Digital Developer Conference: Cloud Security 2021 – Build the skills to secure your cloud and data Register free

Cloud technologies: How they all fit together

Cloud computing represents a massive paradigm shift in the way IT resources are created, delivered, and consumed. Cloud computing technology also serves as a core foundational driver of growth and innovation across the global IT landscape. However, the cloud computing solution space can indeed be confusing with a lot of new terms and technologies. Even organizations that have been using the Internet and cloud computing for basic tasks like mobile email, can go a little deeper and take a broader view of cloud computing.

This article explores a range of cloud technologies: infrastructure as a service (IaaS), platform as a service (PaaS), software as a service (SaaS), private cloud, hybrid cloud, IBM Cloud, software-defined environment (SDE), Docker, application programming interfaces (APIs), Cloud Foundry, DevOps, and IBM Power Development Platform. What are they? How do they all fit together? Where and how do I get them? And how are they used?

There are lots of questions, we know—but don’t worry, you came to the right place! We acknowledge that a lot of new technologies have been introduced into the marketplace around cloud computing. This article aims to provide some clarity around what the technologies are and illustrate how they are used together with some common use cases. We start with some important basic concepts and dive deeper into some newer areas. Because we work for IBM, we focus mainly on IBM examples around cloud computing solutionsh, our specific area of expertise.

Basic cloud computing concepts

Cloud computing, often referred to as the cloud, is the delivery of on-demand computing resources — everything from applications to data to hardware, software, and even data centers — over the Internet on a pay-for-use basis. In addition, cloud computing can include the ability to rapidly and dynamically provision and then de-provision IT resources, a self-service approach to IT (rather than having users go through an IT department to gain access to IT resources), and the realization of business efficiencies (by extensively sharing resources and delivering those resources in very fine-grained increments).

Service models

  • Infrastructure as a service: IaaS provides users with basic computing resources including servers, networking, storage, and data center space on a self-service and pay-per-use basis. IaaS is often referred to as the foundational layer for cloud computing. In a typical IaaS cloud model, the basic computing resources provided to users are either bare metal (dedicated) or virtualized (shared). IaaS can be exploited by users or service providers who offer more specific or advance cloud services on top of their IaaS base platform. Some high profile vendors in the IaaS market are IBM, Amazon, Oracle, Microsoft®, Hewlett-Packard, Fujitsu, Rackspace, Computer Sciences Corporation (CSC), Google, and Joyent.
  • Platform as a service: PaaS builds on top of IaaS and provides a combination of infrastructure and platform software. It typically means cloud-based application development, middleware, database software, and appropriate hardware environments with everything required to support the complete lifecycle of building, testing, and delivering web-based (cloud) applications — without the cost and complexity of buying, managing, and maintaining the underlying hardware and platform software.
  • Software as a service: SaaS provides network-based access to applications running in the cloud. Typically, in SaaS solutions, many clients share access to cloud delivered software and databases. So, a key attribute of SaaS solutions is that they are built for multi-tenancy, which means the software, hardware, and data can be used and shared securely by many people at the same time). Very common SaaS applications include customer relationship management (CRM) systems, enterprise resource planning (ERP) systems, or other industry-specific applications. IBM, Oracle, Microsoft, and Salesforce.Com are examples of well known SaaS providers.

Deployment models

  • Private cloud: A private cloud is a cloud computing system typically set up behind a firewall with a very rigorous set of technologies that enables controlled access to cloud services and data. A specific example is a Fortune 500 company that enables IaaS, PaaS, or SaaS solutions and makes them available in-house to its own employees. Most companies choose private cloud solutions as a first step into cloud to ensure that controlled access is in place for their cloud resources. As a logical evolution, typically private clouds will evolve to manage workloads across data centers, using both private clouds and public clouds — thereby creating hybrid clouds.
  • Public cloud: A public cloud is a cloud computing system typically set up in the public domain which can also include security technology that enables controlled access of public cloud services and user-specific data. Examples of popular public cloud include IBM SoftLayer, Amazon, Google, Microsoft Azure, Rackspace, and so on. For example, if you have used Google or Bing for search, or Google for Gmail, you have already used a public cloud.
  • Hybrid cloud: A hybrid cloud uses technology that allows you to combine or “stitch together” cloud applications and data that spans traditional on premise IT systems, private cloud services, and data and public cloud services. The reality is that a private cloud usually cannot exist in isolation from the rest of a company’s on-premise non-cloud IT resources and the public cloud. Most companies with private clouds will evolve to manage workloads across data centers, private clouds, and public clouds — thereby creating hybrid clouds. Hybrid cloud applications typically involve using secure cloud connectivity technology, along with APIs and API management solutions.

