Are Blockers to Application Cloud Migration Software Engineering Issues in Disguise?

by

Cloud computing is table stakes these days, but after companies complete infrastructure migration, many are left wondering – are we getting the full value from our cloud investment? The answer, quite simply, is no. There is a significant amount of value that can be added by migrating applications to cloud workloads. This is also called Platform as a Service.

Cloud-native apps are usually perfectly designed and shaped into loosely-coupled components that easily run on cloud services. This is great news, but core legacy applications remain stuck on-premise, mostly due to software engineering issues that present concrete blockers to PaaS adoption. Without fixing these issues, migrating applications to take full advantage of PaaS services will incur significant time and money.

IBM’s Kyle Brown and Mike Capern point out the Top 9 Rules for Cloud Applications – The Do’s and Don’ts of Making Your Application Cloud-Ready. In their article, the duo points out that blockers to cloud migration are typically not related to the CSP you’re targeting. Indeed, most technical roadblocks encountered during a cloud migration are based on poor software engineering practices.

Back when Brown and Capern published their article, no one could imagine that underlying application infrastructure would be able to change, restart and scale without disturbing application behavior in production. Yet, the article’s 9 Rules remain incredibly relevant today:

  1. Don’t code your application directly to a specific topology
  2. Don’t assume the local file system is permanent
  3. Don’t keep session state in your application
  4. Don’t log to the file system
  5. Don’t assume any specific infrastructure dependency
  6. Don’t use infrastructure APIs from within your application
  7. Don’t use obscure protocols
  8. Don’t rely on OS-specific features
  9. Don’t manually install your application

These rules were particularly helpful when we developed cloud patters for the CloudReady Index around the detection of unsupported functions in Azure SQL Databases. I was very happy to see that our list of cloud requirements matched perfectly with Brown and Capern’s 9 rules.

These software engineering principles, like avoiding the implementation of OS-specific features or using the local file system, are valid and applicable for PaaS migrations.

Highlight Table
Example of cloud requirements and blockers found in CAST Highlight

About CAST Highlight

Over 25 years, CAST has acquired a unique knowledge of the Consortium for IT Software Quality’s software quality standards and how to measure them effectively. Based on this experience and community standards on programming best practices, CAST Highlight implements hundreds of code insights across more than 18 technologies to calculate software health factors.

Developed with some of the smartest cloud experts around the world. our CloudReady Index helps you quickly and objectively assess your application portfolio for cloud migration. Our analysis automatically generates a migration strategy by identifying where to start, quick wins and applications that will take longer to migrate.

Where a cloud expert could spend weeks to measure the capability for a single application to move to PaaS, CAST Highlight makes it possible in days. To learn more, check out our interactive video.

Get the Pulse Newsletter  Sign up for the latest Software Intelligence news Subscribe Now <>
Open source is part of almost every software capability we use today. At the  very least libraries, frameworks or databases that get used in mission critical  IT systems. In some cases entire systems being build on top of open source  foundations. Since we have been benchmarking IT software for years, we thought  we would set our sights on some of the most commonly used open source software  (OSS) projects. Software Intelligence Report <> Papers
In our 29-criteria evaluation of the static application security testing (SAST)  market, we identified the 10 most significant vendors — CAST, CA Veracode,  Checkmarx, IBM, Micro Focus, Parasoft, Rogue Wave Software, SiteLock,  SonarSource, and Synopsys — and researched, analyzed, and scored them. This  report shows how each measures up and helps security professionals make the  right choice. Forrester Wave: Static Application Security Testing, Q4 2017  Analyst Paper
This study by CAST reveals potential reasons for poor software quality that  puts businesses at risk, including clashes with management and little  understanding of system architecture. What Motivates Today’s Top Performing  Developers Survey
Michael Muller
Michael Muller Product Owner Cloud-Based Software Analytics & Benchmarking at CAST
Michael Muller is a 15-year veteran in the software quality and measurement space. His areas of expertise include code quality, technical debt assessment, software quality remediation strategy, and application portfolio management. Michael manages the Appmarq product and benchmark database and is part of the CAST Research Labs analysis team that generates the industry-renowned CRASH reports.
Load more reviews
Thank you for the review! Your review must be approved first
Rating
New code

You've already submitted a review for this item

|