Migration and Hybrid Cloud Architecture
Now that you've mastered core AWS services, serverless computing, and disaster recovery strategies, it's time to tackle one of the most critical real-world scenarios: migrating existing workloads to AWS and building hybrid cloud architectures. This lesson will equip you with the strategies and tools needed to successfully transition from on-premises to cloud environments while maintaining business continuity.
Learning Goals:
- Understand the AWS migration strategies (7 Rs)
- Learn about AWS Migration Hub and related services
- Implement hybrid cloud connectivity using AWS Direct Connect and VPN
- Use AWS Storage Gateway for hybrid storage solutions
- Deploy AWS Outposts for truly hybrid infrastructure
Migration Strategies: The 7 Rs
AWS defines seven common migration strategies for moving applications to the cloud:
- Rehost ("lift and shift"): Move applications without changes
- Replatform ("lift, tinker, and shift"): Make minor optimizations
- Refactor (re-architect): Modify application architecture for cloud-native features
- Repurchase: Switch to different product (e.g., move to SaaS)
- Retire: Decommission unused applications
- Retain: Keep applications in current environment
- Relocate: Move to cloud without buying new hardware
Start with rehosting for quick wins, but plan for replatforming or refactoring to maximize cloud benefits long-term. Applications with tight compliance requirements are often good candidates for retain strategies initially.
AWS Migration Services
AWS Migration Hub
AWS Migration Hub provides a single location to track migration tasks across multiple AWS services and partner solutions.
# List migration tasks
aws migrationhub-list-migration-tasks \
--max-results 10
# Get migration task details
aws migrationhub-describe-migration-task \
--migration-task-name "web-app-migration" \
--progress-update-stream "main-stream"
Application Discovery Service
Before migrating, use Application Discovery Service to plan your migration by identifying dependencies and performance requirements.
import boto3
def get_discovered_servers():
discovery = boto3.client('discovery')
response = discovery.describe_agents(
maxResults=100
)
for agent in response['agentsInfo']:
print(f"Agent ID: {agent['agentId']}")
print(f"Status: {agent['status']}")
print(f"---")
return response
# Run discovery
servers = get_discovered_servers()
Hybrid Cloud Connectivity
AWS Direct Connect
AWS Direct Connect establishes dedicated network connections from your premises to AWS, bypassing the public internet.
Connection:
ConnectionName: "Prod-DirectConnect"
Bandwidth: "1Gbps"
Location: "EqDC1"
VLAN: 100
VirtualInterface:
- Name: "Private-VIF"
Type: "private"
VLAN: 100
BGP_ASN: 64512
Site-to-Site VPN
For less critical or temporary hybrid connectivity, use AWS Site-to-Site VPN:
resource "aws_customer_gateway" "main" {
bgp_asn = 65000
ip_address = "203.0.113.10"
type = "ipsec.1"
}
resource "aws_vpn_connection" "main" {
vpn_gateway_id = aws_vpn_gateway.main.id
customer_gateway_id = aws_customer_gateway.main.id
type = "ipsec.1"
static_routes_only = true
}
Hybrid Storage Solutions
AWS Storage Gateway
Storage Gateway provides hybrid cloud storage between on-premises environments and AWS Cloud storage.
- File Gateway
- Volume Gateway
# Mount S3 as network drive
sudo mount -t nfs \
-o nolock,hard \
gateway-ip:/share-name \
/mnt/amazon-s3
# Connect iSCSI volume
iscsiadm -m discovery -t st -p gateway-ip
iscsiadm -m node -T iqn -p gateway-ip -l
DataSync for Data Migration
AWS DataSync automates and accelerates moving data between on-premises storage and AWS.
import boto3
def create_datasync_task():
client = boto3.client('datasync')
response = client.create_task(
SourceLocationArn='arn:aws:datasync:us-east-1:123456789012:location/loc-1234567890',
DestinationLocationArn='arn:aws:datasync:us-east-1:123456789012:location/loc-0987654321',
CloudWatchLogGroupArn='arn:aws:logs:us-east-1:123456789012:log-group:/aws/datasync:*',
Name='OnPrem-to-S3-Migration'
)
return response['TaskArn']
# Start data migration
task_arn = create_datasync_task()
AWS Outposts
AWS Outposts brings native AWS services, infrastructure, and operating models to virtually any data center, co-location space, or on-premises facility.
Resources:
OutpostsVPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock: 10.0.0.0/16
OutpostsSubnet:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref OutpostsVPC
CidrBlock: 10.0.1.0/24
OutpostArn: arn:aws:outposts:us-west-2:123456789012:outpost/op-1234567
Outposts require significant planning and capital investment. Ensure you have clear business justification and understand the operational model before committing to this hybrid approach.
Migration Best Practices
- Start small: Migrate non-critical applications first
- Validate backups: Always have rollback plans
- Monitor performance: Use CloudWatch during and after migration
- Train teams: Ensure operational readiness for new cloud environment
- Optimize costs: Right-size resources after migration
Common Pitfalls
- Underestimating network bandwidth: Migration can saturate network links
- Ignoring application dependencies: Missing interconnected services causes failures
- Skipping testing: Not validating performance in target environment
- Poor security planning: Exposing sensitive data during transfer
- Forgetting DNS updates: Applications can't connect if DNS isn't updated
Summary
In this lesson, you learned how to approach cloud migration using AWS's proven strategies and tools. You explored the 7 Rs framework for migration planning, implemented hybrid connectivity with Direct Connect and VPN, used Storage Gateway for hybrid storage, and understood when to leverage AWS Outposts. Remember that successful migration requires careful planning, testing, and validation at each step.
Quiz
AWS Migration & Hybrid Cloud Fundamentals
Which migration strategy involves moving applications to the cloud without any modifications?