Infrastructure as a Service (GCE, AWS, Azure, etc) operates from a deployment perspective with physical machines/virtual machines as a level of abstraction.
On the other hand, Platform as a Service operates from a developer perspective which leans on Git (or whatever is your favorite version control system).
This is a fundamental difference and a source of Dev vs Ops power struggle.
Devs work with a local machine. Ops deal with lots of machines.
Devs work to build features (change). Ops deal with stability.
Devs want to make sure that what works on their local machine should work on any other machine regardless if it is on private or public network. Ops too.
Devs with Git. Ops deal with configuration management.
Fortunately, there is one abstraction that can deal with concerns of both camps: Docker container.
Docker is like a JVM (Java Virtual Machine). The difference is that the former delivers, the latter falters. Docker lets you fulfill the promise of “build once, deploy anywhere”. Just let the Ops deal with the orchestration, networking and other operations where they are better off than the developers.
So what has Docker anything to do with IaaS vs PaaS?
If you don’t get it, let me get it straight for you. PaaS is a black box. There is no visibility into the machine where your application is running. That’s because the PaaS hides it for you. That’s because PaaS confuses development with deployment. Development and deployment are two different things. PaaS assumes you develop with Git and you deploy from Git (or any DVCS for that matter). PaaS operates at a level of abstraction which is fundamentally wrong. Just look at the PaaS before them and see how GCE subsumes AppEngine or how Azure initially launched as PaaS and how it transforms into an IaaS. This applies and will apply to all PaaS out there being developed now and into the future.
PaaS assumes you are a developer and will remain a developer. Sure, you can outsource operations to PaaS provider but that is assuming you know the consequences. But if you are thinking about a private PaaS, you still cannot escape the fundamental role of operations.
On the other hand, consider IaaS. IaaS has clear mandate for separation of concerns, that is, developers and operations are separate. IaaS operates at a level of abstraction which is the physical or virtual machine. If you want visibility into your machine, you can do so provided it is a private IaaS. Joyent is an exception among public IaaS. Developers work on their local machine and hand it off to whatever is your operations tool (e.g. Ansible). Here, IaaS lets you work with your favorite VCS and you can use your favorite tool for deployment and management.
There are two takeaways for this post:
Strong version – do not use PaaS
Weak version – if you are going to use PaaS, beware of its trade-offs.