• United States



Contributing Writer

The FCC takes a best-of-breed approach to PaaS

Nov 03, 201610 mins
Cloud ComputingIT Leadership

Choosing a few PaaS offerings that could support modular, reusable functions for common processes gives the Federal Communications Commission the ability to easily incorporate new security services into the service catalog, says CIO David A. Bray.

For six years, Watchfinder, a U.K.-based global buyer and seller of pre-owned luxury watches, split the role of DevOps between application development and management of a virtual infrastructure environment. But the company’s ambitious growth plans, which included expansion to the U.S. earlier this year and an expected doubling of monthly watch sales, required IT director Jonathan Gill to think differently.

His plan was to find efficiencies in operations so that more resources could be dedicated to development.

“We’ve grown rapidly over the past couple of years, and my team has been expanding, but not on the infrastructure side — only developers,” he says.

To align with the company’s goals, Gill turned to a platform-as-a-service (PaaS) offering, a cloud-based system that eliminates the need for hands-on attention to the underlying architecture of an application environment. The PaaS setup provides development and deployment services, as well as a variety of runtime middleware services to facilitate the construction, testing and operation of applications.

Big tech players — including Amazon, Google, IBM and Microsoft, among others — have entered the PaaS market, creating platforms that free customers from the heavy lifting of architecture configuration, deployment and management to focus more fully on development of core applications.

Gill’s team, for example, migrated away from its Amazon infrastructure-as-a-service (IaaS) virtual server environment to Microsoft’s Azure PaaS offering. DevOps team members now concentrate on creating applications that provide a competitive business advantage, such as a reimagined database that can quickly generate real-time sales quotes.

Moving away from a single SQL Server setup, the team has developed an application that logs all of the company’s purchases and sales of watches and uses Hadoop clusters to analyze them along with market activity, historical trends and other data, and then taps Azure’s Machine Learning Studio to automatically generate quotes for customers who want to sell watches.

The data also is used to populate a catalog for buyers. “Because each watch is unique, with its own model number and origin, none of the off-the-shelf databases worked for us and we wanted to bring in more automation,” Gill says. Now, he says, 85 percent of the day-to-day quote-generating process can be done automatically.

Because Watchfinder was already an entrenched Microsoft shop, Azure was a natural fit and the transition was smoother — and less expensive — than moving to a new platform, says Gill, noting that Azure’s approach makes sense to his DevOps team.

Rob Enderle, principal analyst at Enderle Group, says businesses that are considering PaaS need to evaluate their platform requirements, their existing talent pool and their expected rate of growth in order to identify the offering that’s right for them.

While Microsoft is a more recent entry into the PaaS marketplace, it has gained traction among enterprise users, according to Enderle. “Microsoft has made Azure its business,” he says, adding the company’s large footprint gave it an easy path to the top tier.

Other companies, such as Amazon and Google, aren’t focusing on PaaS yet. “Amazon’s primary business is still being a retailer, and Google’s primary revenue source is selling information to others. They aren’t focused on making money off of enterprise cloud services,” Enderle says.

He says IBM’s Bluemix is an interesting up-and-coming PaaS offering because it is bolstered by IBM’s $2 billion acquisition of SoftLayer’s cloud-based platform. “PaaS is much closer to IBM’s core business than it is to Amazon’s,” Enderle says.

A maturing market

He cautions, however, that the PaaS market is still young and says enterprises that are evaluating vendors need to focus on three key factors: speed, regulatory compliance and cost, with the first two being of utmost importance. “If you’re the fastest and you can comply, no one will be able to touch you,” he says.

But PaaS technology is maturing. Where it was once all about development, it’s now “a layer that is an integration of very important services,” says Michael Fauscette, chief research officer at software research and review firm G2 Crowd.

PaaS now encompasses application servers, security, identity, social collaboration tools, load-balancing and storage. “It’s starting to look more like what you would have built on your own premises,” Fauscette says.

Stitching modules together

He stresses that PaaS systems aren’t one-size-fits-all and that some organizations might choose multiple offerings. “We’re not moving to a world where we have one PaaS platform per company,” he says. For instance, a Microsoft shop that was already using Amazon Web Services for infrastructure as a service might choose to use both Amazon’s Elastic Beanstalk and Microsoft’s Azure for PaaS.

The Federal Communications Commission makes a point of avoiding vendor lock-in and uses multiple PaaS systems so it will always have an exit strategy and won’t end up stuck with a single system that succumbs to legacy ossification, says CIO and senior executive David A. Bray. (Be sure to watch this video of Bray discussing the FCC’s journey to the cloud.)

He pursues a best-of-breed approach, choosing the vendor whose offering is best suited for each project.

“We want to remix different solutions across the enterprise, and if there are barriers to that, then that, to me, removes choice and flexibility,” Bray says, adding that he makes sure the FCC’s PaaS contracts have clear exit clauses. “The last thing you want is a platform to become a place where you park your data and it gets expensive to exit,” he says.

