The Crucial Role of Application Management in a Cloud Operating Model

One of the big buzzwords in Enterprise IT over the past few years is Cloud Native. The Cloud Native Computing Federation (CNCF) self-describes cloud-native as “technologies that empower organizations to build and run scalable applications in modern, dynamic environments such as public, private, and hybrid clouds.” With enterprise adoption of cloud-native now entering the mainstream, IT organizations are being driven to deliver on the promise of scalable, modern, dynamic environments, essential to digital transformation initiatives.  To unlock the most value from these technologies they must be accompanied by new ways of working and the development of new capabilities as part of your new hybrid operating model. Effective Application Management in a hybrid, cloud-native paradigm will require evolving your applications portfolio strategy, software development, standards, and approach to both Security and Operations.

Strategic alignment and governance

Organizations’ strategic goals have shifted dramatically, requiring many teams to pivot to this new Cloud Native and “cloud that comes to you” approach. Application Management processes will need to evolve to support and sustain this development approach.

IT organizations making this shift to becoming value creation engines can be seen to have two major drivers:

1. Optimize service delivery costs through hybrid cloud agility
2. Speed up time to value realization through cloud native adoption

Achieving these goals will require a firm hand on the wheel, with strong guidelines for how the various Cloud Service Providers and private clouds should be engaged, and what criteria determines if applications should be migrated to new platforms or modernized.

The move towards cloud native requires a rethink of how to approach the governance of application estates. The existing approaches taken by many enterprises to manage the various policies and standards can often become disjointed and cumbersome when trying to leverage them in this quickly changing environment. These processes and standards will likely require significant modernization along with a program to drive adoption across the organization.

Cloud native technologies

So, how do Cloud Native technologies themselves change the way we approach application management?

Kubernetes, as an example, enables a new way of thinking about applications. Two of the defining characteristics of Kubernetes are that it is API driven and Declarative, allowing application and infrastructure teams to expose their core functionality ‘as a service,’ while abstracting away the gory details of how that functionality is delivered. This enables the consideration of applications, infrastructure, and even security as separate services that can be composed into a greater whole. The idea of composable services is not new; however, the rise of tools like Kubernetes has meant that these technologies are available not only in the cloud, but on-premises, and at the edge.

A parallel and equally impactful trend is the shift to open standards and platforms. Led by the ‘born in the cloud’ companies, many organizations are divesting themselves of their long commitments to proprietary systems and standards. Adopting an “open platform” approach has some significant benefits, especially when coupled with technologies like Kubernetes, ranging from large reductions in licensing costs, to source code access, to greater talent pools. One significant benefit that is often overlooked is the open-source community itself, which allows teams to learn from other organizations who have already solved common problems. In the Kubernetes world, this often takes the form of open forums and shared codebases, but more recently it has started to appear in “operators”. These operators are small applications that automate the daily operations of a system (e.g. database backups, healing shared filesystems, etc.), enabling organizations to easily take advantage of the community’s learnings and best practices, without needing to invest significant costs into training.

Considering these trends and the impact they have on application strategy, they should heavily inform not only the criteria to be used for application rationalization, but also have a significant impact on the organization’s culture, operations, and development practices.

The bigger picture – an application management framework

As enterprises begin their journey towards cloud-native, they need to align their application management processes as part of the evolution to a Cloud Operating model. It’s important to take a more comprehensive approach to both the business requirements and technology trends at the core of their application management process in order to align their portfolio with a broader organizational strategy. Applications are critical and determining the management approach and timeline for modernizing them as part of their transformation is essential. This must be part of an enterprise-wide program to drive the organizational changes and alignment needed to ensure success. At HPE we address this evolution of capabilities as part of an edge-to-cloud adoption framework.

Here are some of the topics you’ll need to consider as you embark on managing your application portfolio in a new way.

