Subscription hardware: choosing an IaaS cloud for a SaaS app

clock • 5 min read
Subscription hardware: choosing an IaaS cloud for a SaaS app

Subscription hardware: choosing an IaaS cloud for a SaaS app

Stability, scalability, financials, security - there are a lot of variables to consider when choosing a cloud provider

According to Gartner, SaaS is the largest segment of the cloud service market: in 2020, end users spent over $103 billion on software-as-a-service tools. To compare, IaaS and PaaS expenses for the same period were $59 billion and $46 billion, respectively. Why was there such a difference?

The explanation is obvious. SaaS is ready-to-use software for end users, while IaaS is targeted at system administrators, and PaaS, at developers. One would think that a subscription service provider should know all the details of such products; but when it comes to IT infrastructure, it's not that simple.

We approached this issue from an unusual angle: in this article, we'll speak about selecting IaaS for SaaS projects. Usually, it is about choosing one of two options: a cloud with virtual machines or dedicated servers. But in this sphere particularly, it's important to make the right choice.

What's more important: stability or scalability?

Dedicated servers are a better fit for SaaS apps with high performance requirements. Unlike virtual machines, dedicated servers don't spend capacity on hypervisor operation and do not compete with one another for resources, slowing each other's work. However, these servers are also not prepared for acute spikes in load, because they are limited by the capacities of the equipment. Developers must choose the lesser of two evils: easily scalable but less productive virtual machines, or more productive virtual servers which, however, cannot escape the limits of their own hardware. The answer lies in the middle.

If you don't want to sacrifice anything, neither scalability nor productivity, you need flexible cloud infrastructure, where you'll be able to use dedicated servers for the main load, and temporarily deploy extra virtual capacities in case of acute activity spikes. This can be done by combining products from different providers - but to save time and simplify the infrastructure management procedures, it's easier to choose a single versatile solution. Look for a company whose cloud has both dedicated (or bare metal) servers and virtual machines, and preferably one to which you can also add CDN, DDoS attack protection and other cloud services, to solve all of your infrastructure issues at once.

How to prepare your app for horizontal and vertical scaling

Clouds are flexible. With clouds, you only use the exact capacity that you need. But different situations may arise.

  1. When the number of users of a SaaS service grows, you must quickly adapt the infrastructure to their needs. In this case, your app needs horizontal scaling.
  2. If the average load on the app per user grows, you must quickly adapt the computational capacities. In this case, your app must be ready for vertical scaling.

It's not so easy to prepare a service for any changes in advance, but Bare-Metal-as-a-Service can help you do it. According to Intel, it can be hard to deploy this service - it's pretty time- and resource-consuming - but this problem lies fully on the provider. With the right provider, a customer should only needs to spend a few minutes deploying the right capabilities: a couple of minutes for a virtual machine, or up to 10 for a dedicated (bare metal) server. APIs can further simplify other tasks for consumers, including:

  1. Configuration management;
  2. Orchestration;
  3. Addition of new dedicated services.

For SaaS app developers, this means flexible and inexpensive capacity with simple management, which is a perfect fit for services whose demands might change.

How to launch and not go broke: choosing a server with no financial risks

In SaaS apps, acute load fluctuations are frequent. There may be different reasons for them: from force majeures, like the global pandemic, to scheduled marketing activities. And if the latter allows you to prepare the infrastructure for an influx of users, the first factor hits hard on developers' pockets.

To avoid problems, you can rent hardware under the pay-as-you-go model. With this model, you only pay for the capacities that you actually use in your operation. For example, some providers' clouds offer fixed hourly rates for bare metal servers: in other words, they will cost you exactly as much as you planned, even under maximum load. This approach allows developers to always be able to precisely predict infrastructure expenses and to be confident in its capacities.

SOS: the problem with introverted providers and how to avoid them

SaaS developers need to constantly work on their app and not be distracted by anything, including infrastructure issues. To ensure such conditions, you need to choose the right cloud provider. Whenever a problem arises, the provider must always be there and available — otherwise, even the tiniest incident could turn into a serious problem for your project.

First, make sure that the provider's support service works every day, or better every hour, and whether it speaks your language. A good example here is our own support, which is is always available and knows many languages - the documents are even available in Chinese. This allows a provider's clients to be ready for any incidents, and to focus on the most important thing: their product.

Waiting for DDoS: how to meet your guests and avoid failure

One widespread reason why SaaS products' operation may be disrupted are DDoS attacks at the network and transport levels. It's best to be fully prepared for them, for example by using Bare-Metal-as-a-Service with added DDoS attack protection. It gives app developers full control over the rented hardware, and in some cases also allows the use of extra protection measures, including Intel's SGX technology: a set of processor instructions that apps can use to create private code or data areas, ensuring extra protection against disclosure or modification.

Such safety measures are the perfect choice for SaaS services with higher protection requirements, such as business apps with confidential user data. With the right cloud, service developers can efficiently prevent leaks and quickly react to any threats.

Alex Federighi
Alex Federighi is G-Core Labs' deputy head of cloud platforms

Sign up to our newsletter

The best news, stories, features and photos from the day in one perfectly formed email.

More on Cloud Computing

IT glitch takes passports gates offline across the UK

IT glitch takes passports gates offline across the UK

However, a cyber attack has been ruled out

Tom Allen
clock 08 May 2024 • 2 min read
Enter the Cloud Excellence Awards 2024

Enter the Cloud Excellence Awards 2024

Enter today!

clock 28 March 2024 • 1 min read
NCSC issues guidance for migrating SCADA systems to the cloud

NCSC issues guidance for migrating SCADA systems to the cloud

SCADA systems are an enticing target for cybercriminals

clock 19 March 2024 • 3 min read