image 75

On-Premise to Cloud Application Migration - Utilizing existing Licenses

Frame 1178

About Company

The client is a subsidiary of a global conglomerate, headquartered in the United States, with approx 70,000 thousand employees with more than $35 billion-plus revenue in total.

Problem Statement

Due to Global Covid Outbreak many organization has shifted to Cloud for being more future proof and our client has story. they wanted to make their technology stake future proof, reliable, disaster proof and had low maintence.

A third party virus scan application Hosted on-premise at Corporate Data centre to perform file based scanning for malware and file sanitization along with performing content processing of HTTPS traffic and scanning for advance threats.

Application was installed in Windows Server 2016 on Microsoft Hyper-V environment along with Postgres Database to share data such as processing histories, live/on-going scan result query, audit, statistics data and is hosted on top of ubuntu 16.04 LTS.

Objective

The objective is to migrate the complete workload to AWS cloud and reallocating licenses from the on-premises infrastructure to AWS resources.

AWS Services Used

Different AWS services were used to achieve the objective which is listed below with particular service needs and utilization purposes.

image 3 min scaled

Architecture Workflow

Scan-server-lb-01 is an Application Load Balancer that receives HTTPS traffic and routes it to scan-server-01 in an Auto Scaling Group. The Application in this instance is responsible to perform basic file-based scanning for malware detection and file sanitization.

After a Successful scan, the application in scan-server-01 routes the traffic to scan-server-lb-02 (Application LoadBalancer) which is connected to an ASG having scan-server-02 instances.

image 3 1

The application in this scan-server-02 instance is responsible for a deep scan and content processing of HTTPs traffic to identify advanced threats. Both scan-server-01 and -02 interact with RDS for PostgreSQL to store file processing logs, live/ongoing scan result queries, and audit statistics data.

The AMIs for scan-server-01 and -02 are generated as artifacts by AWS Server Migration Service. Both the AMIs are associated with the customer-managed licenses in AWS License Manager to keep track of available licenses.

Steps Taken

Setup AWS environment including account, VPC, subnets, Internet Gateways etc based on business requirement of the application.

Based on OLA assessment in the on-premise environment, create customer managed license to track the available windows server licenses.

PostgreSQL database has an On-prem workload, so we can use AWS RDS for PostgreSQL as it comes with low maintenance overheads, and using DMS we can migrate the data.

Reference link – Click here for in-depth information

Once the connector for AWS Server Migration Service is Installed on Hyper-V and configured permissions to provide WimRM connectivity we can import the server catalog into AWS SMS and create the replication job for the server that we need to migrate and using AWS Migration Hub to track the progress.

Custom AMIs are generated as artifacts and once the replication job is completed, associate the custom AMIs with the new license configuration created in AWS license manager so that it tracks when a new instance with this AMI is created.

Dedicated hosts are required to use existing windows server licenses, we’ll create a Host Resource Group in AWS License Manager and create the custom managed license for virus scan applications and associate with AMIs.

And we are ready to launch the EC2 instances with custom AMI and Dedicated Hosts as tenancy using the Host resource group which we created.

Value Delivered

Apart from Migrating application successfully utilising existing Licences, we also made sure non-functional requirements are also delivered for better maintence and performance.

Reliability & Disaster recovery

The migration of workload from on-premise corporate data center to AWS cloud helped business to achieve a reliable server uptime, high availablity and with AWS a proper disaster recovery strategy without getting involved into all aspects of infrastructure provisioning.

Low Cost & Low Maintenance

Low Maintence Data Replication of data source (Postgres DB) was more
challenging in on-prem when compared to Postgres on RDS and its also Low
Cost compared to on-prem environment as it requires more operational and
contruction cost thus Cloud avoid single point of failure in the application.

Scalable & Efficient

Migration to AWS cloud resulted is increased scalability of infrastructure based on the incoming traffic. Peak capacity planning for workload was more challenging in on-prem environment as it required an upfront capital investment.