Application Modernization: A “12-Ingredient” Recipe
In a hybrid, multicloud world, there is a proven path to digital transformation
Clients are discovering that the real value of Cloud comes in a hybrid, multicloud world. In this model, legacy applications are modernized with a real microservices architecture and with AI embedded in the application.
When you modernize a large portfolio of several thousand applications in a large enterprise, you need some common approaches. At the same time, the effort must allow teams to evolve to a microservices-based organization where each microservice is designed and delivered with great independence.
In my discussions with technology executives, it appears that there are 12 ingredients to this modernization recipe, which can be organized into three categories. There are several other technical views on the same topic including this blog post by IBM Distinguished Engineer Roland Barcia.
The picture above is best read and executed from the bottom.
Category 1: Culture, Organization and Standards
1.1 Culture and Standards — Fostering a startup culture allowing for fast failure is one of the most critical ingredients when approaching a large modernization program. The modernization will involve sunsetting some applications, breaking some down and using partner services in others. A startup culture based on methods such as IBM Garage Method and Design Thinking will help bring the “how-to” of the culture shift.
1.2 Secure DevOps — This requires embedding security skills in the scrum teams with a product owner leading the team. The focus on the product and on designing security (and compliance to various regimes) at the start will allow the scaling of microservices and the “trust” in the data and AI layers.
1.3 Create Standardization — It appears that startup cultures and standardization would be at odds, but startups standardize on technologies and tools from financial constraints. In a large application modernization program establishing technology standards (such as Kubernetes, Terraform, and Hadoop) and security standards (key management, identity and access management) will help teams spend more of their time on the application innovation. These comprise a minimum set of standards to align to the company’s cloud strategy across cloud providers.
1.4 Innovate via Product Design — A team heavy with developers and no product folks is likely to focus on the technical “coolness” rather than product innovation. Hence, these teams should be led by the product specialists who deliver the business case on new services or client experience.
Category 2: Data and AI
2.1 Evolve the Data Layer — Clients have often embarked on governed data lake projects as part of their analytics efforts. Evolution of the data layer requires several evolutionary steps to Hadoop and to NoSQL databases and eventual consistency implementations. The data and application teams need to work more tightly than in the past.
2.2 Govern the Data and the ML models — Large enterprises have made big strides on data governance in the past decade, but the AI gold rush can be well ahead of governance processes. Establishing governance on the ML models and providing trust and transparency (via explainability and checks against bias or drift) need to come earlier in the cycle. IBM’s AI OpenScale, Watson Studio and Watson Knowledge Catalog all work together in making this available at scale.
2.3 Drive Compliance through Policy — Large-scale multicloud deployments require clear policies on encryption, key management, data placement, log aggregation and cloud services that satisfy policy requirements among other things. While this applies to more than data, I like to think of it in the data layer and extend it to all layers as opposed to placing it in Category 1.
2.4 Embed AI Everywhere — The ladder to AI, once climbed from hybrid data management to governance to AI. enables clients to make AI a common part of any application that is developed. In the early days, AI in customer service can provide disproportionate benefits as several Watson implementations have shown. Some client examples include Bradesco and RBS.
Category 3: Application Layer and Control Plane
3.1 Containerize Everything — The standardization on Kubernetes by all major cloud players and the availability of cross-cloud implementations like IBM Cloud Private/Red Hat Open Shift liberate organizations . They’re able to use the best technology from top providers while enforcing standards and portability.
3.2 Use 12-Factor Design and Loose Coupling — As applications modernize they should use loose coupling to shared services to allow the applications to migrate or upgrade easily. This is well understood by now, and I will not elaborate here.
3.3 Develop with Microservices — Modernization has to land in a microservice-based implementation for agility but, even more importantly, to achieve reliability where each service is designed for resiliency and adheres to site reliability engineering (SRE) to get to near- continuous availability.
3.4 Provide a Shared Control Plane — Our clients are often in regulated industries like finance, healthcare or government. For them, compliance across the board is critical. In “startup culture” independence, things like logging, monitoring and encryption cannot vary across the enterprise. Applications should leverage common services as in IBM Cloud Private to enable continuous compliance, regardless of whether the application is deployed on a private or public cloud (including AWS — see this useful paper on that subject).
Call it a path with road markers, a recipe for success or simply “the twelve steps.” Regardless of the label, it will simplify the route to the land of digital transformation.