migration of microsoft workloads

©2015, Amazon Web Services, Inc. or its affiliates. All rights reserved

Migration of Microsoft Workloads

Wayne Saxe – Ecosystem Solutions Architect

October 28, 2015 | Dallas, TX

Agenda

• AWS Migration Methodology

• Architecture Best Practices

• Workload Migration Examples

• Migration Tools

• Additional Resources

AWS Migration Methodology

Application Migration: Gartner’s 5Rs

AWS Migration Patterns: Paths to the Cloud

Phased Migration Strategy

Cloud Assessment Phase

•Assess Costs

•Assess Architecture

•Document current inventory & workloads

•Assess Security

Proof of Concept Phase

•Learn AWS

•Build a pilot

•Build Support within the organization

Data Migration Phase

•Leverage different storage options

•Migrate

Application Migration Phase

•Lift & Shift Migration

•Hybrid Migration

Leverage the Cloud Phase

•Auto-scaling

•Automation

•Elasticity

•High Availability

Optimization Phase

•Utilization

•Monitoring

•Efficiency

•Performance

•Re-engineering

Phased Driven Approach to Cloud Migration

Phases Benefits

Cloud Assessment• Financial Assessment (TCO calculation)

Security and Compliance Assessment

Technical Assessment (Classify application types)

Identify the tools that can be reused and the tools

that need to be built

Migrate licensed products

Create a plan and measure success

Cloud Assessment• Business case for migration (Lower TCO, faster time

to market, higher flexibility & agility, scalability +

elasticity)

• Identify gaps between your current traditional legacy

architecture and next -generation cloud architecture

Proof of Concept

Get your feet wet with AWS

Build a pilot and validate the technology

Test existing software in the cloud

Proof of Concept • Build confidence with various AWS services

• Mitigate risk by validating critical pieces of your

proposed architecture

Optimization Optimize usage based on demand

Improve efficiency

Implement advanced monitoring and telemetry

Re-engineer your application

Decompose your relational databases

Optimization• Increased utilization and transformational impact in

OpEx

• Better visibility through advanced monitoring and

telemetry

Phased Driven Approach to Cloud Migration

Phases Benefits

Moving your Data• Understand different storage options in the AWS cloud

• Migrate fileservers to Amazon S3

• Migrate commercial RDBMS to EC2 + EBS

• Migrate MySQL to Amazon RDS

Moving your Data• Redundancy, Durable Storage, Elastic Scalable

Storage

• Automated Management Backup

Leveraging the Cloud• Leverage other AWS services

• Automate elasticity and SDLC

• Reduction in CapEx in IT

• Flexibility and agility

• Automation and improved productivity

• Harden security

• Create dashboard to manage AWS resources

• Leverage multiple availability zones

Leveraging the Cloud

• Reduction in CapEx in IT

• Flexibility and agility

• Automation and improved productivity

• Higher Availability

Phase Deep Dive: Discovery

Application/Device Mapping

A document that relates individual compute instances and

infrastructure to a specific application.

Security

You will want to understand any application specific security

requirements, Data Protection mechanisms, authentication

mechanisms and security classification efforts.

Application Architecture Diagrams

Application diagrams that show the relationships between

infrastructure and software for a specific workload.

Compliance

Any compliance regulations will need to ne vetted in order to meet

the organizations audit requirements such as HIPPA, PCI, DSS,

FedRAMP

Integration/Dependency Mapping

A document that shows the integration points or dependencies of

one application on other applications.

Criticality, RPO/RTO Objectives

What are the application specific criticality rankings, RPO/RTO

objectives and migration efforts will need to consider application

maintenance windows (Recovery Time Objectives)

Application Load Metrics

Understanding an applications load profile will help understand the

scale of the infrastructure required to support the environment.

Architecture Best Practices

Architecture Best Practices

Resiliency Loose Coupling Elasticity

SecurityStorage

Workload Migration Examples

First You

Need a

Target: The

VPC

Availability Zone

Private SubnetPublic Subnet

NAT

10.0.0.0/24 10.0.2.0/24

DCDBAPPWEB

Domain

Controller

SQL

ServerApp

Server

IIS

ServerRDGW

Availability Zone


NAT

10.0.0.0/24 10.0.2.0/24

DCDBAPPWEB

Domain

Controller

SQL

ServerApp

Server

IIS

ServerRDGW

Remote

Users / Admins

The Principals of Security Don’t Change Much

• Roles Based Access Control and Least Privilege Apply

• Use Security Groups

Availability Zone

Web Security Group SQL Security Group


Accept TCP Port 80

from Internet

Accept TCP Port

1433 from Web SG

User

WEB SQLTCP 80 TCP 1433

10.0.0.0/24 10.0.1.0/24

Remember You Are Always Working Remote

• Clients can use the Remote Desktop Protocol

(RDP) over HTTPS to establish a secure,

encrypted connection

• Bastion hosts can run Windows PowerShell Web

Access for remote command line administration

Deploying a bastion host in each Availability Zone can provide highly

available and secure remote access over the Internet

SQL Server on AWS

• Two primary deployment paths:

