalancer. In case of unavailability, then the responsibility for solving the problem falls on the client (unless it is a failure/unavailability of the cloud platform itself or part of it).

Virtual machines in the public cloud have a large range of parameters from which I can choose. To avoid choosing outdated or cost-prohibitive instances for a given purpose, it is worth choosing the family and instance type itself define in larger companies by catalogue(taking into account processor performance, memory size, disk space speed and size, short-term performance boost, and other characteristics).

Similarly, it is necessary to have control over which region and what type of high availability is selected, especially in manual creation. We recommend that new virtual machines be included in the network, security, and backup infrastructure by policy or internal processes.

Last but not least, it is necessary to think about monitoring the new virtual machinein terms of expected availability, performance and also in terms of cost monitoring (especially deviations from normal).

Characteristics of Infrastructure as a Service

Billing is usually in the form of IaaS pay-as-you-go, i.e. for consumed services (possibly there is also the possibility of reserved instances for VMs). Rather than get your pants in the cloud, we'll look at IaaS costs in more detail in a future article.

Infrastructure as a Service is consumed on-demand according to the user's current requirements and can be to scale in any way (either by using more resources or by reducing the capacity needed).

Today it is also possible to use other less typical resources in the form of IaaS, such as Content Delivery Networks (CDN), load balancers, firewalls or various types of storage infrastructure.

Access to high availability

Virtualized infrastructure has the advantage that the provider takes care of the data center and its problems. In the price of services we get a certified datacenter (or more datacenters), which usually includes high availability.

Each cloud environment offers different high availability features for different types of services. Unfortunately, for example, compared to a traditional VMware on-premise solution, there are significant differences between cloud providers and specific services.

If we focus on the basic type of infrastructure services (virtual machines a storage), in the case of on-premise solutions this functionality is typically handled by VMware HA technology. Thus, when the physical hardware fails, the virtual server automatically (and almost instantly) restarts on another physical server.

But the situation is much more complex for cloud providers.

Amazon Web Services offers a range of services and solutions for high availability of applications and services. However, from our perspective, it is most complicated compared to the classically perceived high availability of on-premise solutions.

As in the case of Microsoft Azure, it is necessary to approach the virtual server as a logical unit consisting of a computational part (EC2 - elastic compute cloud) and from the storage part (EBS - elastic block storage, InstanceStore, ESF - elastic file systemEach of these components has different characteristics and different high availability features.

Microsoft Azure from a high availability perspective more recalls on-premise solutions built on a platform VMware vSphere using technology vSphere HA.

Generally speaking, in the event of a physical hardware failure, the virtual server will automatically restart. Unfortunately, compared to an on-premise solution, the downtime of a single VM can be incomparably longer.

If higher availability of services is required, it is possible (as in the case of AWS) to use the services of Azure Load Balancing or Azure Autoscale.

Regions and zones

The basic building blocks of high availability of global service providers are regions and zones. This functionality is similar for both key representatives of global service providers (Amazon Web Services and Microsoft Azure).

The region is completely isolated environmentthat do not share any infrastructure with another region. Individual regions are connected only by backbone connectivity. The regions serve as global fault-domains (geographically separated and isolated datacenters where the failure of one does not affect the other) and aim to completely separate the environment for business continuity & disaster recovery Solution.

It is usually not possible to natively connect two virtual servers between regions over an internal network, but it is possible to replicate data between regions. Data connectivity between regions is typically charged for, but is cheaper than internet connectivity.

It should be noted that the existence of a region does not automatically imply support for a particular service or service option. The range of services offered may vary from region to region.

By zone is meant specific data centre (or several nearby data centres in one location) within the region. Each zone is fully redundant and does not share any infrastructure elements (cooling equipment, diesel generators, network infrastructure, etc.) with another zone.

The zones are interconnected by a high-capacity network with minimal latency and connectivity within the zones is not charged.

Virtual servers (or other services) can be located in different zones within each region and are connected by an internal network.

Conclusion

The uptake of IaaS public cloud services is a very large chapter due to the dynamic development of a wide range of services. Advanced automation enables extremely efficient deployment and managementthat would be very difficult to achieve in any other environment.

I highly recommend you study the cloud providers' service offerings well and don't be afraid to test, pilot and test! And also read other articles of our Cloud Encyclopedia.