Migrating an existing on-premises workload to Microsoft Azure involves a series of steps and considerations.
This blog aims to provide a comprehensive guide for successfully moving your workloads to the Azure cloud platform.
Overview:
This App Modernization blog is designed for IT professionals running on-premises applications. Database and servers – assisting them on their end-to-end Cloud Migration Journey.
Microsoft provides “Microsoft Cloud Adoption Framework” with proven guidance, best practices, tools, and templates to support your adoption journey through the different phases.
A typical Migration Planning and execution:
PLAN
When beginning a migration, you first need to know what you’re dealing with. That means getting a better understanding of what your applications are, how many servers and/or VMs you have, and how you’ll move these components to the cloud.
Discover and Assess Digital estate:
Before migrating a workload to the cloud, it’s important to assess the workload and each related asset.
Tool for understanding migration readiness.
Start your migration journey by understanding your level of readiness for scale migration with the Strategic Migration Assessment & Readiness Tool (SMART). This tool addresses your readiness across all dimensions of migration, from initial strategy to ongoing management. By answering a few questions, you’ll get a customized report that will help you plan and close gaps.
Example:
Cloud Journey Tracker – Sep 28, 2023 – 7:21:37 PM – Assessments | Microsoft Learn
Now, you have analyzed your current on-prem environment and know what needs to be improved.
Discover on-premises infrastructure, apps, and databases.
You can use Tools to Discover on-prem workloads.
| Tools | Usage |
| Azure Migrate | To assess servers and VMs, Azure Migrate: Server Assessment helps you discover and assess on-premises VMware VMs, Hyper-V VMs, and physical servers to determine whether they’re ready for migration to Azure. Azure Migrate also allows you to export or download reports with discovery data for further decision-making. About Azure Migrate – Azure Migrate | Microsoft Docs Azure readiness: Assess whether on-premises servers, SQL Servers, and web apps are ready for migration to Azure. Azure sizing: Estimates the size of Azure VMs/Azure SQL configuration/number of Azure VMware Solution nodes after migration. Azure cost estimation: Estimates costs for running on-premises servers in Azure. Dependency analysis: Identifies cross-server dependencies and optimization strategies for moving interdependent servers to Azure. |
| Data Migration Assistant | For SQL database assessment, Data Migration Assistant can help you in detecting compatibility. issues that can affect database functionality in your new version of SQL Server or Azure SQL Database. It also recommends performance and reliability improvements for your target environment. |
Identify application and server dependencies
Once discovery is complete, you need to map any dependencies or communication between your servers (and applications).
Dependency analysis within Azure Migrate helps you to understand dependencies across machines that you want to assess and migrate.
You typically use dependency mapping when you want to assess machines with higher levels of confidence and ensure all the components of an app are moved together. This is critical because when migrating an application, you need to know all the servers and processes the app is using.
Many tools provide server dependency mapping but don’t provide application dependencies. To ensure a full picture of all communication among workloads, you need a tool that performs both. This allows you to create visual maps of all your applications and workloads, which enables their interaction as a single entity for costing, configuration analysis, and eventually migration.
Analyze configuration
Assessment enables you to ensure that each workload will function on your cloud platform. Through the collection and analysis of data, assessment tools can give you metrics on the readiness of the workload in the cloud.
For example, is the OS that the workload runs on support? Or is there specific hardware?
Dependencies that might not be replicated in a cloud environment (such as running a UEFI boot on a disk that’s larger than 4 terabytes)?
Configuration analysis should show you workloads that will migrate with no modifications, those that might require basic modifications, and those that are not compatible with their current formation, as well as provide guidelines to remediate potential issues or recommend configuration changes.
PLAN COST
The Azure TCO calculator helps you build a customized cloud assessment business case to support an Azure migration.
MIGRATION PLAN
Migration strategies can be boiled down to four main categories: Rehosting, refactoring, rearchitecting, and rebuilding.
| App Modernization | Activity | Benefits |
| Rehost | migrating your physical servers and VMs to the cloud just as they are, without any changes to the code. | moving quickly with no code changes. |
| Refactor | refactoring involves using additional cloud provider services to optimize the cost, reliability, and performance by refactoring your applications. Your application can take advantage of IaaS and PaaS products such as Azure App Service, Azure SQL Database Managed Instance, and containers. | lower cost and management, using your current application as-is or with some minor code or configuration changes and connecting to new infrastructure services. |
| Rearchitect | Rearchitecting modifies or extends an existing application’s code base to optimize. it for a cloud platform and for better scalability. Cloud provider services can be used directly as back-end services of modern apps, which are highly scalable and reliable. | Optimized for better scalability. |
| Rebuild | The rebuild strategy revises the existing application by aggressively adopting PaaS or even SaaS architecture. | The advantages of this strategy include building new applications using cloud-native technologies, faster development if your existing application is slowing you down, and innovation opportunities that take advantage of advancements in technology like AI, blockchain, and IoT. |
READY
You have planned your Migration Strategy and decided which App modernization to use, Re-Host, Refactor, rechitect, or Rebuild.
