Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Cloud monster legacy migrations to AWS - AWS Community Day Nordics - 19/2/2019


Published on

How to face a large enterprise migration to the cloud by using AWS Cloud Adoption Framework/Well-Architected, image factory approach, infrastructure as a code CI/CD.

Special thanks to Aryam Gutierrez Lopez for the initial version of this deck

Published in: Technology
  • Be the first to comment

Cloud monster legacy migrations to AWS - AWS Community Day Nordics - 19/2/2019

  1. 1. Monster Migrations (and legacy) v2 Juan Manuel Irigaray
  2. 2. $(whoami) – Juan Manuel Irigaray aka. Juancho @tranjuan I’m a Coder / Marathon Runner / Occasional Skydiver Did first large migration to AWS in 2009 Second one from Argentina to Spain in 2013  Co-Founded / CTO CloudMas in 2013 (first AWS Premier partner in Spain!) Helping others adopt the cloud from Equinix and the community I’m not Jeff Bar, I’m the one on the right 
  3. 3. How a migration looked 9+ years ago • AWS was a no brainer for Startups and Websites • Main pipeline was to build XML/Metadata for AMI build • Governance was simple – Only EC2, no VPC, no EBS, nothing  • Install your tooling, do frequent snapshots! • Pray not having any problem with your physical host (no EBS!) • Be a leader!
  4. 4. How they look now - Taming the wild After a lot of years and acquisitions companies had created the application Jurassic Park Wild places full of unknown species interacting in unknown ways The last 30 years were about creation, now the time for stabilization has come
  5. 5. Where do I start?
  6. 6. Adopt a Framework! – AWS CAF and AWS Well Architected Framework tools • When possible create an internal Tiger team with SME and executive sponsors within the organization – involve people and help them transform • Use the correct strategy for each problem (one size doesn’t fit all) • Use AWS Cloud Adoption Framework ( services/CAF/) as a foundation and AWS Well Architected Tool and Reviews (can be delivered by free from selected partners!) • At early stages use Workshop approach to identify possible work streams (solve the “measuring the immeasurable” problem step by step • Conduct self cloud-readiness self assessment organization wide every 3 months when possible! (AWS Assessment Tool
  7. 7. Step trough each of the AWS CAF Perspectives
  8. 8. Understand shared responsibility model
  9. 9. Develop an AWS CAF Action Plan
  10. 10. Done! (not really…not even close)
  11. 11. Implement a Migration Process
  12. 12. Workload Discovery and Planning Cloud Migration Readiness Identify and execute quick-wins Challenges and critical areas Resolution through POC/Well-Architected Review 6R analysis Retire Repurchase Replatform Retain Rehost Refactor Cross analysis People and teams Development/Operation Comms/Network/Security Understanding why will help to determine the best migration strategy. If costs are not the biggest concern and the priority is to be a cloud-first then a like- for-like servers in AWS will make sense. Most cost reduction opportunities will appear after moving to the desired cloud service through a detailed analysis after workload stabilization
  13. 13. Application Migration Strategies
  14. 14. Automate IaC pipeline (and secure by default)
  15. 15. Automate Security ● Adopt least privilege principle, grant only permissions required to perform specific tasks ● Automate CloudFormation/Terraform/your flavor templates and security aspects - ex.: cf-validator ● Design naming conventions for your resources, networks, IAM for automatic rule enforcement ● Align your security strategy with your compliance needs by design, ex.: Centrify, Splunk, AWS Config ● Integrate least privilege within your networks, VPN / DirectConnect and automate through API ● Encrypt end-to-end, AWS built—in encryption in several products / solutions like KMS, CloudHSM ● Least privilege always 
  16. 16. AWS Well-Architected Framework Integrate Well-Architected Framework in your pipeline to ensure all of your designs and mission-critical applications are compliant with AWS best practices, secure, high- performing, resilient, and efficient. Well Architected helps build and deploy faster, lower or mitigate risks, make informed decisions. Use the well architected framework review tool as part of your pipeline to ensure all of your designs are aligned with the five pillars Pro-tip: AWS Partners will help you review your applications (and sometimes for free  )
  17. 17. Infrastructure as a code CI/CD Automate environment validation with functional rules (ex.: Jenkins trigger, TravisCI, TFS) Use triggers to deploy new versions of infrastructure Integrate with network and operations building blocks (ex.: launch requests when a security group changes)
  18. 18. Image factory approach Allows quick integration of new requirements in base images Enables automatic functional and integration tests Hardened images for specific requirements / compliance Helps future Operations (automatic deploy when images gets invalidated) Highly recommended to use AWS Systems Manager!
  19. 19. Legacy workloads
  20. 20. Lift and Shift approach • Can be made “cloud” compatible  • “Divide and conquer” – split your application in smaller workloads ex.: OS, application container, cronjobs, etc. • Compatible with legacy workloads– requires no code change • Should be a transitionary state to a more cloud native approach • Rationalize small workloads into set of templates and reuse • Facilitates blue-green testing, DR solutions and possible roll-back to old applications
  21. 21. AWS Migration Tools and Services Server & Database ● VM Import/Export ● AWS Server Migration Service ● AWS Database Migration Service ● Application Discovery Service ● AWS Migration Hub ● AWS MQ Data ● AWS Snowball ● AWS Snowmobile ● AWS Direct Connect ● AWS Kinesis Firehose ● AWS FSx for Windows File Server
  22. 22. VM Import/Export ● Doesn’t require Hypervisor Access ● VMDK, VHD, OVA ● OS Limitation ● VM Preparation required ● Post Migration tasks $ aws ec2 import-image --description "Windows 2008 VMDKs" --license-type BYOL --diskcontainers file://containers.json
  23. 23. VM Import/Export [ { "Description": "First disk", "Format": "vmdk", "UserBucket": { "S3Bucket": "my-import-bucket", "S3Key": "disks/my-windows-2008-vm-disk1.vmdk" } }, { "Description": "Second disk", "Format": "vmdk", "UserBucket": { "S3Bucket": "my-import-bucket", "S3Key": "disks/my-windows-2008-vm-disk2.vmdk" } } ]
  24. 24. Server Migration Service (SMS) ● VMWare vCenter / Hyper-V ● AWS Server Migration Service Connector (FreeBSD OVA / Microsoft Connector) ● Requires permission in order to create/delete snapshots ● Access through AWS Console & CLI ● Limited to certain OS and licenses ● One time migration/Replication Jobs
  25. 25. Database Migration Service (DMS) ● One time migration/Live Migration Replication ● Homogeneous migrations ● Requires replication instance! ● DDL Statements support ● Sources: MySQL, PostgreSQL, SQL Server, Oracle, MariaDB, MongoDB, Aurora, SAP Adaptive Server Enterprise ● Targets: MySQL, PostgreSQL, SQL Server, Oracle, MariaDB, Aurora (MySQL y PostgreSQL), Redshift, S3, DynamoDB, SAP Adaptive Server Enterprise ● Heterogenous migrations (AWS Schema Conversion Tool)
  26. 26. AWS Schema Conversion Tool Heterogeneous database migrations by automatically converting the source database schema and a majority of the database code objects, including views, stored procedures, and functions, to a format compatible with the target database.
  27. 27. Workload case study
  28. 28. Hybrid Cloud Case Study ● Hybrid Cloud scenario ● On Premise: App, SQL Server, TFS (builds & deploys) ● AWS: CPU scaled app with CodeDeploy deploys ● Direct Connect for Datacenter <-> AWS VPC connectivity ● Custom integration between TFS and CodeDeploy to control deploy workflows ● This entire infrastructure is managed and versioned with Terraform
  29. 29. Thanks