Refactoring or Lift-and-Shift are on the Table
The benefits of moving IT networks and systems to the cloud are well established, yet seven years after the federal government’s Cloud First policy came out, government agencies continue to struggle with cloud migration – and not for lack of trying. Cloud Smart, a follow-up strategy that is in the works, seeks to give agencies the tools they need to “adopt cloud solutions that streamline transformation and embrace modern capabilities.” To get there quickly, some agencies are opting for lift-and-shift – the process of moving an application from one environment to another without making changes to the application.
Behind agencies’ cloud adoption programs are two main drivers: One is mandates, such as Cloud First, the Data Center Optimization Initiative and the Modernizing Government Technology Act of 2017, which offers agencies a pot of money from which to borrow as they implement cloud migrations. Another primary driver is economics. Agencies that have aging infrastructure or applications that need to be replaced are looking to build solutions in the cloud – a way to meet mandates and, potentially, save money.
“The big advantage of lift-and-shift is that it gives you an automated way to move an entire estate – a group of applications that are all tied together – into the cloud,” said David Pipes, solutions architect at Affigent. Whatever the impetus, assessing and settling on the best approach to cloud migration involves a set of considerations – timing, best practices, refactoring – that agencies must weigh to arrive at the best outcome.
Timing is Everything: Assessing Migration Readiness
Timing is about more than buying technology and having it in place before throwing the migration switch, although that is an important element. When making a move to the cloud, good timing involves assessing an agency’s readiness to make the transition and determining the best time to do it. Properly timing a cloud migration means staging the rollout and paying attention to change management. Timing is about putting policies in place, procedures and budget that will provide the best chance for a successful migration. “If you’re not prepared with the underlying organizational infrastructure, then it’s probably a bad time to try to move something to the cloud,” said David Pipes, solutions architect at Affigent. “You probably need to deal with your organizational infrastructure first.”
When thinking about timing, IT managers should consider the pace of change. The cloud lets agencies set up new systems and software in days, rather than the weeks it can take for on-premises implementations. That means officials must adjust funding policies to accommodate compressed implementation schedules. “You have to be able to allocate funds in a way that will allow you to make use of new systems in the cloud,” Pipes said. “Agencies also have to have proper security and administration procedures in place. In essence, you have to have the ‘gold images’ that will let you build the system properly according to all of your standards. All of that has to be in place before you start moving applications to the cloud.”
On the issue of security, information technology managers should understand who will have access to the cloud, how they’ll get that access and how the agency will secure the expanded network connectivity that cloud can bring. As with any workplace change, it is important to get stakeholders on board with migration plans. Earlier is better. Find out what their pain points are and how moving to the cloud will alleviate or exacerbate them. Hold training sessions to discuss changes that may affect end users. “Eventually, everyone will be dealing with cloud as part of what they’re doing,” Pipes said.
Having established a migration plan and selected the cloud platform, the next step is deciding what to migrate first. Typically, the best choice is an application that is smaller in scope, a scalable approach that allows an agency to get comfortable with the process of cloud migration. Among its first migrations, for example, the Air Force lifted and shifted the Air Force Doctrine to the cloud.
Finally, it’s best to schedule a migration when the application is stable, he added. “You might not want to move directly to the cloud if you’re two weeks away from having to do a major release upgrade,” Pipes said. “Whether you’re being pushed to do a small amount quickly or a large amount over time, there are things you need to think about,” Pipes said. “One of the first ones is, is your organization ready to do this?” Is it? Timing is everything.
Are You Ready to Migrate? Ask These Five Questions
Before embarking on the cloud migration journey, agencies should introspect on several critical questions:
- Funding: Is the available funding dedicated to a singular project, or is there a vision to support future cloud-based initiatives? Establishing a repeatable funding mechanism can prevent the redundancy of repeating the same steps for different projects.
- IT Structure: A fragmented IT structure, with separate groups for servers, networking, storage, and other components, can be a roadblock. A unified approach is essential for smooth migration.
Infrastructure Compatibility: Not all on-premise infrastructure services might be cloud-compatible. It’s crucial to ascertain if services like identity management and firewalls can seamlessly transition to the cloud. - Developer-User Communication: The cloud offers agility. Developers can swiftly make changes to applications. However, this agility is futile if there’s a communication gap between developers and end-users.
- Application Latency: Understanding the latency requirements of applications is vital. It helps in evaluating their technical suitability with the cloud.
Five Steps to Lift-and-Shift Cloud Migration
- Determine how licensing policies translate in the cloud environment.
- Prepare for the speed at which cloud operates.
- Review the architecture and design of the systems to be moved.
- Adopt the agile development methodology.
- Review security requirements and apply them to all migrations.
Public, Private, Hybrid or Multi-Cloud?
