Migrating to AWS
AWS Cloud is the way to go, but migrating to the cloud is not simple. Read this article for a step-by-step migration strategy.
Join the DZone community and get the full member experience.Join For Free
Cloud is the way to go. And AWS is the most popular cloud service. So it is natural that everyone wants to migrate to AWS. But often that is not as simple as it sounds. The bigger and older your legacy system, the harder it is to migrate.
Amazon suggests a step-by-step process for performing such a migration. Here are my two cents.
The benefits of being on the cloud have been repeatedly advertised over and over in the technical community. I don't want to repeat them all over again. But here, let's look at some reasons why people are not eager to migrate.
Do We Really Need To Migrate?
This question has held back many of us. Billions of dollars are wasted every year because people are not able to conclude on this issue. The answer is: Yes. Even the pettiest application deserves a place in the cloud. Maybe you are just a simple desktop application that is doing well within Windows. Even then, connecting it to AWS will add a lot of value that you can never imagine without a cloud.
Cloud locking is another doubt bubbling in our mind. Well, to think of it, if we are not on the cloud, today we are locked in the premise! And this locking is a lot more wasteful.
Jokes apart, cloud locking is not a major problem anymore. In the early days, people had serious doubts if this cloud craze would really sustain itself. Naturally, they were cautious. But today, things have changed. Well, nothing is permanent, but going by the numbers, on-premise systems are going to break down much before Amazon. They are not going anywhere. We can bank on Amazon while planning our roadmap. The strong competition among the service providers will make sure that we always get a very good price.
Some organizations are worried if the application and data are secure on the public cloud. The fact is that nothing is safe. If our application is connected to the internet, it is only a matter of time before hackers get in. We need a strong team of experts who can combat these hackers and keep us safe. Unless information security is our key expertise, having such experts on our team is very difficult. So, the data on our premises can never be secured.
Amazon, on the other hand, has a huge army of experts who can sustain the war against these hackers. So if we follow the security guidelines they define for us, our data on the cloud is a lot more secure than the data on-premise. Nothing is free from hackers, Amazon, Google, and all the giants have been hacked and they live under the threat of more attacks. Yet, they are a lot safer than our premise. They understand security much better than we do.
Once we have decided on the migration, the natural question is which Cloud?
Disclaimer: I am heavily biased towards AWS, as you will see in all my blogs, because I am impressed by the superiority of their services! This is not sponsored by Amazon in any way.
When it comes to choosing a particular cloud, I have seen some tendencies. In most of the big corporate houses, decisions are made by Directors and CEOs who have no idea about technology. The only technology they know is Excel and PowerPoint. Naturally, they choose Azure when it comes to the cloud.
There are some who don't want to think or change too much. They want to quickly discard the premise and continue unchanged on the cloud. They are not interested in improving. Their goal is just to quickly get rid of the servers on-premise. They choose Digital Ocean, because they provide the most cost-effective server instances.
The rest of the world goes to AWS, the most versatile and cost-effective solution.
Google, Oracle, IBM, Alibaba... are great for specific use cases, not so popular otherwise.
How To Migrate
Now that we have chosen the path, we are all set to get started. To help us migrate fast, Amazon provides us a roadmap and a good set of utilities and services. Let us understand them in detail.
Commonly referred to as the two models of five phases and six R's, we hear this jargon all over the industry. There is no one-size-fits-all answer to determining the correct strategy for application migration. But following these best practices can help us discover the right strategy for our application and organization.
Amazon recommends these with a disclaimer that after all each organization is different in culture and targets, so the actual roadmap has to be chosen by the architects. But these best practices provide a good starting point - a baseline template that we can alter as per our requirements.
Five Phase Migration Process
With the five-phase migration process, you start with the least complex application to learn how to migrate while learning more about the target platform and then build toward the more complex applications.
This is not a waterfall, but it should be an iterative process that lets us plan and go about doing this migration:
Phase 1: Migration Preparation and Business Planning
If you don’t have a plan, you are planning to fail.
