No one likes being rushed into bad decisions.
Yet, the pace of information technology often forces IT executives to do that.
In today’s world, mainframe-to-cloud decisions need solid thinking or we risk a technology tornado. This article outlines some key lessons learned at the front-line of IT decision-making.
As previously discussed, it’s possible to “modernize” mainframe legacy applications to the cloud. You can get there with little to no modification by using a “lift-and-shift” strategy. Several of my clients have taken this approach to quickly satisfy a “cloud mandate”. The results have been less than desirable:
- Without the use of pooled resources, the applications do not scale well.
- Timely user provisioning and access from any device is still a challenge because the apps do not provide on-demand, ubiquitous access.
- In addition, utility-based pricing/costing is performed manually, with little accuracy to the realities of actual usage.
- Most importantly, the applications continue to have monolithic, stove-piped architectures, which are difficult and expensive to maintain and enhance.
These “cloud” applications are more like funnel cloud apps or tornoado apps—waiting to cause IT organizations extreme havoc. Assuming you want to avoid funnel clouds and IT tornadoes, consider applying the following five application architecture and design principles indicative of a true cloud application:
1. Create Cloud Applications as a Set of Highly Decoupled Services
Strive to create business functionality as a set of autonomous software components. These components should be interoperable with other software components through messaging, not through embedding or calling other functions using language-specific libraries or APIs. I believe REST-based interfaces implemented over HTTPS with JSON payloads are now the de facto standard, but nothing is preventing you from using other exchange protocols and payloads like WS-* and XML. Modern application development frameworks, such as Spring MVC and Spring Web Flow, can greatly assist you with developing applications as highly decoupled services.
2. Design Stateless Applications
Many of today’s legacy applications were developed with stateful architectures—the application specifically shared server-side resources and, like a million strings on your finger, must “remember” or keep track of client processes and invocations between requests. Yet, keeping application state presents significant challenges to both scaling and fault-tolerance—you typically reduce the ability of the cloud to provide elastic scalability and reliability through pooled resources and built-in redundancies. With a stateless application—one in which only the client maintains state—allows your application to scale to cloud proportions if and when needed. Capabilities like Spring Security, Spring Cache Abstraction, and GemFire cache can change the game here.
3. Focus on Security
Legacy Mainframes offer very high-levels of security, and cloud applications can be just as secure if designed properly. Taking a private cloud first approach will help mitigate many security risks because your IT organization will have complete control over the physical servers, network, storage, software, and physical facilities. A move to a hybrid cloud can be performed at a later date if and when security, business, and cost concerns merit the move. Since applications running in the cloud may be moved around to various physical locations, data should be encrypted both in motion and while at rest. Most organizations already encrypt sensitive data in transit but many do not encrypt data when stored in databases or files. Encrypting data at rest (including memory) will provide another level of security, regardless of where your data resides in the cloud. Lastly, look to implement a security framework that matches your existing framework. Several products and frameworks, such as Spring Security, are available for securing cloud applications. A combination products and frameworks may be required to match the security posture of your legacy mainframe application.
4. Assume Failures by Designing a Resilient Application Architecture
Legacy mainframe applications assume, for the most part, that reliability will be achieved through hardware. This is a safe assumption given the built in redundancies offered by traditional mainframes. However, cloud environments almost exclusively rely on virtual servers running on low-cost, commodity-based x86 processors. Therefore, you must build in redundancies and fault tolerances through application frameworks (such as Spring) and middleware (such as vFabric tcServer), and the application logic itself. I think some of the best ideas on designing resilient cloud applications come from the Netflix Tech Blog.
5. Adopt Agile Application Development Methodologies
Not technically a characteristic of modern cloud applications but just as important—modern cloud applications offer newfound speed and agility within your IT organization's application development shop. Application environments (integration test, QA, PROD, etc.) will be provisioned within minutes and across hybrid clouds, instead of the typical days, weeks, or months that are typical of traditional legacy environments and data centers. Application templates, blueprints, and deployment plans, along with automation, will allow you to quickly select and deploy compliant application infrastructure and software. With automated, cloud-centric provisioning, IT infrastructure resources are no longer the bottleneck. The bottleneck is now your development methodology. Continuing to use methodologies that deliver working code in 6 months or a year is no longer acceptable—your delivery cycles should be pared down to 2 to 4 weeks at the most. The Holy Grail is to achieve continuous integration, and maybe even continuous delivery or continuous deployment to help people sleep at night.
Taking Action to Avoid Mainframe Tornadoes
The cloud application architecture and design principles I propose are not new to application development, but they need to be applied with even greater amplitude when developing applications in the cloud or with regards to mainframe migrations. In most ways, modernizing a legacy mainframe application is similar to modernizing any other type of application; there are many challenges and risks to success. We pursue these challenges and risks because modernizing mainframes present opportunities to lower overall costs (TCO) and improve the services supporting your business.
- If you are entering a modernization phase, we hope these 5 points help along with our Four Strategies for Modernizing Mainframe Applications to the Cloud and the Top 6 Reasons that Companies are afraid of Mainframe Modernization.
- You may be interested in an example of how Hadoop-style map-reduce patterns can work with vFabric GemFire to bring big data analytics to your mainframe modernization projects or check out Project Serengeti (virtualized Hadoop at Cloud-scale).
- You can learn more about other’s perspectives of modernizing mainframe and AS400 systems. There is also an expert article on using multi-protocol, polyglot queues with vFabric RabbitMQ to connect to legacy VMS systems to the web.
- Please consider VMware’s vFabric Suite if you’re ready to modernize your legacy systems into true cloud applications. vFabric provides a complete application platform for rapidly developing and deploying scalable and reliable applications in the cloud. Now is a great time to consider modernizing those legacy apps to the cloud, just make sure you’re not creating funnel clouds or tornadoes!
- Of course, both product evaluations and additional information is available here.
|About the Author: Mel Stockwell is a Deputy Chief Cloud Strategist focused on VMware's Public Sector customers, helping organizations address the opportunities, costs, and challenges, of application development and modernization efforts through the adoption of Cloud Application Platforms. Mel brings over 23 years experience developing, selling and implementing enterprise software in the public sector. Mel has worked for the Department of the Interior, FDIC, US Patent and Trademark Office, IONA Technologies, Sterling Software, and EDS.|