Migration to AWS  sandbox 

Strategies

6 R https://docs.aws.amazon.com/prescriptive-guidance/latest/strategy-migration/welcome.html

Rehosting

Lift and shift

Homogeneous (made of same things before/after) No changes to the applications, simply move the location from on-prem to cloud.

Tools = VM Import/Export, [[#Application Migration Service (MGN)]]

Replatforming

Lift, tinker and shift

Homogeneous (made of same things before/after) No big changes to the applications, simply move the location from on-prem to cloud, while choosing some low hanging fruits. Like moving to a database-as-a-service offering.

Example = Migrate on-prem Oracle DB to RDS for Oracle

Tools = VM Import/Export, [[#Application Migration Service (MGN)]]

Repurchasing

Move to a different product Heterogeneous (quite different before/after) Usually a move to a SaaS platform

Example = Tools =

Refactoring

Heterogeneous (quite different before/after) Strong business need to add features, scale, or performance

Example = Move from monolith to micro-services, Migrate on-prem Oracle DB to Aurora, RDS (MySql, PostgreSql), MariaDB etc.

Tools = [[#Schema Conversion Tool (SCT)]], [[#App2container]]

Retire

No use, retire

Retain

Keep as-is, no change

migration-services source

Migration Evaluator

Build a business case

  • Upload data from a [[CMDB]] export or gather data via an agentless collector agent.
  • Agentless collector requires a Windows VM deployed on the source system like VMWare vSphere
  • Provides projected costs to rehost on AWS based on resource configs and usage patterns
  • Does not support Citirix XenServer

Application Discovery Service (ADS)

Discover details

Use this to discover your application’s needs prior to any planned migration. It can collect metrics (cpu/memory/disk/network), configurations (number of disks, os version etc) either via an agent (can be installed on any windows/linux host), or agentlessly by launching a collector in vSphere (reads the metrics from outside the vms).

Agentless collection does not collect data about processes! Available as an OVA file to be deployed in the VMWare environment.

Previous verions - AWS Agentless Discovery Connector (Discovery Connector) is a VMware appliance. Retired, use ADS connector instead.

Migration Hub

Plan and manage

Integrates well with ADS Presents a simplified view about all the applications on a single dashboard. You can group the servers together for migration, export the utilization stats to do cost modelling on AWS etc.

Application Migration Service (MGN)

Rehost, or lift and shift

Continuous block-level replication of on-premises source servers to a staging area in AWS Account. 2160 hrs free use period ~90d Auto converts source servers from physical, virtual, or cloud infrastructure to run natively on AWS

Previous version = CloudEndure Migration

App2container

Replatform apps to run on containers

AWS App2Container (A2C) is a tool for replatforming .NET and Java web-based applications directly into containers. A2C packages the application artifact and identified dependencies into container images, configures the network ports, and generates the needed definitions. A2C provisions the cloud infrastructure and CI/CD pipelines required to deploy the containerized application into production.

Database Migration Service (DMS)

Replatform and sync data

Migrate to RDS or EC2 hosted databases Switch DB platforms - Oracle to Postgres

Performance best practices Turn off backups and transaction logging

https://docs.aws.amazon.com/prescriptive-guidance/latest/strategy-database-migration/cut-over.html

Cutover

Flash Cut

Minimal downtime SCT DMS continuous data replication (CDC)

Offline

Major downtime SCT DMS full-load

Active/Active

No downtime Bi-directional replication

Incremental

No downtime Example = migrate one service at a time if possible, while re-factoing the application

Schema Conversion Tool (SCT)

Migrate database schema from source to destination SCT replication agent supports asynchronous data replication using [[#Snowball Edge Storage Optimized]] device. Helpful for very large scale migrations.

DataSync

Move data between storage.

Endpoints - [[efs]], [[fsx]], [[s3]]

#question When to pick [[#DataSync]] over [[#Storage Gateway]] ?

Setup a task to periodically transfer data between storage locations. The scheduled task runs with a minimal interval of 1 hr (even with a custom cron). So, if the need is to replicate/transfer data faster than 1 hr, DataSync won’t work. Ensures file integrity Handles synchronization Install as VM on-prem

Snow Family

Manage using OpsHub application, which can be installed on Mac/Linux/Windows OS.

NFS Encryption Edge compute Offline data migration Online data migration using [[#DataSync]] End to end tracking Secure erasure

Snowcone

Small form factor for maximum portability, smallest device in the family Best suited to use in harsh environments to run workloads locally on EC2 8 TB HDD or 14 TB SSD storage, use as NFS v4 mounts. Transfer data to AWS offline by shipping the device back or online by using inbuild [[#DataSync]]

Snowball Edge Compute Optimized

Best suited for edge compute needs before transferring data to AWS ~100 vCPU, 28 TB [[NVMe SSD]] storage 100 Gbps network connection IoT data analytics (think IoT Greengrass) Local compute with Lambda or EC2 instances (creatively called, SBE1) File transfer using NFS GUI GPU workloads for optimizing M/L models locally with limited connectivity (SBE-G instances)

Snowball Edge Storage Optimized

Transfer TB to PB of data to AWS IoT data aggregation and analysis 80 TB or 210 TB storage 1, 10 or 100 Gbps network connection Max duration - 360 days

Snowmobile

A 45 foot container to transfer up to 100 PB of data. It starts to make sense using this over [[#Snowball Edge Storage Optimized]] devices if most data is at a single location, and exceeds 10 PB.

Transfer Family

Transfer data directly to [[#S3]] or [[#EFS]] using protocols such as [[SFTP]], [[FTPS]], [[FTP]], [[AS2]]

For FTP, you cannot create a public endpoint, it has to be a VPC hosted endpoint. As a workaround for using FTP over internet, you can route traffic through a Network load balancer, and run the FTP server in PASV mode.

For FTPS, only explicit mode is supported.

For FTPS, and FTP only Passive mode is supported.

Can the endpoints be assigned fixed public IP addresses? Yes, create VPC hosted “internet-facing” endpoint, and assign an Elastic IP to the endpoint directly. This is not possible for Public endpoints.

Can you restrict who is able to connect to the endpoint? Yes, for VPC hosted endpoints, this can be done via security groups. For public endpoints using [[API Gateway]] for identity management, WAS can also be used.

https://aws.amazon.com/blogs/storage/simplify-your-aws-sftp-structure-with-chroot-and-logical-directories/