Migration of an enterprise: a live system is a significant effort. A concrete plan is a must for any business endeavor. This requires a good understanding of the baseline architecture. It needs an engaged leadership that understands the costs/benefits and is serious about the project.
This enables us to define a good roadmap that is aggressive in its goals and realistic in timelines. A roadmap that provides fast and incremental returns keeps the leadership engaged and interested in the process.
Phase 2: Portfolio Discovery and Planning
Most legacy systems were beautifully architected once upon a time. But over the years, they degenerate to a complex chunk of interconnected components that violate every possible architecture, design and coding guidelines.
It is important to take stock of the current state of the enterprise and to identify the complexity and dependencies among individual components so that we can segregate them into building blocks that can be migrated one by one.
Based on this exercise, we can identify parts parts that are simpler and less critical than others. Naturally, we move these before the others. This gives us the confidence in the process, and it trains the developers who learn from the problems encountered in this process.
But even before we do this, we should first work on a POC. Identify the typical interfaces and flow of each system. Based on this, implement a simple "hello world" on the cloud - that connects to similar databases and interfaces within the cloud. This helps us understand what is feasible.
A friend once told me about his experience with a migration. They had almost completed the migration but were stuck on a few web applications. They had a mean stack that they wanted to run on an Elastic Beanstalk. They struggled with it till a few days before the deployment, only to discover that MongoDB does not go well on an EBS! Since it was AWS, it did not take them much time to spin off an independent Document DB instance and get the whole thing working in a day. But such problems are better identified in a POC rather than a day before the go live.
Some points to note in this phase:
1. A major pitfall in this stage is to use the AWS Console to create the resources and deployments on the cloud. This pitfall may be very tempting because of the intuitive UI and the helpful tips that the UI provides, but can land us in a deep mess. It is almost certain that we will not be able to replicate such a deployment without any error. We always live with the risk that the tested application will not work on the production setup. So it is very important to have a CloudFormation or a Terraform script ready to run on test or production environments. As a secret for those who are in a mess with this, AWS CloudFormation now lets us create a template out of resources that we built using the UI console. But it is best not to depend upon such saviors, and get into the habit of using Infrastructure as Code.
2. Use the Code Commit. Switch over to the Native AWS CI/CD services like Code Pipeline, Code Build and Code Deploy. This should be a part of the POC and the migration checklist. Any application migration is marked complete only after the pipeline is set up in AWS. People often miss this step when migrating to the cloud. Then they have to struggle with transporting the binaries built on the premise. Don't waste an EC2 instance only for Jenkins. These services have a very small learning curve and should be learned and put into practice from the first day.
3. Use CloudWatch for monitoring and managing the logs. Don't waste an EC2 for collecting and processing system-wide logs. There are many advantages of using native CloudWatch over custom, artificial applications. Don't forego these advantages in a hurry to complete the POC.
Phases 3 and 4: Design, Migrate, Validate
This has to be an iterative agile process. We cannot just switch off on-premise data centers and have everything ready on the cloud in a single shot. We need a hybrid architecture over the few years of the migration process. We pick applications one by one and migrate them to the cloud.
Based on the learnings of Phase 2, we make the necessary changes to each application and move it to the cloud one by one. We can take bigger steps as we gain more confidence.
A few important points to note in this phase:
1. Don't try to redesign at this stage. Take small steps. First, migrate everything to the cloud onto EC2 instances. However, note that when we migrate individual components, we should try to place them individually on different EC2 instances. Since we are splitting them anyway, this is not an additional effort. But it will pay off in the future steps. Enable code cloud logs to help us identify the usage and loading patterns on each EC2 instance.
2. We should take the effort to identify the right EC2 instance for each, and reserve it. There is a huge difference between the cost of reserved and on-demand EC2 instances. We can start with an on-demand instance to start, and evaluate our requirements. But we should try to identify and reserve it as early as possible. Reserve for a small duration so that we can change it as we learn.
3. Plan out a good VPC structure. Follow the least privilege principle. Even if all the instances are in our preview, if they are not required to connect with each other, they should not be able to connect. This will harden the security of our system. It is easy and tempting to ignore and postpone such an effort until everyone forgets about it. But it pays off in the long run if we do it right now.
