Migration Execution with nOps Discovery

Overview

Migration Execution is the operational phase of the nOps Discovery workflow, where migration plans are transformed into concrete actions that migrate your workloads to AWS. Building upon the Workload Analysis and Migration Planning phases, this step orchestrates the actual migration process with AWS Application Migration Service (MGN) while maintaining comprehensive visibility and control throughout the journey.

Important

The Migration Execution phase will make changes to your target AWS environment. This includes creating, updating, and potentially destroying resources as part of establishing your landing zone and migrating workloads. Ensure you have appropriate approvals and change management processes in place before proceeding.

Prerequisites

Before beginning the Migration Execution phase, ensure you have:

1. Completed Workload Analysis: Analyzed your source environment (Workload Analysis)
2. Created Migration Waves: Defined and finalized your migration strategy (Migration Planning)
3. AWS Target Account: Identified the AWS account(s) where workloads will be migrated
4. Required IAM Permissions: Authentication credentials with sufficient privileges to:
   • Create and manage IAM roles
   • Create and manage EC2 instances, VPCs, and related resources
   • Configure and utilize AWS Application Migration Service (MGN)
   • Manage S3 buckets for state storage
   • Deploy CloudFormation templates or Terraform/OpenTofu code

Authentication and Security

AWS Authentication

To initiate migration execution, you must authenticate with your target AWS account:

1. Console Integration:

   • Choose "AWS Console" authentication method
   • Authenticate via secure console integration or federation
   • nOps never stores your AWS credentials

2. IAM Role:

   • Alternatively, create an IAM role in your AWS account
   • Apply the nOps-provided IAM policy
   • Use role-based authentication for enhanced security

Required Permissions

The following permission scopes are necessary for migration execution:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "s3:CreateBucket",
        "s3:GetObject",
        "s3:PutObject",
        "s3:ListBucket"
      ],
      "Resource": "arn:aws:s3:::nops-migration-state-*"
    },
    {
      "Effect": "Allow",
      "Action": [
        "ec2:*",
        "iam:CreateRole",
        "iam:PassRole",
        "iam:PutRolePolicy",
        "iam:CreateInstanceProfile",
        "iam:AttachRolePolicy",
        "cloudformation:*",
        "mgn:*"
      ],
      "Resource": "*"
    }
  ]
}

Landing Zone Deployment

The first step in migration execution is establishing the AWS landing zone in your target account:

Infrastructure Deployment

The Migration Execution phase uses the Infrastructure as Code Generation capability to deploy your landing zone:

State-Based Deployment Approach

• State Management: Infrastructure state stored securely in your AWS account
• Incremental Changes: Intelligent delta detection for non-disruptive updates
• Version Tracking: Complete history of infrastructure changes

Progressive Layer Deployment

The landing zone deployment proceeds in logical layers:

1. Foundation Layer:

   • Core networking infrastructure aligned with workload requirements
   • IAM security framework based on least-privilege analysis
   • Compliance monitoring and security services

2. Service Layer:

   • Migration services pre-configured based on workload analysis
   • Database and storage infrastructure sized according to telemetry data
   • Application services tailored to your specific workloads

3. Integration Layer:

   • Hybrid connectivity based on application dependencies
   • Identity and access management integrations
   • External service connections

For complete details on the Infrastructure as Code Generation capability, see the dedicated documentation.

Visual Deployment Tracking

During the landing zone deployment:

• Real-time Status Updates: Visual indicators of deployment progress
• Resource Creation Logs: Detailed information about each resource being created
• Validation Checks: Automatic tests to confirm successful deployment
• Troubleshooting Guidance: Immediate assistance if deployment issues occur

Wave Execution Management

Once the landing zone is established, nOps orchestrates the migration of workloads in waves as defined during the planning phase:

Wave Initiation

Using the migration waves created by the Move Group Generation capability, you can begin the actual migration process:

1. Intelligent Wave Review:

   • Review the AI-generated wave composition based on dependency analysis
   • Examine the detailed dependency maps for each application
   • Verify the critical path and sequence requirements
   • Confirm the risk assessment and mitigation strategies

2. Pre-Execution Validation:

   • Comprehensive automated validation of prerequisites
   • System accessibility checks based on dependency mapping
   • Landing zone verification aligned with wave requirements
   • Migration service readiness assessment

3. Coordinated Execution:

   • Orchestrated approval workflow aligned with wave dependencies
   • Optimal scheduling based on business impact analysis
   • Automated stakeholder notification based on responsibility matrix

Migration Implementation Methods

nOps supports multiple migration implementation approaches based on the modernization strategies selected:

Standard Migration with AWS MGN

For traditional lift-and-shift migrations:

1. Automated Agent Deployment:

   • The AWS MGN client is automatically deployed to source systems
   • Configuration tailored to each workload's specific requirements
   • Secure communication channels established for data replication

2. Replication Configuration:

   • Appropriate replication settings based on workload size and change rate
   • Bandwidth throttling options for minimal production impact
   • Data consistency validation during replication

