MINDWIRE
SG · 01° 17′ N
§ F04 · Field Note PUBLISHED
← Index

Production-Ready LLM Shadow Mode — Safely Shipping AI Changes Without Breaking Users

Changing the model behind a production LLM feature is one of the hardest software releases there is. Outputs vary by run. Quality metrics are noisy. Regressions can be subtle and only show up in five percent of inputs. Standard A/B testing doesn’t help — by the time you have a statistically meaningful win rate, half your users have already seen the worse output.

Shadow mode is the boring, correct answer. Run the new candidate in parallel with production, log everything, never show the candidate’s output to a real user. Compare offline. Decide. Flip. Most teams skip this because the tooling is bad. The tooling shouldn’t be bad.

What shadow mode actually does

For every real request, you run the candidate model behind it. The user sees only the production output. The candidate output goes to a sidecar pipeline that logs:

  • The full input (sanitized for PII).
  • Both outputs.
  • Latency, token counts, cost for each.
  • Deterministic check results (length, structure, refusal rate).
  • An evaluator score, ideally from a stronger model acting as judge.

After a few thousand shadow runs, you have a real comparison. Not vibes. Not eyeball checks. Actual aggregated numbers across the same input distribution your users send.

The architecture

The shadow runner is a separate process or queue. It must be decoupled from the user-facing request path: a slow or failing shadow must never affect the production response.

Concretely:

  1. The user hits your service. You synchronously call production. You return.
  2. You also drop a message on a shadow queue with the input and the production output (so you can compare later).
  3. A shadow worker picks up the message, calls the candidate, runs evaluators, writes a row to the comparison store.

This shape gives you three useful properties: shadow latency doesn’t bleed into production latency, shadow cost is bounded by your worker pool size, and you can backfill — re-run a stored input set against a new candidate without touching live traffic.

Evaluation: deterministic first, then LLM-as-judge

Before you reach for an LLM judge, run cheap deterministic checks:

  • Output length within expected band.
  • Required structure parses (JSON schema valid; expected fields present).
  • Refusal rate (production answered, candidate refused, or vice versa).
  • Tool-call equivalence if your prompt invokes tools.
  • For retrieval: did both models cite the same documents?

These catch the obvious regressions cheaply. After that, an LLM-as-judge can score subjective quality, with calibration: have it score 50 known-good and known-bad examples first to validate it agrees with human judgement.

Pitfalls we have hit

Cost. Shadow mode doubles inference cost during the comparison window. Run it on a sampled fraction of traffic unless you really need full coverage.

Feedback loops. If candidate output ever influences future inputs (a chatbot, an agent loop, a memory store), shadow mode requires care. Make sure the candidate’s output never enters the production memory.

Distribution shift between shadow and rollout. Your shadow window may not capture rare input types. Hold back a proper canary stage even after shadow looks good.

Tokenizer differences. If the candidate uses a different tokenizer, your prompt may parse differently. Run a parser-equivalence check before the model itself.

What “ready to ship” looks like

We treat a candidate as shippable when, against a representative shadow window of at least 5,000 runs:

  • Deterministic checks tie or improve.
  • LLM judge prefers candidate ≥55% with no quality regression on any segment of the input distribution.
  • Latency does not regress past p95 budget.
  • Cost regression, if any, has explicit business signoff.

Then we ramp on a feature flag (write-ahead, of course) with kill criteria attached to the same metrics we measured in shadow.

The point

LLMs are software. They deserve the same release discipline as the rest of your stack. Shadow mode is not exotic; it’s the minimum viable rollout strategy for a stochastic component. The teams who skip it are the teams who learn about regressions from their customers.