Migration
Chapter 49: AWS Migration Strategies
Section titled “Chapter 49: AWS Migration Strategies”Planning and Executing Cloud Migrations
Section titled “Planning and Executing Cloud Migrations”49.1 Overview
Section titled “49.1 Overview”AWS migration strategies help organizations move applications and workloads from on-premises data centers or other clouds to AWS efficiently and securely.
Migration Overview+------------------------------------------------------------------+| || +------------------------+ || | Migration Framework | || +------------------------+ || | || +---------------------+---------------------+ || | | | | || v v v v || +----------+ +----------+ +----------+ +----------+ || | Assess | | Mobilize | | Migrate | | Modernize| || | | | | | | | | || | - Current| | - Plan | | - Execute| | - Optimize| || | - Gap | | - Design | | - Move | | - Improve| || | - Roadmap| | - Pilot | | - Validate| | - Transform| || +----------+ +----------+ +----------+ +----------+ || |+------------------------------------------------------------------+Key Concepts
Section titled “Key Concepts”| Concept | Description |
|---|---|
| Migration Hub | Central location to track migrations |
| Database Migration Service | Migrate databases to AWS |
| Server Migration Service | Migrate on-premises servers |
| Application Discovery Service | Discover on-premises applications |
49.2 The 6 R’s of Migration
Section titled “49.2 The 6 R’s of Migration”Migration Strategies
Section titled “Migration Strategies” The 6 R's of Migration+------------------------------------------------------------------+| || 1. Rehost (Lift and Shift) || +----------------------------------------------------------+ || | | || | Description: Move applications without changes | || | Best for: Large-scale migrations, time-constrained | || | Tools: AWS MGN, SMS, VM Import/Export | || | Effort: Low | || | Benefits: Fast migration, minimal changes | || | | || +----------------------------------------------------------+ || || 2. Replatform (Lift and Reshape) || +----------------------------------------------------------+ || | | || | Description: Make targeted optimizations | || | Best for: Databases, applications needing optimization | || | Tools: DMS, SCT, RDS, ElastiCache | || | Effort: Medium | || | Benefits: Better performance, managed services | || | | || +----------------------------------------------------------+ || || 3. Repurchase (Drop and Shop) || +----------------------------------------------------------+ || | | || | Description: Move to SaaS solution | || | Best for: CRM, HR, email systems | || | Tools: AWS Marketplace, SaaS solutions | || | Effort: Low | || | Benefits: No maintenance, latest features | || | | || +----------------------------------------------------------+ || || 4. Refactor/Re-architect || +----------------------------------------------------------+ || | | || | Description: Rebuild using cloud-native | || | Best for: Strategic applications, scalability needs | || | Tools: Lambda, ECS, DynamoDB, S3 | || | Effort: High | || | Benefits: Cloud-native benefits, scalability | || | | || +----------------------------------------------------------+ || || 5. Retire || +----------------------------------------------------------+ || | | || | Description: Decommission unnecessary applications | || | Best for: Redundant, unused applications | || | Tools: Application Discovery Service | || | Effort: Low | || | Benefits: Cost savings, reduced complexity | || | | || +----------------------------------------------------------+ || || 6. Retain || +----------------------------------------------------------+ || | | || | Description: Keep applications on-premises | || | Best for: Compliance, latency, or cost reasons | || | Tools: Hybrid connectivity (Direct Connect, VPN) | || | Effort: None | || | Benefits: Maintain current state | || | | || +----------------------------------------------------------+ || |+------------------------------------------------------------------+Strategy Selection Matrix
Section titled “Strategy Selection Matrix” Strategy Selection Matrix+------------------------------------------------------------------+| || Factor | Rehost | Replatform | Refactor | Retire || ---------------------+--------+------------+----------+-------- || Time constraint | High | Medium | Low | N/A || Budget | Low | Medium | High | N/A || Business criticality| Medium | Medium | High | Low || Scalability needs | Low | Medium | High | N/A || Technical debt | Low | Medium | High | N/A || Compliance | Low | Medium | Medium | N/A || |+------------------------------------------------------------------+49.3 Migration Planning
