Résumé du cours
Please note attendees work together in teams of 5 as a minimum and the pricing advertised is per team of 5.
The Migration OpenHack enables attendees to assess, migrate, modernize, and optimize existing on-premises applications hosted in Windows Server 2008 R2 and Microsoft SQL Server 2008 R2 as they move to Microsoft Azure, in a secured way. The OpenHack simulates a real-world scenario where a mortgage company has multiple line-of-business applications residing on legacy infrastructure that is rapidly approaching end-ofsupport and need to be migrated. During the “hacking” attendees will focus on 1. migrating their applications from legacy operating systems to Azure using a rehost methodology and, then, 2. transitioning from IaaS to PaaS services that account for application behavior monitoring and security of organizational secrets. By the end of the OpenHack, attendees will have built out a technical solution that has all applications and virtual machines (all workloads) fully hosted on the Azure cloud.
Technologies Azure Migrate, Azure Database Migration Service, Data Migration Assistant, Azure Active Directory, Azure Active Directory Connect (AAD Connect), Azure Site Recovery, Azure Monitor/Log Analytics, Azure Networking, Azure Virtual Machines, Azure Storage, Azure DNS, Azure Traffic Manager, Azure Bastion, Azure Load Balancer, Azure Application Gateway
- Migration: move on-prem applications to Microsoft Azure
- Security: migration approach that minimizes data, app code, and other harmful leaks of information during transition from legacy infrastructure to the cloud with layers of testing and RBAC implementation
- Data: configure new Azure databases to meet your data ingestion, storage, and advanced search/AI needs
- Networking: ensure that your connection between on-prem and Cloud is secure and active, so resources transferred in between are protected
A qui s'adresse cette formation
- App Developers
- Customers looking to migrate their on-prem applications, which sit on legacy infra + internal platforms to the Azure cloud
- Customers looking to move from IaaS à PaaS services
- Customers who want to modernize their workloads
To avoid any delays with downloading or installing tooling, you are encouraged to have the following ready to go!
- Install your choice of Integrated Development Environment (IDE) Software, i.e. Visual Studio / Visual Studio Code / Eclipse / IntelliJ
- Download Azure CLI or Azure PowerShell
- Browser Client (e.g. Safari/Firefox)
- SSDT/SSMS (SQL Server Data Tools / SQL Server Management Studio)
- Modernize your applications by moving away from outdated, expensive legacy infrastructure: discover, assess, and migrate on-premises applications, infrastructure, and data.
- Take it step-by-step: centrally plan and track the migration across multiple Microsoft and third-party open source tools.
- Increased resiliency and access to ongoing support for your legacy operating systems
Outline: OpenHack – Migrating Microsoft Workloads to Azure (OHMMWA)
Challenge 1: Establish your plan In this challenge, you will learn how to plan for the migration of servers from on-premises to Azure, including how to rationalize the selection of migration tooling based on the source environment, how to design a naming convention and establish governance with Microsoft Azure, and how to design a network topology in Azure that supports segmentation between applications and services using native Azure network security resources. You will use this plan to develop your foundational Azure infrastructure as you perform your migration.
- Plan a migration infrastructure
- Pan for hybrid identity
- Design for resiliency
- Design a network infrastructure
- Plan for governance
Challenge 2: Assess workloads for migration In this challenge, you will begin to assess your on-premises environment using tools which provide automated discovery of server-to-server communication and help you right-size your environment for performance and cost before you migrate. You will learn how these tools can be used to assess on-premises Windows Server virtual machines in Hyper-V by installing and configuring any necessary software and agents. You will also finalize the design of your Azure network, including planning for logical segmentation between applications and application tiers.
- Prepare for and assess virtualized on-premises environments
- Determine suitability of servers and workloads for fit in Azure
- Create formal assessments for business leaders which demonstrate cost and sizing
Challenge 3: Implement hybrid identity In this challenge, you will learn how to establish hybrid identity to allow for seamless control and access to on-premises and Azure resources after migration. With hybrid identity established, your customer can use a single identity to access on-premises applications and cloud services such as Azure, Office 365, and other sites on the internet. Identity and assessment management (IAM) controls for Azure resources will be established which are needed for the duration of your migration.
- Plan hybrid identity
- Prepare on-premises environments for hybrid identity with Azure Active Directory
- Implement hybrid identity
- Implement identity access and management (IAM) using role-based access controls
Challenge 4: Implement hybrid networking and resilient authentication In this challenge, you will establish the final pieces of your migration infrastructure by implementing connectivity between your onpremises environment and Azure. You will also build out domain controllers in Azure for high-availability and resiliency should the network link between on-premises and Azure ever degrade or become unavailable. All the resources you build will be secured using rolebased access controls using identities and security groups that were synchronized to Azure in previous challenges.
- Design and implement site-to-site networking
- Design and implement highly available virtual machines
Challenge 5: Test migration In this challenge, you will begin to perform migrations of servers and applications to Azure using a rehost methodology. The migrations you perform will be tested and validated in an isolated environment which does not impact production, allowing you to iterate and refine your migration process without fear of impacting existing workloads.
- Migrate workloads to Azure for isolated testing
- Ensure secure and segmented cloud networks for migrated workloads
- Secure migrated servers for remote access
Challenge 6: Finalize migration In this challenge, you will perform your final migration to Azure by implementing the process you refined in the previous challenge, bringing your customer over to Azure for the target workloads. The migration must be performed during a predefined outage window and must not impact the production environment in a manner which prevents failback to on-premises if the migration is unsuccessful. After a successful migration, you will retire the on-premises servers and workloads and clean up your migration infrastructure.
- Perform final migrations of servers to Azure
- Implement failback mechanisms for seamless migration
- Design and implement resources to minimize downtime
Challenge 7: Transition to platform database services In this challenge, you will help your customer increase the efficiency and agility for managing and developing applications based on legacy Microsoft SQL Server database workloads by implementing PaaS database services. To make this transition, you will migrate the existing databases from Microsoft SQL Server to a compatible database platform service and configure the existing application to use PaaS databases securely.
- Migrate from IaaS SQL Server VMs to database platform services
- Assess databases for compatibility with database platform services
- Implement secure connectivity to PaaS services
- Configure platform services to meet backup and retention requirements
Challenge 8: Transition to platform web-hosting services In this challenge, you will continue to improve the efficiency, scalability, and agility for the existing websites by migrating to PaaS service. In addition to migrating the websites and ensuring they are operable in the new environment; they will also be secured to meet customer requirements. This includes the implementation of SSL and using Azure identities to secure access to both Azure resources one of the underlying websites.
- Migrate from IaaS web servers to platform web-hosting services
- Implement SSL with platform services for custom applications
- Minimize downtime with URL reuse and build on services already in use from IaaS implementations
- Implement Azure AD authentication to meet customer requirements
Challenge 9: Secure, optimize, and operate In this challenge, you will learn how to optimize the current deployment by implementing elastic scale in your websites, how to secure your PaaS workloads through encryption of relational data with customer-managed keys and using an HSM to protect your application secrets. You will also learn how to implement real-time performance monitoring for your websites and how to implement alerting for degradations in service health within the Azure platform.
- Implement security features of PaaS services, including protecting application secrets
- Implement at-rest encryption for database platform services using customer-managed keys (CMK)
- Implement elastic scale for web applications with autoscale
- Configure performance insights for web applications hosted in Azure
- Configure Azure platform service health alerts