The June 2021 assessment [0] of the service notes that "the team will never be able to fully recoup their cost through a recharge model so will need to rely on centrally provided funding. This poses an important risk to the longevity of the product, as it is *dependent on political buy-in and budget from the Treasury*".
A pathetic example of the ideological myopia that plagues Europe these days. States have provided services to their inhabitants since prehistory, and the notion that this infrastructure does not need financing is as healthy as a corporation that thinks it does not need to invest to succeed. At best, this strategy of living off of investments made by previous generations is doomed to underperform compared to states that take an active role in their own development.
We don’t even have to zoom in on Europe. In the US, it’s quite common for folks to expect public services (like public transit or even the USPS) to be profitable. Which means these services don’t get the investment they really need.
I was the first user of the GOV.UK PaaS for a production service - GOV.UK Trade Tariff [0]. It's unfortunate that it has come to this, and as others have pointed out, the blog doesn't instil confidence about using other GDS services in the future.
Procurement in government is painfully slow, and that's one thing that the PaaS excelled at, all departments could get set up immediately.
I hope when making their financial assessment, they included the saving that all departments using the PaaS are making not in infrastructure but ops. Each service will increase ops spending; there isn't a comparable managed platform for UK GOV services, so each service will have to increase its devops support costs. I've used Google Cloud Run and AWS Copilot, and both are far from stable enough, in my opinion, for production use.
My only hope is that they revisit this decision, but it seems likely we'll have to move the services we manage off.
I've used the GOV.UK PaaS since the private beta. I was a user research subject and gave early feedback. I've used it on multiple projects since.
As with Notify, the Design System, and all the other great tools that GDS produces, the PaaS is an absolute joy to use. Think Heroku, but built on top of FOSS, and with everything you could want to help you build the long tail of cookie cutter form or API-based government services.
It's a damn shame GDS killed it.
It's even worse they did so without providing a clear migration path. That sends a very bad message to other departments: GDS will kill things you depend on. They will also leave you high and dry when they do so. So don't depend on or adopt their tools. "Not invented here" has always been a problem in the UK government, this news only makes it worse.
Colleagues of mine have staked their reputation on the line to convince legacy IT to let us use the PaaS instead of their own home-grown, poorly documented, and unsatisfactory solutions. Now, we look like fools.
I love working in government. I love building accessible, robust, and user-centred services.
I don't love: writing IAM policies, learning about what a "service principal" is, naming resource groups, having to open a support ticket to change an environment variable, having my password expire in the middle of an incident when I want to read logs, or spending more than £50 a month of taxpayer money for a monolith with a database and a Redis. I had to do none of those on the PaaS.
Agree, I'm not sure how they can say with a straight face that people should use the other new forms services they are launching. If that is not profitable will it just be shut down in a few years too?
PaaS ran on AWS anyway, so it wouldn't be Amazon (I would guess? Unless they think they can charge more/upsell by departments procuring directly from them). Perhaps Google or MS were upset that by PaaS running atop AWS, AWS became the de facto 'official' cloud service for government?
I think it has to be intentional, but if not it’s still funny :)
> ”Over the same period departments have built better and more expert in-house cloud engineering capability, and are (broadly) clustering around a Kubernetes based architecture.”*
Ah, another one! On the other hand, if you've already containerized your app and are not using buildpacks, the switch to Kubernetes should be fairly easy. Thanks for the link, will check.
They mention a handful of services like GOV.UK Notify, GOV.UK Pay, the GOV.UK Design System, the Prototype Kit, and the new GOV.UK Forms product.
Is anyone able to clarify whether these things are collectively referred to or considered part of the Gov.uk PaaS offering (and therefore will all be decomissioned) or not? It wasn't clear to me from the article and I'm not otherwise familiar.
My understanding is those are services various government departments can make use of. Notify being to send notifications to people, Pay to take payments, etc. These are basically SaaS offerings from GDS to over government departments.
The GOV.UK PaaS is a hosting platform for other government departments to host their own software in the GOV.UK managed platform (like a Heroku kind of thing).