Section titled “49.3 Migration Planning”Assessment Phase
Section titled “Assessment Phase” Assessment Phase+------------------------------------------------------------------+| || 1. Portfolio Discovery || +----------------------------------------------------------+ || | | || | - Inventory all applications | || | - Identify dependencies | || | - Map infrastructure | || | - Document configurations | || | | || +----------------------------------------------------------+ || | || v || 2. Data Collection || +----------------------------------------------------------+ || | | || | - Server specifications | || | - Database schemas | || | - Network topology | || | - Storage requirements | || | | || +----------------------------------------------------------+ || | || v || 3. Analysis || +----------------------------------------------------------+ || | | || | - TCO comparison | || | - Migration strategy recommendation | || | - Risk assessment | || | - Timeline estimation | || | | || +----------------------------------------------------------+ || |+------------------------------------------------------------------+Application Discovery Service
Section titled “Application Discovery Service”# Application Discovery Service ConfigurationResources: DiscoveryJob: Type: AWS::Discovery::DiscoveryJob Properties: ConfigurationId: !Ref DiscoveryConfiguration CollectionDurationSeconds: 86400 # 24 hours
# Discovery Agent deployment (on-premises) # Download and install on servers to collect dataMigration Hub
Section titled “Migration Hub” AWS Migration Hub+------------------------------------------------------------------+| || Features || +----------------------------------------------------------+ || | | || | +------------------+ +------------------+ | || | | Application | | Migration | | || | | Discovery | | Tracking | | || | | | | | | || | | - Server info | | - Progress | | || | | - Dependencies | | - Status | | || | | - Performance | | - Timeline | | || | +------------------+ +------------------+ | || | | || | +------------------+ +------------------+ | || | | Assessment | | Recommendations | | || | | | | | | || | | - TCO | | - Right-sizing | | || | | - Cost | | - Migration path | | || | | - Planning | | - Tools | | || | +------------------+ +------------------+ | || | | || +----------------------------------------------------------+ || |+------------------------------------------------------------------+49.4 Database Migration
Section titled “49.4 Database Migration”AWS Database Migration Service (DMS)
Section titled “AWS Database Migration Service (DMS)” DMS Architecture+------------------------------------------------------------------+| || Source Endpoint DMS Target Endpoint || +------------------+ +------------+ +------------------+ || | | | | | | || | +------------+ | | +------+ | | +------------+ | || | | On-Premises| | | | Replication| | | RDS | | || | | Oracle |---->-->| Instance |---->-->| PostgreSQL | | || | | | | | | | | | | | | || | +------------+ | | +------+ | | +------------+ | || | | | | | | || | +------------+ | | +------+ | | +------------+ | || | | SQL Server | | | | Task | | | | Aurora | | || | | |---->-->| |---->-->| MySQL | | || | +------------+ | | +------+ | | +------------+ | || | | | | | | || | +------------+ | | +------+ | | +------------+ | || | | MySQL | | | | CDC | | | | DynamoDB | | || | | |---->-->| |---->-->| | | || | +------------+ | | +------+ | | +------------+ | || | | | | | | || +------------------+ +------------+ +------------------+ || |+------------------------------------------------------------------+DMS Configuration
Section titled “DMS Configuration”# DMS ConfigurationResources: # Replication Instance ReplicationInstance: Type: AWS::DMS::ReplicationInstance Properties: ReplicationInstanceIdentifier: migration-instance ReplicationInstanceClass: dms.t3.medium AllocatedStorage: 100 VpcSecurityGroupIds: - !Ref DMSSecurityGroup ReplicationSubnetGroupIdentifier: !Ref ReplicationSubnetGroup MultiAZ: true PubliclyAccessible: false