4. All through the migration process, we will have data flowing from our premise deployment to the cloud. This can be a security risk. People try to cover it up by restricting based on the IP address, etc., but it is quite easy to fool such a protection. AWS provides us with a range of services for implementing such a hybrid architecture such as Outpost, Local Zone and many others. They are not so costly and certainly worth the cost when we consider the security risk they mitigate.
5. Migrating compute is relatively simple, but data migration is a major challenge. The huge amount of legacy data just cannot be migrated over the wire. We have useful services like Snowball, Snowmobile and SnowCone and their variants, collectively called the Snow Family, which provide great options for doing this.
6. An even bigger challenge in migrating data is to keep the on-premise data in sync with the data on the cloud throughout the migration process. AWS Storage Gateway, AWS Backup and AWS DataSync help us do this very efficiently.
Phase 5: Modern Operating Model
Now that the application is migrated, we have to focus on making it cloud-worthy.
If we ignore this step, all the effort above will be wasted, and we might end up increasing the costs! So we have to go through the effort of identifying areas where we can optimize.
1. By now we have a good fleet of EC2 instances. They have been running for several months. We have good data on their usage and loading patterns. Based on this, we can alter the choice of EC2 instances. Some servers that are not doing anything time-critical can be changed to Spot Instances. If we notice the loading patterns vary with time, we can use Auto Scaling with a Load Balancer. Autoscaling can be self-defeating if we lose the advantage of reserving the instances. If we know the load patterns, we can also reserve the instances based on time slots, which gives us the best of both worlds.
2. Slowly dockerize the application. Since we had split the enterprise into multiple EC2 instances, now it is very easy to identify components that can be modified without affecting the others. Identify potential Lambda functions. There are a lot more than we can imagine.
3. Over time, we should have only dockers and lambda functions in our computing. While doing this, we should also discard the EC2 instances one by one and move onto Fargate. Drop the Kafka or other messaging services and move to Kinesis, EventBridge, SNS or SQS, as per the requirement. Migrate to Cloud Native Databases like Aurora, DocumentDB, DynamoDB, and other purpose built databases like TimeStream, Keyspace, Neptune, Redshift, Elasticache Redis, Memcache.
As much as possible, move from EC2 to docker and serverless. Remember the basic principles of AWS billing: the more you use, the less you pay per unit. And the more you reserve, the less you pay per unit.
Such optimizations will go a long way in reducing the costs and improving the resilience and scalability of the application. But we need a thorough understanding of the core services in order to make and implement such optimizations.
Again, don't worry about cloud locking. Amazon is here to stay. And locking into AWS is a lot better than locking into your premise equipment.
The Six Rs
The principles we discussed above can be summarized in the six migration strategies, also called the 6 Rs.
This is the simple lift and shift approach: move the application from the premises into the cloud with very little changes. A lot of this effort can be automated using the AWS Server Migration Service.
This is often called "Lift and tinker and shift," that is, making basic cloud optimizations on the applications like using RDS instead of having a database running on an EC2 instance.
This is also called "Drop and Shop". Here we identify redundant or better forms of the services we using. Like lower configuration EC2 instances or Spot instances. With this, we replace existing instances and services with better ones.
Here, we change the way the application is architected and developed. This usually involves employing cloud-native features and services. This is where we apply our understanding of AWS. The benefits of migration are visible after this phase. The more effort we apply at this phase, the better the outcome. The value we generate here is related to the accuracy of the previous phases, especially Replatform.
Once we have the refactored and rearchitected system in place, we can gradually retire the older infrastructure.
Despite all the effort, we will have some parts of the system that refuse to leave our premise. We have to look for a long-term plan to migrate them. But till then, we should enable ways to retain small parts on-premise infrastructure.
These are the basic points that can help simplify the migration to the cloud. Of course, each enterprise is different and the architect has to identify the right path to the migration. The textbook can only provide the ideal path, but real life is quite different. Yet we should know and make an attempt to align.
Published at DZone with permission of Vikas Solegaonkar. See the original article here.
Opinions expressed by DZone contributors are their own.