Loading...

Cloud Migration from on-premise data center to AWS at PT.XYZ

The hybrid-cloud approach and the REMICS method

Bachelor Thesis 2018 153 Pages

Computer Science - Applied

Excerpt

TABLE OF CONTENTS

COVER

TITTLE

ABSTRACT

FOREWORD

TABLE OF CONTENTS

TABLE OF TABLE

TABLE OF FIGURE

TABLE OF ATTACHMENTS

CHAPTER 1 INTRODUCTIONS
1.1 Background
1.2 Scope
1.3 Objectives and benefits
1.4 Methodology
1.5 Writing systems

CHAPTER 2 LITERATURE REVIEW
2.1 General Theories
2.1.1 Information Systems
2.1.2 Business Process
2.1.3 Basic Concepts of Cloud Computing
2.2 Special Theories
2.2.1 Cloudonomics
2.2.2 Virtual Machine
2.2.3 On-Premises
2.2.4 Cloud Migration
2.2.5 Total Cost of Ownership (TCO)
2.2.6 REMICS Cloud Migration Methodology
2.2.7 Analysis and Comparation of REMICS with Other Cloud Migration Methodology
2.2.5.1 REMICS Cloud Migration Methodology
2.2.5.2 Butterfly Migration Methodology
2.2.5.3 Laszewski and Nauduri Cloud Migration Methodology
2.2.5.4 Conclusions:
2.2.8 UML Basic Concepts
2.2.9 Activity Diagram
2.3 Data Collection Technique
2.3.1 Observation
2.3.2 Interview
2.4 State of Mind

CHAPTER 3 ANALYSIS OF THE ONGOING SYSTEM
3.1 Company Profile
3.1.1 Vision
3.1.2 Mission
3.2 Corporate Structure
3.3 As-Is Business Process
3.3.1 Current Roles and Description
3.3.2 Current Data Center
3.3.3 Current Network Infrastructure
3.3.4 Current Commercial Process
3.3.5 Current Technical Processes
3.3.5.1 Launching New Physical Server On-Premise
3.3.5.2 Replace or Upgrade Disk Storage
3.3.5.3 On-Premise Physical Servers Termination
3.3.5.4 Security Access to Data Center
3.3.5.5 Generate Consolidated IT Asset Inventory List
3.4. Identification of Problems and Solutions Proposed
3.4.1 Identified Problems
3.4.2 Solutions Proposed
3.4.2.1 Amazon Web Services (AWS) - Cloud Computing Services
3.4.2.1.1 History of Amazon Web Services (AWS)
3.4.2.1.2 Analysis and Reason of Why AWS
3.4.2.1.3 Products of AWS That Being Used
3.4.2.2 Migration Tools
3.4.2.2.1 Double-Take Move
3.4.2.2 AWS VM Import/Export

CHAPTER 4 FUTURE PROCESS AND MIGRATION PROCESS
4.1 To-Be Business Processes
4.1.1 Future Roles and Description
4.1.2 Future Data Center
4.1.3 Future Network Infrastructure
4.1.4 Future Commercial Process
4.2 Future Technical Processes
4.2.1 Launching New Server / Instance on AWS
4.2.2 Attach New Volume
4.2.3 Server Termination
4.2.4 Security Access to AWS Management Console
4.2.5 Generate Consolidated IT Asset Inventory List (List of Instances)
4.3 The Benefits After The Future Processes (After using AWS)
4.4 Cloud Migration Process
4.4.1 Requirement and Feasibility
4.4.2 Recover
4.4.3 Migrate
4.4.4 Validate
4.4.5 Control and Supervise
4.4.6 Withdrawal
4.4 Lesson-learned

CHAPTER 5 CONCLUSIONS AND SUGGESTIONS
5.1 Conclusions
5.2 Suggestions

REFERENCES

ATTACHMENTS

ABSTRACT

The purpose of this project is to understand the constraints and needs of PT. XYZ and migrate its servers to the cloud, using a migration method and vendors selection that best suits with PT.XYZ environment and goals. This research begins with requirements and problems analysis from related departments. The authors compare data and information about how the existing business process and infrastructure goes with the future business process and infrastructure after the project done which is illustrated using activity diagram, then proceed with the analysis of the migration method selection. The results are the comparison between the existing method and which method is best suited to PT.XYZ migration goals. The conclusion is, this project aims to migrate several servers on-premise in PT.XYZ to AWS cloud using hybrid-cloud approach and REMICS method for the migration. With the migration of on-premise servers to the cloud, it will help to facilitate the company to be able to monitor and control their servers while optimizing their data center, which ended up on cost savings and efficiency gains.

Keywords : Cloud, A WS, PT.XYZ, REMICS, Hybrid Cloud, Data Center, Cost savings, Migration, Business Process, Infrastructure, Activity Diagram

ABSTRAK

Tujuan proyek ini adalah untuk mengetahui kendala dan kebutuhan PT. XYZ kemudian memindahkan beberapa servernya ke cloud menggunakan sebuah metode migrasi dan pemilihan vendor yang paling sesuai dengan lingkungan dan tujuan PT.XYZ. Analisa dimulai dengan melakukan analisa kendala dan kebutuhan bagian terkait. Penulis membandingkan data dan informasi dari bagaimana jalannya proses bisnis serta infrastruktur yang sudah ada dan membandingkannya dengan proses bisnis dan infrastruktur yang nantinya akan dijalankan ketika proyek telah selesai menggunakan activity diagram, setelah itu dilanjutkan dengan analisa pemilihan metode migrasi. Hasil dari analisa pemilihan metode migrasi yang dilakukan adalah untuk menggambarkan secara detil perbandingan antara tiap metode yang ada dan menganalisa metode mana yang paling cocok dengan tujuan dan dasar migrasi PT.XYZ. Simpulan proyek ini bertujuan untuk memindahkkan beberapa server on- premis PT.XYZ ke dalam cloud AWS dengan pendekatan hybrid cloud menggunakan metode migrasi REMICS. Dengan dipindahkannya server on-premis ke dalam cloud ini akan memudahkan perusahaan untuk bisa memantau dan mengontrol server-server mereka serta mengoptimalisasikan data center mereka yang berhujung pada penghematan biaya dan peningkatan efisiensi.

Kata kunci : Cloud, AWS, PT.XYZ, REMICS, Hybrid Cloud, Data Center, Penghematan Biaya, Migrasi, Proses Bisnis, Infrastruktur, Activity Diagram

FOREWORD

Praise the Almighty God we can finish this bachelor thesis with the title “CLOUD MIGRATION FROM ON-PREMISE DATA CENTER TO AWS AT PT.XYZ”

Authors filled with gratefulness for all those people who allowed and support authors to prepare and submit this thesis as one of the requirements for completing undergraduate studies at Bina Nusantara University. Authors are well-aware that this thesis cannot be completed without the help of these people. Therefore, in this opportunity authors would like to give special thanks to:

1. Prof. Dr. Ir. Harjanto Prabowo, M.M. as the Rector of Bina Nusantara University
2. Dr. Meyliana, S.Kom., MM. as the Dean of Information Systems Department in Bina Nusantara University
3. Dr. Yohannes Kurniawan, S.Kom., SE., MMSI as the Head of Information Systems Department also as the lecturer that assisted and supervised authors through the whole process of creating this thesis and prepared authors to be ready at the thesis defense.
4. Mr. Tanjung Puranto as the Project Manajer who has given the authors a great help by the permission to conduct the survey, allowed one of the authors to have internship experience in the project and to write this thesis.
5. Mr. Paragone Loh as the Transformation Lead from the project who has given the support and encouragement to pick this Cloud-related topic as the thesis topic.
6. Mr. Amarnath Pramanik as the Cloud Migration Lead in the project who has given a significant help by giving a lot of inputs, knowledge, assistance, and encouragement.
7. Mr. Wei Kiat Tan as the Cloud Architect in the project who has given a significant help by giving a lot of inputs, knowledge, assistance, and encouragement.
8. Mr. Aldo Aprilando as the Network Transformation Lead in the project who has given an immense help by giving a lot of inputs, assistance, and encouragement.
9. Mr. Ankit Sethi, Ms. Pavani Mongam, Mr. Manish Mhatre, Mr. Bowo, Mr. Iqbal, Mr. Komang, Mr. Sushant as Keiko’s working colleague in the Cloud Team who has given an immense help by giving a lot of inputs, assistance, and encouragement.
10. Muhammad Irfan Bin Surijanto who has given help and inputs.
11. Julius Raymond Setiawan who has given encouragement, supports and inputs.
12. Authors’s parents who has given their big support, prayer, understanding and in the form of material during the creation of this thesis.
13. All friends and relatives that authors can’t mention one by one but has also given their supports and encouragement

Thus, the authors hope that this thesis can provide a significant contribution, reference and knowledge to the reader. Authors apologize for the misspellings or flaws in this thesis. Thank you

Jakarta, 9 July

TABLE OF TABLE

Table 2. 1 Cloud Migration Methodology Comparation

Table 2. 2 Activity Diagram Symbols Description

Table 3. 1 Current Network Structure Symbols Description

Table 4. 1 Future Structure Symbols Description

Table 4. 2 Before and after using Cloud comparation

Table 4. 3 Application Questionnaires

Table 4. 4 Complexity Types

TABLE OF FIGURE

Figure 2. 1 REMICS Methodology Process

Figure 2. 2 REMICS Portability and Interoperability on Cloud Services

Figure 2. 3 6 Strategies For Migrating Applications To The Cloud

Figure 2. 4 Butterfly Migration Methodology Phases

Figure 2. 5 State of Mind Chart

Figure 3. 1 Corporate Structure PT.XYZ

Figure 3. 2 Current Network Structure PT.XYZ

Figure 3. 3 Current Commercial Process Activity Diagram

Figure 3. 4 Launching New Physical Server On-Premise Activity Diagram

Figure 3. 5 Replace or Upgrade Disk Storage Activity Diagram

Figure 3. 6 On-Premise Physical Servers Termination Activity Diagram

Figure 3. 7 Security Access to Data Center Activity Diagram

Figure 3. 8 Generate Consolidated IT Asset Inventory list Activity Diagram

Figure 3. 9 Cloud Vendor Comparation

Figure 3. 10 Magic Quadrant for Cloud Infrastructure as a Service Worldwide

Figure 3. 11 Azure Pricing Calculator Case A (Part 1)

Figure 3. 12 Azure Pricing Calculator Case A (Part 2)

Figure 3. 13 Azure Pricing Calculator Case A (Part 3)

Figure 3. 14 AWS Monthly Calculator Case A (Part 1)

Figure 3. 15 AWS Monthly Calculator Case A (Part 2)

Figure 3. 16 AWS Monthly Calculator Case A (Part 3)

Figure 3. 17Azure Pricing Calculator Case B (Part 1)

Figure 3. 18 Azure Pricing Calculator Case B (Part 2)

Figure 3. 19 Azure Pricing Calculator Case B (Part 3)

Figure 3. 20 AWS Monthly Calculator Case B (Part 1)

Figure 3. 21 AWS Monthly Calculator Case B (Part 2)

Figure 3. 22 AWS Monthly Calculator Case B (Part 3)

Figure 3. 23 How Double-Take Works

Figure 4. 1 Future Network Structure PT.XYZ

Figure 4. 2 Future Commercial Process Activity Diagram

Figure 4. 3 Launching New Server/Instance on AWS

Figure 4. 4 AWS Console Management Dashboard

Figure 4. 5 AWS EC2 Dashboard

Figure 4. 6 AWS EC2 Launch Instance (Step 1)

Figure 4. 7 AWS EC2 Launch Instance (Step 2)

Figure 4. 8 AWS EC2 Launch Instance (Step 3)

Figure 4. 9AWS EC2 Launch Instance (Step 4)

Figure 4. 10 AWS EC2 Launch Instance (Step 5)

Figure 4. 11 AWS EC2 Launch Instance (Step 6)

Figure 4. 12 AWS EC2 Launch Instance (Step 7)

Figure 4. 13 Instances Dashboard

Figure 4. 14 Attach New Volume Activity Diagram

Figure 4. 15Volumes Dashboard

Figure 4. 16 Create Volume (Part 1)

Figure 4. 17 Create Volume (Part 2)

Figure 4. 18 Attach Volume

Figure 4. 19 Server Termination Activity Diagram

Figure 4. 20 Server Termination on AWS

Figure 4. 21 Security Access to AWS Management Console Activity Diagram

Figure 4. 22 PT.XYZ AWS Login Page

Figure 4. 23 PT.XYZ Multi Factor Authentication Page

Figure 4. 24 Generate Consolidate IT Asset Inventory Activity Diagram

Figure 4. 25 AWS Command Line Interface (CLI)

Figure 4. 26 AWS Credentials

Figure 4. 27 CLI For Generate Instances Inventory List

Figure 4. 28 Generated Inventory Instances Inventory List

Figure 4. 29 Generated Inventory Instances Inventory List (Final Version)

Figure 4. 30 Consolidated IT Inventory List

Figure 4. 31 Current Generation Instance Types

Figure 4. 32 The Corresponding Instance

Figure 4. 33 Instances Types

Figure 4. 34 Example of a Bundle

Figure 4. 35 Hour by Hour Migration Plan Template

Figure 4. 36 Migration Execution Dashboard

Figure 4. 37 Double-Take Console (Part 1)

Figure 4. 38 Double-Take Console (Part 2)

TABLE OF ATTACHMENTS

Interview Transcript with Tan Wei Kiat (Cloud Architect of Project PT.XYZ

Interview Transcript with Amarnath Pramanik (Cloud Migration Lead of Project PT.XYZ

Attachment 1 (L1) The Main On-Premise Data Center in PT.XYZ Head Office Building

Attachment 2 (L2) One of The Floor Servers Entrance Door

Attachment 3 (L3) The Floor Servers A5

Survey Letter

CHAPTER 1 INTRODUCTIONS

1.1 Background

In this modem era, a company that can excel today is a company that maximizes the use of information technology (IT) in its business processes. The use of IT in business processes has a positive impact on efficiency and productivity also supports daily business processes. Over time, most companies will continue to grow, but these developments are also indirectly compelling companies to develop their IT resources to keep in pace with their growing business.

It is difficult to assess and implement the correct IT investments that meet the business needs. The Gartner IT Budget Report (2018) shows that healthcare companies often spend nearly 75 percent of their IT budgets on internal systems. Companies in all sectors are often caught up in the upfront price of hardware and can’t estimate the total cost of ownership (TCO) (support, additional hardware, etc.). With cloud services, resources are paid per used and as on-demand. In addition, some of the software (e.g. operating systems support, patching) and hardware (e.g. hardware components) does not have to be internally updated as this is done automatically by the cloud vendors.

Cloud computing is internet-based computing. Where in the past, people would run applications or programs from software downloaded on computers or on-premise servers in their buildings, cloud computing allows users to access the same type of application over the internet.

In short, the cloud is increasingly turning into a company necessity because it sees the benefits of the cloud that can support the business processes of the enterprise. Based on articles from Fortune (Darrow, 2016), chairman of the Johnson & Johnson Group worldwide, Sandi Peterson told the Journal that switching to the cloud saves money and helps companies grow faster. The company has moved more than 500 terabytes of data across AWS, Microsoft Azure, and NTT clouds to help companies improve their research. You can see, the application of cloud technology is widespread, old companies that had used physical servers began to migrate to the cloud. As new companies emerge, like the startup, they are already using the cloud from the beginning. As Janice Dunstan wrote on IBM's blog, a 2017 Frost & Sullivan survey reports that 80 percent of US companies plan to improve cloud managed services (Dunstan, 2017).

However, the development of cloud in Indonesia is not as fast as expected. As reported by Investor Daily in one of their articles entitled, "Cloud Adoption in Indonesia Still Low," February 19, 2018 (Kure, 2018), it was written that the adoption rate of cloud computing technology in Indonesia is still low. In fact, Indonesia is still considered in the early stages of adopting (early adopter). Therefore, if sorted on a scale of 1-10, Indonesia is still at number 1. In fact, in the article, it is also said that one of the requirements for the success of digital transformation program can be seen at the level of adoption of cloud technology. Huawei Global Connectivity Index 2017 states, when the level of investment and cloud adoption in a country reaches more than 3 percent of the total IT investment, the government and private sector in the country can be said in optimal condition to utilize the full potential of big data and adoption internet (internet of things). Huawei Indonesia's Executive Product Manager Arri Marsenaldi said Indonesia is entering the initial phase of measurable digital transformation from the low adoption rate of cloud technology in the digital ecosystem in the country. Therefore, the government and industry sectors in Indonesia are advised to apply the right strategy in digital transformation. One of them begins by adopting cloud technology.

There are currently 5 issues that triggered PT.XYZ to do the cloud migration. First, PT. XYZ wants to spend its capital expenditures (CAPEX) on operating costs (OPEX), where there is no big upfront payment, it will surely save some cost because expenditure is based on IT resources consumption, pay only for the used. Second, to reduce the total cost of ownership (TCO) of the current PT. XYZ expenditure that has been spent a lot on their physical data center maintenance, which requires land, electricity, security gadgets, license, labor for guarding the server room, server racks, and so on. Third, PT.XYZ were struggling when it comes to innovation in the business development due to the challenge of scaling up and down nor the maintenance of their physical data centers, they cannot focus on business strategy just because the technical processes slowing things down, such as the process of provisioning servers will take time and effort as well as if the servers are not being used anymore, they need to think about what to do to it, how to sell it or how to auction it. Fourth, operational activity is considered as not efficient due to separated type used of technologies, while if they are using cloud, all IT asset such as servers, storage, network can be managed through one dashboard such as AWS Management Console, lot of automation also can be applied in there such as creating IT Asset Inventory List, just using customized commands. Fifth, maintaining a local security system also requires a lot more time and manpower, making it much harder to plug all the holes in an expanding IT system. Suppose in physical security, it can be in a storage room with fingerprint and a guard. But cloud takes security much more seriously because their data center complies with the certifications or the international professional regulation standards.

