What will it take to migrate a multi-layered, multi-tiered system to Azure?
A migration of any system to a cloud services provider, such as Azure, affords the opportunity to evaluate every aspect of the system from the size and type of resources to the security of those resources. Some aspects may need some remediation, and some may be able to stay the same – part of this will depend upon whether the decision is made to ultimately operate a hybrid system where only part of the system is moved to Azure while some parts remain on-premises.
In one scenario, a hybrid topology can be leveraged as a step in the migration rather than the end goal. This type of migration could be executed in three high-level phases:
Expanding the existing system to Azure allows for leveraging various Infrastructure as a Service (IaaS) offerings to largely recreate an environment that matches the current on-premises environment. For a multi-datacenter system, multiple Azure regions can be leveraged for similar effect.
As the system is replicated within Azure, utilization of the on-premises systems can be throttled down while still maintaining high levels of redundancy. After a period of time, the on-premises systems can eventually be decommissioned.
Finally, once the system is fully within the Azure ecosystem, future enhancements of the system and applications can begin to include those that more fully leverage services that are offered to continually improve the performance, maintainability, integrity, and security of each piece within the system (https://docs.microsoft.com/en-us/azure/architecture/guide/).
What are the benefits of such a move?
Gain of Control: With an on-premises system, physical access to resources is synonymous with control of the system. It may seem counter-intuitive to say that moving resources to a cloud services provider will result in an increase in control. However, when moving resources to Azure, physical access becomes irrelevant. The primary nature of the Azure ecosystem is that it is predominantly software-defined, which means, with a few mouse clicks or a few lines of configuration, an entire virtual datacenter with VMs, switches, routers, firewalls, load balancers, etc. can be provisioned and running within a few hours – something that could take days to weeks in the physical realm.
Broader (Geo-) Redundancy Capability: Resources can be spread, literally, throughout the country or even throughout the globe. Resources can also be geographically located closer to customers. Rather than being restricted to a limited number of physical locations either owned or leased, the global footprint of a system could now include 10 or 20 locations, worldwide.
Increased Flexibility and Rapid Scaling of Resources: The virtual nature of all resources within Azure allows for rapid scale – up and down – of specific portions of the system in response to need. As usage patterns ebb and flow, the affected portions of the system can be adjusted to handle the changes while keeping the customer experience optimized
Regulatory Compliance: Azure datacenters already meet most, if not all, aspects of major compliance regulations such as PCI, GDPR, and HIPAA. Tools such as the Azure Security Advisor offer recommendations for system enhancement and improvement based on industry standard security and operations practices as well as what is needed to meet or maintain regulatory compliance.
What are the drawbacks?
Loss of Control: As mentioned, above, physical access to systems is forfeited when moving resources to Azure, or any cloud services provider.
Migration Time: The time it will take to fully migrate resources from on-premises to Azure could become problematic, particularly if this time needs to also be balanced with development and maintenance of the system.
Team Training: The nature of resources within Azure are, at some levels, inherently different from the physical resources of the current system. As Azure resources are provisioned and become part of the system, additional training would be needed to help ensure the system uses the new resources as efficiently and effectively as possible.
Change: Simply put, migrating to a new platform is change, which opens doors of opportunity, but also introduces new challenges and risks about which we may not yet be fully aware.
Migration of a complex system to Azure is not a small task and requires a large amount of planning. Risks and rewards need to be evaluated to make an informed decision on what approach to take and whether or not to migrate at all. The high-level plan, outlined above, can be a way to gradually start leveraging the benefits of cloud services while helping to mitigate or minimize some of the drawbacks.