COVID-19 has created unparalleled challenges to our traditional concept of work, from running businesses to managing teams to generally achieving productivity. What was once considered gospel is today being challenged on a day-to-day basis.
With that in mind, the VMware APJ Application Platform team has made some observations that we wanted to share with you. We have used a tested framework that assesses how COVID-19 is impacting the people, process, application architecture, reachability, and platform of individual organizations during their enterprise technology build and run duties.
The age-old debate of agile vs. waterfall seems to be settling in favor of agile or some type of iterative development with a highly automated path to production. In our discussions with clients as well as colleagues, we have concluded that agile teams seem to have an advantage, especially teams that have worked with each other for some period of time. Usage of tools like Slack, storyboards, and videoconferencing comes much easier to these teams.
Agile teams seem to be more self-driven and focused on outcome, and demonstrate an ability to collaborate well with each other. Agile ceremonies, which are largely defined by structure, help teams to organize around requirements, testing, and retrospectives to understand what works and what does not, as well as how to optimize candidates when it comes to tools, automation, etc. Anecdotal information suggests that output from agile teams has remained at the same level as when they were co-located pre-COVID.
In fact, we see the need for co-location itself being challenged. Meanwhile, distributed agile—which is agile across geographies—is catching on, driven by COVID-19 measures as well as 24x7 requirements, especially in Day 2 operations-type scenarios. Agile is also providing a framework for teams’ prioritization practices, enabling them to balance what's important vs. what are nice-to-haves during these tough times.
For example, a leading Korean financial institution needed to build a mobile application that would allow residents to check on the availability of PPE across the country. This application involved creating a UX and an API that would show the PPE inventory. By deploying its software on VMware Tanzu Application Service, it took our client just two weeks to build the app, from concept to production.
In light of the social distancing measures put in place by governments, which has included the temporary shutdown of various business facilities, many processes and activities that were dependent on co-located teams and other in-person interactions seem to be quite difficult to achieve currently.
Ceremonies have become largely tool-based, which is a good thing. Newer-generation tools like Miro, Jira, Confluence, Slack, and Zoom are increasingly becoming the norm rather than the exception, leading to other tools, like Word, Excel, and WhatsApp, being used less.
With these largely self-driven teams, we see work being managed effectively, both in terms of time and quality. COVID-19 also appears to have forced teams to become more data-driven in order to measure outcomes instead of subjective influence. More and more enterprises are using burn charts to measure velocity and bug reports to measure quality, for example, and are making the use of these tools standard rather than optional.
Instead of handcrafting pipelines, automating any number of tasks is now being seen as an advantage, as it is simply impossible to have a co-located prod crew available at a single location to enable an app to move to production. Enterprises with a working automated path to a prod pipeline are able to execute better and grasp opportunities faster than ever before.
Integrating CI/CD pipelines and isolating between app-side development and other activities through automation or orchestration is also helping to deliver changes more quickly. There are also far more ad hoc changes being requested than previously. Most are government-initiated and regulatory-driven and have a very short dev-and-deploy cycle, which requires an integrated build, release, and run of any new applications, including strict separation of the build and run development stages. Enterprises that already have this capability are doing much better than those that still rely on traditional methods.
API-first architecture is helping organizations take advantage of the digital economic environment during these difficult times; banks that use polyglot API-based payment infrastructures are just one example. Combining API gateways with in-memory data grids helps reduce network latency, implements retry patterns, transparently hides/reduces end-to-end bottleneck, and further improves availability of the API, allowing enterprises to keep conducting business amid the COVID-19 pandemic.
As we are seeing, an API-first approach is able to provide a number of of additional gains:
Early feedback — Quickly mocking up an API and putting it in front of various stakeholders (customer, internal teams, other ecosystem partners) is allowing for valuable feedback in parallel with iterative build and design sprints.
Faster delivery and integration — API-first is enabling parallel implementation while also giving internal as well as partner teams the ability to work against each other’s public contracts without interfering with internal development processes. Those with well-established API-first capabilities are able to exploit revenue-side as well as cost improvement-side opportunities. For example, banks with these capabilities are better able to provide servicing to clients than they would by depending on traditional (and clunky) systems.