Amazon RDSAmazon EC2

• You Manage Your Infrastructure

• Advanced Deployments: WSFC +

Always On Availability Groups

• Fully Managed by AWS

• No Administrative Intervention

• Uses SQL Server Mirroring

Many Versions and Editions of SQL Server including Express, Web, Standard

and Enterprise and SQL 2005, 2008 and 2012 and more

Highly Available SQL Server

Availability Zone 1

Private Subnet

Primary

Replica

Availability Zone 2

Private Subnet

Secondary

Replica

Synchronous-commit Synchronous-commit

Primary: 10.0.2.100

WSFC: 10.0.2.101

AG Listener: 10.0.2.102

Primary: 10.0.3.100

WSFC: 10.0.3.101

AG Listener: 10.0.3.102

AG Listener:

ag.awslabs.net

Automatic Failover

SQL Server WSFC: The Quorum

Availability Zone 1

Private Subnet

Primary

Replica

Availability Zone 2

Private Subnet

Secondary

Replica


Automatic Failover

Witness

Server

SQL Server WSFC Failover: The Witness

Availability Zone 1

Primary

Replica

Availability Zone 2

Secondary

Replica

Automatic Failover

Witness

Server

Availability Zone 3

SQL Server HA with Read Replica

Availability Zone 1

Private Subnet

Primary

Replica

Availability Zone 2

Private Subnet

Secondary

Replica 1


AG Listener:

ag.awslabs.net

Automatic Failover

Asynchronous-commit

Secondary

Replica 2

(Readable)

Reporting

Application

SQL Server HA Hybrid

Availability Zone 1

Private Subnet

Primary

Replica

Availability Zone 2

Secondary

Replica 1

Private Subnet

AG Listener:

ag.awslabs.net

Corporate Network

VPN

Automatic Failover

Secondary

Replica 2

(Readable)

Reporting

Application

Backups

Manual Failover

RDS SQL Server Migration

Create Database

• Use Console, CLI or API

Prepare the Source

• Disable foreign key constraints, database triggers, and automated backups

Import Logins and

Data

• Query for Logins

• Generate Scripts to obtain the data

Reverse Preparations

• Re-enable the elements disabled before

Migration Tools

AWS Database Migration Service

Start your first migration in 10 minutes or less

Keep your apps running during the migration

Replicate within, to or from Amazon EC2 or RDS

Move data to the same or different database engine

Sign up for preview at aws.amazon.com/dms

AWS

Database Migration

Service

AWS Database Migration Service

Customer

Premises

Application Users

AWS

Internet

VPN

• Start a replication instance

• Connect to source and target databases

• Select tables, schemas, or databases

Let AWS Database Migration Service

create tables, load data, and keep

them in sync

Switch applications over to the target

at your convenience

AWS

Database Migration

Service

Migration Tools

• AWS Tools

• AWS Import/Export

• VM Import/Export

• Amazon RDS Migration Tool

• Amazon WorkMailMigration Tool

• AWS Data Pipeline

• Partner Tools

Migration Tools

• Common set of tools that can assist customers in migrating workloads into Amazon

Web Services.

• Tools and Partner’s change. Here is an abbreviated list of some commonly

recommended tools.

Description Tool assisted migration

options

Production environment, Live Migration with minimum

downtime

CloudEndure

Production environment, not so critical workloads, can

sustain outage

RACEMI

Windows 2003, in-place upgrade and migration AppZero

Database migrations, all use cases Attunity

Non-Prod / Non-critical migrations AWS VM Import

Additional Resources

Microsoft Quick Starts

• Web Application Proxy and Active Directory Federation Services

• Lync Server 2013

• Exchange Server 2013

• Windows PowerShell DSC

• SharePoint Server 2013

• SQL Server 2012 and 2014 with WSFC

• Remote Desktop Gateway

• Active Directory Domain Services

https://aws.amazon.com/quickstart/

https://aws.amazon.com/quickstart/

Where Can I learn More?

• AWS Directory Services

• Microsoft Pages on AWS

• Microsoft Whitepapers on AWS

• Windows FAQ on AWS

• Microsoft License Mobility on AWS

https://aws.amazon.com/directoryservice/

https://aws.amazon.com/windows/

https://aws.amazon.com/windows/resources/whitepapers/

https://aws.amazon.com/windows/faq/

https://aws.amazon.com/windows/resources/licensemobility/

Dallas

migration of microsoft workloads

Technology