Portfolio management at scale

Efficiently managing the scale of the application portfolio while enabling a high rate of change can be a significant challenge without changes to the approach. While many will be familiar with Gartner’s TIME (Tolerate, Invest, Migrate, Eliminate) model for portfolio rationalization and the “6Rs” for defining the execution of that rationalization in isolation, these tools are most valuable when used together to enable the effective management of a large portfolio. The TIME process becomes an initial triage process, assigning each application to a broad categorization. This triage focuses the remediation assessment (6R disposition) on those applications that are worth investing in and/or migrating, while being able to remove the applications classified as “tolerate/eliminate” from the deeper assessment process.

A secondary, but no less challenging aspect of governance is integration with the broader organization. An application governance model that doesn’t consider the needs of security, innovation, and the broader process changes taking place is unlikely to be successful in the long run. As organizations shift to concepts like SRE (Site Reliability Engineering), Agile and DevSecOps, they need to take a broader lens to their portfolio, integrating security, risk and compliance, development and operations concerns into the process. Taking security as an example, the security team should be integrated into the TIME and 6R processes to ensure that the security requirements are evaluated and managed efficiently.

By building the application governance model around these concepts, while integrating it into daily operations, there will be a much higher chance of successfully governing the application portfolio as the rate of change increases.

Balancing standardization and innovation

As the cloud native approach and the new operating model are embraced, there is a need to carefully balance the rate of innovation and definition of standards. Scalability requires enterprise-wide standards and design patterns that can enable teams to leverage new technologies with the assurance of well-tested architectures. It also requires the fostering and encouragement of innovation of new approaches and technologies to limit accumulation of technical debt as the industry moves forward with new architectural changes. Finding the correct balance of stability through standardization, while increasing business value through innovation can be quite tricky. Determining the correct balance required to meet your business goals can take some trial and error.

To fully realize the benefits from this change will require significant investment in the various teams, to not only develop a culture of innovation, but also to remove the inter-team and inter-department barriers to collaboration.

Development, security and operations

Rationalizing and managing your existing application estate is only one aspect of moving to cloud-native. Software development processes will also need to be modernized to enable application development teams to leverage the capabilities enabled by this new paradigm, while staying safely within the standards, policies, and guidelines set forth by the governance team.

This is often the biggest change many organizations will face, and may require new coding practices, changes to CI/CD (Continuous Integration/ Continuous Deployment) tooling and practices, as well as enabling modern QA and release approaches such as Canary builds and Blue/Green deployments. Security will need to take a prominent role in development processes to ensure that the correct checks and balances are put in place, so any security concerns are addressed early-on in the development pipeline.

Finally, operations teams need to be able to manage applications through increasing the level of automation, modern tooling and incident management practices. Typically, these changes will go hand-in-hand with significant team structure changes, to effectively distribute operations ability and to develop cross functional teams that both build and support their applications.

Summary

IDC predicts that to gain business agility, enterprises will need to modernize  over half of their existing applications by 2022, using turnkey cloud-native development and deployment services¹. Evolving your application portfolio management processes should be a part of a holistic operating model modernization for your digital transformation to be successful. That requires a structured approach to all aspects of application assessment, rationalization, and modernization. The net effect of these realignments and changes will be the increased value which the modern application portfolio can drive for your organization.

For further information please visit www.hpe.com/greenlake/cloud-adoption-framework.

This article is one in a series that address the eight capability domains of the HPE Edge-to-Cloud Adoption Framework. The other seven articles can be found here: Insight From Data Everywhere Driving Hybrid Cloud Strategy Does Your Company Have a Complete Innovation Framework? Five Focus Areas to Transform Your IT Organization DevOps and Digital Transformation: Now and Future An Operating Model to Support Engagement at the Digital Edge The Role of Security Transformation 3 Essential Elements of Strategy & Governance to Accelerate a Multi-Cloud Journey

¹ IDC Futurescape October 2020, IDC #US46420120

____________________________________

About Stuart Stent

Stuart Stent is a Cloud Specialist with over 20 years of global experience designing and implementing complex, large-scale technology solutions. Stuart leads professional services engagements at HPE for Fortune 500 companies and brings particular expertise in designing cloud solutions for highly regulated entities in the financial services and healthcare sectors that touch all aspects of cloud-native IT. He is a contributing author to the Doppler publications, regularly delivers security workshops, and works with groups across HPE to develop new best practices in cloud architecture, security, and application modernization.