, , , , , , ,

I’ve recently debated about if Operating System (in a real Cloud Environment) is part, or not, of the IaaS, and therefore, if its control (management, monitoring and so on) is customer’s responsibility or provider’s.

On the one hand, according to the NIST definition of Cloud Computing (the most widely accepted, “The NIST Definition of Cloud Computing“, “Special Publication 800-145“) and quoting from it: “IaaS: “The capability provided to the consumer is to provision processing, storage, network and other fundamental computing resources where the consumer is able to able to deploy and run arbitrary software, wick can include operating system and applications. The consumer does not manage or control the underlying cloud infrastructure, bur has control over operating systems and deployed applications …”. So, puristically speaking, the Operating System is not part of IaaS, as it’s showed in the next picture emphasizing the control scope of the consumer and provider in an IaaS service:

IaaS-control scope of the consumer and provider


On the other hand, in the practice some Cloud Providers, in their IaaS provision dashboards let you chose the operating system (“image”) to deploy in the Virtual Machine (VM) you provision. So they are responsible of guaranteeing the Operating System “image” is good; so in some way they have a partial responsibility on the Operating System level (crossing the border of the IaaS) but it’s only in the first deployment of the operating system in the VM; after then the customer gets the control of the operating System so he’s full responsible of it and software built up or installed on. This other picture shows this fuzzy border for the initial step in the VM provisioning responsibilities:

IaaS-fuzzy border for the initial step in the VM provisioning responsibilities

Note, of course, other (most) IaaS cloud providers let you to upload you own Operating System images, so they are responsible for providing you the VM on the hypervisor  (or container) chosen by them, but nothing else, matching the purist definition of IaaS. Note: this is the case of Tissat, we offer wide catalogue of operating system images but our Cloud Platform (called Nefeles, and based on OpenStack) let customer to upload its own images too.

Besides the first picture, the next one shows the PaaS and SaaS scope control of consumer and provider according to NIST definition:

PaaS & SaaS-control scope of the consumer and provider

Finally, the border between IaaS, PaaS, and SaaS, can be summarized in the following picture:

IaaS, PaaS & SaaS-control scope of the consumer and provider-1

Or in a simplified way in this one:

IaaS, PaaS & SaaS-control scope of the consumer and provider-2