But on the other hand, PT.XYZ sees cloud not only as a solution to existing problems, they see this innovation as an opportunity to increase their competitive advantage. PT.XYZ entrust their existing on-premise servers to migrate to Amazon Web Services (AWS) as one of the biggest cloud provider. In this thesis, the authors will make an in-depth analysis of why PT.XYZ use AWS as their vendor, based on their goals on this project, also compare it to the other competitor in the cloud vendors market.

To start switch to AWS cloud, the on-premise servers need to be migrated to the cloud, the process is called as cloud migration. According to a proceeding that is taken from the Institute of Electrical and Electronics Engineers or IEEE published by Oakland University, department of computer science and engineering, entitled "An Empirical Study Different Cloud Migration Techniques", said that migration is the process of moving on a different machine, written also in the proceeding that appropriate technology migration processes enable effective resource management. It is also said to be in on one of the proceedings is taken from the IEEE which is published by Trinity College, Dublin, Ireland, entitled "Legacy Systems Migration - A Method and its tool-kit Framework", system migration can be a very expensive procedure that carries a risk very high failure. Therefore, to perform a successful migration, a migration process model is clearly needed to minimize the risk of failure.

This process can be said is a process that determines the success of the cloud itself to answer problems that previously PT.XYZ face, if the migration process is not running well, it will greatly affect the performance of cloud AWS itself to support the business process company.

Based on the above background, we are interested to analyze and describe the process, the trigger and the components of migrating their on-premise data center to cloud AWS at PT.XYZ so from that hence our title is, “Cloud Migration from On-Premise Data Center to AWS at PT.XYZ”

1.2 Scope

The scope of this thesis are as follows:

- To provide the analysis focus on existing processes and infrastructure related to the on-premise data center in PT.XYZ (As-Is).
- Give suggestions on the management of on-premise data center in PT.XYZ by describing the future process after applying the cloud and doing cloud migration (To-Be).
- Design the cloud migration activities based on the REMICS methodology.

1.3 Objectives and benefits

The purpose of writing this thesis are as follows:

- Illustrates and identifies problems in the use and management of existing and running processes and infrastructure related to the on-premise data center at PT. XYZ.
- Analyzes the preparations prior to on-premise data center migration and outlines the expected result after the cloud migration.
- Explain the execution of migration process from the on-premise servers (as-is) to cloud (to-be) AWS at PT. XYZ.

Benefits to be obtained from the writing of the thesis is as follows:

- To understand the problems found in the use and management of existing and ongoing on-premise servers for operation management and system delivery and support.
- To be aware of the pre-processes before migration of the on-premise servers to the cloud AWS for the future cloud migration team.
- To comprehend the processes that exist in the migration so that in the future can be beneficial as a reference or lessons for readers who want to migrate from on­premise server to cloud AWS.
- To be knowledgeable about the benefits that doing a cloud migration will increase the efficiency and lower the cost of IT resources for readers who are interested in cloud computing.

1.4 Methodology

On this thesis, the method authors will use to support the writing of this thesis includes 2 main things, namely:

1. Method of collecting data

a. Observation

The authors will observe with 2 types of observation, one of the author will observe directly in PT.XYZ, this mean by getting involved in the migration process and can get in-depth information on the whole migration process (pre-migration, migration, post-migration). On the other hand, the other authors will observe indirectly by process the information collected from the direct observer.

b. Interview

The authors also collect information by interviewing PT.XYZ employees associated with the cloud migration. The authors hope with this interview process, authors can get to know their goals on this migration to cloud project and why they decided to do the migration.

c. Literature Studies / Library Studies

Literature study is used to obtain the theories supporting the strategy and migration process that we will propose, that is by searching textbooks, articles on the internet, Scopus, scientific papers related to migration process method and strategy into the cloud. With this method, we hope to dig deeper information related to our topic from the point of view of the experts.

2. Migration Method

On this thesis, authors will use one migration method and make an in-depth analysis why the authors choose the chosen migration method and why not the other method. On this thesis, the author use REuse and Migration of legacy applications to Interoperable Cloud Services (REMICS) migration methodology.

(REMICS) migration methodology

REMICS-Reuse and Migration of legacy applications to Interoperable Cloud Services is an EC-funded research project aimed at supporting the migration of legacy systems to service clouds by providing a model-driven methodology and tools. The software products are built with subsequent model refinements and transformations from business models (process, rules, motivation), down to component architectures (e.g., SOA), detailed platform-specific design, and finally implementation. REMICS proposes to improve existing approaches and extend them when needed, to provide a holistic view of migration that covers the whole process with a methodology, tools, languages, and transformations. One main objective of REMICS is to provide its solutions based on standards and open-source tools as much as possible to facilitate reuse and shorten the barrier for users to take advantage of the innovations. Model- driven interoperability is a rather new domain, which builds on top of a long history on data and service interoperability. Semi-automated methods that assist users to handle interoperability issues between services are also addressed in REMICS. In general, the REMICS migration methodology is focused mainly on the evolution of the technology model

The reason the authors choose this method will be explained in Chapter 2 with in-depth analysis and comparasion with other methodology.

1.5 Writing systems

Systematics of writing this thesis outline will be described in 5 chapters, with the division as follows:

Chapter 1: Introductions

In this chapter will be explained about the background about the selection of this topic in our thesis, the scope of the problem, the purpose and the benefits of the preparation of this thesis, the methodology used, and the systematic writing in this thesis.

Chapter 2: Literature Review

This chapter describes the theories that will be our reference in writing this thesis, which is the theories relevant to things that authors discuss in this thesis.

Chapter 3: Analysis of The Ongoing Systems

In this chapter, the authors will describe the company profile of PT.XYZ, the current commercial process, technical process, network and data center infrastructure. Additionally, identification of problems and solution proposed.

Chapter 4: Future Process and Migration Process

This chapter describes the future business processes including future roles, commercial process, technical process, network and data center infrastructure. Also the whole process of the cloud migration

Chapter 5: Conclusions and suggestions

In this chapter, the authors explain the conclusions and suggestions to the project.

CHAPTER 2 LITERATURE REVIEW

2.1 General Theories

2.1.1 Information Systems

The definition of information systems

According to Jeperson Hutahean (Hutahaean, 2017, p. 13) "Information Systems is a system within an organization that brings together daily transaction management needs, supports operations, is managerial, and strategic activities of an organization and provides certain outside parties with required reporting reports"

According to Satzinger, JW, Jackson, RB, and Burd (Satzinger, Jackson, & Burd, 2012, pp. 6-7), the information system is a collection of interrelated components that collect, process, store, and provide results in the form of information required to complete tasks business

According to Sutarman (Sutarman, 2012, p. 13) "Information systems are systems that can be defined by collecting, processing, storing, analyzing, disseminating information for a particular purpose. Like any system, an information system consists of inputs (data, instructions) and output (reports, calculations)"

Based on the above opinions, we can conclude that the Information Systems is a system within an organization which is a collection of interrelated components that collect, process, store, analyze, and provide results in the form of information that can be disseminated to specific goals such as to complete the task of business tasks within an organization.

2.1.2 Business Process

According to Laudon (Laudon & Laudon, 2007, p. 84) "Business processes are a logically related set of activities that explain how a particular business task is performed, and business can be viewed as a set of business processes." The process also shows the unique way in which companies coordinate work and managers need to pay attention to business processes because they determine how well a company can run its business, thus becoming a potential source of success or failure strategy.

According to Rainer, Prince, and Cegielski (Rainer Jr., Prince, & Casey, 2015, pp. 27-28), the business process is a continuous collection of ongoing activities that create valuable products or services for the organization, its business partners, and/or its customers.

The definition of business processes by Wagner & Monk (Monk & Wagner, 2013, p. 3), is a collection of activities that require one or more types of inputs and create outputs, such as reports or estimates, of value to customers.

Hence, we can make a conclusion that business process is a set of sequential activities given to an input that will generate an output, which is the output is something more valuable for the business.

2.1.3 Basic Concepts of Cloud Computing

The definition of Cloud Computing

According to M.N. Rao (M.N., 2015, p. 5) Cloud computing is defined as a blend of computing concepts that include a huge number of computers associated through a real-time communication network (internet). In science, Cloud computing is an analogue for distributed computing over a network which is the ability to execute a program or application on several connected computers simultancously. Cloud computing is a computing that depends on shared system resourees instead of local servers or individual devices to implement applications In Cloud computing, the Cloud pictogram is used as a symbol for the internet. Therefore, Cloud computing is a kind intemet based computing. where distinct services are delivered to an organization through the network. Cloud computing is analogous to Grid computing, a kind of computing where new processing cycles of an individual computer in the system are linked to resolve the problems of all stand-alone systems. And it is also said by M.N. Rao (M.N., 2015, pp. 15-16) A cloud is a group of interconnected network servers or personal computers that may be public or private. The data and the applications are hosted by clouds accessible to a group of users through the network. The Cloud infrastructure and technology is invisible to the users.

The key properties of Cloud computing according to the Google perspective, are as follows:

1. User-centric: Once the consumer connects as a user to the Cloud, the entire data. Documents, images, etc., stored in the Cloud will be accessible by the user. Consequently, the consumer can share the data or images with other users. If the system is accessed by another person, then the consumer to gets access to that person's computer
2. Task-centric: The Cloud mainly focuses on whether user requirement is fulfilled or not, how the application can ensure it for the user, and what it can perform
3. Powerful: The Cloud contains hundreds or thousands of computers connected together. This creates a wealth of computing power which is not possible with a PC.
4. Accessible: As the data is stored in the Cloud, the user can retrieve more data from many repositories instantly
5. Intelligent: By using data mining techniques, the user can access the data stored in the Cloud a smarter way.
6. Programmable: The tasks essential for Cloud computing must be computerized. The user wants to protect the reliability of the data stored on a particular computer in the Cloud, then the data must be copied to other computers which belong to that particular network. If any user's computer is offline, then Cloud programming automatically redistributes that computer information to a new computer in the Cloud.

In brief, Cloud computing facilitates user to access and make an alteration data remotely in real-time, from simply accessing data to completing tasks, from the computer to the user with the intention of accessing from any place and sharing with anyone. All the information in the Cloud is instantly accessible to the authorized users.

Rainer, Prince, Cegielski (Rainer Jr., Prince, & Casey, 2015, pp. 352­355) describes cloud computing as a type of computing that delivers convenient, on-demand, pay as you go access for multiple customers to a shared pool of configurable computing resources that can be rapidly and easily accessed over the internet.

Cloud Computing has 6 key characteristics, which is Cloud Computing Provides On-Demand Self-Service, Cloud Computing Encompasses the Characteristics of Grid Computing, Cloud Computing Encompasses the Characteristics of Utility Computing, Cloud Computing Utilizes Broad Network Access, Cloud Computing Pools Computing Resources, Cloud Computing Often Occurs on Virtualized Servers.

1. Cloud Computing Provides On-Demand Self-Service:

A Customer can access needed computing resources automatically.

2. Cloud Computing Encompasses the Characteristics of Grid Computing

Grid computing pools various hardware and software components to create a single IT Environment with shared resources. Grid computing shares the processing resources of many geographically dispersed computers across a network.

3. Cloud Computing Encompasses the Characteristics of Utility Computing

In utility computing, a service provider makes computing resources and infrastructure management available to a customer as needed. The provider then charges the customer for its specific usage rather than a flat rate. Utility computing enables companies to efficiently meet fluctuating demands for computing power by lowering the costs of owning the hardware infrastructure.

4. Cloud Computing Utilizes Broad Network Access

The Cloud provider’s computing resources are available over a network, accessed with a Web browser, and they are configured so they can be used with any computing devices.

5. Cloud Computing Pools Computing Resources

The provider’s computing resources are available to serve multiple customers. These resources are dynamically assigned and reassigned according to customer demand.

6. Cloud Computing Often Occurs on Virtualized Servers

Cloud computing providers have placed hundreds or thousands of networked servers inside massive data centers called server farms. Recall

that a server is a computer that supports networks, thru enabling users to share files, software, and other network devices. Server farms require massive amounts of electrical power, air-conditioning, backup generators, and security. They also need to be located fairly close to the fiber-optic communications link. Going further, Gartner estimates that typical utilization rates on servers are very low. Generally, from 5 to 10 percent. That is, most of the time, organizations are using only a small percentage of their total computing capacity. CIOs tolerate this inefficiency to make certain that they can supply sufficient computing resources to users in case demand should spike. To alleviate this underutilization problem, companies and cloud computing providers are turning to virtualization Server virtualization uses software-based partitions to create multiple virtual servers called virtual machines on a single physical server. The major benefit of this system is that each server no longer has to be dedicated to a particular task. Applications can run on a single physical server, with each application running within its own software environment. As a result, virtualization enables companies to increase server utilization. In addition, companies realize cost savings in two areas. First, they do not have to buy additional servers to meet demand. Second, they reduce their utility costs because they are using less energy. The following example illustrates the benefits of virtualization for MaximumASP.

Based on the above theory, we’ve found that cloud computing is a virtual-based IT delivery model that provides resources such as infrastructure, applications, and data as a distributed service from one or more service providers over the Internet. This service can be retrofitted as needed and can be priced per use.

The history of cloud computing, based on Gorelik (Gorelik, 2013, p. 7) says that the idea of providing centralized computing services dates back to the 1960s when service computing was delivered over the network using mainframe time-sharing technology. In 1966, Canadian Engineer Douglass

Parkhill published his book The Challenge of the Computer Utility in which he described the idea of computing as a public utility with a centralized computing facility that many remote users connect through the network. In the 1960s, mainframe time sharing mechanisms effectively utilized computing resources, and provided user acceptable performance. However, the mainframe is difficult to measure and provision in advance due to higher hardware costs. Therefore, users do not have full control over the performance of mainframe applications because it depends on how many users make use of the mainframe at any given moment. Thus, with the personal introduction of computer users love the idea of having full control over their computing resources, even though these resources are not effectively utilized. With changes in the semiconductor industry, personal computers become affordable, and businesses are abandoned mainframes. The new challenge is then introduced: how to share data. The client-server system is expected to address this data-sharing challenge by providing centralized data management and processing servers. As business and Internet computing needs become widely adopted, the initially simple client-server architecture is transformed into a more complex two-tier, three- tier, and four-tier architecture. As a result, the complexity and cost of IT infrastructure management have skyrocketed - even the actual software development costs in large organizations are typically lower than the cost of software and maintenance infrastructure.

Gorelik (Gorelik, 2013, p. 19) also said that there are three commonly used cloud deployment models: private, public and hybrid. An additional model is the community cloud, which is still less commonly used.

1. Private Clouds are built and managed by one organization. Organizations use software that enables cloud functionality, such as VMWare, vCloud Director, or OpenStack.
2. Public Cloud is a set of computing resources provided by third-party organizations. The most popular in providing these services include Amazon Web Services, Google AppEngine, and Microsoft Azure.
3. Hybrid Cloud is a mix of computing resources provided by private and public clouds.
4. Community Cloud is a cloud that shares computing resources across multiple organizations, and can also be managed by an organization's IT resources or third-party providers.

Gorelik (Gorelik, 2013, p. 20) says that there is also cloud computing service models illustrating how cloud services are available to clients. The most basic service models include the IaaS (Infrastructure as a Service) combination, PaaS (Platform as a Service), and SaaS (Device Software as a Service). This service model may have synergy between each other and interdependent - for example, PaaS relies on IaaS because the application platform requires a physical infrastructure.

The IaaS model (Infrastructure as a service) provides an infrastructure component for clients. Components can include virtual machines, storage, network, firewall, load balancing, and soon. With IaaS, the client has direct access to the lowest level software in the stack - that is, to the operating system on the virtual machine, or to the firewall management dashboard or load balancer. Amazon Web Services is one of the largest providers of IaaS.

The PaaS model (Platform as a Service) provides a pre-built application platform to clients; clients do not need to spend the time to build the underlying infrastructure for their applications. On the backend, PaaS automatically measures and requires the necessary infrastructure components depending on the application requirements. Typically, the PaaS solution provides an API that includes a set of functions for programmatic programming management and solution development. Google AppEngine is a popular PaaS provider, and Amazon Web Services also provides some PaaS solutions in addition to offering IaaS.

The SaaS model (Software as a Service) provides ready-made online software solutions. SaaS software providers have full control over the application software. Examples of SaaS applications include online mailing, project management systems, CRM, and social media platforms.

The main difference between SaaS and PaaS is that PaaS usually represents a platform for application development, while SaaS provides online applications that have been developed.

The cloud service model that will be implemented on PT.XYZ is the IaaS model. The reason behind it will be explained completely afterwards.

2.2 Special Theories

2.2.1 Cloudonomics

Buyya, Broberg, Goscinski (Buyya, Broberg, & Goscinski, 2011, pp. 49-50), Cloud computing principles, and paradigms) explain that Cloudonomics is a concept where migrating into the cloud is driven by economic reasons of cost-cutting in both the IT capital expenses (Capex) as well as operational expenses (Opex). There are both the short-term benefits of opportunistic migration to offset seasonal and highly variable IT loads as well as the long-term benefits to leverage the cloud. At the core of the cloudonomics, as articulated in Ambrust et al., is the expression of when a migration can be economically feasible or tenable. If the average costs of using an enterprise application on a cloud are substantially lower than the costs of using it in one’s captive data center and if the cost of migration does not add to the burden on ROI, then the case for migration into the cloud is strong. Apart from these costs, other factors that play a major role in the cloudonomics of migration are the licensing issues (for perhaps parts of the enterprise application), the SLA (Service Level Agreement) compliances, and the pricing of the cloud service offerings. Most cloud service vendors, at a broad level, have tariffs for the kind of elastic compute, the elastic storage, or the elastic bandwidth. Of course, these pricing tariffs can be variable too, and therefore the cloudonomics of migration should be soundly meaningful accommodating the pricing variability.