Cloud architecture

Users of cloud computing can use IaaS, PaaS, and SaaS, all accessed quickly and remotely, from a variety of vendors, on a pay-as-you-go basis. Developers, testers, and operations people can use the PaaS capabilities of cloud to very quickly create and deliver new cloud applications and services. Enterprise or industry-specific SaaS solutions can be implemented on a variety of cloud platforms. In addition, organizations can choose between using a private cloud model or a public cloud model, or even mix and match both by using hybrid cloud.

Figure 1 represents a complete cloud computing reference architecture (in this case, IBM cloud computing reference architecture). As you can see from the lower parts of the box, to build a cloud you start with hardware (servers, storage, networks, and facilities). Next, add cloud software (for example, OpenStack) to help create and deliver some of the basic cloud functionality such as IaaS, and the operational and business support services for cloud. Then, add a PaaS solution, for example IBM Cloud. And lastly, you can add in or deliver SaaS applications and combine them together to create business processes, and also deliver them all as a service. Security, performance, scaling, resiliency, and governance are also critical elements of a cloud solution.

The left side of Figure 1 shows a view of the consumers of cloud (for example, end users). The right side shows a view of the producers of cloud content, and applications and cloud services.

Figure 1. IBM cloud computing reference architecture infrastructure

Deployment models and examples

Private cloud

Many companies, including IBM, implement private cloud solutions typically by building a combination of either bare metal or virtualized cloud infrastructure, then adding in a delivering cloud software using the PaaS or SaaS models to their users, on a restricted access basis. It is important to note that private cloud solutions can run on multiple types of hardware infrastructure (x86, IBM Power®, IBM Systems z®, IBM storage, and so on), and can often support multiple hypervisors (KVM, IBM PowerVM®, IBM PowerVC, IBM z®/VM, VMware, Microsoft Hyper-V, Citrix Xen) to take advantage of the business efficiencies gained by virtualization and consolidation. IBM itself is an example of a company that employs many private cloud solutions. Private clouds by nature target access to a specific set of users, and might be required to conform to legal and governance restrictions, and might not be open to the general public. PayPal’s use of private cloud technology based on OpenStack is a second example.

Public cloud

IBM Power Development Cloud (PDP) is a public cloud platform. Formerly known as Virtual Loaner Program (VLP), PDP is intended to meet many, but not all, of the typical IBM Business Partner® requirements for remote, very low cost access to IBM Power Systems hardware and middleware. IBM PDP Cloud is very popular because it enables users (for example, ISVs or other Business Partners) to quickly and efficiently access and develop solutions on IBM Power hardware and IBM software at little to no cost so that Business Partners can focus on creating their next generation of innovative solutions.

Public and private cloud

SoftLayer, acquired by IBM in July 2013, offered both public and private cloud platforms. IBM Cloud provides cloud IaaS from a growing number of data centers and network points around the world. Customers range from small web startups to global enterprises. Products and services include bare metal and virtual servers, networking, turnkey big data solutions, private cloud solutions, and more. The unique advantages of IBM Cloud include the industry’s first network-within-a-network topology for true out-of-band access, and an easy-to-use customer portal and robust API for full remote access of all product and service management options.