3. Test and Cutover Management:

   • Automated test instance provisioning for validation
   • Scheduled cutover preparation and execution
   • Post-cutover validation and fallback options

Container Transformation

For workloads identified as containerization candidates:

1. Container Asset Creation:

   • Automatic Dockerfile generation based on application analysis
   • Docker-compose configuration for local testing
   • Kubernetes manifests for EKS deployment
   • Fargate task definitions where appropriate

2. Container Infrastructure Setup:

   • EKS cluster or Fargate profile creation
   • Network and security configuration
   • Container registry setup and security scanning
   • CI/CD pipeline integration recommendations

3. Application Transformation:

   • Application code extraction and adaptation
   • Configuration externalization
   • State management modification
   • Persistent storage configuration

Serverless Transformation

For workloads suitable for serverless architectures:

1. Function Extraction:

   • Identification and isolation of application functions
   • Code adaptation for Lambda runtime environment
   • Event trigger configuration
   • IAM role and permission setup

2. Serverless Infrastructure Provisioning:

   • Lambda function deployment
   • API Gateway configuration for HTTP endpoints
   • Event source mapping creation
   • Supporting resource provisioning (DynamoDB, S3, etc.)

Migration Progress Monitoring

Comprehensive visibility is provided throughout the migration process:

1. nOps Dashboard:

   • High-level wave status with real-time progress indicators
   • Workload-specific status and metrics
   • Integration with MAP management facility for funding program tracking
   • Critical path monitoring and alerting

2. AWS MGN Console Integration:

   • Direct links to AWS MGN console for detailed status
   • Seamless navigation between nOps and AWS interfaces
   • Consolidated view of migration metrics across all workloads

3. Migration Analytics:

   • Data transfer rates and completion estimates
   • Resource utilization during migration
   • Performance comparison between source and target

Validation and Testing

nOps performs automated validation to ensure successful migration:

Automated Service Validation

Post-migration validation includes:

• Network Connectivity Testing: Verification that all required ports and protocols are accessible
• Service Response Testing: Basic health checks for migrated services
• Performance Baseline Comparison: Validation that critical metrics match or exceed source environment
• Integration Point Verification: Testing of connections between migrated and dependent services

Validation Dashboard

All validation results are presented in a comprehensive dashboard:

• Success/Failure Indicators: Clear visual indicators for each validation category
• Detailed Error Information: Specific information about any validation failures
• Remediation Guidance: Recommended actions to address validation issues
• Manual Validation Checklists: Guidance for additional testing beyond automated validation

Rollback Options

If validation reveals critical issues:

• One-Click Rollback: Option to revert to source environment
• Partial Remediation: Tools to fix specific issues while maintaining migration progress
• Extended Testing Mode: Ability to run both source and target environments in parallel

Continuous Optimization

As part of the migration execution process, nOps provides seamless integration with its continuous optimization platform:

Auto-Enrollment Options

By default, all migrated resources are automatically enrolled in nOps optimization services:

note

The following services are enabled by default and must be explicitly deselected if not desired:

• Essentials: Automated cost optimization, idle resource detection, and right-sizing
• Business Contexts+: Cost allocation, tagging, and business unit mapping
• Compute Copilot: Advanced compute optimization for EC2, containers, and serverless
• WAFR: Well-Architected Framework compliance monitoring

Customizing Enrollment

You can customize continuous optimization enrollment:

• Service Selection: Choose which optimization services to enable
• Resource Filtering: Include or exclude specific resources or resource types
• Notification Preferences: Configure alerts and recommendations delivery
• Automation Levels: Set thresholds for automated vs. manual optimization

Immediate Value Realization

Benefits available immediately after migration:

• Cost Baseline: Establishment of cost monitoring from day one
• Initial Optimization Recommendations: First set of improvements typically available within 7 days
• Governance Guardrails: Automated policy enforcement from the start
• Performance Monitoring: Continuous tracking of resource utilization and performance

Troubleshooting and Support

If issues occur during migration execution:

Common Issues and Resolution

The system provides guidance for common migration challenges:

• Replication Failures: Troubleshooting for data transfer issues
• Performance Problems: Addressing unexpected performance degradation
• Compatibility Issues: Resolving workload compatibility problems with AWS
• Network Connectivity: Resolving connection problems between environments

Support Resources

Multiple support channels are available during migration:

• In-App Chat: Real-time assistance from nOps migration specialists
• Documentation Library: Comprehensive guides for common scenarios
• AWS Support Integration: Seamless escalation to AWS Support when needed
• Migration Specialists: Option to engage dedicated migration experts for complex issues

How to Access Migration Execution

To begin the Migration Execution process:

1. Complete Workload Analysis and Migration Planning
2. Navigate to "Discovery" → "Migration Execution" in your nOps dashboard
3. Configure AWS authentication using your preferred method
4. Review and initiate landing zone deployment
5. Select and execute your first migration wave
6. Monitor progress and validation results through the execution dashboard