Be open to various options. Not all clouds are created equal. Determining the type of cloud that will best suit an agency’s IT needs is a crucial aspect of a successful migration. Public clouds are available via the internet, while private clouds offer computing services via the internet or an internal network that is available only to users who’ve been granted access. There are also hybrid environments that pull from multiple cloud types or cloud and on-premise setups.
Avoid choosing a cloud based only on past experience. Just because an agency had success with Infrastructure-as-a-Service, it won’t necessarily be the best solution in all situations. Sometimes it will make more sense to use Platform- or Software-as-a-Service. “Customers can become focused on the type of cloud that they’re familiar with and not realize that there are opportunities to save money by going to a cloud type that offers more automation in the infrastructure and platform levels,” Pipes said.
Most Legacy Systems Need Refactoring for Migration
Agile development helps speed up the process. The lift-and-shift approach to cloud migration gets applications and systems moved quickly and allows IT managers time to figure out what works in the new environment, including what needs to be tossed or changed. Despite the efficiency of lift-and-shift, sometimes applications need to be refactored—a restructuring process that doesn’t change functionality – to be cloud-ready. “The potential problem with a lift and-shift is that it maintains the architecture that was developed for an on-prem environment,” said David Pipes, solutions architect at Affigent. “For example, you might expect cloud to operate at 60 percent or even 80 percent utilization when it’s really cranking. But on-prem systems tend to run at 20 percent, so literally the way the system is built in an on-prem environment could be much less efficient if picked up and moved to the cloud. Plus, you have the problem that you’re preserving all of your previous mistakes and misjudgments and corner-cutting.”
A rule of thumb is the bigger the application, the more likely it will require refactoring before moving to the cloud.
cloud. For instance, a single enterprise resource planning suite might include a database, one or two service-oriented architecture components, and 15 separate applications all tied together in one business process, which is inefficient and needs to be reconfigured, Pipes said. Or, a system may be based on 1 gigabit Ethernet networking on-premises, but 10 gigabit networking could be available in the cloud, requiring changes to the architecture to move more data more quickly.
In another scenario, “one group may have bought the system for their application with a little extra money so it’s a bigger system than it has to be and they’re not using very much of it, but they might come in and ask for the same system in the cloud,” he said. “That’s inefficient. That’s costly. That should be refactored.” Very large application suites will be harder to refactor quickly. As a result, agencies may need to use a hybrid environment in which some elements such as identity management or firewalls remain on-premises. In this scenario, it might make sense to lift-and-shift first and refactor later.
To show how this plays out in the real world, the Department of Veterans Affairs’ Office of Information and Technology provided an example of how VA entities could use refactoring to migrate applications to the cloud. The report, released in February, lays out steps, such as analyzing current systems’ business functions, breaking down IT systems into components that may need recoding, and migrating data and then applications to the cloud. “The general principle would be that you look for inefficiencies, you look for low utilization, you look for places where the newer technology that’s found in the cloud can make things better and then you apply that as you move into the cloud,” Pipes said.
At the Department of Health and Human Services, Deputy Chief Technology Officer Ed Simcox makes the decision to move legacy applications on a case-by-case basis. It’s possible that only 10 percent of applications would require a significant refactoring to be cloud-ready, he said at a recent FCW Cloud Summit. “We have a lot of COBOL and mainframe applications, and we need to look into refactoring, which we are doing for a couple of our high-value assets,” Simcox said.
Planning and review are crucial first steps to any cloud migration. Without the policies and procedures in place to carry out a move, agencies will struggle to recognize the right time for migration, and they could end up making costly mistakes. Efficiency is the goal, but agencies must do their homework.
“Even though an application or a project is running well in an environment, it should be looked at with a view toward rearchitecting to move into the cloud,” Pipes said. “Maybe you need to, maybe you don’t, but it should be examined.” Most cloud migrations will involve both lift-and-shift and refactoring. This is where an agile development methodology will help, too. It will enable developers to make quick changes to refactor applications that have already been lifted and shifted or to adapt on-premises ones to work with their new partners in the cloud. The agile approach’s iterative release process means developers can get changes out quickly without having to wait until an entire application has been refurbished.
“The developers should be looking at agile development techniques,” Pipes said. “The development team, like the admin teams, should be able to respond quickly to change, so that means they need up-to-date change management tools, good communications tools and understanding of what agile development methodology they use.”
Benefits of Refactoring
As IT managers weigh the pros and cons of cloud migration via lift-and-shift or refactoring, several benefits from the latter emerge. Because lifting and shifting is largely moving on-premise applications to the cloud as-is, compatibility problems could arise. Refactoring, or changing the makeup of an application without changing its external behavior, may be a better option that results in:
- A cleaned-up, modernized architecture. It’s often legacy systems that need refactoring, so agencies are left with more up-to-date applications.
- Time savings. Applications in the cloud are easier to manage and change via agile development.
- Cost savings. By updating applications and systems, agencies can reduce costs associated with maintaining outdated ones.
- Increased security. The cloud makes it easier to push out patches and layers of defense across cloud computing models.