Based on this, the time now is to develop your Cloud environment.
In order to start building and deploying solutions using Azure services, you need to prepare your environment for the cloud adoption plan.
Prepare your environment.
Manage access
Use role-based access control to make sure that users have only the permissions they really need. Managing who can access your Azure resources and subscriptions is an important part of your Azure governance strategy, and assigning group-based access rights and privileges is a good practice.
Start with building Platform Foundation/LANDING ZONES
A landing zone is the basic building block of any cloud adoption environment.
Below are the possible Landing zones which can be built as Foundation Layer.
| Landing Zones | Usage | Tools/Technologies used |
| Infrastructure | Build re-usable Cloud Infrastructure | Azure ARM Templates |
| Identity | Authentication and access management | ARM templates PowerShell scripts Azure Key Vault RBAC |
| DevOps | Deployment | Azure DevOps PowerShell |
| Monitoring | Dashboards | Azure Monitor Azure Log Analytics Network watcher |
| Security | Threat detection Build-in Protection Advanced data security | Azure Data Security Azure DDoS Azure DNS Azure Firewall Defender for cloud |
| Governance | Enforceable policies Complaint environments Subscription Management | Azure Governance |
MIGRATE
Once your Foundation Infrastructure Layer is ready, it’s time now to actually start Migrating your application to the cloud. You can begin migration waves with your first workload to Azure.
Below is a typical pattern that you can adopt.
Migration Waves
The below tables illustrate what a typical Migration looks like.
Scenario: REHOST
| Landing Zone category | Source (On-prem) | Target (Azure IaaS) | Migration Tool |
| Infrastructure | On-Prem VM Hyper-V/VMWare VMs SQL Server – VM (SQL Server 2008) | Azure VMWare | Azure ARM Templates Azure Data Migrate |
| Networking | Networks | Virtual Networks P2P,P2S,B2B | — |
| Identity | On Prem AD | Azure AD | Azure AD Sync |
| Security | https | https | Can be Migrated and moved to Azure VM |
| Govern | |||
| DevOps | CI/CD | Azure CI/CD | Azure DevOps and Changes in configuration to build and Deploy in Azure VMs |
Replicate workloads to Azure.
Replication is the first step of the Migrate phase, where you migrate on-premises VMs by copying them across to Azure.
Asynchronous or synchronous replication ensures that live systems can be copied to Azure with no downtime.
Most of all, systems must be kept in lockstep with on-premises counterparts. This means that while you’re building and executing your migration plans, any data or server updates are synced between the copies.
Test migration before final cutover
The next step of the Adopt phase is testing, which ensures system health before the final cutover and that migration will work as expected.
Test migration simulates the migration by creating an Azure VM using replicated data. Testing doesn’t affect the on-premises machines, which remain operational and continue replicating. You can use the replicated test Azure VM to validate the migration, perform app testing, and address any issues before full migration.
To establish that workloads function as expected, you might want to test migrated resources in isolated partitions in Azure. With Azure Migrate, you can fully test a set of VMs in an isolated environment without affecting the on-premises or cloud production versions. After you’ve completed VM replication, and as you perform delta replication for the real-time replication, you can run a test migration for the VMs before running a full migration to Azure.
It’s highly recommended that you do this at least once for each machine before you migrate it
Cutover to complete the migration.
After you’ve verified that the migration works as expected through testing, it’s time to perform the final cutover to migrate the on-premises machines.
Azure Migrate can also perform the final launch in your cloud and turn off the on-premises application. In some cases, you’ll have to update domain name system (DNS) records for the new cloud-based workloads. However, if you migrated using DNS in the cloud as part of your initial environment setup, this might happen automatically.
Decommissioning on-premises infrastructure
GOVERN
Governance and compliance are required throughout a migration effort. But those efforts don’t end with migration. Once you’ve migrated, you’ll want to keep your VMs continuously secure, protect your data, and monitor your cloud health.
Governance provides mechanisms and processes to maintain control over your applications and resources in the cloud. It involves planning your initiatives and setting strategic priorities. To begin with, identify key areas of importance during and after migration. These areas should relate to the different types of risks your company must address as it adopts the cloud service—and the actions your cloud governance team should take.
Consider these principles of the governance model:
Corporate policies drive cloud governance.
Governance focuses on specific aspects of corporate policy, including identifying business risks, converting risks into policy statements, and ensuring adherence to the stated policies.
Five disciplines of cloud governance.
The disciplines are cost management, security baseline, resource consistency, identity baseline, and deployment acceleration. Each discipline supports corporate policies and protects your company from potential pitfalls.