Download - Migration of Microsoft Workloads
©2015, Amazon Web Services, Inc. or its affiliates. All rights reserved
Migration of Microsoft Workloads
Wayne Saxe – Ecosystem Solutions Architect
October 28, 2015 | Dallas, TX
Agenda
• AWS Migration Methodology
• Architecture Best Practices
• Workload Migration Examples
• Migration Tools
• Additional Resources
AWS Migration Methodology
Application Migration: Gartner’s 5Rs
Application Migration: Gartner’s 5Rs
AWS Migration Patterns: Paths to the Cloud
Phased Migration Strategy
Cloud Assessment Phase
•Assess Costs
•Assess Architecture
•Document current inventory & workloads
•Assess Security
Proof of Concept Phase
•Learn AWS
•Build a pilot
•Build Support within the organization
Data Migration Phase
•Leverage different storage options
•Migrate
Application Migration Phase
•Lift & Shift Migration
•Hybrid Migration
Leverage the Cloud Phase
•Auto-scaling
•Automation
•Elasticity
•High Availability
Optimization Phase
•Utilization
•Monitoring
•Efficiency
•Performance
•Re-engineering
Phased Driven Approach to Cloud Migration
Phases Benefits
Cloud Assessment• Financial Assessment (TCO calculation)
Security and Compliance Assessment
Technical Assessment (Classify application types)
Identify the tools that can be reused and the tools
that need to be built
Migrate licensed products
Create a plan and measure success
Cloud Assessment• Business case for migration (Lower TCO, faster time
to market, higher flexibility & agility, scalability +
elasticity)
• Identify gaps between your current traditional legacy
architecture and next -generation cloud architecture
Proof of Concept
Get your feet wet with AWS
Build a pilot and validate the technology
Test existing software in the cloud
Proof of Concept • Build confidence with various AWS services
• Mitigate risk by validating critical pieces of your
proposed architecture
Optimization Optimize usage based on demand
Improve efficiency
Implement advanced monitoring and telemetry
Re-engineer your application
Decompose your relational databases
Optimization• Increased utilization and transformational impact in
OpEx
• Better visibility through advanced monitoring and
telemetry
Phased Driven Approach to Cloud Migration
Phases Benefits
Moving your Data• Understand different storage options in the AWS cloud
• Migrate fileservers to Amazon S3
• Migrate commercial RDBMS to EC2 + EBS
• Migrate MySQL to Amazon RDS
Moving your Data• Redundancy, Durable Storage, Elastic Scalable
Storage
• Automated Management Backup
Leveraging the Cloud• Leverage other AWS services
• Automate elasticity and SDLC
• Reduction in CapEx in IT
• Flexibility and agility
• Automation and improved productivity
• Harden security
• Create dashboard to manage AWS resources
• Leverage multiple availability zones
Leveraging the Cloud
• Reduction in CapEx in IT
• Flexibility and agility
• Automation and improved productivity
• Higher Availability
Phase Deep Dive: Discovery
Application/Device Mapping
A document that relates individual compute instances and
infrastructure to a specific application.
Security
You will want to understand any application specific security
requirements, Data Protection mechanisms, authentication
mechanisms and security classification efforts.
Application Architecture Diagrams
Application diagrams that show the relationships between
infrastructure and software for a specific workload.
Compliance
Any compliance regulations will need to ne vetted in order to meet
the organizations audit requirements such as HIPPA, PCI, DSS,
FedRAMP
Integration/Dependency Mapping
A document that shows the integration points or dependencies of
one application on other applications.
Criticality, RPO/RTO Objectives
What are the application specific criticality rankings, RPO/RTO
objectives and migration efforts will need to consider application
maintenance windows (Recovery Time Objectives)
Application Load Metrics
Understanding an applications load profile will help understand the
scale of the infrastructure required to support the environment.