They're investing more in their SaaS services (Notify, Pay, Forms, Prototyping Kit, etc) and deprecating their PaaS offering in favour of Kubernetes, which looks like it may be offered as a managed service for government departments to use. It reads to me like more of a v2 of the PaaS but it'll now be kube based rather than whatever homegrown thing it is at the moment.
Edit: as tnwhitwell pointed out below, the PaaS being deprecated uses CloudFoundry and isn't homegrown.
We use GovPaas for a few things. GovPaas provides the platform which we deploy our applications onto (under the hood it's Cloud Foundry).
It is incredibly cheap for our use cases (as it turns out, unsustainably so for the team who provide it!). Our interpretation of this news is that we will need to migrate away to another platform.
Key paragraph: "In parallel, we are starting a piece of joint work with the Central Digital & Data Office, in partnership with Chief Technology Officers (CTOs) across government, to understand what a future central hosting offer could or should be. We don’t know what we’ll conclude, the options ranging from doing nothing, to creating a reusable set of configuration and management components (similar to the GOV.UK Design System, but for secure cloud hosting) all the way through to building a new PaaS v2 using different architecture."
Indeed. Perhaps the purpose of this message was to let all the projects know they get no advice but a permission and freedom to migrate anywhere. After a while, there may not be anyone to use a PaaS v2 anymore.
It's another way of saying "maintaining infrastructure isn't a task of a public service." Generally, the "why/why not" tends to be answered with: "A public services can never provide a similar value proposition compared to private vendors." which isn't really an answer to the question.
One problematic aspect is that public entities don't just rely on infrastructure, but also on an entire stack of in-house expertise that provides support and understands the specifics that come with the problem domain - e.g. legal compliance, accountability,... - of providing public services online.
So, barring an alternative, this would effectively mean that public services would have to source consultancy themselves on the private market to set up / maintain their applications on a private cloud on a per-project basis. Both of which are easily a factor more expensive compared to a shared platform / framework / solution where resources and expertise can be pooled together to provide affordable and secure services towards other branches of the authorities.
Oddly enough, they seem to be all to aware of that conundrum:
> In parallel, we are starting a piece of joint work with the Central Digital & Data Office, in partnership with Chief Technology Officers (CTOs) across government, to understand what a future central hosting offer could or should be. We don’t know what we’ll conclude, the options ranging from doing nothing, to creating a reusable set of configuration and management components (similar to the GOV.UK Design System, but for secure cloud hosting) all the way through to building a new PaaS v2 using different architecture.
Personally, I believe this is a decision based on cost. The cost of keeping centralized hosting infrastructure based on old technology online, or migrating towards new technology, is just too steep and can't be readily justified anymore in 2022 compared to what the private market offers. Perhaps most surprisingly: there's no clear short-term plan B for all those entities relying on this service.
If I were managing a few projects from some department, I wouldn't be happy learning that I'd now have 18 months to scramble, figure out how to move forward, find funds, write a project proposal, align all stakeholders, source consultancy, etc. without going offline for a prolonged time.
Given they charged a markup on AWS costs, I find that it's weird they did not manage to at least break even. Other departments switching to running on their own cloud account rather than use the PaaS could be the main reason, and that's partly due to the PaaS/Cloud foundry stagnating.
No, not at all. They released services and software to make integrations easier on these platforms but the toolset is becoming stale and more effort goes into k8s (on several different clouds, depending on project)
Well they sort of do already. There are armies of consultancies queuing up to provide packaged solutions far above the cloud infra level solutions abstractions that GDS offer. Those guys use commercial clouds.
Readit News
[0] https://www.gov.uk/service-standard-reports/gov-dot-uk-platf...
I'm not sure I follow your argument. Which non-European states do you think do this well?
Procurement in government is painfully slow, and that's one thing that the PaaS excelled at, all departments could get set up immediately.
I hope when making their financial assessment, they included the saving that all departments using the PaaS are making not in infrastructure but ops. Each service will increase ops spending; there isn't a comparable managed platform for UK GOV services, so each service will have to increase its devops support costs. I've used Google Cloud Run and AWS Copilot, and both are far from stable enough, in my opinion, for production use.
My only hope is that they revisit this decision, but it seems likely we'll have to move the services we manage off.