Consistency enforced across interfaces — In today’s multiscreen world, enterprises with well-developed API systems are able to take advantage of updating and serving their applications—as well as those of their partners—on a variety of devices and interfaces. Many public agencies and healthcare organizations are providing real-time capabilities like testing, checking on PPE availability, etc., using these mechanisms.
Distribution of software — Limited connectivity makes it even harder for the IT team to distribute software to clients. API-based web applications, on the other hand, don’t require last-mile distribution, which eliminates complex version mismatch and compatibility issues.
Enterprises that have already switched to microservices are finding it even easier to respond to changing API requests that come as a result of government regulations or customer demands. When designed effectively, microservices allow for frequent changes and deployments with little or no impact on users; they also allow for agility around those changes. When it comes to microservices effectiveness, there are a number of interesting and helpful directional objectives and key results:
Frequency of change and deployment, including of linked APIs
Productivity improvement in teams when compared to teams using SOA-based integration principles
Ability to adopt different tech stacks to meet business needs instead of having to learn specific interface languages
Containers are emerging as the best choice for running a microservices application architecture. The reason is that containers encapsulate a lightweight runtime environment for your application, presenting a consistent software environment, from development all the way to production. You can also run containers on physical or virtual machines. The full list of benefits is even longer:
Consistency — Containers decouple applications from the environment in which they run, ensuring much faster deployments.
Productivity — The decoupled and lightweight approach of containers means operators and developers can focus solely on their key daily concerns.
Security — Containers are self-contained and do not interact with each other, improving the business security posture.
Replicability — Containers are self-contained applications that are abstracted away from the operating system, machine, and the code as a single unit. This unit can easily be moved to other operating systems and platforms, boosting agility, flexibility, and productivity.
Agility — Executing application processes in isolation from the host operating systems makes it easier for teams to manage operations and updates.
Performance management — Inherent intelligence or rule-based decision-making allows containers to enable automated/managed graceful degradations as well as superior performance management during these difficult times.
The debate between public cloud and on-premise is being settled in favor of a hybrid approach. Enterprises feel in control of data residency and security, and are able to retain control over their day-to-day operations. Cost management is becoming more flexible, with enterprises leveraging a hybrid structure;bringing together fixed cost models and usage-driven models is allowing them to be flexible as well as more easily manage demand.
Business needs to be reachable to both internal users and end customers. When releasing applications to the production environment, remote users are being faced with a number of last-mile challenges.
Infrastructure — Whereas in an enterprise's internal network, performance penalty is usually low and network connectivity consistent, the home network is out of corporate IT’s control, and the resulting internet connectivity is usually unstable and features high latency. Traditional thin-client technology did not factor in the experience of the remote worker.
Business model — Securely printing and scanning using home equipment is either not an option or difficult, and combined with the inability of parties to meet in person to sign documents, contracts and other agreements aren’t being completed as quickly as desired. But some pioneering government agencies had already issued smart identity cards with built-in public key infrastructure technology, providing a foundation for legal signatures and the recognition of tamper-resistant smart IDs to be used as a ring of trust. These tools, coupled with APIs, have allowed those government agencies to enable legal services and also deliver services to citizens.
Security — Any prior assumptions around internal and external network segregation are proving difficult to fit into the current work-from-home business needs. For example, a mobile user who can work anywhere will be required to access internal systems from untrusted networks. Technologies such as VPN and endpoint protection are helping, however they have also exposed the protected network zone to the endpoints, which have larger blast radius. Some early leaders have been able to reduce the attack surface of the network zone extended outward by using a software-defined network and smart, application-level gateways to monitor, detect, filter, and redact the traffic. A platform that centralizes and encapsulates the complexity would move these heavy lifting responsibilities away from the application and allow the developer to focus on delivering features—and worry less about the last-mile reachability of their app.
Based on what we’ve observed, COVID-19 is being used as a compelling reason to continue—or even begin—the digital transformation and software supply chain optimization journey. In fact, for a lot of enterprises, it offers an opportunity to thrive, both during the COVID-19 environment and afterwards. Those of us in the APJ VMware Tanzu team are proud to be assisting our clients during these challenging times and hope that some of the learnings shared above can help other organizations pursue their own transformation initiatives.
About the AuthorMore Content by Ananda Bose