2.2.2 Virtual Machine

According to (Sudha, Harish, Nandan , & Usha, 2013) Popek and Goldberg have defined VM as "an efficient, isolated duplicate of a real machine". Presently virtual machines which have no direct interaction any of the real hardware is popular. A virtual machine (VM) is a software that emulates the physical machine. Virtual machines are categorized into two groups as Process Virtual Machine and System Virtual Machine.

A process virtual machine or application Virtual machine is designed to run a single program with a single process. It runs just like a regular application within the host OS as a process. The VM is created when process is initiated and destroyed when the process exits or dies. A Process VM is sometimes referred to as application virtual machine. This VM mainly aims at providing a platform-independent development environment. Java programming language is platform independent as it implements Java Virtual Machine (JVM) which is a process VM.

2.2.3 On-Premises

According to (Stroud, 2014) On-premises is the software and technology that is located within the physical confines of an enterprise - often in the company's data center - as opposed to running remotely on hosted servers or in the cloud. By installing and running software on hardware located within the premises of the company, internet technology (IT) staff has physical access to the data and can directly control the configuration, management and security of the computing infrastructure and data

2.2.4 Cloud Migration

Definition of cloud migration, based on Xiong Pahl and Walshe (Pahl, Xiong, & Walshe, 2013) said that Cloud migration is the process of partially or completely deploying an organization’s digital assets, services, IT resources or applications to the cloud. The cloud migration process may involve retaining some IT infrastructure on-site. In such a scenario, the existing system may be fused with a partial cloud solution that can be hosted by a third party over the Internet for a fee. The cloud component of this hybridised systemcan transition between several cloud providers allowing businesses to choose the most cost- effective solution. However Pahl,Xiong,and Walshe also said that the migration process involves the risk of accidentally exposing sensitive business critical information. Therefore, cloud migration requires careful analysis, planning and execution to ensure the cloud solution’s compatibility with organizational requirements, while maintaining the availability and integrity of the organization’s IT systems.

Buyya, Broberg, Goscinski (Buyya, Broberg, & Goscinski, 2011, p. 49), Cloud computing principles, and paradigms) explains that, At the core, migration of an application into the cloud can happen in one of several ways: Either the application is clean and independent, so it runs as is; or perhaps some degree of code needs to be modified and adapted; or the design (and therefore the code) needs to be first migrated into the cloud computing service environment; or finally perhaps the migration results in the core architecture being migrated for a cloud computing service setting, this resulting in a new architecture being developed, along with the accompanying design and code implementation. Or perhaps while the application is migrated as is, it is the usage of the application that needs to be migrated and therefore adapted and modified. In brief, migration can happen at one of the five levels of application, code, design, architecture, and usage.

Cloud migration is the process of moving data, applications or other business elements from an organization's onsite computers to the cloud, or moving them from one cloud environment to another (Rouse, 2012).

Based on above theories,the authors can conclude that Cloud Migration is the activities of moving data, applications or other business elements from an on-premise IT resources to be cloud-based or between cloud environment.

2.2.5 Total Cost of Ownership (TCO)

According to (Ellram & Siferd, 1993) TCO are define that TCO implies that all costs associated with the acquisition, use and maintenance of an item to be considered in evaluating that item and not just the purchase price.TCO is aimed at understanding the true costs of buying a particular good or service from a particular supplier. TCO is not only considered just as a tool, but also regarded as a philosophy, because the adoption of TCO may require a cultural change where the focus is towards total cost understanding, not merely on price.

According to master thesis made by (Ferrin & Plank, 2002) TCO defined as all relevant costs associated with the acquisition and use of an item that can be related to a specific supplier.

Based on above theories, we conclude that TCO is a philoshophy which define the total relevant cost of an item or services that associated with acquisitioning the item or services in the first place, then calculate the total relevant cost/spending during the usage of the item/services, and also the same with the maintenance.

2.2.6 REMICS Cloud Migration Methodology

According to (Cretella, Martino, & Esposito, 2015) There are seven activity areas defined in the REMICS methodology, which cover the full life cycle of a legacy system modernization and migration to the cloud, which contain: Requirements and Feasibility, Recover, Migrate, Validate, Control and Supervise, and Withdraw and Interoperability

According to (Ilieva, Krasteva, Benguria, & Elves^ter, 2013) these seven activity areas described as follows:

1. Requirements and Feasibility. Requirements for the system are gathered and the main components of the solution and their implementation strategy are identified.
2. Recover. Understanding the legacy in terms of functionality, data, constraints, quality of service, and the structure of components or the software architecture.
3. Migrate. Developing the new architecture and modernizing components, implementing new ones or identifying external services and composing services according to the new architecture.
4. Validate. Testing and checking the quality of the new system, the coverage of the legacy features and the changes introduced in the migration
5. Control and Supervise. Provide elements to control the performance of the system and to modify that performance.
6. Withdrawal. Finalizing it or moving to another cloud infrastructure.

Abbildung in dieser Leseprobe nicht enthalten

Figure 2. 1 REMICS Methodology Process

Source : Enhance your Model-driven Modernization Process with Agile Practices

REMICS proposes to improve existing approaches and extend them when needed to provide a holistic view to migration that covers the entire process with a methodology, tools, languages and transformations. One main objective of REMICS is to provide its solutions based on standards and open source tools as much as possible to facilitate reuse and shorten the barrier for users to take advantage of the innovations (Mohagheghi, Berre, Henry, & Sadovykh, 2010, p. 3).

Abbildung in dieser Leseprobe nicht enthalten

Figure 2. 2 REMICS Portability and Interoperability on Cloud Services

Source : Enhance your Model-driven Modernization Process with Agile Practices

2.2.7 Analysis and Comparation of REMICS with Other Cloud Migration Methodology

According to (Woods, Jeff;, 2011) on Five Options for Migrating Applications to the Cloud: Rehost, Refactor, Revise, Rebuild or Replace 2011, 4-6 June, Mexico City. Organizations seeking to move applications into the cloud have five options: rehost on infrastructure as a service (IaaS), refactor for platform as a service (PaaS), revise for IaaS or PaaS, rebuild on PaaS, or replace with software as a service (SaaS).

The alternative migration strategies Gartner suggests IT organizations consider are:

Rehost, i.e. redeploy applications to a different hardware environment and change the application’s infrastructure configuration. Rehosting an application without making changes to its architecture can provide a fast cloud migration solution. However, the primary advantage of IaaS, that teams can migrate systems quickly, without modifying their architecture can be its primary disadvantage as benefits from the cloud characteristics of the infrastructure, such as scalability, will be missed.

Refactor, i.e. run applications on a cloud provider’s infrastructure. The primary advantage is blending familiarity with innovation as “backward- compatible” PaaS means developers can reuse languages, frameworks, and containers they have invested in, thus leveraging code the organization considers strategic. Disadvantages include missing capabilities, transitive risk, and framework lock-in. At this early stage in the PaaS market, some of the capabilities developers depend on with existing platforms can be missing from PaaS offerings.

Revise, i.e. modify or extend the existing code base to support legacy modernization requirements, then use rehost or refactor options to deploy to cloud. This option allows organizations to optimize the application to leverage the cloud characteristics of providers' infrastructure. The downside is that kicking off a (possibly major) development project will require upfront expenses to mobilize a development team. Depending on the scale of the revision, revise is the option likely to take most time to deliver its capabilities.

Rebuild, i.e. Rebuild the solution on PaaS, discard code for an existing application and re-architect the application. Although rebuilding requires losing the familiarity of existing code and frameworks, the advantage of rebuilding an application is access to innovative features in the provider's platform. They improve developer productivity, such as tools that allow application templates and data models to be customized, metadata-driven engines, and communities that supply pre-built components. However, lock-in is the primary disadvantage so if the provider makes a pricing or technical change that the consumer cannot accept, breaches service level agreements (SLAs), or fails, the consumer is forced to switch, potentially abandoning some or all of its application assets.

Replace, i.e. discard an existing application (or set of applications) and use commercial software delivered as a service. This option avoids investment in mobilizing a development team when requirements for a business function change quickly. Disadvantages can include inconsistent data semantics, data access issues, and vendor lock-in.

PT.XYZ have some specific goals on this cloud migration, they want it to be quick and cost efficient. To be quick is because they don’t want these cloud migration activities affecting their productivity which is related to low downtime, less complexity. All of these leads them to hiring as little cloud migration team as possible and shorter project timeline hence cost efficiency will be achieved followed with the main goals of moving the application to the cloud.

Abbildung in dieser Leseprobe nicht enthalten

Figure 2. 3 6 Strategies For Migrating Applications To The Cloud

Source: https://aws.amazon.com/blogs/enterprise-strategy/6-strategies-for-migrating- applications-to-the-cloud/

Based on the 5 option of cloud migration strategies listed above, the one that will be a great fit for all these goals is the Rehost. Rehost, (aka, lift and shift,) is essentially a forklift approach to migrating applications to the cloud, moving them without any code modification. In this case, a VM is treated like a black box and copied bit by bit. This approach offers a faster, less resource­intensive migration process. Considering all the other strategies is doing more effort.

As illustrated, Rehost (Lift and Shift) cloud migration main steps are discovering or assessing which application that want or able to be migrated, determine the migration path, do some pre-migration activities, use migration tools to automate the as-is migration like cutting and pasting the server, then validation, transition, and production.

To start with how to Rehost (Lift and Shift) the application to the cloud, authors try to look further into the available methodologies of cloud migration and do an in-depth analysis to choose one of the most suitable ones for this case. Below is the comparison of 3 cloud methodologies as the result of the search done by authors and the reason of why authors chose REMICS beside the other 2 are as follows:

2.2.5.1 REMICS Cloud Migration Methodology

1. Requirements and Feasibility: Requirements for the system are gathered and the main components of the solution and their implementation strategy are identified.
2. Recover: Understanding the legacy in terms of functionality, data, constraints, quality of service, and the structure of components or the software architecture.
3. Migrate: Developing the new architecture and modernizing components, implementing new ones or identifying external services and composing services according to the new architecture.
4. Validate: Testing and checking the quality of the new system, the coverage of the legacy features and the changes introduced in the migration
5. Control and Supervise: Provide elements to control the performance of the system and to modify that performance.
6. Withdrawal: Finalizing it or moving to another cloud infrastructure. Requirements and Feasibility, Recover, Migrate, Validate, Control and Supervise, Withdrawals.

2.2.5.2 Butterfly Migration Methodology

According to (Tripathy & Naik, 2015), the Butterfly method guides the migration of a mission-critical legacy system to a target system and consists of 6 phases.

Phase 1: Readiness for migration.

Phase 2: Comprehend the semantics of the system to be migrated and develop schema(s) for the target database.

Phase 3: Based upon the Target SampleData, construct a Sample DataStore.

Phase 4: Except the data, migrate the components of the legacy system.

Phase 5: Gradually migrate the legacy data.

Phase 6: Roll over to the new system.

Figure 2. 4 Butterfly Migration Methodology Phases

Source : Software Evolution and Maintena Maintenance Legacy Information System

Phase 1: Readiness for migration

Considered to be important issues in the Butterfly methodology are user’s requirements and determination of the target system.

Phase 2: Comprehend the semantics of the system to be migrated and develop schema(s) for the target database

The main activities of this phase are to determine the legacy SampleData and to develop the Chrysaliser. Initially, the legacy SampleData will be transformed by Chrysaliser to form the target Sample DataStore. This will be used to develop and test the target system

Phase 3: Based upon the Target SampleData, construct a Sample DataStore

The Chrysaliser (Data Transformer) derives the Sample DataStore from the SampleData, and the Sample DataStore is used to test and develop the target system. “Forward” system engineering principles and methods will be one of the guidelines for migration in this phase. The Sample DataStore, built up in Phase 2, will be used to support the cycle of the ‘design-develop-test’ for newly developed target components.

Phase 4: Except the data, migrate the components of the legacy system

In this phase, forward software engineering principles and methods are used in the migration process. This phase is mainly devoted to legacy data migration and is the core part of the Butterfly Methodology. The legacy data will be gradually migrated into the target system by introducing a series of TempStores, the Data-Access-Allocator (DAA) and the data- transformer (Chrysaliser).

Phase 5: Gradually migrate the legacy data

Migration of legacy data is performed in Phase 5, and it is central to the Butterfly methodology. Legacy data are incrementally migrated by using TempStores, the Chrysaliser, and the Data-Access-Allocator (DAA). Once migration of legacy data is started, no changes are allowed to be performed on the legacy data store. The Data-Access-Allocator (DAA) redirects manipulation operations of legacy data, and the results are saved in a series of TempStore(s) (TS). When a legacy application needs to access data, the DAA correctly decides which source - the correct TempStore or the legacy data to retrieve the data from. By means of a Data-Transformer, called Chrysaliser, data are migrated to the new system from the legacy store and the series of TempStores. A series of temporary stores (TS’s) are used by the Chrysaliser in the data migration process. During the migration process in this methodology, the legacy system is not inaccessible for a significant amount of time.

Phase 6: Roll over to the new system

Roll over to the new system is the final phase of the Butterfly methodology. After the new system is built and the legacy data are migrated, the new system is ready for operation.

2.2.5.3 Laszewski and Nauduri Cloud Migration Methodology
According to (Laszewski & Nauduri, 2011), steps in Laszewski and Nauduri cloud migration methodology:

1. Assessment: Drivers for migration (challenges, requirements), Inventory of current environment, Migration Tools/options, Migration service provider, Migration effort estimate, Training requirements, IT resource requirement for target database, IT resource requirement for the migration project, Programs interacting directly with the database, Programs or other applications that execute transactions directly, Programs or scripts that offload data from or load data into the source database.
2. Analysis and Design: Database schema layout, Database object naming convention, Data type mapping, Locking behavior, Use of COMMIT/ROLLBACK in triggers, Use of zero-length strings (empty strings), Case insensitivity.
3. Migration: Database schema migration, Data migration, Database stored program migration, Application Migration, Database administration script migration.
4. Testing: Data verification, Testing of database stored procedures and functions, Application testing, Database maintenance script testing.
5. Optimization: Insufficient system resources, Bad SQL Query execution plans, Underestimated workload or concurrent user population, Undersized Oracle database structures.
6. Deployment: Hardware configuration, Software installation and configuration, Initial data loading, Testing of backup and recovery scripts and processes, Capture of changes (from source) and switchover
7. Post-Production Support

2.2.5.4 Conclusions:

Table 2. 1 Cloud Migration Methodology Comparation

Abbildung in dieser leseprobe nicht enthalten

With Rehost (Lift and Shift):

- REMICS: Considered as rehost because have similar steps with rehost, towards IaaS cloud migration, support as-is migration and does not require any code modification
- Butterfly: Considered as rebuilt because in phase 2 is a step of developing schema(s) for the target database and the legacy SampleData will be transformed, also not using automatic migration tools that will migrate the whole server as-is
- Laszewki and Nauduri: Have similarity with Butterfly methodology that put the focus more into database migration instead of forklift approach to migrating applications to the cloud as the whole package of the application and database server

Complexity:

- REMICS: Low because covers rehost IaaS cloud migration approach with automatic migration tools
- Butterfly: High as need to develop several tools to support the migration such as Data-Access-Allocator (DAA) and Chrysaliser
- Laszewki and Nauduri: High as doing the database migration in a very detailed and one by one way
Cloud Aspects:
- REMICS: Explained from lot of resources, it is a cloud migration methodology
- Butterfly: Older migration methodology used mostly for legacy database system to target database system migration
- Laszewki and Nauduri: Y es, because taken from Laszewki and Nauduri’s book titled as “Migrating to the Cloud” and in one of the steps is to provision the IT resources from a cloud service provider

Downtime:

- REMICS: Low because a whole server lift and shift migration using the automatic migration tools will take downtime only in the cutover phase which is failover from the legacy server to the new server in the cloud
- Butterfly: High as it is stated for several times on the phases, e.g. during the migration process in this methodology, the legacy system is not inaccessible for a significant amount of time.
- Laszewki and Nauduri: Low, because mostly the configurations steps does not require a downtime and it is a low risk migration approach because taking backups or rollback plan is very suggested mentioned on some of the steps

2.2.8 UML Basic Concepts

The History of Unified Modeling Language (UML) According to Rosa and Salahuddin (Rosa & Shalahudin, 2011, p. 119), the development of first object-oriented programming is restored by the name Simula-67, which was developed in 1967. Then the next development was the development of Smalltalk programming in the early 1980s, then followed by C object programming, C ++, Eiffel, and CLOS. Because so many methodologies developed rapidly then, came the idea to create a language that can be understood by everyone. The language is a combination of several Object Modeling Technique (OMT) concepts from Rumbaugh and Booch (1991), The Classes concept, Responsibilities, collaboration (CRC), from Rebecca Wilfs- Brock (1990), Ivar Jacobson's concept of thought, and some other concepts where James R. Rumbaigh, Grady Booch, and Ivar Jacobson resonated in a company called Rational Software Corporation produced a language called Unified Modeling Language (UML). In 1996, OMG (Object Management Group) submitted a proposal for the standardization of object-oriented modeling.

