Bimodal IT is an organizational model that segments IT services into two categories based on application requirements, maturity, and criticality. One category, deemed Mode 1, is designated as traditional, emphasizing the scalability, efficiency, safety, and accuracy that IT operations has always strived for—providing a stable infrastructure. The second category, aptly named Mode 2, is nonsequential, emphasizing agility and scale—two components that are most valuable in the era of digital business
What does all this mean to IT on a daily, functional level? There are four major impacts that IT should consider and be ready to support.
- Applications in Mode 2 are more agile, likely built with microservices and running in the cloud (most often, public clouds). They will also be web-scale and likely supporting the mobile apps or big data analytic workloads. IT needs to enable backend infrastructure to support such applications and services and must be willing to work out solutions, both on-premises and in public clouds. For example, microservices will be delivered through containers such as Docker, and hence IT should focus on preparing for the latest technologies for building these infrastructures to help application developers and operations teams to deploy these apps. Some of these technologies can range from a simple cluster of Docker hosts being managed as a cluster through a cloud management product (CMP), to more complex cluster managers and schedulers, such as Google’s Kubernetes or even datacenter operating systems like Mesos. These are the next-generation infrastructures needed for running and auto scaling cloud applications. IT should be proficient in these, as well as be able to manage them efficiently.
- Rate of change of these apps is going to be much higher than the traditional 6-12 month delivery cycle for legacy apps. The apps team needs to implement a DevOps pipeline that allows quick release of applications through build, test, and deploy stages. IT should get out of the way of the apps team and also provide API-based services that can be called from DevOps pipelines, such as security services that they wish to enforce. IT must also provide API-based environments to be created and destroyed in public or on-premises private clouds, and IT should enable this instead of being a roadblock. Even shadow IT should be considered. If there are minimalistic policies for security and compliance on the applications or infrastructure, these should be provided by IT as API-based services. For example, if IT requires security compliance to check for vulnerabilities in a Docker container, IT must provide API-based security compliance as a service.
- Application updates with creative out-of-the-box deployment strategies in production. Application changes have to be pushed into production using modern techniques, such as canary and blue-green deployment models that are quite extensively used by companies like Netflix on AWS or a rolling deployment update model. Both are based on the common theme that application releases have newer versions being deployed together with existing versions. They need to be validated by releasing some traffic to the newer version, verifying them in production, and then switching gradually to the newer version of the application. DevOps tools are needed to support much of this deployment orchestration to production.
- Right level and points of governance and control. Although some minimal, viable governance is certainly needed for even the new agile IT, the level and evaluation of governance for Mode 2 differs from Mode 1. In Mode 1, governance is stringent and rigid and is based on approvals and change control boards. We loosen this a bit in Mode 2, the new agile way. Instead, the governance is based on permissions and built into the DevOps process itself, such as basic compliance and vulnerability testing of applications actually becomes part of the DevOps pipeline.
By adapting to this new, agile Mode 2, IT and application development teams can achieve the goals of building and delivering new applications faster. IT products, such as cloud management tools, DevOps tools, deployment tools, configuration management tools, compliance, patching and monitoring tools, need to be adjusted to ensure that both Mode 1 and Mode 2 are supported based on the use cases and type of application these tools are supporting. Working together, IT and development groups can create a successful bimodal operation to grow their digital enterprise.