Perils and Pitfalls of Cloud Migration

Cloud Journey is a transformational journey and a paradigm shift. It is likely to be very complex, time consuming and risky at the same time. Migrations that are started without a clearly defined, well-researched, and coherent strategy are likely to run into pitfalls! Given below are the common pitfalls to avoid during a cloud migration. 

Not Planning thoroughly

This cannot be stressed enough ! Business Objective behind the migration has to be very clear. What is the need for migration ? Is it to leverage the benefits of cloud like scalability and performance ? Or is there a business opportunity by being more agile? The first step in the planning phase is to conduct an audit of your existing systems. A critical consideration of the audit process should be to identify and map application dependencies including third party applications. It is important to create a mapping table with information on all the other applications and systems that it communicates with, whether it is unidirectional or bidirectional and how frequently they communicate. This is necessary in order to understand the current roles and business processes and how the organization will look like after the migration. If you have multiple applications to migrate, start off with the simple ones first and keep the complex ones towards the end. More dependencies increases the complexity.

Not having a Clear Strategy

One of the first things to decide when migrating to cloud is whether you will go private, public or hybrid. The types of cloud migration strategies fall into one of the “Rs” popularised by Amazon and Gartner. They are

 a. Rehosting or commonly called as “Lift & Shift” which is primarily moving “as is” the infrastructure and hosting the application workload in Cloud. Advantage is it takes less time to execute the migration. Disadvantage is it could be expensive in the long run since it doesn’t leverage the benefits and flexibility of being cloud native.

 b. Repurchasing is basically doing away with the existing legacy applications and adopting or moving to a functionally similar cloud native application. Advantage is it could be cost effective if your existing legacy application was turning to out be an expensive proposition to run. Disadvantage is it would need retraining personnel on the new product.

c. Refactoring is primarily rebuilding the application from scratch including code and infrastructure. Advantage is that it provides maximum cloud benefits and is cost effective in the long term. Disadvantage is it takes longer time and expensive in the short term.

d. Retiring and Retaining are the other types of strategy wherein some components are retired since moving it doesn’t make business sense or keeping it in on-premise makes more sense due to compliance reasons.

It’s also important to make informed decisions about which applications must be migrated together and create a road map for sequencing this or moving it as one bundled application.

Migrating in phases is recommended and thorough testing at each stage of the migration process should be done. The idea is to identify issues and remediate it as soon as it is discovered so that the backlog of open issues is reduced at the end.

Cloud Migration can be used as an opportunity for cleanup. Thus could be reduction of tech debt or removal of pile of unused redundant data which would have accumulated over years. Only necessary data can be moved. This will help reduce storage and ingress costs.

Not taking Security & Compliance seriously

Security concerns and issues encountered during cloud migration are the ones that have to be addressed on priority. According to Gartner, 90% of the organizations that fail to put guard rails and have proper control on public cloud use, will inappropriately share sensitive data by 2025.

To avoid security weak points or downtime during the move, make sure that a proper threat modelling and security assessment has been done upfront in consultation with your cloud provider.

Most organisations adopt a shared responsibility model where the security team is responsible for securing the infrastructure while the respective application teams are responsible for securing their data. Periodic assessment of security of data at rest is required to meet regulatory compliance laws like GDPR and HIPAA.

Not having In house Technical Expertise

There is competition between the Cloud Service Providers to get business, especially if the customer is a large enterprise. Hence they go all out to hand hold and provide support end to end in the migration journey. The offer to help could range from rearchitecting the monolith applications to evaluation of cloud native applications running on their platform. While the Cloud Service Providers will provide consulting services, it is important to have in house expertise and proper due diligence done by the team migrating their applications.

Human error and a lack of skills required to operate the new infrastructure could result in huge loss and hence it is important to invest and skill the personnel who will be operating the cloud. Even the Developers who are developing applications on cloud should be savvy and understand security and cost aspects.

More and more products and services are provided as Managed Services in Cloud and this would be the easiest way out for organisations to fall back on if there is dearth of technical resources to operate the products.

Not having a Budget and monitoring spends

For startups it’s a no brainer to set up their infrastructure directly on cloud, But for large companies who have hardware in their own or managed datacenters, should carefully evaluate the total cost of ownership and have a budget in mind on how much they are willing to spend in cloud. There will be many sops and discounts offered by the cloud service providers to migrate to cloud. If efficient methods and guard-rails are not put in place, in the long run, cloud costs could spiral northwards.

Since in cloud, it is pay per use or pay as you go approach, optimum resource usage has to be a priority. An example of how cost could add up is an Analyst submitting a select * query on a large database without putting in proper conditions resulting in the query running for hours at end and utilising huge CPU cores and adding to the cost. Machine learning and creating Data Models is a good use case for cloud; however in the process of building ML Models, every training run adds to the cost. For example, if the problem statement is to find out the correct Hadoop cluster configuration for your data set size, the ML optimisation engine will look at all the available machine configurations and run every permutation and combination and this iterative process could and run the job hundreds of time before it finally provides you a probability score for choosing the apt configuration. In the process, a lot of machine time is spent and each run adds to the cost. Hence in such cases it is required to put in a upper threshold on how many runs is allowed or better still use human intuition and give very few limited configuration sets for the training runs so that it doesn’t have to go the whole nine yards.

Usually cloud providers offer multiple flexible pricing models. For long-term commitments or for a commitment of a certain level of spend, they offer good discounts. It would be worthwhile to leverage all these offers available. They also provide incentive to upgrade and use newer configuration systems. This is a win-win since it also helps in improved application performance.

Not planning for Disaster Recovery

The cloud, like any other in house infrastructure set-up, can experience technical problems and failures including machine reboots, network outages and even an entire region going down. These events can incapacitate business operations and processes, and can be damaging to the business. A classic example of business impact failure could be if system access in cloud is through a bastion or gateway host and that host itself goes down leaving one completely in dark.

As one gets into cloud, design should be in such a way that redundancy and availability is built-in in all the components especially in the most critical ones. A specific component or micro-service can fail individually or there could be failure of the entire environment. The DR plan should include all contingencies.

Not following well Architected Frameworks

All the Cloud Service Providers have recommendations for well architected systems . It is mostly built around six pillars of operational excellence, security, reliability, performance efficiency, cost optimization and system design sustainability. The framework provides a consistent approach to evaluate architectural best practices and implement scalable designs. Adopting these practices would help make the systems secure and reliable and efficient too.

Not having central monitoring and governance

Monitor everything should be the Mantra! If there is little control of who is spawning resources, it could lead to chaos and limited accountability of resources in use. A complete centralized visibility to monitor and control of all the cloud infrastructure components is a must. Automated provisioning of resources through IaaC is the recommended approach. A clear governance model outlining the roles and responsibilities and having a role based access control will help a long way in streamlining resource provisioning. Numerous well known application monitoring tools are available for cloud, some provided by the cloud service providers themselves and others by startups and reputed enterprises and appropriate ones should be leveraged to provide insights.

Not investing in Automation

It is better to invest in automation and building migration scripts upfront so that the migration process would be smooth and less prone to errors.

Moving to the cloud is not only a challenge but rather an opportunity to make existing business processes more agile and innovative. CICD tools and processes should be leveraged for agility.

In a nutshell, a broad meticulous detailed planning and execution has to happen taking stock of all the infrastructure components, business processes and in-house expertise at disposal while building a strategy that encompasses all the needs of the organization in the cloud migration journey.

Migration mistakes can be costly to the Enterprise both in terms of time and money. Hence it is required to tread carefully, avoid potential pitfalls and enjoy the benefits of cloud transformation.