IaaS providers manage large global data centers that contain the physical servers that are needed to power the various layers of abstraction on top of them, which are made available to users over the internet. 

IaaS relies on virtualized compute resources (for example, compute, network, storage) made available as virtual machines (VMs), the fundamental units of compute in cloud computing.

The process of virtualization makes it possible to create multiple virtual machines—each with its own operating system (OS) and applications—on a single physical machine. This enables dozens of applications and workloads to run and scale successfully. The cloud service provider manages the hypervisors, also known as a virtual machine monitors (VMMs), that logically separate virtual machines (VMs) from each other, assigning each its own slice of the underlying computing power, memory and storage. Users can then provision virtual "instances" with wanted amounts of compute, memory and storage. 

Deploying virtual machines and other virtualized infrastructure relies heavily on the creation and implementation of automated processes and software in place of time-consuming manual activities. Automating infrastructure management simplifies tasks like configuration management, deployment and provisioning. Depending on business needs, IaaS can be paired with automated services and upgrades like autoscaling, load balancing, backup and recovery and performance monitoring to help optimize application availability and deliver a positive end-user experience.

IaaS providers provide cloud security and compliance frameworks through a shared responsibility model. In essence, the cloud service provider manages the physical security of data centers (cameras, security staff) and underlying infrastructure (compute, storage, physical network). At the same time, the cloud customer is responsible for securing their workloads, applications and data. The cloud service provider provides the customer with the ability to encrypt virtual machines and other methods to protect client data and reduce the risk of cyberattacks.

IaaS includes support for containerization, the packaging of software code with just the operating system (OS) libraries and dependencies that are required to run the code to create a single lightweight executable—a container—that runs consistently on any infrastructure. More portable and resource-efficient than virtual machines, containers became the de facto compute units of modern cloud-native applications. 

In many instances, containers replaced VMs as the standard unit of process or service deployment. Container orchestration tools like Kubernetes automate the deployment, scaling and management of containerized applications. IaaS models provide the underlying resources to scale Kubernetes and containerized applications up or down as dictated by business needs. 

• Development and testing: IaaS provides an ideal testing and development environment that can be set up faster than on-premises. This feature offers DevOps and other teams the flexibility to scale dev/test environments up or down quickly, allowing organizations to bring new apps to market faster
• Backup and disaster recovery: IaaS provides cloud-based backup and disaster recovery solutions, allowing organizations to replicate and back up their systems and data in the cloud. For instance, organizations can duplicate applications across multiple servers. If one server fails, another takes over, ensuring business continuity.
• Website hosting: IaaS provides a cost-efficient way to host customer-facing websites and web applications that are secure, scalable and can be tailored to optimize user experiences.
• Big data analytics: Driven by cutting-edge technologies like artificial intelligence (AI) and the Internet of Things (IoT), big data analytics involves the use of advanced analytic techniques against extensive, diverse big data. IaaS supports the enormous processing power needed to analyze vast amounts of data and deliver the best insights.
• High-performance computing (HPC): Compared to a traditional on-premises infrastructure setup, IaaS provides an efficient and cost-effective way to support high-performance computing. HPC uses supercomputers and computer clusters to solve advanced computation problems that support advances in human knowledge and create significant competitive advantages (for example, DNA sequencing, stock trading automation).
• Hybrid multicloud adoption: A hybrid cloud approach combines and unifies public cloud, private cloud, and on-premises infrastructure to create a single, flexible, cost-optimal IT infrastructure. Today, hybrid cloud is combined with a multicloud approach, which allows companies to select best-in-class cloud services from multiple cloud vendors and avoid vendor lock-in. IaaS plays an essential role in hybrid multicloud strategy, providing the flexibility to deploy resources across hybrid cloud environments based on business needs. For instance, IaaS supports “lift and shift” migration, where an application is moved from an on-premises setting to compute, storage and networking infrastructure in a cloud provider’s data center.
• Artificial intelligence (AI) and machine learning (ML): IaaS platforms allow organizations to leverage AI and machine learning (ML) capabilities. For instance, with IaaS, data scientists and developers can build, train and deploy ML models by using fully managed infrastructure, tools and workflows. IaaS also provides the compute power and underlying infrastructure support foundation models used to build and scale generative AI applications.

