It is time to get the house in order.
The growing trend of developing cloud-native apps has some experts cautioning that rampant deployment can result in confusion. Developers might build a flurry of apps on their own, for instance, which can make it hard to resolve issues that arise. Furthermore, the leadership at enterprises could be oblivious about what is in their app portfolios or how vulnerable they may be. Ways to mitigate such issues at a company may come from within or a third party.
Fumbling Towards Cloud-Native
The rush of cloud-native apps can be tied to the rise of distributed concurrency control and automated app deployment via Kubernetes, says Priyanka Sharma, director of alliances at software developer GitLab. This lets more developers build independently, she says, but the pileup of apps introduces the quandary of figuring out where problems originate and how to address them. “Who should I call to fix this problem?” she asks.
Sharma says the demand among teams for tools led to a runup of open source projects that can be hard to track. Creating a unified experience for the development cycle through a single application, she says, is one way to clear up potential confusion. Despite such a possible benefit, there may be pushback from those who work on unique, niche tools that address complex problems.
Developing Within the Lines
Even with complex needs, enterprises that have a multitude of tools in play may be compelled to standardize, she says. “There are governance issues,” Sharma says. “Is the same data available throughout the whole pipeline?” There is also a need, she says, to train developers to weigh their decisions and the merits of their apps carefully with cloud-native deployments. The other option is to provide “guard rails” and gudelines that narrow how developers on the team build applications to prevent things from going haywire. “You can’t just go carte blanche and allow everything out there,” she says.
The amount of heavy-lifting necessary to sort out what cloud-native apps are in use at an enterprise depends on the maturity of the organization, says Bob Quillin, vice president of developer relations for Oracle Cloud Infrastructure. The frequency of ad hoc apps being added to the infrastructure can also affect the time it will take to straighten out the portfolio. “It’s something that people do need to get in front of,” he says. “It’s not unlike other lifecycle management challenges in the past.”
He calls this a period of rapid software evolution that has escalated from containers to container orchestration and management, function as a service, service mesh, and microservice-oriented tooling. With these changes, there is a huge swath of development teams that have been left behind, he says. Bringing such teams together with the cloud-native world is the next challenge. “There will be more training and more understanding of what’s going,” Quillin says.
Changing Perspectives On the Underlying Tech
Four years ago, he says, there may have been fear of containers but now there is greater security to support them. This is setting the stage for further changes to come. “We’ve got more work to do over the next three to five years,” Quinn says. “Once you start bringing in big data and AI applications, it plays into the next level of infrastructure and software.”
There is a market transition underway from monolithic application delivery controllers (ADC) to much more disaggregated, per service, per application–type services, says Kara Sprague, senior vice president and general manager of the ADC business unit of F5 Networks, an enterprise apps service provider. “F5 believes that applications are becoming the currency of the next era of industrialization,” she says.
This is an era when many companies do not want to own much physical capital and the value of companies is based on their digital assets and usage, Sprague says. She expects more companies to go through digital transformation, such as sandwich shop chain Pret a Manger rolling out an application for ordering comparable to the ordering app Starbucks put into play. As more companies develop comparable applications, she says stewarding those assets will be critical. Companies tend to know how many employees they have, she says, but knowing how many applications they have running on their network is a different story.
“I’ve been asking this question for the last 15 months and I haven’t found a single company that knows the answer,” Sprague says. She calls this as a gap in the management of assets that will become very important going forward. For example, hackers infamously stole data from Target in 2013, affecting upwards of 40 million customer accounts, by using the identity of a HVAC vendor who serviced the retailer. The ventilation systems were connected to Target’s network because the company wanted to digitally monitor climate at its stores. That let hackers infiltrate the point of sale system and access customer information, Sprague says.
“Given how interconnected networks are today, every application is a vulnerability,” she says. There will come a point, Sprague says, when it should not be acceptable for anyone at the CIO level to not know how many application workloads are running in their environment. “They should have an answer for that,” she says.
Cloud-Native: Shape of Things to Come?
There is a sense of inevitability as more enterprises migrate apps to the cloud or go cloud-native, making their oversight and management crucial. As organizations shift to the cloud they may shake up and modernize their staff, says Rockford Lhotka, CTO at technology consulting company Magenic. That might include using a third-party provider to accelerate the move as well as getting employees onboard with using new technologies. “Sometimes that is regarded with fear and trepidation,” he says.
Some employees’ expertise might not fit with such a direction, which means learning new skills or risk being left out of the equation in a cloud-native world. “The impact on IT pros, system administrators, and network administrators is almost certainly greater than the impact on application developers,” Lhotka says.