Made Tech Blog

GOV.UK PaaS – an update…

A few weeks ago, we published a post responding to the sad news from GDS that GOV.UK PaaS will be decommissioned during the next 18 months. Since then we’ve been exploring options for our clients who currently host services on the platform, as well as thinking about what this change means for the wider community.

We’d now like to share some of the insights we’ve drawn from conversations with various GOV.UK PaaS users and other stakeholders over recent weeks and also from our own research.

PaaS or passé?

One of our initial avenues of investigation was to assess the feasibility of continuing to run the existing platform (or something that looks a lot like it) by taking advantage of its open source lineage. We evaluated this approach with two specific outcomes in mind:

1. As a short term mitigation…

Reuse of open source GDS code would have the immediate benefit of backward compatibility, enabling existing services to be migrated relatively easily and retaining familiarity for maintainers. It would also buy additional time for those organisations that don’t have the budget or resources to migrate services elsewhere within the stated decommissioning timeline.

The existing GOV.UK PaaS platform is largely built on Cloud Foundry. We were able to spin up a test environment relatively quickly based on the code shared by the GDS team on GitHub to evaluate how straightforward this approach would be in practice.

Our conclusion is that the complexity of Cloud Foundry would make this approach more difficult than we’d like, although it remains an option if an inability to migrate elsewhere within the 18 month decommissioning timeline becomes a reality for our clients.

2. As a strategic way forward…

We wanted to understand better the viability of the platform as a long term proposition and particularly the potential impact of moving custodianship of a public sector-oriented PaaS from public to private hands. The blog post from GDS already hints at some of the reasons for backing away from the platform in its current form. We talked to the GOV.UK PaaS product team and a variety of users of the platform to glean more insight into current pain points and obstacles which may limit the feasibility of this approach.

While Cloud Foundry made sense as a foundation platform for GOV.UK PaaS back in 2015 when it was originally conceived, the technology landscape has since moved on significantly and it’s likely that it wouldn’t be the first choice today. The massive growth of containerisation technologies – particularly Kubernetes – and their widespread adoption across the industry is hugely significant. Cloud vendors have also upped their respective games and introduced more features and levels of service abstraction in recent years, which means prospective GOV.UK PaaS users now have many more options to choose from in comparison to 2015.

The increasing demand for access to more sophisticated data analysis tooling is also a limiting factor, with the current GOV.UK PaaS feature set missing advanced data processing capabilities.

It’s apparent that the charging model currently used results in significant hidden costs: for example, AWS data transfer fees are not passed on to users and are instead covered by GDS. Compute infrastructure is not shared, which often makes it uneconomic when compared to an analogous serverless implementation. All of this makes the platform much less attractive by comparison on a true cost basis, especially when compared to a potential equivalent based on more recent best practice architecture.

One final consideration is trust. GDS are a public body who have also built a reputation for reliability and high quality engineering over many years. New entrants offering PaaS solutions will have a challenge to build a similar level of trust in a relatively short time if they want to offer a migration path to existing GOV.UK PaaS users within 18 months.

Our conclusion here is that, on balance, given the constraints and downsides listed above, it doesn’t feel this is likely to be the best way forward for the majority of our clients. Other organisations, with differing needs and priorities, may think differently.

PaaStures new?

While considering the future of public sector PaaS, we also invested significant time in exploring other options for our clients and the wider GOV.UK PaaS user base.

Where we’re actively involved in delivering services on GOV.UK PaaS, we took the opportunity to assess realistic and specific ways forward for each of those assets. We also reached out via our networks to speak to as many teams using the platform as possible. As a final step, we trawled GitHub for the many public repositories behind GOV.UK PaaS services and analysed them to identify patterns and potential opportunities to optimise and ease migration to alternative platforms.

So what options are there? We can consider the standard six approaches to cloud migration:

ApproachDescriptionOur take
Rearchitect Fundamentally rework the service to take full advantage of and optimise for the wide range of cloud offerings available.This is a good option to take if the service is mission critical and/or is expected to have a long lifespan. It could also make sense if there are other justifications for re-architecting, e.g. functional changes are needed or there is excessive technical debt.
ReplatformMove the service to an alternate platform with minimal restructuring of its architecture.This option could be a sensible choice for services with limited lifespans or criticality.
RepurchaseBuy an off the shelf alternative.If a feasible alternative exists at a reasonable price, this could be a great option.
Rehost“Lift and shift” – essentially what we describe in the previous section.We would not generally recommend this approach given our analysis above.
RetainKeep the service in its current hosting environment.This isn’t feasible for services needing to run beyond the retirement date of GOV.UK PaaS.
RetireGet rid of the service completely.If this is a viable option, it’s a good one.

And finally, for those teams who maintain their own infrastructure, bringing services back in house is also an option, although one that would go against policy and best practice for most public sector organisations.

While there is still more work to do, our research so far leads us to a few conclusions:

We have observed that most of the organisations using PaaS that we’ve talked to fall into three broad categories:

  • Digitally mature – these tend to be larger organisations that successfully run their own internal development and support functions.
  • Build only – organisations that have a development capability and can build their own services but do not have the resources or inclination to run and support them.
  • Outsourcers – these organisations have minimal internal digital capability and instead outsource development and operation of services to external partners.

The majority of services running on the platform share similar architectures and characteristics. This is most likely a result of the deliberately constrained range of services on offer within the platform. We anticipate this leading towards the development of one or more migration playbooks, where common strategies, tools and assets can be reused and adapted relatively easily to meet the needs of the majority of current service architectures hosted on the platform. This approach may sit somewhere between the Rearchitect and Replatform strategies described above, or could result in independent playbooks for each of those options.

Many of the current user base are also running IaaS services on other cloud platforms directly. This implies a higher degree of digital maturity amongst that segment of users and perhaps indicates that rearchitecting their PaaS services onto IaaS would be a good strategy.

One of the key motivators for organisations choosing to use the platform was the integrated support. While many users will have the capabilities needed to maintain and support services themselves, plenty of others will not. The latter will either need to build those skills in house or will need to find outsourcing partners to fulfil that role.

Next steps

As we mentioned in our previous post, we believe that an inclusive and aligned community effort will be critical to finding an optimal way forward following the decommissioning of GOV.UK PaaS. We’ve had an incredible response from the stakeholders we’ve talked to so far and we’re hoping to find more people who’d like to get involved.

We’ll shortly be sending invites to an event next month (provisionally 11am on 21st September 2022) where we’ll host a panel discussion between some core GOV.UK PaaS stakeholders followed by an open forum. Panel members will include representation from AWS (who ultimately host the existing platform) as well as some of the largest GOV.UK PaaS users.

Please let us know via the form below if you’d like to attend that event, or if you want to hear about other initiatives being planned to drive this community initiative forward.

About the Author

Stu Mackellar, Head of Cloud & Engineering

Stu Mackellar

Head of Cloud and Engineering Practice at Made Tech