# Source Endpoint (On-premises Oracle) SourceEndpoint: Type: AWS::DMS::Endpoint Properties: EndpointIdentifier: source-oracle EndpointType: source EngineName: oracle ServerName: on-prem-oracle.company.com Port: 1521 DatabaseName: PRODDB Username: admin Password: !Ref SourceDBPassword SslMode: require
# Target Endpoint (RDS PostgreSQL) TargetEndpoint: Type: AWS::DMS::Endpoint Properties: EndpointIdentifier: target-postgres EndpointType: target EngineName: aurora-postgresql ServerName: !GetAtt AuroraCluster.Endpoint.Address Port: 5432 DatabaseName: appdb Username: admin Password: !Ref TargetDBPassword SslMode: require
# Migration Task MigrationTask: Type: AWS::DMS::ReplicationTask Properties: ReplicationTaskIdentifier: oracle-to-postgres SourceEndpointArn: !Ref SourceEndpoint TargetEndpointArn: !Ref TargetEndpoint ReplicationInstanceArn: !Ref ReplicationInstance MigrationType: full-load-and-cdc TableMappings: | { "rules": [ { "rule-type": "selection", "rule-id": "1", "object-locator": { "schema-name": "PROD", "table-name": "%" }, "rule-action": "include" } ] } TaskSettings: | { "TargetMetadata": { "TargetSchema": "public", "SupportLobs": true }, "FullLoadSettings": { "TargetTablePrepMode": "DROP_AND_CREATE" } }Schema Conversion Tool (SCT)
Section titled “Schema Conversion Tool (SCT)” Schema Conversion Tool+------------------------------------------------------------------+| || Supported Conversions || +----------------------------------------------------------+ || | | || | Source | Target | || | -----------------+---------------------------------------- || | Oracle | Aurora PostgreSQL, RDS PostgreSQL || | SQL Server | Aurora PostgreSQL, RDS PostgreSQL || | MySQL | Aurora MySQL, RDS MySQL || | PostgreSQL | Aurora PostgreSQL, RDS PostgreSQL || | Oracle | Aurora MySQL || | MongoDB | DocumentDB || | | || +----------------------------------------------------------+ || || Conversion Process || +----------------------------------------------------------+ || | | || | 1. Connect to source database | || | 2. Convert schema to target format | || | 3. Generate assessment report | || | 4. Apply converted schema to target | || | 5. Migrate data using DMS | || | | || +----------------------------------------------------------+ || |+------------------------------------------------------------------+49.5 Server Migration
Section titled “49.5 Server Migration”AWS Application Migration Service (MGN)
Section titled “AWS Application Migration Service (MGN)” Application Migration Service+------------------------------------------------------------------+| || Migration Process || +----------------------------------------------------------+ || | | || | 1. Install Replication Agent | || | +-------------------------------------------------+ | || | | - Install on source servers | | || | | - Configure replication settings | | || | +-------------------------------------------------+ | || | | | || | v | || | 2. Replicate to Staging Area | || | +-------------------------------------------------+ | || | | - Continuous block-level replication | | || | | - Store in S3 | | || | +-------------------------------------------------+ | || | | | || | v | || | 3. Launch Test Instances | || | +-------------------------------------------------+ | || | | - Convert to AMI | | || | | - Launch EC2 instances | | || | | - Validate applications | | || | +-------------------------------------------------+ | || | | | || | v | || | 4. Cutover to Production | || | +-------------------------------------------------+ | || | | - Final sync | | || | | - Launch production instances | | || | | - Switch traffic | | || | +-------------------------------------------------+ | || | | || +----------------------------------------------------------+ || |+------------------------------------------------------------------+MGN Configuration
Section titled “MGN Configuration”# Application Migration Service ConfigurationResources: # Replication Configuration ReplicationConfiguration: Type: AWS::MGN::ReplicationConfigurationTemplate Properties: ReplicationServerInstanceType: t3.small ReplicationServerSecurityGroupIDs: - !Ref ReplicationSecurityGroup ReplicationServerSubnetID: !Ref SubnetId StagingAreaSubnetId: !Ref StagingSubnetId StagingAreaTags: - Key: Name Value: mgn-staging DefaultLargeStagingDiskType: GP3 AssociateDefaultSecurityGroup: false BandwidthThrottling: 0 # No throttling CreatePublicIP: false DataPlaneRouting: PRIVATE_IP EbsEncryption: AWS_KMS EbsEncryptionKeyArn: !GetAtt KMSKey.Arn ReplicationConfigurationTags: - Key: Name Value: mgn-replication-config
# Launch Configuration LaunchConfiguration: Type: AWS::MGN::LaunchConfigurationTemplate Properties: LaunchDisposition: STOPPED TargetInstanceTypeRightSizingMethod: NONE CopyPrivateIp: false CopyTags: true LaunchConfigurationTags: - Key: Name Value: mgn-launch-configVM Import/Export
Section titled “VM Import/Export”# Import VM from on-premises# 1. Export VM from VMware/Hyper-V# 2. Upload to S3aws s3 cp ./vm-export.vmdk s3://import-bucket/vm-export.vmdk