IBM Cloud Managed Services

IBM Cloud Managed Services™ is a fully managed and highly secure IaaS cloud that is optimized for critical enterprise workloads. It offers unique instance-level virtual machine (VM) uptime SLAs to 99.95% and many advantages of a private cloud (such as options for dedicated servers and storage while providing flexible scaling and the benefits of cloud economics). Access to IBM AIX® running on IBM Power Systems environment is available through IBM Cloud Managed Services.


Find many other cloud client use case examples at IBM Cloud Computing or OpenStack.

Complimentary technologies and methods

Development and operations (DevOps) is a software development method that stresses tight cooperation between software developers, customers, and other information-technology (IT) professionals along with rapid creation and delivery of new cloud services. DevOps is optimized to address the interdependence of software development, client requirements, and the actual cloud IT operations and runtime platform. DevOps, combined with analytics, easily supports the creation and continuous delivery of next generation cloud services. Cloud PaaS environments, such as IBM Cloud, are often optimized for rapid application development, differentiate themselves by the types of services they provide, and also easily participate in a full DevOps environment.

Cloud services

Cloud services are cloud-native applications written specifically for running in a cloud runtime environment (for example, a new cloud analytics application written specifically to support execution in an OpenStack environment). Most frequently, cloud services are written and deployed using a cloud PaaS environment that also support DevOps. Ideally, cloud services can be deployed across multiple cloud environments that meet specific requirements (for example, performance, scale, and so on). Cloud services are also re-useable in other contexts by other, newer, different cloud services. Cloud services are often placed in and stored in cloud providers’ service catalogs and conform and interact with the requirements of the cloud operating and business support layers.

Monolithic (pre-cloud) software applications

Monolithic applications can also be re-architected to run on cloud platforms. This is typically done by creating a cloud virtual appliance based on the monolithic software running in a virtual machine with some specific scripting and re-packaging that cloud enables the application.

Cloud Foundry

Cloud Foundry is an open source cloud computing PaaS solution originally developed by VMware, managed by Pivotal Software (a subsidiary of VMware),

IBM Cloud

IBM Cloud is a PaaS offering based on the Cloud Foundry open source project. It supports several programming languages and services as well as integrated DevOps to build, run, deploy, and manage applications on the cloud. Cloud runs on the SoftLayer infrastructure.


Docker is an open platform for developers and system administrators to build, ship, and run distributed cloud applications, which are often called cloud services. The Docker applications run inside a Docker supplied runtime engine, also called a Docker container. The Docker ecosystem includes a Docker container engine, a portable, lightweight runtime and packaging tool, and a Docker hub (which is a cloud service for sharing applications and automating workflows). Kubernetes is a portable, extensible open-source platform for managing containerized workloads and services, and automating deployment, scaling, and management of containerized applications.


OpenStack is an open source cloud operating system that controls large pools of compute, storage, and networking resources, all managed through a dashboard that gives administrators control while empowering their users to provision resources through a web interface. OpenStack IT resources are made accessible to developers through APIs. OpenStack can be used to manage IT resources in a single data center or across multiple data centers (regions).

Software-defined environment

Software-defined environment (SDE) is an IT infrastructure (both hardware and systems software) that enables compute, network, and storage resources to adapt to changing workloads. Many cloud workloads or use cases can be very dynamic in their behavior patterns. Cloud workload IT resource consumption needs can vary greatly over time. SDE technology can be used to help to create and enable the underlying cloud hardware to become a very adaptive and responsive cloud computing systems.

Hybrid cloud computing

Now, let’s turn your attention to the special case of hybrid cloud, where you can mix and match using cloud services across both public and private clouds. First, it should be noted that a large number of traditional businesses have some type of existing IT infrastructure and systems that makes it unrealistic to move everything to the cloud. Many businesses are not able to move all legacy applications to the cloud. So, IBM and other companies are advancing the hybrid cloud model in which traditional IT can be paired and integrated with external or even internal clouds. Here are some basic technologies associated with creating and delivering hybrid cloud solutions.

