This architecture demonstrates a comprehensive approach to migrating a legacy application to the Azure cloud, ensuring high availability, security, and scalability. It integrates on-premises resources with cloud services, providing a seamless and efficient environment for running and managing the application. The use of Azure Front Door, PrivateLink, and other Azure services ensures optimal performance and security for the application.
Replatforming
For anyone looking to migrate legacy applications to the cloud, replatforming is a good compromise between the speed of lift and shift and the stability of refactoring. The process involves making small, easy changes to an application’s architecture to prepare it for use in the cloud. An example, for this project I made changes to using a standalone MySQL DB and a File storage since the one we were using on-prem cannot accommodate all the resources. Also made provision to store our secret keys with managed key vault, this allowed us to save more compared to our On-prem HSM. A critical look , our On-prem server needed to have a secured communication connection for accessing resources from the database, moving to the cloud we made sure we did this with azure private link for more secured connection. During the replatforming, the client side of the applications did not change. This means our company’s transition to the cloud did not affect our customer base. It’s a much faster process than refactoring and is typically the first part of modernizing a company’s legacy applications.
Components of the Architecture
Azure Front Door
This acts as a global load balancer, distributing incoming web traffic to the backend services hosted in Azure. It provides high availability and low latency by routing traffic to the closest available backend with some level of web traffic security checks.
2. Application Workload Virtual Network
Application Tier Subnet: Hosts the application servers that handle the business logic and user interface of the portal application.
Portal Application Servers: These servers run the application workload. They are the backend services that process user requests and generate responses. These servers are running on the Azure VMscale set providing highy avaiablity for services in different AZ within the azure region and a warm backup following the data backup st 3–2–1 method.
PrivateLink Endpoint: Ensures secure communication between the application servers and Azure SQL Database by establishing a private network connection.
3. Database and Storage
Azure SQL Database: A managed relational database service that stores the application’s data which is running on a separate private subnet segment from our workload servers in the scale set. Azure Managed Disks provides durable, high-performance storage for the virtual machines handling the business logic. To keep services the DB is also running a multi-AZ replication following a warm backup strategy.
Azure Files: A fully managed file share service in the cloud, accessible via standard SMB protocols which extends we are running a file share to some additional services On-prem. This file storage uses a private connection to speak to the DB for any needed resources. Same replication and backup system for the file storage.
Azure Key Vault: Securely stores and manages application secrets, encryption keys, certificates and passwords which arerotated to keep up with security and compliance.
4. Networking:
Hub Virtual Network: Acts as the central hub for the network architecture, facilitating communication between on-premises and Azure resources during the migration.
Gateway: Manages traffic between the on-premises environment and Azure.
Azure Bastion: Provides secure RDP/SSH connectivity to the virtual machines directly from the Azure portal without exposing them to the public internet.
Virtual Network Peering: Enables communication between the Hub Virtual Network and the Application Workload Virtual Network.
On-Premises Integration:
On-Premises VMware Site: Represents the existing infrastructure where the legacy application is hosted within the vCenter.
vCenter: Manages the VMware virtual machines.
VMware Virtual Machine: The virtual machines running on the on-premises infrastructure.
Azure Migrate Appliance: This must be installed on the On-prem servers assisting in the discovery, assessment, and migration of on-premises applications to Azure.
CloudConnexa: Facilitates the secure connection between the on-premises infrastructure and Azure, using a VPN networking solution for a secured connection over the public internet.
5. Monitoring and Analytics:
Monitor: Provides insights into the performance and health of the application and infrastructure running on Azure and during the migration period
Microsoft Power BI: A business analytics service that delivers insights from the data and the user interaction of the modernize application
Azure Backup and Azure Site Recovery: Ensure data protection and disaster recovery by backing up data and replicating virtual machines to a secondary location.
Workflow and Traffic Flow
1. User Interaction:
The user accesses the application through the web, and the traffic is directed to Azure Front Door.
2. Traffic Distribution:
Azure Front Door routes the traffic to the appropriate backend services hosted in the Application Workload Virtual Network.
3. Application Processing:
The Portal Application Servers handle the requests, process them, and interact with the Azure SQL Database to fetch or store data.
4. Secure Communication:
The PrivateLink Endpoint ensures that communication between the application servers and the database is secure.
5. On-Premises Integration:
The on-premises VMware site is integrated with Azure using Azure Migrate Appliance and CloudConnexa for seamless migration and connectivity.
6. Monitoring and Analytics:
The infrastructure is continuously monitored, and data insights are generated using Azure Monitor and Microsoft Power BI.
7. Backup and Recovery:
Data and applications are backed up using Azure Backup, and disaster recovery is managed using Azure Site Recovery.
Terraform code
GitHub-Action CI/CD
Risk Minimization Techniques for a Legacy Migration deployment
Migrating traditional systems to the cloud entails considerable risks, but they may be avoided with proper planning and the use of best practices.
1. Comprehensive assessment.
Perform a comprehensive review of your legacy systems to identify possible issues and dependencies. Understanding these factors allows you to anticipate problems and plan accordingly.
2. Detailed planning.
Create a thorough migration strategy that includes dates, resource allocation, and contingency plans. Define specific objectives and success criteria to help steer the process.
3. Pilot testing.
Before launching a full-scale migration, do a pilot test with a limited collection of apps. This aids in detecting and fixing concerns in a controlled setting, lowering the likelihood of widespread problems.
4. Data backup and recovery.
Ensure that solid data backup and recovery strategies are in place. To reduce the risk of data loss during relocation, regularly backup and test recovery mechanisms.
5. Stakeholder Communication.
Maintain open and constant communication with all stakeholders during the migration process. This ensures that everyone is aware of progress, possible dangers, and mitigation strategies.
6. Monitoring after migration.
Implement ongoing monitoring following the move to quickly detect and rectify any new issues. Cloud-native monitoring solutions can help you obtain insights into application performance and security.
Step Checklist for Transferring Legacy Applications to Cloud
Migrating existing applications to the cloud may be a difficult process, but using an organized approach can make the effort easier and assure a smooth transfer.
1. Assess and analyze.
Evaluate your existing legacy systems in order to comprehend their design, dependencies, and performance. Determine which applications are appropriate for cloud transfer and rank them according to business impact and complexity.
2. Develop a strategy.
Based on your evaluation, select the right migration approach (for example, rehosting, replatforming, or refactoring). Consider the cost, time, and available resources.
3. Plan and prepare.
Create a clear migration strategy with dates, resource allocation, and risk management techniques. Ensure that all stakeholders are informed and ready for the relocation process.
4. Perform migration.
Begin the migration process by adhering to the established strategy like Azure Cloud Migration. Use automated technologies and best practices to assure uniformity and reduce mistakes. Closely monitor the process to fix any concerns as they arise.
5. Test and validate.
After the transfer, extensively test the apps to verify they work properly in the new cloud environment. Test performance, security, and integration with other systems.
6. Optimize and monitor.
Once the apps are in the cloud, they should be regularly monitored and optimized. Use cloud-native features and services to increase productivity and cost-effectiveness.
Reference link
https://learn.microsoft.com/en-us/answers/questions/1062719/legacy-application-migration-to-cloud
https://azure.microsoft.com/en-us/solutions/migration/web-applications
https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/migrate/scenarios
https://azure.microsoft.com/en-gb/solutions/migration/web-applications#:~:text=Database%20migration,-Receive%20step%2Dby&text=Download%20and%20install%20the%20Data,to%20the%20cloud%20at%20scale.
Top comments (0)