Rather than running our own room full of servers, or worrying too much about physical computers, we have chosen to run GOV.UK on an Infrastructure as a Service (IaaS) platform. What does that mean and why did we make that decision?
What is an Infrastructure as a Service?
There are lots of highly technical or unfriendly descriptions of what an Infrastructure as a Service is, but for GDS it's quite simple:
- A supplier runs and supports the physical hardware, underlying network and the hypervisors that power the virtual machines
- GDS developers and our web operations team can summon virtual servers at will, often using code we've written to talk to APIs from the IaaS provider
- We pay for what we use, so we can bring up more machines for testing purposes or to meet extra demand. When demands drops again we can decommission those extra virtual servers and only pay for the time we've used them for
Servers are livestock, not pets
One common result of using an Infrastructure as a Service is you scale out with many small identical 'virtual servers', rather than scaling up with bigger and bigger physical servers. The term 'virtual servers' essentially means that each physical server has several operating systems running in parallel, each of which looks like a distinct physical server to the software running on it.
This approach requires automation to manage, as we want to bring up a fully configured web or database server quickly, and stop using it just as rapidly. This leads to a strong desire to avoid single points of failure, which is a good way of preventing dreaded downtime.
Infrastructure as code
The APIs generally made available by the IaaS providers allow for another advantage - namely that we can describe all our server configurations, and even the network topology, in code. That makes it easier to manage, review and reuse and we avoid time consuming and error prone manual processes too.
Don't do everything yourself (you can't)
Another reasons for having a third party operate our physical servers, and the data centres they run from, are based on simple economics. The costs of running even a small data centre are huge, and we'd need very specialist skills within GDS to accomplish an acceptable level of service. Specialist private companies offer great services in this area already, so it makes sense to take advantage of the market.
Why not PaaS?
We're very interested in the concept of a Platform as a Service too, but it's very early days in this market - especially when we take into account the interesting security challenges we face in Government. We'll definitely keep an eye out in the future though.