The phrase "as a service" typically refers to a cloud computing service where a cloud vendor manages services for an organization. Along with platform as a service (PaaS) and software as a service (SaaS), IaaS is among the top three most popular cloud service models. These cloud computing service categories are not mutually exclusive. Most enterprises use more than one, and most large enterprises use all three managed cloud services as part of their cloud stack offered by cloud service providers.

IaaS, PaaS and SaaS rely on multi-tenant resources—a single physical computer or VM is shared among multiple users or client organizations. Cloud service providers typically offer multi-tenant hosting solutions as a lower-cost alternative to single-tenant or dedicated hosting solutions.

In a traditional IT setting, the user is responsible for managing the whole stack end-to-end, from the physical hardware for servers and networking resources up through virtualization, operating systems, middleware and so on. IaaS, PaaS and SaaS each offer a progressive abstraction layer after that. 

As discussed above, IaaS abstracts away the physical compute, network, data storage and the technology that is needed to virtualize those resources. Platform as a service (PaaS) goes a step further and abstracts away the management of the operating system, middleware and runtime. PaaS provides customers a complete cloud platform—hardware, software and infrastructure—for developing, running and managing applications without the cost, complexity and inflexibility that often comes with building and maintaining that platform in an on-premises data center. 

Red Hat® OpenShift® is a popular PaaS built around Docker containers and Kubernetes.

Software as a service (SaaS) is application software that is hosted in the cloud, and it serves as the primary delivery model for most commercial software today. Popular SaaS business solutions include customer relationship management (CRM), enterprise resource planning (ERP), project management software and more.

Learn more about the differences between IaaS, PaaS and SaaS

While IaaS abstracts away many low-level components so developers can focus on business logic differentiating the business, it still requires users to manage operating systems, middleware and runtimes. As an application development and execution model, serverless (link resides outside ibm.com) offers an advantage by enabling developers to build and run application code without provisioning or managing servers or backend infrastructure.

The most common use case of serverless today is supporting microservices (also called microservices architecture), which focuses on creating small services that do a single job and communicate with one another using APIs. Microservices are a key part of DevOps processes and development tools, which serverless supports as developers don't need to spend time defining the infrastructure required to integrate, test, deliver and deploy code builds into production.

Bare metal servers are a form of single-tenant cloud service in which the user rents a physical machine from a provider that is not shared with any other tenants. Organizations looking for cloud computing infrastructure with the security and performance of dedicated hardware and the experience—particularly around the provisioning, billing and management of cloud services—often turn to bare metal as a service (BMaaS).

Unlike traditional IaaS, BMaaS does not provide users with already virtualized compute, network and storage; instead, it gives direct access to the underlying hardware. This level of access offers users almost total control of their hardware specs. Given that the hardware is not virtualized and doesn't support multiple virtual machines, it also offers users the greatest potential performance. This feature is of significant value for use cases like HPC and GPU computing, high-performance databases, analytics workloads and more.

However, these advantages can also come at the expense of the benefits of traditional IaaS, namely the ability to rapidly provision and horizontally scale resources by simply making copies of instances and load balancing across them. Regarding BMaaS versus IaaS, one model is not superior to the other—it's all about which model best supports the specific use case or workload.

For many users, particularly companies with sensitive data or strict compliance requirements (for example, Fintech, healthcare), extra security and privacy within a public cloud are desirable. A virtual private cloud (VPC) can create more isolation of cloud infrastructure resources without sacrificing speed, scale or functions.

A VPC is hosted on a multi-tenant public cloud architecture, yet each customer's data and workloads are logically separate from all other tenants to create a “private cloud-like“ setting. This feature gives users control over multiple facets (for example, virtual firewalls, security groups, load balancing). 

IaaS is priced on a consumption basis, meaning users are only charged for what they use. Other pricing methods include the following: 

• Subscriptions and reserved instances: Many providers offer discounts off the sticker price for clients willing to commit to longer contract terms, typically around one to three years.
• Monthly billing: Monthly billing models are more common with BMaaS than IaaS, where physical infrastructure typically implies steady-state workloads without spiky characteristics.
• By the hour/second: The most common granularity for traditional cloud infrastructure, users are charged only for what they use.
  
• Transient/spot: Some providers offer up unused capacity at a discount via transient/spot instances, but those instances can be reclaimed if the capacity is needed.