- Increased agility. Cloud allows IT managers to instantly adjust resources and scale quickly according to workload without having to purchase new hardware.
Sometimes Lift-and-Shift Makes Sense
Review licenses, architecture, and security requirements. Sometimes it makes sense to start from scratch on migrating certain assets to the cloud. But sometimes, especially for small applications and when efficiency is a priority, lift-and-shift is best. There are several steps to doing the best possible lift-and-shift of assets. David Pipes, solutions architect at Affigent, recommends five best practices.
First, find out how licensing policies translate in the cloud environment. “Sometimes customers will get a better deal on licensing by purchasing a particular type of hardware to go along with it or bundling 1,000 licenses instead of just buying 150,” he said. “They need to make sure that they understand the effect of moving to the cloud for licensing – and that’s for every application that they’ve licensed that’s going to be moving.”
Second, agencies must prepare for the speed at which cloud operates. They need to rationalize and remove silos in the IT department to help usher migrations through faster. Sometimes this means an organization wide overhaul, but it could also mean creating a new group solely responsible for cloud.
A third practice is to review the architecture and design of systems that are moving. The result could show that they’re better suited for refactoring or restructuring, rather than lifting and shifting. It’s better for IT managers to know that from the outset, Pipes said. “If you don’t review it beforehand, you could end up with a situation where you’ve created a lot more virtual machines or you’re using a lot more storage than you actually need, because that’s what you need on the ground now,” he said. “That would just make the cloud more expensive than doing it on premises.”
Fourth, agencies should adopt the agile development methodology, which fosters iterative releases. Because not all elements of a lift-and-shift will go perfectly, developers should be ready to use agile development techniques to make adaptations. “Agile development underlies the ability to use the cloud to change quickly. It’s no good having a cloud where you can make things happen in two days if your developers take three months to change an application,” Pipes said.
Five, IT managers must review security requirements and set a general baseline to apply to all migrations, not to a single project. “What you don’t want to do is go in and say, ‘We’re moving Application X. How do we implement security for it?’ What you’re going to get back is a custom security design for every application that you move,” Pipes said. “Just like you want to rationalize the structure of your IT administration, you want to extend your security principles and postures into a cloud such that any cloud environment that gets stood up knows exactly what it has to do in terms of security.”
Heavily virtualized environments are best suited for lifting and shifting because they’re already encapsulated in virtual machines. To move them, agencies can simply copy the virtual machine and drop it onto the cloud host. In general, however, agencies should look for tools to automate lift-and-shift, he said. The tools let IT managers replicate and sometimes modify the current environment, which can be convoluted. For instance, there could be 12 network connections coming out of each system with multiple virtual machines connected to different ports, and they all have different storage connections and security postures, Pipes said. “Automated tools can go in and capture all of that information for you,” he added. “Really good automated tools can go in and not just capture it, but allow you to modify it, so when you drop it on the cloud, it’s actually more efficient than it was in the on-prem environment,” he added. “Seek out tools to help you with the lift-and-shift rather than trying to do it manually.”
But automation isn’t a silver bullet. Agencies still need to have a strong foundation for cloud migration in place, including nailed-down policies, procedures and security rules. Additionally, IT managers must make sure that services such as network monitoring and identity management — that they’re not lifting and shifting — are available to the migrated ones that use them. “You can’t just go buy a lift-and-shift tool, map out your application and then on the weekend, drop it onto a cloud and see what happens. You’re going to be spending the next three months picking up the pieces,” Pipes said. “The better you can plan the lift-and-shift, understand the environment, get all of your financial and organizational ducks in a row, the less time it will take, the less money it will cost to move into the cloud and the sooner you will start to see a return on investment.”
Refactoring vs. Lift-and-Shift:
Migration strategies often boil down to two primary approaches:
- Refactoring: This involves a thorough overhaul of an application without changing its core functionality. The benefits are manifold: a modernized architecture, significant time and cost savings, bolstered security, and enhanced agility. For instance, the Department of Health and Human Services adopts a case-by-case strategy, identifying applications that might benefit from refactoring.
- Lift-and-Shift: Sometimes, especially for less complex applications, it’s more pragmatic to directly move on-premise applications to the cloud without major changes. David Pipes from Affigent suggests that agencies should be well-versed with cloud licensing policies, be prepared for the rapid pace of cloud operations, and conduct a rigorous review of system architectures before opting for this approach.
Growing Trust in Cloud Solutions
The federal sector’s trust in cloud solutions has seen a remarkable surge. A testament to this growing confidence is that 79% of federal IT managers in 2016 were comfortable with cloud providers, up from 44% in 2014.
Real-world Applications
Real-world examples, like the one from the Department of Veterans Affairs, underscore the importance of a structured approach. Their strategy emphasizes analyzing current systems, deconstructing IT systems, and then methodically migrating data and applications to the cloud.