Recently, a startup called Rap Genius and Heroku went back and forth on whether Heroku intentionally misled their customers about the resources underneath their PaaS platform. Having known Heroku for a long time and the fact that Salesforce will not want a PR mishap on such an issue, I personally feel that Heroku may not have intentionally misled their customers. Without going into the validity of claims and counterclaims in this case, I want to use the story to talk about a bigger point, i.e. hosted PaaS visibility.
The idea behind hosted PaaS to abstract away all the complexities of the infrastructure and give developer one push access to deploy their applications. By using hosted PaaS, developers need not worry about provisioning and management of the underlying infrastructure and focus just on application development and deployment. It was very appealing to many developers wanting to go from idea to production faster than anytime in the past (agile development). However, this level of abstraction comes at a cost to developers. They have very little leverage when it comes to knowing what is under the hood. For some organizations, this lack of transparency can be frightening.
Let us now shift gears and go back in time by few years. In the early days of cloud computing, lack of transparency on the part of cloud providers were cited as one of the concerns against public clouds. Those concerns were mainly from the security angle, lack of transparency was worrisome for many in IT. To help ease those concerns, a group of security pundits headed by Chris Hoff came up with the idea of CloudAudit. In my opinion, it was a great idea with a potential to make public clouds more palatable to the enterprises. But they were little bit early in the game and it eventually lost traction and got folded into Cloud Security Alliance.
I see similarities between the lack of (performance related) transparency in PaaS and lack of (security related) transparency in clouds (in general). Yes, Heroku was offering monitoring services as an add-on which could help their customers gain more visibility into the service. Other hosted PaaS vendors offer similar solutions. However, as seen in the Heroku-Rap Genius flap, it doesn’t always help. It is difficult for PaaS customers to bring in their own monitoring tools so that they can trust PaaS completely. Such a trust is critical for large scale adoption of hosted PaaS offerings. Especially for enterprises, PaaS visibility is one of the key requirements (both in terms of performance and security) for the use of hosted PaaS offerings for mission critical applications.
At Deploycon 2013, we are dedicating a session to discuss PaaS visibility with some of the hosted PaaS vendors and industry leaders. If you are a startup or enterprise wanting to use PaaS for your IT needs, it is important you think about PaaS visibility as a part of your platform strategy. The session at Deploycon will help customers understand the issue better and also learn about the right strategy going forward. Check the Deploycon website early next week to learn more and register.