Technical and Product News and Insights from Rackspace
Enterprises have a longer road to travel than their smaller SME counterparts when transforming and migrating multiple workloads to the cloud. For many large organizations, the same question tends to be at the top of the priority list: how do we migrate workloads quickly and efficiently to meet business objectives?
In large legacy migration scenarios, we find that most companies start with migrating or rehosting their applications as-is in the cloud. We also find you can more easily modernize or re-architect applications after they are already running in the cloud. This is partly because organizations have developed better skills to do so and partly because the hard part—migrating the application, data, and traffic—has already been done.
However, the size and complexity of the initial migration can be complicated for many enterprises, which is why we see migrations taking much longer for large organizations that want to make the transition.
This two-part series explains how to migrate (lift and shift*) multiple workloads at speed by using Amazon Web Services (AWS®) CloudEndure™ Migration and how Rackspace can help guide this migration.
Rackspace, an AWS Partner Network (APN) Premier Consulting Partner and Managed Services Provider (MSP), has created reusable design artifacts together with automation to describe and deploy a collection of AWS services capable of hosting CloudEndure. This solution provides full IP connectivity between your data center and AWS while authenticating access to staff members via AWS client VPN services.
For simplicity, let’s start with a single (Target) AWS Account with two Amazon Virtual Private Clouds (VPCs). One VPC hosts the CloudEndure infrastructure, which is used as a lightweight replication staging area. And a second VPC deploys migrated workloads.
The source data center connects to AWS via AWS VPN or AWS Direct Connect. We use AWS Transit Gateway to provide full IP connectivity between the source data center and all VPC’s in the AWS account, as shown in the following image:
Figure 1: Simplified, high-level solution architecture
As a best practice, we generally separate workloads per AWS account or VPC, where security, cost separation, and compliance are the most common factors driving decisions. During migration, CloudEndure deploys Amazon Elastic Compute Cloud (Amazon EC2) instances from replicated server images into destination VPCs automatically, as long as they are in the same AWS account as the CloudEndure project.
The following diagram illustrates AWS Transit Gateway connecting multiple VPCs from different accounts within the same region. By using AWS Resource Access Manager (RAM), you can share Transit Gateway and connect VPCs in different accounts. We recommend that you create a separate CloudEndure project for each AWS account because sharing EC2 images between accounts is a manual process and can significantly impact timelines depending on the size of the migration.
Figure 2: Single region, multi-account, multi-VPC solution overview
Connecting multiple accounts from different regions is outside of the scope of this post. However, if you find yourself in that situation, then AWS Direct Connect Gateway, AWS Transit Gateway, and Transit Gateway peering can provide a highly secure, high-bandwidth solution between regions. This AWS re:Invent reference architecture session runs through this nicely.
The architecture in Figure 3 represents the overall blueprint design that we build in a Target AWS account to migrate workloads at speed. You can connect additional AWS accounts with CloudEndure project deployments to the source data center using the AWS Transit Gateway hosted within this account.
Figure 3: Blueprint architecture providing connectivity and access to enable migration
From a high-level solution perspective, we perform the following tasks:
In Part Two of this series, I describe how to configure the AWS Transit Gateway and AWS Client VPN.
At Rackspace, our Professional Services teams wrap governance and process around a migration into AWS. Through clear project management, we make sure to migrate applications into AWS in the right order according to business goals and objectives.
Rackspace migration engineers will set up and configure AWS CloudEndure Migration on your behalf, setting up replication from the source data center into the relevant CloudEndure project within AWS. Rackspace architects design target VPCs to include complimentary AWS services, such as load balancing, caching, or managed database services. Then, Rackspace engineers deploy the target VPCs, and they are ready to receive replicated workloads.
To learn more about how Rackspace Professional services can assist with your business challenges related to digital transformation, migration, and application modernization, visit our website.
Use the Feedback tab to make any comments or ask questions. You can also click Sales Chat to chat now and start the conversation.