UML diagram consists of 3 kinds of diagrams are grouped into 3 categories namely:

1. Structure Diagram: a collection of diagrams used to describe a static structure of a modeled system. Included in the structure diagram are class diagrams, object diagrams, component diagrams, composite structure diagrams, package diagrams.
2. Behavior Diagram: a collection of diagrams used to describe the behavior of a system or sequence of changes occurring in a system. Included in the behavior diagram is use case diagrams, activity diagrams, state machine diagrams.
3. Interaction Diagram: a collection of diagrams used to describe system interactions with other systems as well as interactions between subsite on a system. Included in the interaction diagram are sequence diagrams, communication diagrams, timing diagrams, interaction overview diagrams.

According to Booch (Booch, Rumbaugh, & Jacobson, 2005, p. 7), UML is the standard language for making software design. UML is usually used to describe and build, artifact documents from software-intensive systems.

According to Nugroho (Nugroho, 2010, p. 6), UML (Unified Modeling Language) is the 'language' modeling for systems or software that is 'object- oriented' paradigm. Modeling is actually used for simplifying complex issues in such a way that it is easier to learn and understand.

According to Henderi (Henderi, 2008, p. 6), the steps of using Unified Modeling Language (UML) as follows:

1. Make a list of business processes at the highest level to define activities and processes that may arise.
2. Map the use case for each business process to properly define the functionality that the system should provide, then use the use case diagram and complete it with the requirements, constraints and other notes.
3. Make a rough diagram deployment to define the physical architecture of the system.
4. Define other non-functional requirements, security and so on which should also be provided by the system.
5. Based on the use case diagram, start creating an activity diagram.
6. Define top-level package or domain objects and create sequences and/or collaborations for each workflow, if a use case has normal paths and errors, raise one diagram for each path.
7. Create a user interface model design that provides an interface for users to run use case scenarios.
8. Based on existing models, create a class diagram. Each package or domain is broken into a class hierarchy complete with Attributes and methods. It would be better if for each class created unit tests to test class functionality and interaction with other classes.
9. After the class diagram is created, we can see the possibility of grouping the classes into components because it is a component diagram at this stage. Also, define the integration test for each component to make sure it reacts well.
10. Refine deployment diagrams already created. Detailed ability and requirement of software, operating system, network and so on. Map components into nodes.
11. Start building the system. There are two appropriate approaches to use: 1.) A use case approach by assigning each use case to a particular development team to develop a complete code unit with the test. 2.) A component approach that is to assign each component to a particular developer team.

2.2.9 Activity Diagram

Rosa and M. Shalahudin (Rosa & Shalahudin, 2014, p. 161), activity diagrams describe the workflow or activity of a system or business process or menu in the software. What needs to be considered here is that the activity diagram describes the activity of the system is not what the actor does, so the actions that can be done by the system. Here are the symbols in the activity diagram:

Table 2. 2 Activity Diagram Symbols Description

Abbildung in dieser leseprobe nicht enthalten

Source: Rosa A.S and Shalahudin (2014, p. 162)

Diagram Used in Thesis Writing

In this thesis, we will use activity diagram because this diagram describes the workflow or activity of a system or business process of the system or the series of changes that occur in a system. We will focus more on describing the present business process and compare it with (to-be) business process which on this case, it can be described by the activity diagaram .Activity diagram will represent proper comparation and can be more easily understood. This greatly helps us in describing the as-is process that still uses physical servers and to-be processes that later describe the process after using cloud AWS. By describing the as-is and to-be process using activity diagrams, we hope that readers can more easily understand changes to existing changes if they are already using cloud AWS and if they have not used cloud AWS.

2.3 Data Collection Technique

2.3.1 Observation

According to Sugiyono (Sugiyono, 2008, p. 203), observation as a data collection technique has specific characteristics when compared with other techniques, namely interviews and questionnaires. If in interviews and questionnaires always communicate with sources directly, then the observation is not limited to individuals, but also other natural objects. Data collection techniques with observations are used when research is related to human behavior, work processes, natural phenomena, and if the observed respondents are not too large. In terms of data collection process, observation can be distinguished into direct observation and indirect observation.

Direct Observation, in this observation, researchers are involved with the daily activities of the subject being observed or used as a source of research data.

Indirect observation. In this observation, observer does not involve with the daily activities of the subject and only as independent observers. In terms of the instrumentation used, the observations can be distinguished into structured and unstructured observations.

Structured observations are systematically designed observations, about what is to be observed and where it is located. So a structured observation is done if the researcher knows exactly what variables will be observed. In conducting observations, researchers do not use standard instruments, but only in the form of observation signs.

2.3.2 Interview

According to Sugiyono (Sugiyono, 2008, p. 194), the interview is used as a data collection technique, if the researcher wants to do a preliminary study to find the problem to be researched, and also if the researcher wants to know the things from the more in-depth respondents and the number of respondents slightly. This data collection technique bases itself on self-report or self-report, or at least on personal knowledge or beliefs. Such interviews can be structured or unstructured and can be done face to face or by phone.

In “Kamus Besar Bahasa Indonesia” (KBBI) (Suharsono & Retnoningsih, 2017, pp. 637-638) interview is a question and answer researcher with resource person, this is all divided into 4:

1. Free, interviews whose composition of questions are not predetermined and the conversation depends on the atmosphere of the interview.
2. Individually, interviews conducted by a person (interviewer) with a single respondent or an individual interview.
3. Groups, interviews conducted on a group of people at the same time.
4. Conference, an interview between an interviewer and a number of respondents or interviews between a number of interviewers and one respondent.
5. Open, interview based on unlimited (unbundled) questions the answer.
6. Guided, interviews using pre-prepared questions.
7. Closed, question-based interviews are limited answers

For this research, the authors will use free interviews where the author will not give the structure of the question, but the author will make the points of the core questions. From here, the atmosphere of the interview will make the respondents more open to answering questions.

2.4 State of Mind

Abbildung in dieser Leseprobe nicht enthalten

Figure 2. 5 State of Mind Chart

The state of mind in this thesis contains several sections. Observation is the first step that must be done by monitoring all existing processes in the company's business processes that are running, but according to Sugiyono (Sugiyono, 2008, p. 203), the observation is divided into 3, namely direct observation, indirect obsrvation, and structured. In this thesis, our observation and analysis is divided into direct observation and indirect observation because one of our member in this thesis is directly involve with the daily activities of the subject being observed because she’s having her internship in PT.XYZ, the direct observes task is to do data collection like interview, find company profile, company structure , ongoing business processes, systems in use and problem issues that arise in the business, therefore we also have information from within the company that is useful in writing this thesis, while for indirect observers which does not involve directly with the daily activities in PT.XYZ business process, this kind of observer will analyze and observe the data collected by one of our members in a collection of data collection and then do literature studies to understand the problems that occur and connect the theory of literature theory with business process activities at PT. XYZ, after that, we will generate the proposed thesis writing structure on this thesis. In this way, we hope this thesis can provide clear and understandable information because we have 2 divison of observation so that each member can observe and analyze the problems that exist in PT.XYZ and provide good writing results on the topic of this thesis.

By taking the data in direct observation, our members will be able to study the existing business process and infrastructure through daily activities regarding the on­premise data center management, this process hopefully can transfer their knowledge to other group members to be analyzed together in order to identify the problems in PT.XYZ and try to give the solution in the case of this problem, the solution is migration of the physical server usage into the cloud using the platform provided by AWS.

Once the solution has been identified, the authors will explain the migration strategy used in the migration physical server process to Cloud AWS, in this case, the author will be analyze the cloud migrations methodologies there available that is felt in accordance with this case, and authors will be compare the pros and cons of the methodologies and decide which method will be suitable to this project. On this case, authors choose the REMICS .The authors chose this method because the results of the literature studies that have analyzed the results are the REMICS methodology is a method that has covered the basic problem issues that need to be considered in this migration process, although with slight modifications to adjust this methodology to physical server migration process to the cloud.

Therefore, for this thesis, the authors have the opportunity to help answer these problems by presenting explanations about cloud computing and migration process physical servers to cloud AWS using the methodology REMICS for the migration process runs smoothly.

CHAPTER 3

ANALYSIS OF THE ONGOING SYSTEM

3.1 Company Profile

Established as the XYZ Group’s parent company on 2000, PT. XYZ remains a privately-owned company headquartered in Jakarta. Currently PT. XYZ oversees more than 18 companies that engage in a various line of businesses. These range from providers of world-renowned heavy equipment products and services brands, energy companies integrated from upstream to downstream, consumer retail businesses, information technology, and integrated financing providers to property.

3.1.1 Vision

To be the best managed and leading organization in our chosen strategic industrial sector.

- The Best Managed Organization

An organization that continually operates at the highest level of business performances, guided by its highly Professional and highly Competent management team capable of articulating and consistently executing its Strategic Vision to deliver its commitments to all Stakeholders.

- Leading Organization

An organization that consistently becomes the “Top of Mind” within their associated industries and/or businesses, highly respected by its clients to become a partner with and capable to continuously attracts and develops the best talents from various industries.

- Chosen Strategic-Industrial Sector

Operates in strategically-chosen industries that will enable the company to grow its business organically and inorganically, while at the same time provides the TMT Group to grow synergistically along with other subsidiaries within the Group.

3.1.2 Mission

We were established with a commitment to creating quality employment opportunities for as many Indonesian as possible.

- To continually create meaningful and challenging job opportunities for as many Indonesians as possible.
- To ensure sustainable and profitable growth that maximizes shareholder value.
- To provide value-added solutions that will optimize customer satisfaction.
- To actively engage within communities as a good corporate citizen.

3.2 Corporate Structure

Abbildung in dieser Leseprobe nicht enthalten

Figure 3. 1 Corporate Structure PT.XYZ

Source: PT.XYZ

3.3 As-Is Business Process

3.3.1 Current Roles and Description

PT. TSM is the subsidiary whose responsible in provisioning IT Resources across all the other subsidiaries under PT. XYZ group. As an IT Support and Solutions company, there is 2 main team which is Infrastructure Team and Commercial Team. Under Infrastructure Team (Infra Team) there is Data Center Team which in charge on the Data Center Management. The list of roles and responsibilities among others are as follows:

a. Roles and responsibilities of Infrastructure Team:

- System delivery and support
- System monitoring and control

b. Roles and responsibilities of Data Center Team (under Infrastructure Team):

- Installing IT equipment on Data Center e.g. server, storage, replacing cables, components and accessories
- Managing and installing custom upgrades for client
- Design the Data Center Room
- Maintaining records and drawing schematics of the center to detail what equipment is installed
- Escorting client through the center on tours
- Check the hardware condition as requested by client
- Managing data distribution, storage and backup regimes
- Monitoring the Data Center Room

c. Roles and responsibilities of Commercial Team:

- Generate sales among client accounts
- Resolves issues with contracts and commercial operations
- Communicates with parties in a contract so that all understand the terms, particularly a contract's financial aspects
- Makes sure clients receive requested products and services
- Define the demand process between the client and internal
- Keep records of client transactions
- Managing sales processes
- Ensure the billing process to the client done correctly

Each subsidiary other than PT. TSM has IT Head which is also being the manager of Application Owner (App Owner) who’s in charge of handling the application level that they need to support their business processes. Below is the detailed description of the roles and responsibilities:

a. Roles and responsibilities of IT Head:

- Overseeing technical projects in alignment with organizational goals
- Leading efforts to improve IT processes
- Working with information engineers to find solutions to manage business activities
- Enforcing systems, policies, and procedures IT related activities

b. Roles and responsibilities of Application Owner:

- Ongoing enhancement and maintenance of the application
- Managing strategic capacity, consumption and performance of the application
- Define the specification of IT equipment resources needed for the application to operate smoothly
- Managing software licenses, security certificates and contracts with service providers

3.3.2 Current Data Center

Currently, there are 633 servers (include physical server and virtual machines with 33% is physical servers) from all the subsidiaries under PT.XYZ. 60 % percent located in the primary data center and the rest in their branches or offices and DRC, with estimation of 35 places in total. With approximately 180-200 kind of applications, with different application owners.

The on-premise data center capacity is the total of storage size attached on each server and approximately 290 TB.

MBA has 74 servers (MBA itself 34 servers, KC 20, Rawaras 11, BSS 9), UDM has 412 servers (UDM itself 4 servers, Yahadma 27 servers, TSM 372, JC 1, Sayatri 8), UT has 147 servers, and the rest is undetected of belongs to whom.

570 servers located in Data Center room in Head Office (HO), 51 servers located in Data Center Recovery (DRC) in Cibitung, 1 floor-server in 3rd floor of the HO building, 11 floor-servers scattered in several floors of the HO building, and the rest scattered in branches or stores in another city like in Balikpapan, Surabaya, Manado, Malang, Pekanbaru, Aceh, etc.

Some of the application that they’re using is KOFAX (for financial management), Microsoft Dynamic AX (for resource planning), AMT, PROLINE (for online procurement), Contract Management System, Timesheet (for scheduling), MSTORE (for file-sharing), Readsoft (for business process automation), EOS (Employee Opinion Survey), HCMS (Human Capital Management System), Sharepoint, Tableau (for business intelligence and analytics), Solarwinds (for IT assets monitoring), Vendor Invoice Automation, etc.

3.3.3 Current Network Infrastructure

Abbildung in dieer Leseprobe nicht enthalten

Figure 3. 2 Current Network Structure PT.XYZ Source: PT.XYZ

Table 3. 1 Current Network Structure Symbols Description

Abbildung in dieser Leseprobe nicht enthalten

PT. XYZ is using the multilayer switching. There is 3 layers of switch: core switch, distribution switch, access switch. All of connectivity or data communication will be pooled in core switch area. Core switch is similar as centralized data flow. Every traffic will come and goes in core switch. All application has resided in the server farm area, servers are located there exclusively because they stored a sensitive data for most of the company.

From user in HO perspective, they will have a direct connectivity to access switch on each floor. All connectivity from access switch will be managed and distributed by distribution switch before it goes to core. Because distribution is the switch that will manage and cluster each connectivity in each floor. Therefore, when user in HO wants to connect to application, they need to go through access switch, distribution switch, core switch, and enter the server farm area (all application is residing in the server farm). From branch perspective, the communication will be coming from WAN segment (most of it router will handle the connectivity from branch to HO) passing core switch, server farm switch, and the application itself on the server. From third-party or vendor perspective, the communication will be coming from Extranet Edge.

Disaster Recovery Center (DRC) in Cibitung will be functioned as a secondary/backup data center including the backup for core switch that is placed in the primary/main data center in HO, when the main DC is in disaster (no access because of disruption that make this DC will not accessible at all). Most of it, they will have an automatic swing function if the main DC is disrupted. Hence, if user is using DRC at that moment all communication will be coming from the internet.

The DMZ (De-Militarized Zone) has a purpose to separate between external and internal connectivity, such as 3rd party (extranet) connectivity and internet connectivity will be resided in DMZ. Thus, they will put a firewall as the tools that can mitigate an attack from outside, its job is to maintain and filter connectivity from outside. DMZ often used for remote activity, if some user needs access from outside they used internet connectivity, but they will use Virtual Private Network (VPN) as an application that will secure the connectivity of using internet. After they established the connectivity within the VPN, they will connect to jump server/host, before they go directly through the server application or enter the server farm. These jump servers have a function to mitigate the possibilities of breach, because if user is having a privilege to have a direct connect to the server from outside, there is always a chance that somebody will tap the connectivity, if using the jump host, the outsiders will only know that server only. from jump host, it will limit the privilege of the user, some certain user can only access some certain application only. With this scheme, it will create a more secure connectivity from internet to the internal of the company itself.

3.3.4 Current Commercial Process

Abbildung in dieser leseprobe nicht enthalten

Figure 3. 3 Current Commercial Process Activity Diagram

The as-is business process of provisioning IT resources starts with PT. TSM providing IT Service Catalog for the other subsidiaries. When the App Owner from other subsidiaries needs a product to support their application, they will order it from Commercial Team PT.TSM through Purchase Requisition (PR), App Owner creates the PR then submit it to the IT Head to be verified. Commercial Team will generate the Purchase Order (PO) based on that PR, like add the price on the requested product, then give it to the IT Head to be verified, confirmed and signed. Next, Commercial Team will pass the task to Infra Team and Data Center Team under Infra Team will order the product from the Vendors (Procure to Asset) using the Purchase Order (PO). Once the provisioning of the product is done, PT.TSM will pay to the Vendor first then sell the product to that subsidiary by generating an Invoice based on signed PO then the product will be owned by them but still managed by PT.TSM. As of now, mostly for servers and disk storage vendors are HP, Dell, and IBM.

3.3.5 Current Technical Processes

3.3.5.1 Launching New Physical Server On-Premise

Abbildung in dieser leseprobe nicht enthalten

Figure 3. 4 Launching New Physical Server On-Premise Activity Diagram

Suppose business of PT. MBA is growing and they realize that servers are needed to support their business application or the application to support the continuity of their business processes. App Owner from PT. MBA will request to Infra Team from PT. TSM to launch new servers for them. Data Center Team under Infra Team will then check on their data center for any space available on the server rack to accommodate the server, if no space is available, they will buy servers rack from the Vendors with the size based on how many U are needed for the servers by prediction, procure the server itself and also the disk storage with the specification based on assumption of application consumption. Vendor will check their stock of the required rack, servers and disk, if all or one of it is out of stock then Vendor will offer the available alternative items that have the closest specification with what Data Center Team ordered. Data Center Team will match the requirement with that offered alternative items, if they decide to purchase it then Vendor will continue for the shipping, but if the alternative items cannot match with the requirement and Data Center Team decide to not purchase it then Vendor will inform the lead time with stock availability date and Data Center Team will need to wait. After receiving the products, Data Center Team will check the condition of the products, if it’s not in a good condition or not as requested then Data Center Team will ask for a replacement and the process cycle of buying the rack, the servers, and the disk storage from the Vendor will be repeated again, because without the rack, the servers cannot be placed, and without the servers, the disk storage cannot be placed. If it is in a good condition and as requested then Data Center Team will prepare the rack, put the servers on it, insert the disk storage into the servers and configure the hardware part until software level is ready to be configured and handover it to the App Owner to install the application.

