Migration of multi-tier applications to AWS at scale made easy

with Tushar Bandopadhyay, @tbandopadhyay

Today, not only data is growing at an exponential rate, but the number of applications is also growing. This growth coupled with increased heterogeneity of technology infrastructure is driving complexity in managing IT systems and applications. By migrating these complex IT applications to the public cloud, customers gain several benefits, including agility, scalability, availability, security, and reduced cost.

At Veritas, we are always seeking ways to make it easier and simpler for our customers to protect and recover data. For customers looking to rehost (aka “lift-and-shift”) workloads (multi-tier applications, physical or virtual servers, or an entire data center) on public cloud, Cloud Mobility simplifies migration by abstracting complexity in large scale migration.

In this blog post, we’ll discuss how Veritas Cloud Mobility (aka Veritas Resiliency Platform) helps customers migrate complex multi-tier applications from on-premises to AWS.

Cloud Mobility architecture:Alok Abhishek Image 1.pngCloud Mobility (VRP) Architecture

Cloud Mobility has four main components:

  1. Resiliency Manager (RM): The Resiliency Manager provides the services required for migrating (or protecting) assets, such as virtual machines. The Resiliency Manager discovers and manages information about data center assets from an Infrastructure Management Server (IMS). The Resiliency Manager stores the asset information in its data repository, displays the information in its management console, and provides workload automation services.
  2. Infrastructure Management Server (IMS): An IMS discovers and monitors assets within a data center. The IMS sends information about the assets to the Resiliency Manager so the Resiliency Manager can manage the assets. Management operations on assets (for example, migrate, start or stop virtual machines) that you initiate from the web console are carried out by the IMS.
  3. Replication Gateway (GW): The Replication Gateway provides data replication across sites. GW acts like a staging server that aggregates and batches data from multiple virtual machines during replication. The Replication Gateway receives data from the in-guest I/O tap module on the VM guests and replicated the data to the AWS. The Gateway also performs data optimization like local deduplication and compression. The Gateway on source data center is always paired with a Gateway on target data center. The target data center Gateway is a staging server that applies the data from the source data center storage. The data is encrypted in transit as well as at rest in AWS.
  4. Data Gateway (DGW - Optional): Data Gateway provides customers object storage replication mode for migration of assets to AWS. The Data Gateway acts like a communication channel between the on-premises Replication Gateway and cloud Replication Gateway. The data being replicated from the on-premises data center gets compressed and stored in AWS Simple Storage Service (S3) bucket in the form of objects. Several AWS service components, such as DynamoDB, API Gateway, SNS, Lambda, SQS, etc., get deployed as part of Data Gateway deployment in AWS environment.

    Data Gateway provides customers added benefit of scale and durability by leveraging AWS S3.


    You can read more about these components here.

Alok Abhishek Image 2.pngCloud Mobility (VRP) deployment architecture and just in time migration (test) for migration to AWS

Five steps to migrate to AWS:

Automated rehosting (lift-and-shift) using Cloud Mobility consists of five main steps:

  1. Setting up asset infrastructure: As part of this step you add on-premises and cloud infrastructure to Cloud Mobility.
  2. Preparing host for replication: You identify the system to be migrated and configure them with IO Tap. Cloud Mobility’s IO Tap driver replicates the machine to AWS at near real-time RPO.
  3. Configuration: You configure target machine (storage, compute, network and security) configuration for each on-premises machine. You map the source network to target network and you can also define a rehearsal network to perform non-disruptive testing. For multi-tier applications, you define a virtual business service (define order of stop and start for multi-tier applications) and resiliency plan (steps to be performed in cases of planned migration) for large scale migration.
  4. Rehearsal (Test): Cloud Mobility provides rehearsal functionality using which you can test migration of the systems in an isolated, non-production network segment in AWS to ensure they are working properly prior to a full migration event. This is achieved by using snapshots of replicated data (on AWS site) which is then attached to just in time provisioned Elastic Compute Cloud (EC2) instance used for testing purposes. Once you are satisfied with testing use ‘clean up rehearsal’ feature provided by Cloud Mobility to clean up resources (EC2 instances and EBS storage) created for testing.
  5. Planned Migration: After testing the migration, you ready to rehost the workload in AWS. Migration is a single-click operation with Cloud Mobility. The on-premises workload is instantiated in AWS (this does not involve any format conversion). The migration operation gracefully shuts down on-premises physical and virtual machines and starts them in AWS. AWS resources such as EC2 instances and EBS storage are created just in time during the migration. This means these resources only run during testing and migration, hminimizing the overall compute cost.

As part of the migration process, Cloud Mobility performs the following tasks:

  • Validates data consistency and replication state
  • Stops on-premises Virtual Machine
  • Unregisters Virtual Machines
  • Reverses replication (optional)
  • Creates network interface
  • Connects VM to AWS network
  • Registers VM on AWS
  • Attaches AWS storage volume
  • Starts EC2 instances in AWS
  • Checks AWS instances status

In this process, replication ensures consistent data of the assets is made available at AWS, and all network, storage, compute and security customization are automated. After migration, you can decommission on-premises machines.

