WASHINGTON, DC – July 3: International film and television star and the most famous in the world … (+)
Software has color. Of course, the world of digital software code doesn’t really have any color at all, but we’re talking about brownfield deployment environments where some “plowing” has already been done and some level of infrastructure has been created. The greener, cleaner (newer) opposite of a brownfield software environment is obviously a greenfield project… and we also have so-called “bluefields” where some infrastructure is in place but a lot of new code is also being created.
Outside of this field, software only becomes truly relevant when we talk about its energy consumption and start analyzing how “green” it is in terms of the environment.
Software is energy hungry
Software development consumes a huge amount of energy. From the large data centers of the cloud to the millions of individual machines used by engineers around the world to build software, a tremendous amount of energy is required. To reduce the carbon footprint of this factor while maintaining the speed of innovation, we need to review not only the physical and virtual infrastructure used, but also the organizational approach to our software development processes.
This is the opinion of Eldad Assis, lead DevOps architect at JFrog in the company’s CTO office division.
“To make our applications greener, we need to look at both energy consumption and understand the entire development processes to address our footprint holistically,” said Assis. “The areas we need to think about include (software code) dependency and build management, tool consolidation, security and efficiency so we can pinpoint where companies can reduce energy consumption while accelerating software delivery.”
An overlooked part of the software development lifecycle is the massive and sometimes complex software supply chain that drives development. For example, developers regularly use free and open source software libraries for efficiency reasons, but this can lead to increased energy demands. But how?
Transitive dependencies, simply put
The JFrog code specialist provides an example, saying that some software development teams work on the same software and pull the same transitive dependencies multiple times a day. Free and open source code libraries often contain “transitive dependencies” (dependencies are bindings and links between elements of software code that occur when one application or data service needs another to function, and so a transitive dependency is a more indirect connection that is only needed occasionally or sometimes) that can range from one component to hundreds of components. That means a lot of bandwidth, memory, and utility for a repetitive task.
But there is more to consider here.
“Most modern software development is now done with continuous integration tools. These tools also handle both direct and transitive dependencies on software development, consuming even more bandwidth and energy from external resources,” said Assis.
If repeatedly fetching data from external sources is inefficient, a centralized tool for managing binaries and dependencies could reduce this need, and also provide a way to share binaries of software code between teams anywhere in the world. Assis reminds us that companies are increasingly adopting a binary approach to software development, which improves the consistency and speed of bringing new applications into production. He argues that this move ensures that all team members and CI tools use the same set of dependencies, reducing the overall number of dependency fetches and the resulting energy requirements at both the macro level for the organization and for individual machines.
“In a typical large enterprise, you may find separate departments using different application security tools, either by choice, due to outdated systems, or simply due to a lack of communication and alignment across departments and teams. This siloed approach leads to uncontrolled tool usage as too many technologies are used, which can lead to maintenance issues and consume a lot of extra, unnecessary energy. According to our own State of the Game report, nearly half (47%) of IT professionals today use between four and nine security tools,” explained Assis.
To avoid this redundancy and the risk of rising IT and energy costs, there is a real push in the industry to consolidate tools and introduce processes where a third party manages the company’s developer technology stack. When using multiple tools, regular maintenance, patches and upgrades, scaling up or down oversized or undersized machines, and other issues consume human and energy resources.
Create once, use often
“The remnants of inefficient code and app development processes consume excessive energy in many organizations today,” said Assis. “The mantra ‘build once, use often’ still holds true today as developers make their code leaner, more efficient and greener by saving resources by creating repeated builds at different stages of the development lifecycle. It’s important to remember that these outdated approaches not only have an environmental impact, but also increase security risks and slow down innovation.”
The JFrog team is realistic about the suggestions made here and points out that the implementation of these important green coding concepts will have varying impacts that may be amplified by the scale of their adoption.
Given the hype cycle that has fueled interest in generative artificial intelligence and the general “let’s just do it” attitude that has prevailed over any more considered approach that would have also taken into account the amount of cloud computing power required by these new technologies, we seem to be jumping at the buffet, so to speak, before checking the fat and salt content.
As Kermit said, “It’s not easy being green… especially when it comes to code.”