3.3.5.2 Replace or Upgrade Disk Storage

Abbildung in dieser Leseprobe nicht enthalten

Figure 3. 5 Replace or Upgrade Disk Storage Activity Diagram

Suppose one of the application servers of PT. UT was found having a disk space that nearly full, hence the disk storage needs to be upgraded. First, the App Owner of that application server will contact the Infra Team from PT. TSM to order a new disk with the required specification, then the Data Center team under Infra Team will contact and order it from the Vendor. Vendor will check their stock of the required disk, if it is out of stock then Vendor will offer the available alternative items that have the closest specification. Data Center Team will match the requirement with the offered alternative disk, if they decide to purchase it then Vendor will continue for the shipping, but if Data Center Team decide to not purchase it then Vendor will inform the lead time with stock availability date and Data Center Team will need to wait. After receiving disk, Data Center Team will check the condition of the disk, if it’s not in a good condition or not as requested then Data Center Team will ask for a replacement and the process cycle of buying disk storage from the Vendor will be repeated again, if it’s in a good condition and as requested then Data Center Team will replace or add the disk into the server.

3.3.5.3 On-Premise Physical Servers Termination

Abbildung in dieser Leseprobe nicht enthalten

Figure 3. 6 On-Premise Physical Servers Termination Activity Diagram

Suppose a physical server of PT. Nadara is not needed anymore. The App Owner of that application server will request Infra Team from PT. TSM to terminate that server. Infra Team then checks the location of that server and they found out the server is placed on one of the Data Recovery Center (DRC) sites which is in Cibitung. A person from Data Center Team under Infra Team will then need to go to that site in Cibitung and terminate the server directly and manually, like turn it off, pulling it out from the cables and the rack then bring that physical server back to the head office which is the PT. XYZ’s building in Jakarta. After that, the physical servers will be just an unused asset, piled up in the corner of the Data Center room or need to send it back to the rental if it’s a rented server which causes more effort on the documents and shipping.

3.3.5.4 Security Access to Data Center

Abbildung in dieer Leseprobe nicht enthalten

Figure 3. 7 Security Access to Data Center Activity Diagram

Suppose the App Owner from PT. LUSC wants to visit the data center room in PT. TSM to just look directly to their servers. Data Center Team will use the fingerprint to open the access and assist them to enter the data center.

3.3.5.5 Generate Consolidated IT Asset Inventory List

Abbildung in dieser Leseprobe nicht enthalten

Figure 3. 8 Generate Consolidated IT Asset Inventory list Activity Diagram

Currently in PT. XYZ, to have a consolidated IT asset inventory list, Infra Team from PT. TSM needs to go to the App Owner of each subsidiary and asked them to generate an IT asset inventory list that is using any kind of different tools (e.g. Solarwinds) and consolidate it manually.

3.4. Identification of Problems and Solutions Proposed

3.4.1 Identified Problems

Problems that we've identified from the 5 cases illustrated above are as follows:

1. Buying a new physical server is challenging

First, chances are not big that they will easily find the new server they want is ready in stock from the vendor. Second, the procurement process can take from a few weeks to several months. The vendor delaying delivery, a delivery not as expected like mismatch order or order is in not good condition are just a few examples of procurement challenges. Even if their purchase contract includes a guarantee of replacement if the order does not meet with their expectation, they still ended up losing precious time of waiting and going through the process which is can be considered as a cost.

To assume of the server capacity that they will need to buy is not easy. Best practices teach them to anticipate storage, memory and CPU needs over the next few years, based on an estimation of the user and data growth. Without a good forecasting, they could easily end up with servers that are underused or reach their limitations more quickly than expected. Underused servers are a loss because the equipment consumes energy for nothing. Overuse servers mean they need to purchase another or add more components to their hardware and going through the time-consuming provisioning process.

2. More cash will be flowing out

The illustrations above only depicture if they are only buying the racks as one of the prerequisites for the server installation. But if spelled out more, they also prepare the server rooms, air conditioning, power, insurance, physical security (access control, cameras, fire detection), maintenance and support contracts. Add networking equipment (routers, firewalls, load balancers, switches, hubs, patch panels), backup equipment (tape library and media) and staff expenditure (the data center team, hours spent installing and maintaining the servers). All of that still not included the hidden cost. Choosing the right equipment, the comprehensive technicians, the best vendors, and the plan will also time consuming. Which is if the more time required, the more cash flowing out from unable to focus on gain more income from the business as soon as possible. In keeping servers on-premises, a big hardware budget, big provisioning time and effort are required.

3. Hassle of maintenance and upgrade

Calling back the vendors, have a team to stays 24 hours near the physical server, regular check on all the hardware components, do the required repairment, need to go to the data center or data recovery center site on another region to do administration and management, find out what to do to the physical servers and other equipment if it’s decommissioned, are just a few of the troublesome activities that can be eliminated. Business can change dynamically and so does the technology. Growth is what they expect but these purchasing and maintaining on-premises physical servers are found as an obstacle as of its hassles. Technology changes so fast and software updates so quickly, they can easily get stuck with outdated hardware. They might soon be facing a situation when they have ordered a new physical server just to find out the next generation has been released the same month when the order is delivered and when the operating system version is not supported anymore and need further action about it. Action such as terminating the server will happen and as illustrated above, only for terminating a server will cost money, time and effort as well as if they want to purchase a newer version of the server. It is very hard to scale and not flexible.

4. Security is not so secure

Thinking about physical security, the current physical servers are stored in rooms which some of them stored in a room that there is no security equipment at all, simply in a room with door that can be entered by any people, which is called as floor-server and some of them stored in a more secure room called data center room that used fingerprint as their physical security equipment. But in some cases, unauthorized people can also enter that room without using the fingerprint when they entered it with other people that have the access and inside the room, this unauthorized people can harm the security as they are not being supervised by the authorized people or when the data center guard not really assisting them. Have a Data Recovery Center (DRC) site in another region or outside of the office is a highly recommended decision as to support the business continuity hence this company has built it. But they also think that this is just like multiplying all the hassles and all the cost. Otherwise, they may be more susceptible to data loss during disaster situations due to its inside office location and no uptime or recovery time guarantees. In addition to it, this DRC also not comply with the Data Center security standards.

The 5 issues that triggered PT.XYZ to do the cloud migration:

1. PT. XYZ wants to spend its capital expenditures (CAPEX) on operating costs (OPEX), where there is no big upfront payment, it will surely save some cost because expenditure is based on IT resources consumption, pay only for the used.
2. To reduce the total cost of ownership (TCO) of the current PT. XYZ expenditure that has been spent a lot on their physical data center maintenance, which requires land, electricity, security gadgets, license, labor for guarding the server room, server racks, and so on.
3. PT.XYZ were struggling when it comes to innovation in the business development due to the challenge of scaling up and down nor the maintenance of their physical data centers, they cannot focus on business strategy just because the technical processes slowing things down, such as the process of provisioning servers will take time and effort as well as if the servers are not being used anymore, they need to think about what to do to it, how to sell it or how to auction it. While when using the cloud, PT.XYZ does not need to concern about the provisioning process because it’s as easy as several clicks and several minutes to be ready to use and when PT.XYZ think that a server is not needed anymore they can just click the termination button and stop paying since that second.
4. Operational activity is considered as not efficient due to separated type used of technologies, while if they are using cloud, all IT asset such as servers, storage, network can be managed through one dashboard such as AWS Management Console, lot of automation also can be applied in there such as creating IT Asset Inventory List, just using customized commands.
5. Maintaining a local security system also requires a lot more time and manpower, making it much harder to plug all the holes in an expanding IT system. Suppose in physical security, it can be in a storage room with fingerprint and a guard. But cloud takes security much more seriously because their data center complies with the certifications or the international professional regulation standards.

Another big cause that encourages PT.XYZ to conduct the cloud migration is: when they found out that less than a half that is actually being used from all the servers reside on their on-premise data centers. The remaining either an underused server or essentially the server is not being used anymore. Then it comes up the need to a big transformation of their data center by also do the cloud migration. Migrate the only optimally used servers.

3.4.2 Solutions Proposed

3.4.2.1 Amazon Web Services (AWS) - Cloud Computing Services

Amazon Web Services (AWS) is a subsidiary of Amazon.com that provides on-demand cloud computing platforms to individuals, companies, and governments, on a paid subscription basis. The technology allows subscribers to have at their disposal a full-fledged virtual cluster of computers, available all the time, through the Internet. AWS's version of virtual computers have most of the attributes of a real computer including hardware (CPU(s) & GPU(s) for processing, local/RAM memory, hard- disk/SSD storage); a choice of operating systems; networking; and pre­loaded application software such as web servers, databases, CRM, etc. Each AWS system also virtualizes its console I/O (keyboard, display, and mouse), allowing AWS subscribers to connect to their AWS system using a modern browser. The browser acts as a window into the virtual computer, letting subscribers log-in, configure and use their virtual systems just as they would a real physical computer. They can choose to deploy their AWS systems to provide Internet-based services for their own and their customers' benefit.

The AWS technology is implemented at server farms throughout the world and maintained by the Amazon subsidiary. Fees are based on a combination of usage, the hardware/OS/software/networking features were chosen by the subscriber, required availability, redundancy, security, and service options. Based on what the subscriber needs and pays for, they can reserve a single virtual AWS computer, a cluster of virtual computers, a physical (real) computer dedicated for their exclusive use, or even a cluster of dedicated physical computers. As part of the subscription agreement, Amazon manages, upgrades, and provides industry-standard security to each subscriber's system. AWS operates from many global geographical regions including 6 in North America.

In 2017, AWS comprised more than 90 services spanning a wide range including computing, storage, networking, database, analytics, application services, deployment, management, mobile, developer tools, and tools for the Internet of Things. The most popular include Amazon Elastic Compute Cloud (EC2) and Amazon Simple Storage Service (S3). Most services are not exposed directly to end users, but instead, offer functionality through APIs for developers to use in their applications. Amazon Web Services’ offerings are accessed over HTTP, using the REST architectural style and SOAP protocol.

Amazon markets AWS to subscribers as a way of obtaining large scale computing capacity more quickly and cheaply than building an actual physical server farm. All services are billed based on usage, but each service measures usage in varying ways. As of 2017, AWS owns a dominant 34% of all cloud (IaaS, PaaS) while the next three competitors Microsoft, Google, and IBM have 11%, 8%, 6% respectively according to Synergy Group.

3.4.2.1.1 History of Amazon Web Services (AWS)

The AWS platform was launched in July 2002, in the beginning, the platform consisted of only a few disparate tools and services. Then in late 2003, the AWS concept was publicly reformulated when Chris Pinkham and Benjamin Black presented a paper describing a vision for Amazon's retail computing infrastructure that was completely standardized, completely automated, and would rely extensively on web services for services such as storage and would draw on internal work already underway. Near the end of their paper, they mentioned the possibility of selling access to virtual servers as a service, proposing the company could generate revenue from the new infrastructure investment. In November 2004, the first AWS service launched for public usage: Simple Queue Service (SQS). Thereafter Pinkham and lead developer Christoper Brown developed the Amazon EC2 service, with a team in Cape Town, South Africa.

Amazon Web Services was officially re-launched on March 14, 2006, combining the three initial service offerings of Amazon S3 cloud storage, SQS, and EC2. The AWS platform finally provided an integrated suite of core online services, as Chris Pinkham and Benjamin Black had proposed back in 2003, as a service offered to other developers, websites, client-side applications, and companies. Andy Jassy, AWS founder and vice president in 2006, said at the time that Amazon S3 (one of the first and most scalable elements of AWS) "helps free developers from worrying about where they are going to store data, whether it will be safe and secure, if it will be available when they need it, the costs associated with server maintenance, or whether they have enough storage available. Amazon S3 enables developers to focus on innovating with data, rather than figuring out how to store it. In 2016 Jassy was promoted to CEO of the division. Reflecting the success of AWS, his annual compensation in 2017 hit nearly $36 million.

To support industry-wide training and skills standardization, AWS began offering a certification program for computer engineers, on April 30, 2013, to highlight expertise in cloud computing.

James Hamilton, an AWS engineer, wrote a retrospective article in 2016 to highlight the ten-year history of the online service from 2006 to 2016. As an early fan and outspoken proponent of the technology, he had joined the AWS engineering team in 2008.

In 2016 AWS partnered with Digital Currency Group to create a laboratory environment allowing companies to experiment with blockchain technologies. In January 2018, Amazon launched an auto scaling service on AWS.

3.4.2.1.2 Analysis and Reason of Why AWS

Enterprise architecture and technology innovation leaders should ensure that they select offerings that meet the needs of developers and other technical end users of cloud IaaS solutions.

Cloud can be more about moving away from legacy IT (with even business-critical infrastructure moving to the public cloud), whereby the CIO becomes decision maker of a hybrid cloud reality. Organizations outsource many cloud and IT activities, seek managed services and most of all want reliable cloud vendors who have real achievements in highlighting the benefits of cloud.

Most organizations and one of them is PT.XYZ choose a cloud vendor based on which one is the best cloud vendors in the market. Based on authors research, the biggest cloud provider in the market is AWS and Azure. As illustrated on the below table, from RightScale 2018 State of the Cloud Report, it is illustrated that AWS have the biggest adoption percentage number while Azure is trying to catch up due to its close adoption percentage number and high growth in adoption percentage number. A lot of resources shows that, currently, AWS and Azure is the biggest cloud providers, the duopoly on the market.

AWS vs. Azure vs. Google vs. IBM Enterprise Scorecard

Abbildung in dieser leseprobe nicht enthalten

Figure 3. 9 Cloud Vendor Comparation

Source: https://www.redpixie.com/blog/microsoft-azure-aws-guide

This diagram shows just how far forward the duo of AWS and Azure are.

Abbildung in dieser leseprobe nicht enthalten

Figure 3. 10 Magic Quadrant for Cloud Infrastructure as a Service Worldwide

Source: Gartner 2017

Illustrated above, AWS is still being the market leader for Cloud IaaS which is the cloud adoption strategy that PT.XYZ used. But authors cannot assume PT.XYZ is choosing AWS simply because AWS is the best one but it must be also with the consideration of whether fulfilling the company’s cloud migration goals or not. Authors will do a comparison between AWS and Azure (as of now Azure is the biggest competitor of AWS) and make the conclusions of why PT.XYZ ended up using AWS.

1. AWS offer lower price for Reserved Instances (RI)

It is clear that buying an instance for a long-term and pay it upfront will be cheaper than on-demand or pay as you go option. In addition to that, for their future data center, 103 of 121 servers are production servers. Therefore, 85% from the migrated server is production servers. It is a wise decision to use the long-term and pay upfront option for the production server that are mostly very critical. Thus, authors will choose 3 years reserved instances on the billing options. As explained earlier when choosing the cloud migration methodology in Chapter 2.2.4, PT.XYZ require this cloud migration to be cost efficient, hence looking for which one is cheaper in providing the cloud services that they needed. By doing a comparison of a server launched in AWS and Azure, with same specifications and same certain period, authors try to indicate which one is cheaper.

Below is the result from using the AWS and Azure Pricing Calculator for 2 kinds of servers to provide more valid conclusion: a. An instance located in Southeast Asia, OS: SUSE Linux Enterprise, 1 VM, Type: General Purpose, VCPU: 16 Cores, RAM: 64 GB, Storage Volume: 512 GB, Volume Type: Standard / General SSD, Billing Option: 3 years reserved full payment upfront.

Abbildung in dieser Leseprobe nicht enthalten

Figure 3. 11 Azure Pricing Calculator Case A (Part 1)

Source: https://azure.microsoft.com/en-us/pricing/calculator/

Abbildung in dieser Leseprobe nicht enthalten

Figure 3. 12 Azure Pricing Calculator Case A (Part 2)

Source: https://azure.microsoft.com/en-us/pricing/calculator/

Abbildung in dieser leseprobe nicht enthalten

Figure 3. 13 Azure Pricing Calculator Case A (Part 3)

Source: https://azure.microsoft.com/en-us/pricing/calculator/

Abbildung in dieser leseprobe nicht enthalten

Figure 3. 14 AWS Monthly Calculator Case A (Part 1)

Source: https://calculator.s3.amazonaws.com/index.html

Abbildung in dieser leseprobe nicht enthalten

Figure 3. 15 AWS Monthly Calculator Case A (Part 2)

Source: https://calculator.s3.amazonaws.com/index.html

Abbildung in dieser leseprobe nicht enthalten

Figure 3. 16 AWS Monthly Calculator Case A (Part 3)

Source: https://calculator.s3.amazonaws.com/index.html

b. An instance located in Southeast Asia, OS: Windows, 1 VM, Type: General Purpose, VCPU: 2 Cores, RAM: 8 GB, 1 Disk Storage, Storage/Volume: 128 GB, Volume Type: Standard SSD or General SSD, Billing Option: 3 years reserved full payment upfront.

