ZSoftly Cloud Platform
Back to blog
Engineering

What is Infrastructure-as-a-Service (IaaS)?

IaaS is the raw compute, storage, and networking layer of cloud. Here is the NIST definition, the three pillars, and how ZCP delivers real IaaS.

ZSoftly Team
2 min read

Infrastructure-as-a-Service is the lowest-level cloud service model. You get raw compute, storage, and networking. You bring the operating system, the runtime, and the application.

The canonical definition comes from NIST SP 800-145: IaaS gives the consumer processing, storage, networks, and other computing resources for running arbitrary software, including operating systems and applications. The consumer does not manage the underlying infrastructure but controls the OS, storage, deployed applications, and selected networking components such as host firewalls.

The three pillars

Every IaaS platform is built on three primitives.

Compute. Virtual machines (or bare metal) with dedicated vCPU and RAM. You pick the size, the image, and the lifecycle. The hypervisor is the provider’s concern. Everything above it is yours.

Storage. Block volumes for VM disks, object storage for unstructured data and backups, file storage for shared workloads. Each has different performance and durability characteristics, and you choose per workload.

Networking. Virtual private clouds, subnets, routing, firewalls, load balancers, VPN, and public IPs. You define the topology. The provider runs the physical fabric.

If a platform abstracts any of these three away, it is not pure IaaS. It is moving up the stack toward PaaS.

ZCP’s IaaS lineup

ZCP IaaS is built on open source: Apache CloudStack orchestrates KVM hypervisors, Ceph provides unified storage, and OPNsense handles network edge and firewalling. No proprietary control plane, no forked components, no licensing tax.

  • Virtual Machines (CloudStack + KVM): from Small at $12/mo (1 vCPU, 1 GB) to 12XLarge at $1,152/mo (48 vCPU, 96 GB). 1-year reserved saves 15%. Over 10 VMs gets a 20% volume discount.
  • Block Storage (Ceph RBD): rbd-fast NVMe at $0.11/GB/mo, rbd-standard SSD at $0.07, rbd-bulk HDD at $0.04. Online expansion and on-demand snapshots.
  • Object Storage (Ceph, S3-compatible): $0.024/GB/mo with $0 ingress and $0 egress. Works unmodified with the AWS CLI, boto3, and rclone.
  • File Storage (NFS/SMB): $0.10/GB/mo, multi-VM concurrent access.
  • VPC and Networking (OPNsense + WireGuard): VPCs from $18/mo. DDoS protection on every public IP.
  • Security: firewalls, IAM with scoped API keys, audit logs.
  • DNS: free, authoritative, included.

Available today in YUL-1 (primary) and YOW-1, with YVR, BUF, LAX, LHR, and AMS planned.

Real IaaS vs PaaS in disguise

A useful test: does SSH access let you install whatever you want and run a kernel module? If yes, it is IaaS. If you are restricted to a vendor-defined runtime or a curated buildpack, you are using PaaS, regardless of the marketing.

This matters because IaaS is portable. Standard Linux, standard S3, standard Kubernetes, standard WireGuard. As the IEEE comparative analysis of cloud service models notes, IaaS keeps maximum control with the consumer, which is exactly what you want when you need to avoid lock-in or run workloads the platform vendor did not anticipate.

This is the bar ZCP holds itself to. Open source under the hood, standard APIs on top, and zero egress fees so your data is free to leave.

Related articles