  • Cloud-based integration: A method of securely connecting, integrating, and enabling developers and users to access and combine cloud applications and data with existing systems of record or traditional, non-cloud IT systems and data. Secure connectivity and software APIs are often used in cloud-based integration solutions.
  • Cloud services connectivity solutions: Enable simple, fast, and secure connections to both cloud and on-premise data and applications. Secure connectivity is typically achieved by using special software or industry standards across all the systems involved to connect them. An example is using an IBM Cloud secure connector that connects cloud PaaS environments to IBM DB2® data on IBM Power Systems or IBM z Systems.
  • Application programming interfaces (APIs): A set of routines, protocols, and tools for building software applications. An API exposes defined assets, data, or services for public consumption. An API is a way for services and products to communicate with each other through a documented interface. APIs allows companies to open up data to external third-party developers, business partners, and internal departments within their company. An application developer can leverage an API with ease and invoke it through a web browser, mobile application, or device. Product catalogs, phone listings, insurance cases, order statuses, and bank loan rates are a few of the services that are exposed through APIs. APIs constantly change to include new functionalities based on business requirements, and developers are informed of these changes. Once they are established, APIs become more of a product than a mere technical capability.
  • API management: The process of publishing, promoting, and overseeing APIs in a secure, scalable environment.
  • IBM DataPower® Gateway: An example of an API management system that is a purpose-built security and integration platform for mobile, cloud, API, web, Service-Oriented Architecture (SOA) and business-to-business (B2B) workloads.

Example use cases

Using IaaS in a fenced testing environments for application development

Application teams need to access new hardware to simulate production conditions for testing, while not affecting actual production. With traditional hardware on premise environments, this is an extremely time consuming and difficult task to achieve in a productive, isolated manner.

Business goal

By using private, public, or hybrid cloud IaaS offerings, companies can greatly reduce, or eliminate altogether, large capital expenditures and accelerate the development of new application software.

Necessary conditions and solution attributes

  • Cloud hardware and platform infrastructure: Infrastructure must be optimized to fulfill the requirements of the individual application developer.
  • Monitoring and management: The cloud provider should provide the tooling to monitor and manage the test environment in real time.
  • Scalability: As testing conditions change, the cloud provider should expose APIs or tooling to grow or contract the environment in terms of resources.
  • Interoperability: Provide consistent, open standard interfaces for accessing and managing. Open standard formats and interfaces are required to request pricing and quality of service attributes.

IBM offerings you can use to create these environments

Using PaaS for continuous delivery

Continuous delivery is a software development practice that allows automated software delivery and frequent releases, with little or no manual intervention. Software must pass a set of validations and criteria on its way through the deployment pipeline to release. The main goal of a continuous delivery practice is to enable the ability to reliably, rapidly, and repeatedly push software updates and enhancements out to users at low risk and near zero downtime.

Necessary conditions

  • Automated testing: Unit, integration, and system testing should be fully automated.
  • Continuous integration: A development practice that integrates all developers’ versions into a single version. Each check-in is verified by an automated build to detect problems.
  • Automated deployment: To facilitate automated testing and continuous integration, there must be a platform in place that allows automated deployment to establish the environment runtimes and services for builds and testing.
  • Service-Oriented Architecture (SOA): Allows for individual component architecture and facilitates the SaaS model. Delivering software in a SOA fashion allows teams to focus on particular areas and provides the ability to make changes and provide fixes to these individual areas verses modifying a monolithic application.
  • Change in culture: It is a change in mindset from human control and silos to an environment that allows automation and a delivery pipeline. Practices such as code branching must be adapted to fit into the continuous delivery model.

IBM offerings

Hybrid cloud

The main goal of hybrid cloud and cloud integration is to facilitate the creation of new systems of engagement in the cloud using your on-premise systems of records in a secure and reliable manner.

Cloud integration helps to protect your investment in systems of record by securely integrating cloud and on-premise applications and data.