Bray says the FCC embraced PaaS as an avenue for moving away from legacy systems — some as much as 20 years old — that each had their own unique presentation, code and data layers. “We used to have three generations of software to manage,” he says.

That was a “messy” situation, he says, noting that everything was written as custom code — time-card applications, for example — and was expensive to maintain. He wanted to be careful not to re-create the same scenario in the cloud. “We didn’t want to go from 207 systems to 207 different business processes,” he says.

So Bray settled on a few PaaS offerings that could support modular, reusable functions for common processes such as authentication, data collection and data visualization.

One of the many benefits to this approach, he says, is that it gives the FCC the ability to continue with its best-of-breed approach as new services come to market. For instance, if a new security service emerges, he will easily be able to incorporate it into the service catalog.

“PaaS ideally minimizes the times developers have to write code from scratch. Instead they can stitch modules together in a PaaS or across [services] and not have to rewrite an application,” Bray says.

Jeff Kaplan, CEO of consultancy, says large enterprises that have thousands of custom-built on-premises applications will eventually migrate to the cloud, but it will be a slow process. PaaS can make the transition easier. “PaaS has the power to make companies more nimble in responding to differing market pressures. The less complex your environment and the less investment you’ve made in custom on-premises applications, the freer you are to make the shift to PaaS,” he says.

Small and midsize businesses will find PaaS an attractive option because “they can get in the game and punch way above their weight class,” says Stephen Hendrick, an analyst at Enterprise Strategy Group. “They can spin up important resources for development or production. All the tools are there.”

A welcome operations shift

Bleacher Report, a sports content site owned by Turner Broadcasting System, containerizes data to gain peace of mind with PaaS and avoid vendor lock-in, says DevOps manager Benson Wu.

He says he uses Docker, which enables him to build, run, test and deploy distributed applications based on Linux containers in Amazon’s Elastic Beanstalk environment. He simply tells Amazon how to deploy the container and configure it. His team no longer has to fret over specifics such as load-balancing and provisioning details for each development project. Docker as a unit of deployment also gives Wu the flexibility to run it anywhere, because it encapsulates both the code and its dependencies.

Prior to using Docker, Bleacher Report relied on a managed cloud service atop Amazon Web Services but found that setup constricting and cumbersome. “If we had a big event, we had to run everything through the managed provider, including server provisioning. If they changed code, we had to change code,” he says.

Bleacher Report also tried managing its own infrastructure, but that was a burden on its small DevOps team, which had to write code with configuration specifications for each project. The layers of complexity increased the time it took to get a proof of concept up and running, Wu says.

With the automation that PaaS provides, Wu says, the operations load has shifted from deploying and maintaining applications to concentrating on how to scale them. His current challenge is to make the site more efficient by identifying bottlenecks within the microservices on the PaaS platform.

“Historically we’ve been a monolithic company that had two or three code bases that ran everything. But that’s unmanageable over time,” Wu says, explaining that he’s breaking big applications into pieces and separating the code bases. “We’re crushing a lot of tech debt and getting rid of interdependencies,” he says.

Customers already are seeing results, he says. The time it takes to issue personal alerts about events such as player trades has dropped from 10 to 15 minutes to one or two minutes.

Building knowledge

Hendrick advises against choosing a PaaS option just because it matches your talent pool — though he understands the allure of that option. “If you’re a developer, you can be immensely productive in tools you know well,” he says. But, he adds, most developers use multiple languages, so organizations should above all pick the right tools for the job.

As for which to choose, he says Google is putting a strong emphasis on innovation but doesn’t have a legacy story to tell like IBM and Microsoft. Amazon, he says, is adding new services based on customer needs.

Enderle advises against moving to PaaS if you don’t have staffers with skills in that area. “Bring on some people who have done PaaS before. You don’t want to learn by doing,” he says. “Moving between platforms is still not the easiest thing, and if you get it wrong, you can rack up costs.”

At Watchfinder, Gill says he and his team took time to learn the particulars of Azure. “My lead developer and I went from zero knowledge to a fully deployed stack,” he says.

He says he has discrete services dedicated to discrete areas of the business to avoid complications. To keep up with changes in PaaS technology and make sure Watchfinder is using it to its optimal level, he encourages his team to play with the technology and develop proofs of concept aligned with the business. For example, the operations team is testing Azure’s search service to improve querying in Watchfinder’s core business application.

Gill says he’s excited to see where PaaS is headed and appreciates the freedom it provides his operations team. “Instead of thinking of a muddle of systems, we can get going on new features and business ideas,” he says. “It’s refreshing.”

Contributing Writer

Sandra Gittlen is a freelance writer and editor in the greater Boston area. She covers a range of topics, including technology, business, healthcare, financial and lifestyle.

More from this author