[0] https://www.ukauthority.com/articles/trade-tariff-moves-to-g...
As with Notify, the Design System, and all the other great tools that GDS produces, the PaaS is an absolute joy to use. Think Heroku, but built on top of FOSS, and with everything you could want to help you build the long tail of cookie cutter form or API-based government services.
It's a damn shame GDS killed it.
It's even worse they did so without providing a clear migration path. That sends a very bad message to other departments: GDS will kill things you depend on. They will also leave you high and dry when they do so. So don't depend on or adopt their tools. "Not invented here" has always been a problem in the UK government, this news only makes it worse.
Colleagues of mine have staked their reputation on the line to convince legacy IT to let us use the PaaS instead of their own home-grown, poorly documented, and unsatisfactory solutions. Now, we look like fools.
I love working in government. I love building accessible, robust, and user-centred services.
I don't love: writing IAM policies, learning about what a "service principal" is, naming resource groups, having to open a support ticket to change an environment variable, having my password expire in the middle of an incident when I want to read logs, or spending more than £50 a month of taxpayer money for a monolith with a database and a Redis. I had to do none of those on the PaaS.
RIP.
> ”Over the same period departments have built better and more expert in-house cloud engineering capability, and are (broadly) clustering around a Kubernetes based architecture.”*
This is the one I expect to become the primary CF product on k8s
Is anyone able to clarify whether these things are collectively referred to or considered part of the Gov.uk PaaS offering (and therefore will all be decomissioned) or not? It wasn't clear to me from the article and I'm not otherwise familiar.
The GOV.UK PaaS is a hosting platform for other government departments to host their own software in the GOV.UK managed platform (like a Heroku kind of thing).
They're investing more in their SaaS services (Notify, Pay, Forms, Prototyping Kit, etc) and deprecating their PaaS offering in favour of Kubernetes, which looks like it may be offered as a managed service for government departments to use. It reads to me like more of a v2 of the PaaS but it'll now be kube based rather than whatever homegrown thing it is at the moment.
Edit: as tnwhitwell pointed out below, the PaaS being deprecated uses CloudFoundry and isn't homegrown.
Most services are not using PaaS, but are deployed onto AWS or Azure and integrate with other services (notably Notify) via APIs.
[1] https://www.cloud.service.gov.uk/
It is incredibly cheap for our use cases (as it turns out, unsustainably so for the team who provide it!). Our interpretation of this news is that we will need to migrate away to another platform.
It's another way of saying "maintaining infrastructure isn't a task of a public service." Generally, the "why/why not" tends to be answered with: "A public services can never provide a similar value proposition compared to private vendors." which isn't really an answer to the question.
One problematic aspect is that public entities don't just rely on infrastructure, but also on an entire stack of in-house expertise that provides support and understands the specifics that come with the problem domain - e.g. legal compliance, accountability,... - of providing public services online.
So, barring an alternative, this would effectively mean that public services would have to source consultancy themselves on the private market to set up / maintain their applications on a private cloud on a per-project basis. Both of which are easily a factor more expensive compared to a shared platform / framework / solution where resources and expertise can be pooled together to provide affordable and secure services towards other branches of the authorities.
Oddly enough, they seem to be all to aware of that conundrum:
> In parallel, we are starting a piece of joint work with the Central Digital & Data Office, in partnership with Chief Technology Officers (CTOs) across government, to understand what a future central hosting offer could or should be. We don’t know what we’ll conclude, the options ranging from doing nothing, to creating a reusable set of configuration and management components (similar to the GOV.UK Design System, but for secure cloud hosting) all the way through to building a new PaaS v2 using different architecture.
Personally, I believe this is a decision based on cost. The cost of keeping centralized hosting infrastructure based on old technology online, or migrating towards new technology, is just too steep and can't be readily justified anymore in 2022 compared to what the private market offers. Perhaps most surprisingly: there's no clear short-term plan B for all those entities relying on this service.
If I were managing a few projects from some department, I wouldn't be happy learning that I'd now have 18 months to scramble, figure out how to move forward, find funds, write a project proposal, align all stakeholders, source consultancy, etc. without going offline for a prolonged time.