Necessary conditions

  • Security: On-premise data that is accessed from applications should be done in an encrypted transaction. Data may also be cached in the cloud while some work is performed as well. Therefore, proper encryption and data masking needs to be done.
  • Reliable access: The nature of mobile and web applications require that data access be reliable and completed in a reasonable amount of time.
  • Subscription model: Allows the breakdown of the service into different access tiers based on transactions or users.
  • Connectors: The cloud integration service should provide connectors to well-known sources. Otherwise, a software development kit (SDK) should be provided to allow the creation of custom connectors.
  • Monitoring and management: Users should be able to monitor and manage access to the sources.

IBM offerings

Software as a service

SaaS enables you to consume software running on a cloud infrastructure through a pay-per-use, elastic capacity technical and business delivery model. The main goals of a SaaS solutions are to accelerate velocity of adoption of new solutions and to reduce cost for the operations team and provide self-service access to applications.

Necessary conditions

  • A solid, optimized cloud IaaS environment combined with the SaaS software.
  • Availability and uptime. Moving your data into the cloud can add increased complexity and potential for failure. Applications need to be guaranteed that database backend will respond to requests to perform operations at least 99.999% of the time.
  • Usage metering, monitoring, and billing software is a key component to deliver the pay as you go capability
  • Latency and response time: Users expect very fast responses from the cloud, and in particular, databases. The infrastructure supporting the cloud including the database, and the Internet itself, should provide consistent response times.
  • Security: When using public cloud providers or transferring data over public networks, special care must be taken to ensure security. Public cloud providers must have documented and audited processes in place to ensure data security.

IBM offerings

IBM offers more than 100 SaaS solutions along with IBM Cloud, and Cloud Continuous Delivery.

Tying it all together

Cloud is about the consumption and delivery of IT services (infrastructure, platform, and software) that are consumed by those who need or are authorized to use them. Typically, the cloud computing business model (pay as you go) is very different from the traditional IT product-centric business model that can require large amounts of capital expenditure up front. Also, the nature of cloud infrastructure lends itself to being sold and procured into smaller, much more efficient units of highly virtualized hardware and software, as compared to previous, traditional models of up-front procurement of large amounts of IT capacity.

Cloud computing systems are typically built on top of vendor hardware and systems software (hypervisors, and so on), often using cloud operating environments that span compute, storage, and network resources such as OpenStack. After the cloud operating environment is built, specific cloud IT services or solutions can be offered to users, for example Cloud from IBM for PaaS, or obtaining some IBM POWER8™ IaaS capacity through IBM PDP can be offered to the general public using the SoftLayer public cloud. SDE technology can also be added to cloud computing system environments, typically on top of the infrastructure and integrated within the cloud operating environment(for example, OpenStack) to enable cloud computing systems to become much more adaptive and responsive to changing workloads and use-case business requirements. You can certainly create a cloud without an SDE. However, SDE technology enables a more adaptive and responsive cloud.

Development in the cloud is largely centered on how cloud services are created and then composed into solutions to a wide range of problems. DevOps is a newer, more modern approach strongly tied to cloud development in which small teams iteratively create, deliver, and modify cloud services with a focus on speed to market to gain an advantage around innovation. One of the newer trends in cloud development environments is moving away from large, monolithic software toward creating smaller, composable services (called micro-services). Micro-services split large applications in to a small set of composable services, and these micro-services and associated APIs can then be loosely coupled with each other. Docker represents a newer kind of container technology which is optimized to host and combine micro-services into cloud applications, facilitates micro-services sharing, communities and compositions, and enables higher levels of portability and speed to market and performance.

Table 1 lists the cloud deployment models, mapping them to specific IBM offerings and products and noting some additional supporting technology.

Table 1. Different cloud deployment models mapped to IBM offerings and products and the supporting technology
Cloud deployment model Offerings/Products Supporting technology
IaaS IBM PDP, IBM Cloud Managed Services POWER8, z Systems, storage, OpenStack, KVM, PowerVC, PowerVM, z/VM
PaaS IBM Cloud, IBM UrbanCode, IBM Rational Test Workbench Cloud Foundry, Docker, OpenStack Hot/Heat
SaaS IBM SaaS cloud portfolio of more than 100 offerings Cloud applications – Enterprise of industry-specific multi-tenancy technology in middleware and databases