Architecture Best Practices
Architecture Best Practices
Resiliency Loose Coupling Elasticity
SecurityStorage
Workload Migration Examples
First You
Need a
Target: The
VPC
Availability Zone
Private SubnetPublic Subnet
NAT
10.0.0.0/24 10.0.2.0/24
DCDBAPPWEB
Domain
Controller
SQL
ServerApp
Server
IIS
ServerRDGW
Availability Zone
Private SubnetPublic Subnet
NAT
10.0.0.0/24 10.0.2.0/24
DCDBAPPWEB
Domain
Controller
SQL
ServerApp
Server
IIS
ServerRDGW
Remote
Users / Admins
The Principals of Security Don’t Change Much
• Roles Based Access Control and Least Privilege Apply
• Use Security Groups
Availability Zone
Web Security Group SQL Security Group
Private SubnetPublic Subnet
Accept TCP Port 80
from Internet
Accept TCP Port
1433 from Web SG
User
WEB SQLTCP 80 TCP 1433
10.0.0.0/24 10.0.1.0/24
Remember You Are Always Working Remote
• Clients can use the Remote Desktop Protocol
(RDP) over HTTPS to establish a secure,
encrypted connection
• Bastion hosts can run Windows PowerShell Web
Access for remote command line administration
Deploying a bastion host in each Availability Zone can provide highly
available and secure remote access over the Internet
SQL Server on AWS
• Two primary deployment paths:
Amazon RDSAmazon EC2
• You Manage Your Infrastructure
• Advanced Deployments: WSFC +
Always On Availability Groups
• Fully Managed by AWS
• No Administrative Intervention
• Uses SQL Server Mirroring
Many Versions and Editions of SQL Server including Express, Web, Standard
and Enterprise and SQL 2005, 2008 and 2012 and more
Highly Available SQL Server
Availability Zone 1
Private Subnet
Primary
Replica
Availability Zone 2
Private Subnet
Secondary
Replica
Synchronous-commit Synchronous-commit
Primary: 10.0.2.100
WSFC: 10.0.2.101
AG Listener: 10.0.2.102
Primary: 10.0.3.100
WSFC: 10.0.3.101
AG Listener: 10.0.3.102
AG Listener:
ag.awslabs.net
Automatic Failover
SQL Server WSFC: The Quorum
Availability Zone 1
Private Subnet
Primary
Replica
Availability Zone 2
Private Subnet
Secondary
Replica
Synchronous-commit Synchronous-commit
Automatic Failover
Witness
Server
SQL Server WSFC Failover: The Witness
Availability Zone 1
Primary
Replica
Availability Zone 2
Secondary
Replica
Automatic Failover
Witness
Server
Availability Zone 3
SQL Server HA with Read Replica
Availability Zone 1
Private Subnet
Primary
Replica
Availability Zone 2
Private Subnet
Secondary
Replica 1
Synchronous-commit Synchronous-commit
AG Listener:
ag.awslabs.net
Automatic Failover
Asynchronous-commit
Secondary
Replica 2
(Readable)
Reporting
Application
SQL Server HA Hybrid
Availability Zone 1
Private Subnet
Primary
Replica
Availability Zone 2
Secondary
Replica 1
Private Subnet
AG Listener:
ag.awslabs.net
Corporate Network
VPN
Automatic Failover
Secondary
Replica 2
(Readable)
Reporting
Application
Backups
Manual Failover
RDS SQL Server Migration
Create Database
• Use Console, CLI or API
Prepare the Source
• Disable foreign key constraints, database triggers, and automated backups
Import Logins and
Data
• Query for Logins
• Generate Scripts to obtain the data
Reverse Preparations
• Re-enable the elements disabled before
Migration Tools
AWS Database Migration Service
Start your first migration in 10 minutes or less
Keep your apps running during the migration
Replicate within, to or from Amazon EC2 or RDS
Move data to the same or different database engine
Sign up for preview at aws.amazon.com/dms
AWS
Database Migration
Service
AWS Database Migration Service
Customer
Premises
Application Users
AWS
Internet
VPN
• Start a replication instance
• Connect to source and target databases
• Select tables, schemas, or databases
Let AWS Database Migration Service
create tables, load data, and keep
them in sync
Switch applications over to the target
at your convenience
AWS
Database Migration
Service
Migration Tools
• AWS Tools
• AWS Import/Export
• VM Import/Export
• Amazon RDS Migration Tool
• Amazon WorkMailMigration Tool
• AWS Data Pipeline
• Partner Tools
Migration Tools
• Common set of tools that can assist customers in migrating workloads into Amazon
Web Services.
• Tools and Partner’s change. Here is an abbreviated list of some commonly
recommended tools.
Description Tool assisted migration
options
Production environment, Live Migration with minimum
downtime
CloudEndure
Production environment, not so critical workloads, can
sustain outage
RACEMI
Windows 2003, in-place upgrade and migration AppZero
Database migrations, all use cases Attunity
Non-Prod / Non-critical migrations AWS VM Import
Additional Resources
Microsoft Quick Starts
• Web Application Proxy and Active Directory Federation Services
• Lync Server 2013
• Exchange Server 2013
• Windows PowerShell DSC
• SharePoint Server 2013
• SQL Server 2012 and 2014 with WSFC
• Remote Desktop Gateway
• Active Directory Domain Services
https://aws.amazon.com/quickstart/
Where Can I learn More?
• AWS Directory Services
• Microsoft Pages on AWS
• Microsoft Whitepapers on AWS
• Windows FAQ on AWS
• Microsoft License Mobility on AWS
Dallas