Abbildung in dieser leseprobe nicht enthalten

Figure 3. 17Azure Pricing Calculator Case B (Part 1)

Source: https://azure.microsoft.com/en-us/pricing/calculator/

Figure 3. 18 Azure Pricing Calculator Case B (Part 2)

Source: https://azure.microsoft.com/en-us/pricing/calculator/

Abbildung in dieser Leseprobe nicht enthalten

Figure 3. 19 Azure Pricing Calculator Case B (Part 3)

Source: https://azure.microsoft.com/en-us/pricing/calculator/

Abbildung in dieser Leseprobe nicht enthalten

Figure 3. 20 AWS Monthly Calculator Case B (Part 1)

Source: https://calculator.s3.amazonaws.com/index.html

Abbildung in dieser leseprobe nicht enthalten

Figure 3. 21 AWS Monthly Calculator Case B (Part 2) Source: https://calculator.s3.amazonaws.com/index.html

Abbildung in dieser leseprobe nicht enthalten

Figure 3. 22 AWS Monthly Calculator Case B (Part 3)

Source: https://calculator.s3.amazonaws.com/index.html

From the first case, result from the AWS Pricing Calculator is $ 157.84 per month and result from Azure Pricing Calculator is $ 390.63 per month. With cost savings of $232.79 per month. If calculated for 1 year and for 100 of servers, PT.XYZ can save cost around $279,348 ((12 months x 100 servers) x $232.79) in Rupiah it will be Rp3,910,872,000 ($279,348 x Rp14,000)

From the second case, result from the AWS Pricing Calculator is $ 111.76 and result from Azure Pricing Calculator is $ 143.08. With cost savings of $31.32 per month. If calculated for 1 year and for 100 of servers, PT.XYZ can save cost around $37,584 ((12 months x 100 servers) x $31.32) in Rupiah it will be Rp526,176,000 ($37,584 x Rp14,000)

2. AWS known for more experienced on IaaS

To add more reasons of why using AWS, is because Amazon Web Services (AWS) essentially created the cloud IaaS market in 2006 with the introduction of its Elastic Compute Cloud (EC2), and it still offers the richest suite of public cloud IaaS capabilities. AWS is suitable for nearly all use cases that run well in a virtualized environment. AWS is also commonly used for legacy applications in a "lift and shift" approach, as well as transformation-oriented full data center migrations, due to its solid feature set and ability to meet most requirements for security and regulatory compliance. (Gartner, 2016). While Azure was launched 4 years later in 2010. (Wikipedia, 2018)

This is indeed matched with the IaaS rehost cloud migration strategy that will be adopted by PT. XYZ.

Hence, conclusions of why AWS is the right cloud vendor for PT.XYZ is because:

1. Offer lower instance price for the preferred billing methods. Thus, it is suitable for one of PT.XYZ’s goals of a cost-efficiency.
2. Known for the first and best in offering the richest suite of public cloud IaaS capabilities also commonly used for legacy applications in a "lift and shift" approach. Which is the cloud service model and strategy that is being adopted by PT.XYZ.

3.4.2.1.3 Products of AWS That Being Used

EC2

Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides secure, resizable compute capacity in the cloud. It is designed to make web-scale cloud computing easier for developers. Amazon EC2’s have a simple web service interface which allows PT.XYZ to obtain and configure capacity with minimal friction. It’s provided with complete control of PT.XYZ computing resources and lets PT.XYZ run on Amazon’s proven computing environment. Amazon EC2 reduces the time required to obtain and boot new server instances to minutes, allowing PT.XYZ to quickly scale capacity, both up and down, as the computing requirements change. Amazon EC2 changes the economics of computing by allowing PT.XYZ to pay only for capacity that actually used. Amazon EC2 provides developers the tools to build failure resilient applications and isolate them from common failure scenarios.

EC2 Component :

- AMIs

An Amazon Machine Image (AMI) provides the information required to launch an instance, which is a virtual server in the cloud. PT.XYZ must specify a source AMI when they launch an instance. They can launch multiple instances from a single AMI when they need multiple instances with the same configuration. PT.XYZ can use different AMIs to launch instances when they need instances with different configurations.

- S3
Amazon Simple Storage Service (S3) is a highly-scalable, low-cost object storage system and designed as the backup and archive storage media. S3 stores backup data redundantly on multiple systems across AZs. Amazon S3 is object storage built to store and retrieve any amount of data from anywhere - web sites and mobile apps, corporate applications, and data from IoT sensors or devices. It is designed to deliver 99.999999999% durability. S3 provides comprehensive security and compliance capabilities. It gives PT.XYZ flexibility in the way they manage data for cost optimization, access control, and compliance. S3 provides query- in-place functionality, allowing PT.XYZ to run powerful analytics directly on their data at rest in S3.

EBS

Amazon Elastic Block Store (Amazon EBS) provides persistent block storage volumes for use with Amazon EC2 instances in the AWS Cloud. Each Amazon EBS volume is automatically replicated within its Availability Zone to protect PT.XYZ from component failure, providing high availability and durability. Amazon EBS volumes provide consistent and low-latency performance needed to run their workloads. With Amazon EBS, PT.XYZ can scale their usage up or down within minutes - all while paying a low price for only what they provision.

EBS Components :

- Volume

An Amazon EBS volume is a durable, block-level storage device that PT.XYZ can attach to a single EC2 instance. They can use EBS volumes as primary storage for data that requires frequent updates, such as the system drive for an instance or storage for a database application. PT.XYZ can also use them for throughput-intensive applications that perform continuous disk scans. EBS volumes persist independently from the running life of an EC2 instance. After a volume is attached to an instance, they can use it like any other physical hard drive. EBS volumes are flexible. For current- generation volumes attached to current-generation instance types, PT.XYZ can dynamically increase size, modify provisioned IOPS capacity, and change volume type on live production volumes.

- Snapshots

PT.XYZ can back up their data on Amazon EBS volumes to Amazon S3 by taking point-in-time snapshots. Snapshots are incremental backups, which means that only the blocks on the device that have changed after their most recent snapshot are saved. This minimizes the time required to create the snapshot and saves on storage costs by not duplicating data. When they delete a snapshot, only the data unique to that snapshot is removed. Each snapshot contains all of the information needed to restore their data (from the moment when the snapshot was taken) to a new EBS volume.

Amazon Lambda

AWS Lambda lets PT.XYZ run code without provisioning or managing servers. PT.XYZ pay only for the compute time they have consumed - there is no charge when the code is not running.

With Lambda, PT.XYZ can run code for virtually any type of application or backend service - all with zero administration. Just upload their code and Lambda takes care of everything required to run and scale the code with high availability. PT.XYZ can set up their code to automatically trigger from other AWS services or call it directly from any web or mobile app.

Amazon Virtual Private Cloud

Amazon Virtual Private Cloud (Amazon VPC) lets PT.XYZ provision a logically isolated section of the AWS Cloud where they can launch AWS resources in a virtual network that they define. PT.XYZ have complete control over their own virtual networking environment, including selection of IP address range, creation of subnets, and configuration of route tables and network gateways. Both IPv4 and IPv6 can be used in their VPC for secure and easy access to resources and applications.

PT.XYZ can easily customize the network configuration of their Amazon VPC. For example, they can create a public-facing subnet for their web servers that has access to the Internet, and place their backend systems such as databases or application servers in a private-facing subnet with no Internet access. They can leverage multiple layers of security, including security groups and network access control lists, to help control access to Amazon EC2 instances in each subnet.

Additionally, PT.XYZ can create a Hardware Virtual Private Network (VPN) connection between their corporate data center and their VPC and leverage the AWS Cloud as an extension of their corporate data center.

Amazon Virtual Private Cloud Components:

- Security Group

A security group acts as a virtual firewall for PT.XYZ instance to control inbound and outbound traffic. When they launch an instance in a VPC, they can assign up to five security groups to the instance. Security groups act at the instance level, not the subnet level. Therefore, each instance in a subnet in their VPC could be assigned to a different set of security groups. If PT.XYZ don't specify a particular group at launch time, the instance is automatically assigned to the default security group for the VPC.

For each security group, PT.XYZ add rules that control the inbound traffic to instances, and a separate set of rules that control the outbound traffic. This section describes the basic things they need to know about security groups for their VPC and their rules.

- Elastic IPs

An Elastic IP address is a static, public IPv4 address designed for dynamic cloud computing. PT.XYZ can associate an Elastic IP address with any instance or network interface for any VPC in their account. With an Elastic IP address, they can mask the failure of an instance by rapidly remapping the address to another instance in their VPC. Note that the advantage of associating the Elastic IP address with the network interface instead of directly with the instance is that they can move all the attributes of the network interface from one instance to another in a single step.

AWS Direct Connect

AWS Direct Connect makes it easy to establish a dedicated network connection from PT.XYZ premises to AWS. Using AWS Direct Connect, they can establish private connectivity between AWS and their datacenter, office, or colocation environment, which in many cases can reduce network costs, increase bandwidth throughput, and provide a more consistent network experience than Internet-based connections.

AWS Direct Connect lets PT.XYZ establish a dedicated network connection between their network and one of the AWS Direct Connect locations. Using industry standard 802.1q VLANs, this dedicated connection can be partitioned into multiple virtual interfaces. This allows PT.XYZ to use the same connection to access public resources such as objects stored in Amazon S3 using public IP address space, and private resources such as Amazon EC2 instances running within an Amazon Virtual Private Cloud (VPC) using private IP space, while maintaining network separation between the public and private environments. Virtual interfaces can be reconfigured at any time to meet their changing needs.

AWS Glacier

Amazon Glacier is a secure, durable, and extremely low-cost cloud storage service for data archiving and long-term backup. It is designed to deliver 99.999999999% durability, and provides comprehensive security and compliance capabilities. Amazon Glacier provides query- in-place functionality, allowing PT.XYZ to run powerful analytics directly on their archive data at rest. PT.XYZ can store data for as little as $0.004 per gigabyte per month, a significant savings compared to on­premises solutions.

AWS Import/Export

AWS Import/Export is a service that accelerates transferring data into and out of AWS using physical storage appliances, bypassing the Internet. AWS Import/Export Disk was originally the only service offered by AWS for data transfer by mail. Disk supports transfers data directly onto and off of storage devices of PT.XYZ using the Amazon high-speed internal network.

AWS Identity and Access Management (IAM)

AWS Identity and Access Management (IAM) enables PT.XYZ to manage access to AWS services and resources securely. Using IAM, PT.XYZ can create and manage AWS users and groups, and use permissions to allow and deny their access to AWS resources.

IAM is a feature offered at no additional charge. They will be charged only for use of other AWS services by their users.

AWS Identity and Access Management (IAM) Components:

- IAM User

An IAM user is an entity that PT.XYZ create in AWS. The IAM user represents the person or service who uses the IAM user to interact with AWS. A primary use for IAM users is to give people the ability to sign in to the AWS Management Console for interactive tasks and to make programmatic requests to AWS services using the API or CLI. A user in AWS consists of a name, a password to sign into the AWS Management Console, and up to two access keys that can be used with the API or CLI. When PT.XYZ create an IAM user, they grant it permissions by making it a member of a group that has appropriate permission policies attached (recommended), or by directly attaching policies to the user. They can also clone the permissions of an existing IAM user, which automatically makes the new user a member of the same groups and attaches all the same policies.

- IAM Roles
An IAM role is very similar to a user, in that it is an identity with permission policies that determine what the identity can and cannot do in AWS. However, a role does not have any credentials (password or access keys) associated with it. Instead of being uniquely associated with one person, a role is intended to be assumable by anyone who needs it. An IAM user can assume a roleto temporarily take on different permissions for a specific task. A role can be assigned to a federated user who signs in by using an external identity provider instead of IAM. AWS uses details passed by the identity provider to determine which role is mapped to the federated user.

- IAM Groups

An IAM group is a collection of IAM users. PT.XYZ can use groups to specify permissions for a collection of users, which can make those permissions easier to manage for those users. For example, they could have a group called Admins and give that group the types of permissions that administrators typically need. Any user in that group automatically has the permissions that are assigned to the group. If a new user joins their organization and should have administrator privileges, they can assign the appropriate permissions by adding the user to that group. Similarly, if a person changes jobs in PT.XYZ, instead of editing that user's permissions, they can remove him or her from the old groups and add him or her to the appropriate new groups. Note that a group is not truly an identity because it cannot be identified as a Principal in a resource-based or trust policy. It is only a way to attach policies to multiple users at one time.

Amazon CloudWatch

Amazon CloudWatch is a monitoring service for AWS cloud resources and the applications PT.XYZ run on AWS. They can use Amazon CloudWatch to collect and track metrics, collect and monitor log files, set alarms, and automatically react to changes in their AWS resources. Amazon CloudWatch can monitor AWS resources such as Amazon EC2 instances, Amazon DynamoDB tables, and Amazon RDS DB instances, as well as custom metrics generated by their applications and services, and any log files their applications generate. PT.XYZ can use Amazon CloudWatch to gain system-wide visibility into resource utilization, application performance, and operational health. They can use these insights to react and keep their application running smoothly.

AWS Management Console

AWS Management Console is a web application for managing Amazon Web Services. AWS Management Console consists of list of various services to choose from. It also provides all information related to the account like billing.

This console provides an inbuilt user interface to perform AWS tasks like working with Amazon S3 buckets, launching and connecting to Amazon EC2 instances, setting Amazon CloudWatch alarms, etc.

AWS Cloud Trail

AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of their AWS account. With CloudTrail, they can log, continuously monitor, and retain account activity related to actions across PT.XYZ AWS infrastructure. CloudTrail provides event history of their AWS account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services. This event history simplifies security analysis, resource change tracking, and troubleshooting.

3.4.2.2 Migration Tools

When it comes to the migration, something that always be a challenge or risks is the downtime. Need to minimize the downtime as much as possible and don’t let the migration activities halting the business operational. Cloud Migration Team should pick the right tools to perform the migration. Supporting the automation of the server migration and protect the server to ensure that the source server and target sever will be exactly the same. Migration team has decided to use either Double Take Move or AWS VM Export-Import.

3.4.2.2.1 Double-Take Move

Double-Take Move is a comprehensive migration solution. It allows PT.XYZ to move an entire server, known as a source, by mirroring an image of that source to another server, known as the target. The source and target servers can be physical or virtual. The image of the source contains the server's system state (the server's configured operating system and applications) and all of the source server’s data.

Double-Take uses patented data replication technology that allows users to continue accessing and changing data during the migration. As changes are made on the source, replication keeps the image of the source stored on the target up-to-date. Double-Take replicates, in real­time, only the file changes, not the entire file, allowing PT.XYZ to more efficiently use resources. When team are ready to cutover to the new server, Double-Take applies the source system state and after a reboot, the source is available and running on what was the target server hardware.

Abbildung in dieser leseprobe nicht enthalten

Figure 3. 23 How Double-Take Works

Source: PT.XYZ

3.4.2.2 AWS VM Import/Export

VM Import/Export enables PT.XYZ to easily import virtual machine images from their existing environment to Amazon EC2 instances and export them back to their on-premises environment. This offering allows PT.XYZ to leverage the existing investments in the virtual machines that they have built to meet their IT security, configuration management, and compliance requirements by bringing those virtual machines into Amazon EC2 as ready-to-use instances. PT.XYZ can also export imported instances back to their on-premises virtualization infrastructure, allowing them to deploy workloads across their IT infrastructure. VM Import/Export is available at no additional charge beyond standard usage charges for Amazon EC2 and Amazon S3.

In this migration activities, VM Import/Export is being used to import PT.XYZ VM image catalog to Amazon EC2. If PT.XYZ maintain a catalog of approved VM images, they can copy their image catalog to Amazon EC2 and create AMIs from the imported images. They can import their existing software, including products that they have installed such as anti-virus software, intrusion detection systems, and so on, along with their VM images. PT.XYZ can use the AMIs they create as their Amazon EC2 image catalog.

In this project, Double-Take will be the main migration tools as it will require a really short downtime approximately maximum is 30 minutes only in the cutover phase, while VM Import/Export will cause downtime in the phase of exporting and copying the VM file which can be a big downtime based on the VM size but in most cases, can be so many hours. But this Double-Take advantages come with a price to pay, and it is paid with licenses per servers migrated. Indeed, costly compared to VM Import/Export.

Hence, to make the best of out of these two tools, for production servers or critical and big servers will use Double-Take. For development server that can have longer downtime will use VM Import/Export. In some cases, there is an OS like Linux Debian which not supported by Double-Take therefore will use VM Import/Export. Also, there are some server that will be migrated but soon after moved to the cloud it will be put in stopped state, this will also use VM Import/Export.

CHAPTER 4

FUTURE PROCESS AND MIGRATION PROCESS

4.1 To-Be Business Processes

4.1.1 Future Roles and Description

After moving to the Cloud, all the other roles will remain the same except the Data Center Team under Infrastructure Team from PT. TSM will be replaced by the Cloud Team. The Cloud Team consists of people who already experienced in infrastructure, cloud computing and some are a Cloud Solution Architect certified. Half of it are people from the former Data Center Team. The responsibilities of the Cloud Team are as follows:

- Design the Cloud Architecture
- Provision the instance, storage and services from AWS
- Troubleshooting and configuration in AWS environment
- Regularly looking for enhancement for the use of the Cloud AWS
- Create the BAST (Berita Acara Serah Terima) / Acceptance Official Report
- Generate monthly billing report from AWS
Due to the IT resources (server and storage) will be launched from AWS hence vendor in this case will also be removed.

4.1.2 Future Data Center

In the current data center as described earlier in Chapter 3.3.2, there’s 633 servers including the physical servers and virtual machines. After going through checking and validation, it was found that from 633 servers, only 149 servers are actually being used optimally, and the remaining 484 servers either an underused server or essentially the server is not being used anymore.

The total capacity of migrated servers is 72.5 TB. 10 servers with 100 GB storage in total (10 x 100) + 20 servers with 200 GB storage in total (20 x 200) + 31 servers with 500 GB storage in total (31 x 500) + 20 servers with 600 GB storage in total (20 x 600) + 10 servers with 400 GB storage in total (10 x 400) + 30 servers with 1200 GB storage in total (30 x 1200) = 1000 + 4000 + 15500 + 12000 + 4000 + 36000 = 72500 GB or 72.5 TB.

MBA has 23 servers (MBA itself 7, KC 9, Rawaras 7), UDM has 26 servers (UDM itself 4, Yahadma 7, TSM 14, JC 1), UT has 72 server. These are the 121 servers that are being migrated to the cloud. The remaining 28 servers will be stayed on-premise and some of it in the near future will be dismantled depends on each purpose.