# 3. Create import taskaws ec2 import-image \ --description "Imported VM" \ --disk-containers "file://containers.json" \ --role-name vmimport
# containers.json[ { "Description": "My Server VM", "Format": "vmdk", "UserBucket": { "S3Bucket": "import-bucket", "S3Key": "vm-export.vmdk" } }]
# 4. Monitor import taskaws ec2 describe-import-image-tasks --import-task-ids import-ami-1234567890abcdef049.6 Data Migration
Section titled “49.6 Data Migration”AWS DataSync
Section titled “AWS DataSync” AWS DataSync+------------------------------------------------------------------+| || Use Cases || +----------------------------------------------------------+ || | | || | - On-premises to AWS data transfer | || | - Cross-region data transfer | || | - Cross-account data transfer | || | - Hybrid cloud data synchronization | || | | || +----------------------------------------------------------+ || || Features || +----------------------------------------------------------+ || | | || | - Automated data transfer | || | - Encryption in transit and at rest | || | - Data integrity verification | || | - Bandwidth throttling | || | - Incremental transfers | || | | || +----------------------------------------------------------+ || |+------------------------------------------------------------------+DataSync Configuration
Section titled “DataSync Configuration”# DataSync ConfigurationResources: # DataSync Agent (on-premises) DataSyncAgent: Type: AWS::DataSync::Agent Properties: AgentName: on-premises-agent ActivationKey: !Ref ActivationKey # Generated during agent setup
# Source Location (NFS) SourceLocation: Type: AWS::DataSync::LocationNFS Properties: Subdirectory: /data OnPremConfig: AgentArns: - !Ref DataSyncAgent NfsMountOpts: Version: NFS4_1
# Destination Location (S3) DestinationLocation: Type: AWS::DataSync::LocationS3 Properties: S3BucketArn: !GetAtt DataBucket.Arn Subdirectory: migrated-data S3Config: BucketAccessRoleArn: !Ref DataSyncRole S3StorageClass: STANDARD_IA
# Transfer Task TransferTask: Type: AWS::DataSync::Task Properties: SourceLocationArn: !Ref SourceLocation DestinationLocationArn: !Ref DestinationLocation Name: data-migration-task Options: VerifyMode: POINT_IN_TIME_CONSISTENT Atime: BEST_EFFORT Mtime: PRESERVE Uid: PRESERVE Gid: PRESERVE PreserveDeletedFiles: PRESERVE PreserveDevices: NONE PosixPermissions: PRESERVE BytesPerSecond: -1 # No throttling TaskQueueing: ENABLED LogLevel: BASIC TransferMode: CHANGED Schedule: ScheduleExpression: cron(0 2 ? * SUN *) # Weekly on Sunday 2 AM Tags: - Key: Name Value: data-migration-taskAWS Transfer Family
Section titled “AWS Transfer Family”# AWS Transfer Family (SFTP)Resources: TransferServer: Type: AWS::Transfer::Server Properties: IdentityProviderType: SERVICE_MANAGED Protocols: - SFTP EndpointType: VPC EndpointDetails: VpcId: !Ref VPC SubnetIds: - !Ref SubnetA - !Ref SubnetB SecurityGroupIds: - !Ref SecurityGroup LoggingRole: !Ref TransferLoggingRole Tags: - Key: Name Value: sftp-server
# SFTP User SFTPUser: Type: AWS::Transfer::User Properties: ServerId: !Ref TransferServer UserName: migration-user Role: !Ref TransferUserRole HomeDirectory: /data-bucket/migration SshPublicKey: !Ref SSHPublicKey49.7 Migration Execution
Section titled “49.7 Migration Execution”Migration Waves
Section titled “Migration Waves” Migration Waves+------------------------------------------------------------------+| || Wave 1: Foundation || +----------------------------------------------------------+ || | | || | - Network connectivity (Direct Connect/VPN) | || | - Identity (IAM, Active Directory) | || | - Security baseline | || | - Shared services | || | | || +----------------------------------------------------------+ || | || v || Wave 2: Non-Critical Applications || +----------------------------------------------------------+ || | | || | - Development environments | || | - Test environments | || | - Non-critical applications | || | - Learning and experimentation | || | | || +----------------------------------------------------------+ || | || v || Wave 3: Business Applications || +----------------------------------------------------------+ || | | || | - Internal applications | || | - Department applications | || | - Data warehouses | || | - Analytics platforms | || | | || +----------------------------------------------------------+ || | || v || Wave 4: Critical Applications || +----------------------------------------------------------+ || | | || | - Customer-facing applications | || | - Revenue-generating systems | || | - Core business applications | || | - High-availability systems | || | | || +----------------------------------------------------------+ || |+------------------------------------------------------------------+Cutover Planning