Alok Abhishek Image 3.pngCloud Mobility (VRP) migration from on-premises to AWS

Features that set Cloud Mobility apart:

The following capabilities of Cloud Mobility help customers automate migration to AWS:

Alok Abhishek Image 4.pngCloud Mobility (VRP) home page showing the on-premises data center and AWS as target data center

  • Virtual Business Services (VBS): A VBS represents a multi-tier application as a single, consolidated entity and allows you to manage workloads based on the overall business service they support. This eliminates the need for managing different application tiers individually and enables a simple migration process for a large multi-tiered application that would otherwise need to be migrated at the individual system level. VBS allows customers to create a blueprint of their multi-tier applications and define order of stop and start for these applications. For example, in the picture below, we have shown how customers can define three-tier business services including the database layer, application layer, and web layer. Customers can define the stop and start order of multi-tier applications, and Cloud Mobility will follow this order when migration is performed on the VBS.

Alok Abhishek Image 5.pngCloud Mobility VBS – Allows customers to define stop and start order for multi-tier applicationsAlok Abhishek Image 6.pngCloud Mobility (VRP) Virtual Business Services stop and start order for multi-tier applications

  • Resiliency Plan: Resiliency Plan provides a drag-and-drop canvas where customers can define migration runbook by creating a workflow of steps to be performed during migration. This allows customers to define steps such as rehearsal, manual task, custom script execution, migration, etc.Alok Abhishek Image 7.pngCloud Mobility Resiliency Plan canvas allows customer to use drag drop feature to define migration run book

Customers can migrate at Resiliency Plan level which makes a complex migration project easier to plan and execute. Resiliency Plan can also be scheduled to run at specific time. This could be specifically useful for testing and change control.

Alok Abhishek Image 8.pngCloud Mobility (VRP) Resiliency Plan provides automation of migration runbookVBS and Resiliency Plan provides customers robust capabilities for creating recovery plans that automates orchestration necessary to ensure that business function can be quickly and accurately relocated. Combination of VBS and Resiliency Plan provides customers the ability to migrate applications from on-premises to AWS in a single click, reducing the risk of human error by automating steps required in migration.

  • Recovery Point Objective (RPO) and Recovery Time Objective (RTO): Cloud Mobility provides near zero RPO using real time data replication (async replication). Cloud Mobility deploys an in-guest I/O tap module on the on-premises virtual/physical machine and replicate the data to the AWS. When migrating, Cloud Mobility gracefully shuts down the production environment and brings it up in AWS with no data loss. Migration includes customization of compute, storage and network and is fully automated. Therefore, migration of multi-tier workloads using Cloud Mobility provides low RTO.Alok Abhishek Image 9.pngCloud Mobility showing sync status and replication lag for near zero RPO
  • Non-disruptive rehearsals: For the large-scale migration of critical workloads, it is important customers can test the migration without impacting production environment. Cloud Mobility provides the ability to test migration in an isolated network to proactively identify any issues or assess the readiness of the migration.Alok Abhishek Image 11a.png


    Alok Abhishek Image 11b.pngCloud Mobility leaves the on-premises workload untouched while bringing the test workload in AWS for non-disruptive rehearsal in AWS


  • Reporting and risk insights: Along with providing reports of migration (and rehearsals) operations, which could be used for planning, compliance and audit purposes, Cloud Mobility also provides end-to-end visibility of risks related to business continuity and configuration drift in a single console. Risk Insights and Operation Reporting capabilities of Cloud Mobility help customers in taking a data-driven decision for cloud migration.
  • Failback: Sometimes even the most meticulously planned project may go wrong. Veritas Cloud Mobility provides reverse replication feature. This is a critical feature for contingency planning in case, after migration, something goes wrong. In such situations, you can bring the workload back to on-premises (with incremental data which was generated when workload was running on AWS), fix the issue, and then migrate back to AWS.

Take on complexity with confidence

Migration of complex large-scale deployments with heterogeneous infrastructure does not need to be daunting. As we have shown, automation capabilities such as Virtual Business Services and Resiliency Plans provided by Cloud Mobility simplify complex application migrations. Leveraging Cloud Mobility, you can easily migrate on-premises workloads to AWS at scale and achieve your business goals.

For more information on Cloud Mobility, please refer to the following materials:

And join Veritas at AWS re:Invent 2019

Please join Veritas at AWS re:Invent in Las Vegas (Dec 2-6, 2019) at booth 1201. We will be hosting a tech talk on Cloud Mobility and AWS on Tuesday, Dec 3rd at 3:00 p.m. We also will have a Data Protection lounge that will be open during the AWS expo hours where you can see a working demo and talk to a Cloud Mobility (and Resiliency Platform) specialist.