Below are the particular reasons behind the servers that will be stayed on-premise and not being migrated to the cloud:

- Encompass financial systems that stores customer’s financial information. Indonesian government have regulations for server that stores financial information are strictly forbidden to be on a data center located outside of Indonesia (the region for PT.XYZ’s cloud AWS is in Singapore). It is stated on PERATURAN OTORITAS JASA KEUANGAN NOMOR 38 /POJK.03/2016 TENTANG PENERAPAN MANAJEMEN RISIKO DALAM PENGGUNAAN TEKNOLOGI INFORMASI OLEH BANK UMUM Pasal 21 Ayat 1-3.
- Still in support contract with third-party vendor
- A monitoring server like SolarWinds that needs to stay on­premise until all the servers that are being monitored has been migrated to the cloud, and afterward the server will be dismantled
- The operating systems and the programs is too old that the migration tool and AWS is not supporting it e.g. Cobol and Windows 2000. Only if PT.XYZ decide to upgrade it hence it's possible to be migrated

Therefore, these reasons are explaining why PT.XYZ is adopting the hybrid cloud.

4.1.3 Future Network Infrastructure

Abbildung in dieser Leseprobe nicht enthalten

Table 4. 1 Future Structure Symbols Description

PT.XYZ will have 2 VPCs created in AWS Singapore region, for Primary and Secondary (Disaster Recovery) zones where compute servers and storage resources will be launched. Each AWS region (in this case is Singapore region) contains multiple distinct locations namely Availability Zones (AZ). The 2 VPCs will be set up in different AZs. An AZ is a data center and is engineered to be isolated from failures in other AZs. This is to increase the high-availability and security. Primary and Secondary (DR) VPC will be connected using direct point-to-point VPC peering to route traffic between them. Servers in either VPC can communicate with each other as if they are within the same network. Even though in this illustration the Secondary VPC (DR) seems like already have the instances and VPN device in it, actually at the situation when the Primary VPC going on well, it does not. Only if the Primary zone is collapse then the same environment and configurations will be launched in the Secondary zone and the connection will be routed to there.

From user in remote location that can be anywhere or using other than the PT.XYZ network perspective, they will connect through SSL VPN passing the customer gateway, the SSL VPN is using GlobalProtect portal, that is also provided by the Palo Alto Networks device. After getting connected to the VPN device, the Remote Desktop Web Access will be launched by RDSH on the web browser, in here user resides in the jump server located in the DMZ before can connect to the server farm or the instances inside the private network using RDP.

From user in Head Office perspective or in PT.XYZ networks or the on-premise data center in PT.XYZ head office building, they will have a direct connectivity to the server residing on the PT.XYZ cloud AWS. They just RDP directly from their laptop/pc.

4.1.4 Future Commercial Process

Abbildung in dieser Leseprobe nicht enthalten

Figure 4. 2 Future Commercial Process Activity Diagram

The improvement in the future commercial process is the actors reduced to only 4 actors while in the current commercial process there’s 5 actors. Vendor in here not needed anymore because AWS can be assumed as the vendor. Data Center Team were replaced by the Cloud Team.

The process starts with same activities as the current one. Commercial Team PT.XYZ will receive a PR from App Owner and IT Head of the other subsidiary, based on that PR, they will generate the PO. Next, the IT Head will verify the PO to make sure the items and price details are correct (as offered in the service catalog formerly). After PO has been verified, IT Head will sign it and give it back to the Commercial Team. Subsequently, Commercial Team will generate Service Order (with the PO number in it) as some sort of official letter for the execution of the service to the Cloud Team. The Cloud Team will provision the products in AWS. When it’s finished, Cloud Team will create the Berita Acara Serah Terima (BAST) or Official Acceptance Letter that describes the details of the provisioned products in AWS which will be given to the Commercial Team to be checked whether it matches the Service Order that has been generated before. Then, the BAST will be given to App Owner where they will check the actual details of the provisioned products is match with the one written in the PO. Once it has been verified, IT Head will sign the BAST as a confirmation that they have received the products as request and Commercial team will prepare the billing. Essentially, Commercial Team pays the provisioned products to AWS first then add some percentage of profit when it will be billed to the other subsidiary.

Let’s suppose the products in this scope is server and storage.

4.2 Future Technical Processes

4.2.1 Launching New Server / Instance on AWS

Abbildung in dieser Leseprobe nicht enthalten

Figure 4. 3 Launching New Server/Instance on AWS

Suppose the App Owner from PT. LUSC request a new server from PT.TSM, the Cloud Team will access the AWS Management Console and launch the new instance as requested by the App Owner. Once done, Cloud Team will inform the App Owner that the instance is ready to be installed with the apps.

The provisioning process will only take about 5 minutes. Less effort, less cost, less party and less time are needed compared to the current process.

It starts with:

a. Go to the AWS Console Management Dashboard, choose EC2

Abbildung in dieser Leseprobe nicht enthalten

Figure 4. 4 AWS Console Management Dashboard

Source: Author’s documentation

b. Click the Launch Instance button then follow the steps, select the preferable attributes on each step, click Next. Once done, click Launch

Abbildung in dieser Leseprobe nicht enthalten

Figure 4. 5 AWS EC2 Dashboard

Source: Author’s documentation

Abbildung in dieser Leseprobe nicht enthalten

Figure 4. 6 AWS EC2 Launch Instance (Step 1)

Source: Author’s documentation

Abbildung in dieser Leseprobe nicht enthalten

Figure 4. 7 AWS EC2 Launch Instance (Step 2)

Source: Author’s documentation

Abbildung in dieser Leseprobe nicht enthalten

Figure 4. 8 AWS EC2 Launch Instance (Step 3)

Source: Author’s documentation

Abbildung in dieser Leseprobe nicht enthalten

Figure 4. 9AWS EC2 Launch Instance (Step 4)

Source: Author’s documentation

Abbildung in dieser Leseprobe nicht enthalten

Figure 4. 10 AWS EC2 Launch Instance (Step 5)

Source: Author’s documentation

Abbildung in dieser Leseprobe nicht enthalten

Figure 4. 11 AWS EC2 Launch Instance (Step 6)

Source: Author’s documentation

Abbildung in dieser Leseprobe nicht enthalten

Figure 4. 12 AWS EC2 Launch Instance (Step 7)

Source: Author’s documentation

Abbildung in dieer Leseprobe nicht enthalten

Figure 4. 13 Instances Dashboard

Source: Author’s documentation

4.2.2 Attach New Volume

Abbildung in dieer Leseprobe nicht enthalten

Figure 4. 14 Attach New Volume Activity Diagram

Suppose the disk storage or volume from QA application server of PT. UT named UTQAAPP01 seems to be full and the App Owner think that a new volume is needed. App Owner will request a new volume to PT.TSM by specifying the required size. Cloud Team from PT.TSM will create a new volume on AWS, stop the UTQAAPP01 from running and attach the new volume to it. Below is the step by step illustrations of how the future attaching new volume process goes:

a. Go to the Volumes Dashboard

Abbildung in dieser leseprobe nicht enthalten

Figure 4. 15 Volumes Dashboard

Source: Author’s documentation

b. Click the Create Volume button and fill the required details

Abbildung in dieser leseprobe nicht enthalten

Figure 4. 16 Create Volume (Part 1)

Source: Author’s documentation

Abbildung in dieser Leseprobe nicht enthalten

Figure 4. 17 Create Volume (Part 2)

Source: Author’s documentation

Abbildung in dieser Leseprobe nicht enthalten

Figure 4. 18 Attach Volume

Source: Author’s documentation

4.2.3 Server Termination

Abbildung in dieer Leseprobe nicht enthalten

Figure 4. 19 Server Termination Activity Diagram

Suppose a physical server of PT. Nadara is not needed anymore. The App Owner of that application server will request Cloud Team from PT. TSM to terminate that server.

It is so easy, simple and effortless compare to the current technical process. Not more than 5 clicks and server can already be terminated and released. No need to worry about what to do to its physical form.

Abbildung in dieser leseprobe nicht enthalten

Figure 4. 20 Server Termination on AWS

Source: Author’s documentation

4.2.4 Security Access to AWS Management Console

Abbildung in dieser Leseprobe nicht enthalten

Figure 4. 21 Security Access to AWS Management Console Activity Diagram

The AWS Management Console can be assumed as the future data center room as in there is the closest state for users to see the server, storage, network, etc (in virtual) like in a data center room. But not any people even the application owner can enter it, for the best security practice it is strictly only accessible by the Cloud Team. Other team or people only allowed to access into the server directly. Cloud Team will provide the credentials to login into the servers or using the previous provided credentials.

One more step added to advance the access security to AWS Console is by implementing the MFA enforcement, the first-factor of authentication is the password credentials (what users know). The second- factor of authentication utilizes Google Authenticator as virtual MFA device to generate a 6-digits authentication code (what users have). These multiple factors authentication provide increased security for the PT.XYZ Cloud configurations and resources available in the console.

Its starts with:

a. Access PT.XYZ AWS Management Console in the browser, input the username and password.

Abbildung in dieser leseprobe nicht enthalten

Figure 4. 22 PT.XYZ AWS Login Page

Source: Author’s documentation

b. Input the MFA code generated on the Google Authenticator mobile app. Click Submit and it’s done

Abbildung in dieer Leseprobe nicht enthalten

Figure 4. 23 PT.XYZ Multi Factor Authentication Page

Source: Author’s documentation

4.2.5 Generate Consolidated IT Asset Inventory List (List of Instances)

Abbildung in dieser Leseprobe nicht enthalten

Figure 4. 24 Generate Consolidate IT Asset Inventory Activity Diagram

In the future process, Infra Team doesn’t need to come to each subsidiary to request for the IT asset inventory list, making sure it’s collected then consolidate it manually. Since all the servers used by the whole PT.XYZ group (includes all the subsidiaries) are residing on the Cloud AWS, IT asset inventory list which is consist of the instances and the volumes details will be generated by Cloud Team within 5 minutes and no more hassle to consolidate it.

This can be happened because of one of AWS feature, the AWS CLI Command. The AWS Command Line Interface (CLI) is a unified tool to manage the AWS services. With just one tool to download and configure, PT.XYZ can control multiple AWS services from the command line and automate them through scripts.

Below is the step by step illustrations of the process: a. Open Command Prompt, put the AWS CLI Command to get connected to the respective account (PT.XYZ account) and match the credentials aws sts get-session-token --serial-number arn:aws:iam::176xxxxx5:mfa/charista.saputri --token-code (input MFA)

Abbildung in dieser Leseprobe nicht enthalten

Figure 4. 25 AWS Command Line Interface (CLI)

Source: Author’s documentation

Abbildung in dieser Leseprobe nicht enthalten

Figure 4. 26 AWS Credentials

Source: Author’s documentation

Put the command to generate the IT asset inventory list like: aws ec2 describe-instances --output text --query "Reservations[*] .Instances[*] .[InstanceId, InstanceType, ImageId, State.Name, LaunchTime, NetworkInterfaces.Attachment.AttachTime, Placement. AvailabilityZone, Placement.Tenancy, Hypervisor, Platform, PrivateIpAddress, PublicIpAddress, PrivateDnsName, PublicDnsName,

Abbildung in dieser leseprobe nicht enthalten

Figure 4. 27 CLI For Generate Instances Inventory List

Source: Author’s docum

On the command above, shown some Tags words like in [Tags[?Key=='Purpose']. So, one of the ways of how the Cloud Team manage the instances, volumes, etc on the Cloud AWS Management Console is by using Tags. Each of it were tagged when it was launched, tagging value is the information, tagging is how the IT assets there were being described, a tag is like an attribute of an entity.

Below is the examples of the generated IT asset inventory list of instances using the above command (from .csv can be saved as an .xlxs and the first row of the attributes name is added manually by pasting from the older versions)

Abbildung in dieer Leseprobe nicht enthalten

Figure 4. 28 Generated Inventory Instances Inventory List

Source: Author’s documentation

Abbildung in dieser leseprobe nicht enthalten

Figure 4. 29 Generated Inventory Instances Inventory List (Final Version)

Source: Author’s documentation

4.3 The Benefits After The Future Processes (After using AWS)

Through this table below, authors tried to summarize and put the comparation before and after using Cloud AWS in a more presentable way after doing deeper analysis of current and future processes. By looking at this table, the benefits after the future processes will be seen more clearly.

Table 4. 2 Before and after using Cloud comparation

Abbildung in dieser leseprobe nicht enthalten

4.4 Cloud Migration Process

The cloud migration process is based on REMICS cloud migration theory. Activities are designed by putting the REMICS cloud migration steps as a reference. There will be 6 steps in the process: Requirement and feasibility, Recover, Migrate, Validate, Control and Supervise, Withdrawal. Those 6 steps and the output from each step will be listed and described below.

4.4.1 Requirement and Feasibility

Requirements are gathered and the main components of the solution and the scope are identified.

In this first phase, Cloud Migration Team will assess and plan by doing data gathering of the current state applications and infrastructure, understand the overall scope and environment complexity, understand the business constraints for each application to be migrated, understand the relationship between applications and infrastructure. It is crucial to collect detailed and accurate data.

This phase will create these 2 outputs:

a. Inventory

Inventory is the collection of relevant information about the current state of the data centers. The inventory is the base for all migration planning. Which servers that can be migrated and how to migrate it will be known from this inventory. In the process, it will require some maintenance because the data will keep on validated and updated and indeed it will take some time to create the best inventory for the future decision making.

Steps to create the inventory are:

- Define Data Points for Collection: Specify all the relevant data that need to be collected e.g. hostname, IP address, server location, owner, application, environment type, physical/virtual, tier, OS version, OS bit, database installed version, server processor details, memory, storage allocated, disk usage, list of interfaces, etc.
- Arrange Data Collection Systems: Set the approachment of how the data can be collected. Identify all sources from which information can be gathered. It can be from IT asset management software like Solarwinds, interviews, user inputs, discovery tools, CMDB, etc.
- Communicate Data Needs and Schedule Interviews: Talk with the respective person that can provide the required data. Set the schedule to do the interviews and direct how they can provide the data.
- Gather Information: In here lies the activity of Knowledge Transfer, between expert from each subsidiary of PT.XYZ that can provide the required data (mostly the IT Head of the subsidiary) with representative from Cloud Migration Team who also have knowledge about IT infrastructure. In the form of scheduled meeting several days on a week for a month. Completing the data points is the main goal from the meeting. Beside Knowledge Transfer meeting, the information also can come in another form of communication e.g. send a technical documentation by email. Another example is by asking the Infra Team from PT.TSM to provide the consolidated IT asset inventory list.
- Review and Summarize: Evaluate the collected data, consolidate and summarize it, export it to a more presentable and effective form.

Below is an example of the inventory:

Abbildung in dieser Leseprobe nicht enthalten

Figure 4. 30 Consolidated IT Inventory List

Source: Author’s documentation

b. Questionnaires

Questionnaires are used to gather input to the migration planning effort from application owners or from other parties who have knowledge of the applications. In this phase, data collection focus on the application related. To understand deeply of each application. Each application will get a list of questionnaires and will be given to the application owners to complete it. The answers will be cross validated with data collected in the inventory. Some of the questions will be like:

Table 4. 3 Application Questionnaires

Abbildung in dieser leseprobe nicht enthalten

4.4.2 Recover

Understanding the legacy in terms of functionality, data, constraints, quality of service, and the structure of components or the software architecture. To discover more. All the data collected and analyzed from the first phase will be studied and processed into next level which will produce more valuable outcomes as a progress.

In this second phase, Cloud Migration Team will try to understand the relationships between applications and infrastructure (application to instance, application to service, and application to application dependencies) and assemble related entities into bundles based on identified mappings. Identifying and scheduling waves, each wave can have several bundles. Categorize each server based on its migration execution complexity. Correspondingly map the application server to a suitable instance in AWS. This phase will create these 4 outputs:

a. Application Mappings

Application mappings are representations of the relationships between applications and other entities targeted for migration. Between application to instance, application to service, application to application (interface) as explained below:

- Application to instance: The current instance/server specification that can be a dependency of the application or in which the application resides e.g. physical or virtual, operating systems, memory, VCPU/CPU core, IP address, the other software version installed on the instance as the prerequisites of the application (e.g. .NET version), etc.
- Application to service: The type of service of how the application being used, like as a shared software or infrastructure.
- Application to application: The interfaces to another application server that the application has. For example, a web server can have an interface to its app or database server. Run the netstat command on each server to list all the interfaces to the other servers.

b. Instances Mappings

Each application server will be mapped to a corresponding instance in AWS. An accurate data will be the key of successful mappings. Login to every server to capture and validate server characteristics and performance, e.g. actual CPU utilization, actual memory utilization, disk allocation versus used, operating system and patch levels, network configurations, security settings, running services, etc. Review findings and data across multiple teams within PT.XYZ subsidiaries. More interview sessions had to be conducted or additional effort to execute scripts to capture interfaces information.

After confirming that the server specifications data already correct, map each application server to a corresponding instance in AWS.