Section titled “Cutover Planning” Cutover Process+------------------------------------------------------------------+| || Pre-Cutover || +----------------------------------------------------------+ || | | || | 1. Final data sync | || | 2. Application testing | || | 3. Performance validation | || | 4. Rollback plan documented | || | 5. Communication plan activated | || | | || +----------------------------------------------------------+ || | || v || Cutover Window || +----------------------------------------------------------+ || | | || | 1. Stop source systems | || | 2. Final data sync | || | 3. Start target systems | || | 4. Verify functionality | || | 5. Switch DNS/traffic | || | 6. Monitor and validate | || | | || +----------------------------------------------------------+ || | || v || Post-Cutover || +----------------------------------------------------------+ || | | || | 1. Monitor for issues | || | 2. User acceptance testing | || | 3. Performance tuning | || | 4. Decommission source systems | || | 5. Documentation update | || | | || +----------------------------------------------------------+ || |+------------------------------------------------------------------+49.8 Post-Migration Optimization
Section titled “49.8 Post-Migration Optimization”Optimization Checklist
Section titled “Optimization Checklist”# Post-Migration Optimization Checklist
## Cost Optimization- [ ] Right-size EC2 instances- [ ] Implement Auto Scaling- [ ] Purchase Reserved Instances or Savings Plans- [ ] Review and optimize storage- [ ] Implement S3 lifecycle policies
## Performance Optimization- [ ] Review and optimize database queries- [ ] Implement caching (ElastiCache, CloudFront)- [ ] Optimize network configuration- [ ] Review application performance
## Security Optimization- [ ] Implement least privilege IAM policies- [ ] Enable encryption at rest and in transit- [ ] Configure security groups and NACLs- [ ] Enable CloudTrail and CloudWatch- [ ] Implement security monitoring
## Reliability Optimization- [ ] Implement multi-AZ deployments- [ ] Configure automated backups- [ ] Implement health checks- [ ] Create disaster recovery plan- [ ] Test failover procedures
## Operational Excellence- [ ] Implement Infrastructure as Code- [ ] Set up CI/CD pipelines- [ ] Configure monitoring and alerting- [ ] Document runbooks- [ ] Train operations team49.9 Best Practices
Section titled “49.9 Best Practices”Migration Best Practices
Section titled “Migration Best Practices” Migration Best Practices+------------------------------------------------------------------+| || 1. Planning || +--------------------------------------------------------+ || | - Thorough assessment before migration | || | - Define clear success criteria | || | - Create detailed migration plan | || | - Include rollback procedures | || +--------------------------------------------------------+ || || 2. Execution || +--------------------------------------------------------+ || | - Start with pilot migrations | || | - Use migration waves | || | - Test thoroughly before cutover | || | - Communicate with stakeholders | || +--------------------------------------------------------+ || || 3. Data Migration || +--------------------------------------------------------+ || | - Use appropriate tools for data type | || | - Plan for data validation | || | - Consider data transformation needs | || | - Test data integrity post-migration | || +--------------------------------------------------------+ || || 4. Post-Migration || +--------------------------------------------------------+ || | - Optimize for cloud | || | - Implement monitoring | || | - Document lessons learned | || | - Plan for continuous improvement | || +--------------------------------------------------------+ || |+------------------------------------------------------------------+49.10 Key Takeaways
Section titled “49.10 Key Takeaways”| Topic | Key Points |
|---|---|
| 6 R’s | Choose appropriate strategy for each application |
| Assessment | Thorough discovery and planning before migration |
| DMS | Use for database migrations with minimal downtime |
| MGN | Use for server migrations with continuous replication |
| Waves | Migrate in waves, starting with non-critical |
| Optimization | Optimize after migration for cloud benefits |
49.11 References
Section titled “49.11 References”Next Chapter: Chapter 50 - Real-World Architecture Case Studies