Companies are addressing challenges associated with web application deployments to clouds from two different directions. There are Platform product providers such as Google (Google App Engine), Amazon (Amazon Beanstalk), and Heroku who have built PaaSes that are attached to a cloud. Then there are companies such as Codeship, ContainerShip, Cloud66 who are coming at this problem from CI/CD (Continuous Integration / Continuous Deployment) viewpoint. There are key differences between these two approaches.
- Multi-cloud: PaaS products typically enable deployments to only that cloud on which that product is running. For instance, if a open source PaaS such as Flynn or CloudFoundry is hosted by an organization in their private cloud, it will support application deployments only to that cloud. The reason a PaaS product will not support multiple clouds from within a single installation is that it needs to mesh with the infrastructure layer of the cloud at a deep level in order to support its functions of provisioning native service instances, integrating with the auth/authz capabilities of the cloud, providing application instance monitoring, and so on. This makes it hard for a PaaS product hosted on one cloud to also support deployments to other clouds. CI/CD products typically don’t have this constraint. This is because, CI/CD products so far have concentrated on building and deploying applications as Docker containers. Most of the cloud providers have started supporting Docker-based applications (using one of Docker swarm, Kubernetes, Mesos as the container orchestration system). CI/CD products leverage this capability and are able to support application deployments to multiple clouds. However, there is a flip side to it. CI/CD products don’t typically support integrating application containers with native services. Instead, they use Docker to provision the service as well (i.e. if an application needs MySQL, they will spin up a MySQL container in the cloud and connect the application container to it, instead of provisioning native cloud service, such as DynamoDB on AWS, and connecting application to it).
- Deployment artifacts: Applications can be built and deployed as virtual machine images or as containers. PaaS products typically support both. Building a VM image is resource expensive action, but it also has the advantage of providing best isolation when deployed. A container image is relatively cheap to construct. However, container security and isolation is still not a completely solved problem. PaaS systems typically support both. CI/CD systems typically tend to only support container images.
- Application testing: CI/CD systems excel in running application tests (unit, integration, or functional) as that is one of the primary focus for them. A system needs to provide following features for application testing — isolated environments for running unit tests, integration with version control systems to trigger test execution upon code push, deploying application artifacts to different environments (dev, test, staging), tracking and collecting test results. CI/CD systems are built to support these requirements. On the other hand, PaaS systems have traditionally focused on mechanisms for application deployment and setup in the cloud — provisioning native services required by the application, setting up application monitoring and alarms, auto-scaling, and so on. Recently some PaaS systems, such as OpenStack Solum, have started adding support for application testing in their application build/deploy workflows.
- Infrastructure control: One of the key areas where PaaS systems differ from CI/CD systems is the level of control that an application developer has over the infrastructure on which applications are deployed. PaaS systems such as Amazon Beanstalk allow ssh access to the virtual machine instances on which application are deployed, or support controlling at a very fine level the service instances that would be provisioned for the application, or support setting of monitoring policies, and so on. CI/CD systems typically do not provide such control, as their main focus is on testing and deployment of application as containers.
- Development tooling: Both, PaaS and CI/CD systems provide tools for developers. For example, Google App Engine provides a Cloud SQL proxy service that can be run locally and can be used by application developers to connect their local applications to the Cloud SQL instance. Codeship provides Docker-based tooling to run tests locally. PaaS systems typically also provide plugins for popular IDEs such as Eclipse and Intellij Idea.
So which system should you pick?
It depends on your requirements. If you need application testing, and applications are going to be mostly built as containers and deployed as containers, then using a CI/CD system might be a better choice. If on the other hand you want to have control over the infrastructure, ability to deploy applications as either VMs or containers, and use of native services with your application, then going the PaaS route is a better option.