Migrating Workloads and Applications to AWS VPCBy Vinay Venkataraghavan on May 1, 2016 12:09:54 PM
AWS has fast grown into the platform of choice for numerous enterprises looking to leverage the benefits of a public cloud platform. However, these very same consumers have found that migrating workloads into the AWS platform is a complex, manual process for the following reasons:
- The inability to reliably clone the source machine.
- Security compliance.
- Lack of training and experience with the AWS platform.
- Dependence on the existence of matching templates supported by AWS.
- 3rd party oversight of consultants and migration factories executing migrations into the customer AWS account.
RiverMeadow has developed a new class of migration service that alleviates these issues by providing the following capabilities to migrate workloads into AWS:
- Instantiating a clone of the source machine on the AWS platform that is identical to the source from an OS and data perspective.
- Complete migration automation, removing all complexity involved in the migration process.
- Orchestrate the ability to easily and seamlessly migrate workloads in large numbers.
- Adherence to security compliance by employing security best practices in employing AWS end user roles.
- Removing the pre-requisite for end users to have acquired AWS training in order to migrate workloads into the platform.
- Complete transparency and an audit trail of the actions performed by RiverMeadow on behalf of the customer.
- Migrations performed by employing a workflow that is identical to the AWS console.
- Migrations into AWS are only performed into a customer’s VPC, thus greatly benefiting from network isolation.
- Providing the ability to select the VPC’s and subnets that instances will be instantiated into.
- Ensuring end-users can secure their footprint on the cloud platform by associating security groups to instances thus controlling access to and from instances.
Figure 1. Architecture of the RiverMeadow Migration Platform’s support of the AWS Public Cloud.
Characteristics of the RiverMeadow Migration Solution supporting the AWS cloud platform
With the addition of AWS as a target platform, RiverMeadow now supports the ability to securely migrate workloads from source environments into AWS Virtual Private Clouds.
Migrations are executed and orchestrated behind the customer premises, being comprised of three entities: (1) the source data center, (2) the target cloud data center, and (3) the secure channel that interconnects the source DC and the target DC. The data that is transferred between the source and target never exits the customer premises, and only transits the secure channel established between the source and the target VPC. Consequently, the migration of workloads is facilitated in a very secure manner guaranteeing the confidentiality and privacy of customer data. The secure aspect is further enhanced by the fact that RiverMeadow only migrates workloads into AWS VPC’s.
RiverMeadow additionally enables users to lock down and protect unauthorized access to instances by allowing users to associate security groups with workloads that have been migrated. Security groups restrict access to instances to specific transport protocols, ports and access type, thus greatly minimizing the chances of various types of network based attacks.
Ease of Use and Large Scale
The concept of migrating workloads from one environment to another is not new. However, a notable characteristic of migrations was the amount of manual process and intervention that is necessary. RiverMeadow has completely eliminated the need for any kind of manual intervention in order to execute migrations. The salient features of the RiverMeadow platform from an ease of use perspective are:
- Users can configure and execute migrations with just a few clicks.
- Minimal source information: non-root credentials and the IP address.
- End to end automation: facilitating the migration of hundreds and thousands of workloads with very minimal effort.
Adherence to Security and Compliance Best Practices
The migration landscape includes businesses of all shapes and sizes, be it large enterprises to SMB’s. However, security and compliance requirements are at the top of the list when it comes to cloud adoption. RiverMeadow has consequently implemented security and compliance best practices into the core platform, and not as an afterthought. These capabilities include:
- AWS IAM Role(s)
- Data confidentiality
- AWS Audit trail
The use of customer specified AWS IAM Roles is a cornerstone feature in the RiverMeadow support of the AWS platform. In addition to complying with various best practices as defined by AWS, this feature also enables the customer to define the policy and actions that a user can perform on their account. The benefit of using an AWS IAM role is that:
- Users do not have to divulge their API keys (it can be kept confidential)
- Can generate an audit trail to enable customers to track the actions that are performed with the role.
- Generate temporary credentials for the purpose of migrations, which can then be revoked once the migration project has been completed.
RiverMeadow provides the capability to migrate a large number of OS variants into AWS. This capability largely stems from the fact that the platform does not depend upon the existence of any templates in AWS.
The workflow of typical migration solutions relies on the existence of templates on the AWS platform. RiverMeadow obviates the need for the existence of templates, by instantiating a migration OS on the target, which then performs the data collection and OS transformation, which then results in the (cloned) target. The (final) target machine is an exact copy of the source from a data and OS perspective. The target only differs from the source in two ways: (1) the drivers required to boot the system and (2) by the cloud specific tools that are installed.
The RiverMeadow platform orchestrates and executes migrations with a minimal footprint on the source data center. This is in stark contrast to a plethora of other solutions that require a much larger presence in the source data center namely, a source appliance as well as access to the hypervisor.
The RiverMeadow solution requires network access to the source at an OS level, thus obviating the need for access at the hypervisor layer. All actions pertaining to the migration are executed over the secure, reliable transport established between the source and the target.
In summary, RiverMeadow has developed a migration platform that enables customers to:
- Migrate workloads into the AWS public cloud with as little as few clicks.
- Execute migration the migration of large-scale workloads.
- Abstract and eliminate the complexities of the target cloud platform from the user.
- Execute all migrations primarily within the context of AWS.
- Zero to minimal footprint and impact on source machines.
Visit the RiverMeadow Migration into AWS product page for additional information and to sign up for a special introductory offer.