MIGRATING INTO A CLOUD P. Sai Kiran Cloud Computing Definition “It is a techno-business disruptive model of using distributed large-scale data centers either private or public or hybrid offering customers a scalable virtualized infrastructure or an abstracted set of services qualified by service-level agreements (SLAs) and charged only by the abstracted IT resources consumed.” 2 •The Promise of the Cloud The Cloud Service Offerings and Deployment Models Challenges in the Cloud BROAD APPROACHES TO MIGRATING INTO THE CLOUD • Why Migrate? • economic and business reasons why an enterprise application can be migrated into the cloud, and there are also a number of technological reasons. • initiatives in adoption of cloud technologies in the enterprise, resulting in integration of enterprise applications running off the captive data centers with the new ones that have been developed on the cloud. • Adoption of or integration with cloud computing services is a use case of migration. Migration of an application into the cloud Migration can happen at one of the five levels of application, code, design, architecture, and usage. • Either the application is clean and independent 1. So it runs as is 2. Perhaps some degree of code needs to be modified and adapted 3. The design (and therefore the code) needs to be first migrated into the cloud computing service environment 4. Perhaps the migration results in the core architecture being migrated for a cloud computing service setting, this resulting in a new architecture being developed, along with the accompanying design and code implementation 5. while the application is migrated as is, it is the usage of the application that needs to be migrated and therefore adapted and modified • the migration of an enterprise application is best captured by the following • P is the application before migration running in captive data center, • P′c is the application part after migration either into a (hybrid) cloud, • P′l is the part of application being run in the captive local data center, • P′OFC is the application part optimized for cloud. • However, when the entire application is migrated onto the cloud, then P′l is null. • Indeed, the migration of the enterprise application P can happen at the five levels of application, code, design, architecture, and usage. It can be that the P′c migration happens at any of the five levels without any P′l component. THE SEVEN-STEP MODEL OF MIGRATION INTO A CLOUD Best Practices for Migrating into a Cloud • Best Practices • Design for failures – underlying cloud systems are commodity items • • • • • • • • • Avoid Single Points of Failure in your Applications Develop loose coupling between applications / code / services Exploit key cloud features: scaling, elasticity, network locality and location independence, anonymity, support for hybrid clouds, etc Build security, reliability and other non-functional requirements at every level and layer Rethink architectural constraints to avail cloud benefits Iterate and Optimize Beware of Vendor-Lock ins, Data Security Issues, SLAs and Pricing Honeypots Optimal Migration yield best ROI for using Cloud offerings Data and Application migration is pretty popular while more challenging is the Architecture and Design migration for PAAS and SAAS platforms – it is still evolving. •Migration risks • The general migration risks : • Performance monitoring and Tuning The business continuity and disaster recovery; The compliance with standards and governance issues; The IP and licensing issues; The quality of service (QoS) parameters as well as the corresponding SLAs committed to; The ownership, transfer, and storage of data in the application; The portability and interoperability issues; The issues that result in migration failure and loss of business confidence in these efforts. • • • • • • • • Security-related migration risks: • Trust and privacy. Obtaining the right execution logs as well as retaining the rights to all audit trails at a detailed level—which currently may not be fully available. However, the robustness of the solutions to prevent data loss is not fully validated. Key aspects of vulnerability management and incident responses quality are yet to be supported in a substantial way by the cloud service vendors. Finally there are issues of consistent identity management as well. • • • •