The simplest way to map the source server with AWS instance is by:

- Refer to the source server specifications or application requirement. The CPU, memory, total disk allocated and disk usage, OS, disk IO, environment, purpose. Generally, environment and purpose will be added as a consideration when choosing the instance type, whether it is General Purpose, Compute Optimized, Memory Optimized, Storage Optimized. In some cases, the small and not crucial development server will use t2 instances type due to its lowest-cost general purpose instances type.
- Check the updated available instance by AWS from this link https://aws.amazon.com/ec2/instance-types/ or read this documentation https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2- ug.pdf#instance-types For the best performance, AWS recommend to use the current generation instance types.
- Map it with the available corresponding instance in AWS. If there is no exact match specification then choose the closest ones. The excel screenshots above is downloaded from ec2instance info website. Cloud Migration Team used it as the instances mapping reference. It’s updated and easy to use as it’s already in excel format that filtering data can be applied. Become easier to analyze and process the data to create faster and correct outputs.
- When choosing an instance, filter the instance storage = EBS Only is more suggested. It’s the newer instance type. Will be cheaper even when the CPU and the memory are the same. Instance store is ideal for temporary storage, because the data stored in instance store volumes is not persistent through instance stops, terminations, or hardware failures. While EBS volumes preserve their data through instance stops and terminations, can be easily backed up with EBS snapshots, can be removed from one instance and reattached to another, and support full- volume encryption. EBS volume offers high availability and durability.
- For example, it is found from the inventory list that SCIS application server have VCPU: 8, Memory: 16 GB, Disk Usage: 32 GB, a production server. Map it to c4.2xlarge with VCPU: 8, Memory: 15 GB (closest), and attach an EBS volume with size of 50 GB. (There are some rules to calculate the provisioned EBS volume size, will be explained further later, this phase is focusing on the instance mapping.

Deciding the size of the storage can be done later when launching the instances in the next phase on Migration Preparation)

Abbildung in dieser leseprobe nicht enthalten

Figure 4. 31 Current Generation Instance Types

Source: https://aws.amazon.com/ec2/instance-types/

Abbildung in dieser leseprobe nicht enthalten

Figure 4. 32 The Corresponding Instance

Source: https://www.ec2instances.info/

Abbildung in dieser leseprobe nicht enthalten

Figure 4. 33 Instances Types

Source: https://www.ec2instances.info/

c. Complexity Mappings

Another activity of mappings is assigning each server to some migration execution complexity categorization with reference to the details below:

Table 4. 4 Complexity Types

Abbildung in dieser leseprobe nicht enthalten

This migration execution complexity categorization will be used for chargeback. Chargeback is how Cloud Migration Team charge the PT.XYZ subsidiaries. More complex more cost. More complex may cause higher attention.

d. Bundles and Waves

Bundles are the smallest groupings of infrastructure and applications that must migrate together. This phase occurs after all questionnaires are completed, and mapping and move option information is obtained from the questionnaires.

There are some points to consider when creating a bundle:

- Analyze from mapping and determine the smallest possible bundle. Smaller bundle can be better.
- Focused and targeted on specific application.
- Use technical constraints to create bundles. Can be seen by the interfaces list.
- Differentiate between tightly coupled and loosely coupled servers. Each server that have dependency means tightly coupled e.g. the application and database server of HCMS will be tightly coupled. While the servers that only got interfaces means loosely coupled.
- A bundle of standalone application or application loosely coupled or no database interfaces and in development environments can be used for the pilot project of migration.
- Servers that will need to migrate or transform together.
- Same application owners are common.
- Same outage windows.
- After bundles are set no changes should be done to any server. Like installing new applications, setting up jobs, etc cause any such change can break the bundle as new interfaces may get created.
- A bundle will need to rollback to the source data center or pre­transformation state if not-resolvable issues are encountered

Below are 2 examples of bundling. The red arrow means tightly coupled. The blue arrow means loosely coupled:

Abbildung in dieser Leseprobe nicht enthalten

Figure 4. 34 Example of a Bundle

Source: Author’s Documentation

Waves are the schedule of migration execution. One wave can have several bundles. Suppose Wave 1: 6-8 July 2018, Wave 2: 13-15 July 2018, and on Wave 1 there will be 3 bundles. Bundle 1: 3 servers, Bundle 2: 5 servers, Bundle 3: 4 servers. Means in 6-8 July 2018 (Waves 1) there will be 12 servers to migrate. Typically, each wave will happen on weekends. Questions that will be a consideration when scheduling the waves:

- Which bundling will need or suggested to migrate together?
- Does this application have upcoming deployments that may prevent or hinder the migration?
- If it’s supported by third-party, when it will be end so it can be scheduled to migrate after the supports from third-party ends?

4.4.3 Migrate

Developing the new architecture and modernizing components, implementing new ones or identifying external services and composing services according to the new architecture. Not only that, but also with detailed migration plan prior those activities of migration.

In this third phase, Cloud Migration Team will schedule the hour-by­hour plans for execution. Assign resource for each activity. Prepare and execute the cutover activity.

This phase will create these 2 outputs:

a. Detailed Migration Plan

Full set of activities to be executed to perform a migration, including pre­migration and post-migration activities. Defines the exact steps, the dependencies, the assigned user, and the planned time for every activity that makes up the migration of an entity. Identify owners/executors of each activity and confirm their availability. Owners/executors of an activity also can be from subsidiary side which is the application owner, need to confirm their availability and capability to help validate the application post installation. In hour-by-hour plan. A detailed instruction including accurate estimate duration will give benefits in auditing, better handoffs, better troubleshooting and rollback, better estimation and better for future references.

Phases in brief:

- T- (15D): Planning and preparation activities which must be executed in 15 days before leading up to the migration date.
Including:
- T0 (10H): Activities to be executed during the main 10 hours of migration, these are the cutover activities.
- T+ (7D): Cleanup or follow-up activities which must be executed in 7 days after the migration completion.
- Rollback: Fallback activities which are planned, and only executed when there are issues during T0 that cannot be overcome before the end of the application outage window, to move the entity back to its original data center.

It will be listed on excel format as shown below. This is used as an hour- by-hour plan template (Start-End Date and Time, Duration is adjustable):

Abbildung in dieser Leseprobe nicht enthalten

Figure 4. 35 Hour by Hour Migration Plan Template

Source: PT.XYZ

b. Migration Preparation and Execution

Migration Preparation are the actual realization of the T- tasks. The tasks that happened in 15 days before the migration execution/cutover. Including:

- Install Double-Take agent on the source server. Post installation, confirm that it’s connected with the Double-Take Management Console server.
- Calculate the Double-Take staging folder that will reside on the target server. Calculate it from source server by:
- Select all folder of c:\documents and settings, program files, program files (x86), program data, windows, users, total 6 folders, then right click properties look at the total. Current total disk usage + total GB of that 6 folders + 10% of all this = volume size needed for the target instances in AWS.
- Launch the target instance on AWS with the type based on the instance mapping done previously and attach the EBS volumes with the size calculated from previous step.
- Rename target server with ‘DT-Source Server Name’.
- Add the mandatory tags to the target server (Name, Environment, Application, Purpose, App Owner, Sub holding, Subsidiary). As explained earlier, tags are used as the instance attributes or description.
- Reboot the target server.
- Start the replication from source server to target server in Double-Take console.
- Validate Double-Take job status to be in protecting mode. Protecting mode is when data from source server automatically sync to the target server. Changes on source server will be mirrored or replicated to the target server in real time.
- Ensure source server can be logged using local account/domain account as provided by the application owner. Confirm same account access on target post migration.
- Ensure last backup is successful.
- Run pre-migration scripts in the source server to capture services, capture installed applications or programs list, count the file and folder also with the size. Save the generated file, will be compared with the post-migration scripts later for validation purpose.

Migration Execution are the steps taken during the migration wave (T-Zero tasks). During the migration, the Migration Execution team focus on key areas are Command Center, Issue Management and Migration Dashboards.

- Command Center:
- Tracking the progress of the migration, and alerting resources who are falling behind.
- Managing and coordinating the resolution of issues.
- Communicating the high-level migration progress to stakeholders.
- Migration Execution team will oversee the command center.
- Issue Management:
- Tracking and resolution of the issues encountered.
- Status’s - Issue Identified/Fix, Identified/Resolution in Progress/Issue, Closed, Failed/Follow-up Required.
- Execution Dashboard:
- The purpose of the dashboards is to have a consolidated spot of all activities and their status.

Below is an example of the execution dashboard that need to be updated based on the activities status.

Abbildung in dieser leseprobe nicht enthalten

Figure 4. 36 Migration Execution Dashboard

Source: PT.XYZ

For the technical process of the migration execution process are:

1. If using Double-Take tools:

- Open the Double-Take (DT) Console, go to manage servers and add the servers based on the same bundles.
- Make sure the Double-Take (DT) Agent installed on each source server is connected to the console then set the Full-Server Migration job to the target server resides in the AWS.
- After completed and passed the synchronizing and protecting state, confirm blackout of servers is initiated, confirm database & application shutdown by application team. This is the only time when the downtime occurred.
- Execute the cutover or failover. Ensure during cutover no errors on DT console, if any errors re-initiate cutover (Migration Execution / Cutover).
- Once cutover complete, validate source server shut down and target server in running. The target server in AWS will be up replacing the source. Below is a random screenshot of the process

Abbildung in dieer Leseprobe nicht enthalten

126 Figure 4. 38 Double-Take Console (Part 2)

Source: Author’s documentation

Abbildung in dieser Leseprobe nicht enthalten

Figure 4. 38 Double-Take Console (Part 2)

Source: Author’s documentation

2. If using VM Import/Export:

- Shutdown the application server (Migration Execution / Cutover).
- Initiate VM export and create the VM image file.
- Save the VM image file to PT.XYZ jump server.
- Copy the VM image file to AWS S3 bucket.
- Convert the VM image file into AWS AMI.
- Launch an instance in AWS from the AMI.

Post migration execution or cutover there will be these activities:

- Add server to the respective domain and organizational unit in the active directory
- Reconfigure IP based interfaces to new IP

4.4.4 Validate

Testing and checking the quality of the new system, the coverage of the legacy features and the changes introduced in the migration.

In this fourth phase, Cloud Migration Team will do some validation activities to confirm the application up in the target server is reachable correctly and smoothly and check that all data and programs reached its target environment.

The validation activities such as:

- Confirm target server login using the same access from source server.
- Test application login & execute UAT.
- Validate interfaces.
- Compare and validate with the file generated from the pre-migration scripts that capture services, capture installed applications or programs list, count the file and folder also with the size of the source server.

4.4.5 Control and Supervise

Provide elements to control the performance of the system and to modify that performance.

In this fifth phase, Cloud Migration Team will do some post migration activities or T+ (7D) activities which cleanup or follow-up activities which must be executed in 7 days after the migration completion. Such as:

- Remove DT agent and the DT staging folder (if using DT tools)
- Confirm legacy tools removed as part of group policy update
- OS License activation
- Activate Application license (if applicable)
- Configure DB level backup
- Configure monitoring
- Configure patching
- Hypercare activities

4.4.6 Withdrawal

Finalizing it or doing a rollback. In the event of an issue during the migration that cannot be resolved during the outage window, a rollback of the bundle may be necessary. All rollback must happen at the bundle level, entities within a bundle cannot be backed out individually. Once a bundle has been set for rollback, it must be rescheduled into another wave, it can no longer be a part of the wave being executed.

The technical process of a server rollback:

- Stop the target server in AWS.
- Start the on-premise or source server.
- Check the application is running fine after the rollback.

4.4 Lesson-learned

The lesson-learned authors found from PT.XYZ and the cloud migration project

are as follows:

1. Try to minimize the effort of collecting the data for the inventory list by creating a list of question and data points completely since the start. Not keep on updating the list of question and data points and back to the application owners again. Make sure to meet the competent or correct application owners. This is to reduce the number of meetings with the application owners which cause lot of time in making appointment and keep on validating the data.
2. No need to go back to the phase of collecting data for inventory list when already do the bundling and setting waves. Work in sequence and moving forward.
3. Make a runbook of the migration technical process, use detailed instructions, including screenshots and accurate duration estimation for auditing, better handoffs, better troubleshooting and rollback, better estimation and as future references. This will help a lot for a new member in the cloud migration team to learn and follow.
4. When initiating the activity of the cutover (the source server will automatically shut down), remove or turn off from the monitoring tools so it will not trigger an automatic alarm and create an incident.
5. Build a good communication inside the team, across the team and also stakeholders from PT.XYZ. Communication is also the key to a successful project. Don’t work individually and avoiding discussion. Don’t work only on their own task or responsibility and completely ignorant of other task or issue from other people involved in the project.
6. It is suggested to optimize the use of cloud AWS features and keep on looking for innovation.
7. There are some servers that stayed on-premise (hybrid cloud), means the on­premise data center is still there and being used. Suggestions from authors is to improve the security technology and regulations, because the current one is not safe just with the guidance of data center team but they also not really paying attention of the guest. Also remove all the floors server to the main data center room if possible. Because the floor server doesn’t have security at all.

CHAPTER 5

CONCLUSIONS AND SUGGESTIONS

5.1 Conclusions

By illustrating and analyzing the current processes and infrastructure, it is easier to show the hole in the current processes that need to be patched by doing a cloud migration. From the commercial process, when provisioning an IT products such as server and storage will need a lot of documents or approval that includes a lot of stakeholders, this will cause a lot of time and effort before actually received the value from the ordered products. From the technical process of launching a new physical servers, the problems found are the whole process is depending on the vendor, whether the required products is available or not, and then waiting for the shipment, then need to prepare the rooms including the racks first. From the technical process of upgrading disk storage, also will takes time and effort on the procurement. From the technical process of on-premise physical server termination, it is an issue to go directly to the physical form of the server that can be located at anywhere and think about what to do to the unused hardware. From the security of current process of entering data center, it can be seen that it is not as secure as written on the regulation when it still involve human activity to guard the room and escort the outsider, when they are not actually guarding and pay attention when escorting. From the process of generating consolidated IT asset inventory, need incremental manual work from infrastructure team to request and follow up the list from application owner, which is putting a lot of effort and time. Put the processes aside, from the current network infrastructure illustration, some of it can be more advanced and less issue for the long-term future by using cloud. From the current data center infrastructure, it’s also found the need to do a big transformation because only 149 are actually being used optimally from 633 servers resides in there.

The preparations prior to cloud migration are choosing the right cloud methodology from the existing migration methodology as the based to do the cloud migration, which on this case we are comparing between Butterfly, Laszewski and Nauduri, and REMICS migration methodology. Our conclusions ended up choosing the REMICS because as seen from REMICS steps, it is the most fit with the migration goals and scenario, that have similar steps with Rehost (Lift and Shift), towards IaaS cloud migration, also low complexity because support the used of automatic migration tools, explained from lot of resources it is confirmed that REMICS is the one that most commonly used for the cloud migration. Beside choosing the right methodology, authors also comparing which is the best cloud vendor and why, authors compared between AWS and Azure and ended up found the reason why prefer AWS, that is because AWS offer lower price for the Reserved Instances (RI) and AWS known for the first and best in offering the richest suite of public cloud IaaS capabilities also commonly used for legacy applications in a "lift and shift" approach, which is the strategy being adopted on this cloud migration project.

The phases of migration process based on REMICS migration methodology is through analyzing requirement and feasibility of the existing on-premise data center and create an inventory list, validate it and decide which can be migrated or not. Give a questionaries specifically about each applications and gain deeper informations about each application which will be migrated. Do a bundling to plan and schedule the migration cutover execution. In the migration execution, each server will be migrated either using Double-Take or VM Import/Export based on each case. After the migration, application owners of each server do a validation and testing to match the target server in cloud is in an exact match when it’s still as a source server in on­premise data center. The last steps are controlling and supervising the migrated servers on the cloud. Only if an issue was found, then will go with the withdrawal or rollback.

5.2 Suggestions

The suggestions from authors for the future research related to cloud or topics that can be a continuity from this thesis that is also authors limitation on writing this thesis are:

1. The impact of cloud migration or cloud computing for PT.XYZ or an enterprise efficiency. Can conduct an analysis about how big is the efficiency and specifying the area that gain the most efficiency.
2. Cloud migration of SAP servers. As seen from many articles or study case found on the internet or from IT consulting company, currently cloud migration of SAP servers is getting common and known for its difficulty. The migration process are different and more complex than the application server migration as done on this project.
3. Security of using the AWS cloud or other cloud provider. Many discussions are debating the security of cloud. This will be an interesting topic and to show another perspective. Can do an in-depth analysis and comparation between before using cloud and when using cloud.

REFERENCES

Booch, G., Rumbaugh, J., & Jacobson, I. (2005). The Unified Modeling Language User Guide. Boston: Pearson Education.

Buyya, R., Broberg, J., & Goscinski, A. (2011). Cloud Computing Principles and Paradigms. Hoboken: Wiley.

Cretella, G., Martino, B. D., & Esposito, A. (2015). Cloud Portablity and Interoperability, Issue and Current Trends. Springer.

Darrow, H. (2016, July 6). Lies, Damned Lies, and Cloud Adoption Numbers. Retrieved March 8, 2018, from Fortune: http://fortune.com/2016/07/06/cloud- adoption-numbers/

Dunstan, J. (2017, February 27). IBM Blog. Retrieved March 8, 2018, from https://www.ibm.com/blogs/cloud-computing/2017/02/27/companies- increasing-cloud-managed-services/

Ellram, L. M., & Siferd, S. P. (1993). PURCHASING : THE CORNERSTONE OF THE TOTAL COST OF OWNERSHIP CONCEPT. JOURNAL OF BUSINESS LOGISTICS, 164.

Ferrin, B. G., & Plank, R. E. (2002). Total Cost of Ownership Models : An Exploratory Study. Journal of Supply Chain Management.

Gorelik, E. (2013). Cloud Computing Models. Massachusetts Institute of Technology. Cambridge: Massachusetts Institute of Technology.

Henderi. (2008). Unified Modeling Language (UML): Konsep dan Implementasinya Pada Pemodelan Sistem Berorientasi Objek dan Visual (Buku I). Tangerang: STMIK Raharja.

Hutahaean, J. (2017). Konsep Sistem Informasi. Yogyakarta: Deepublish.

Ilieva, S., Krasteva, I., Benguria, G., & Elves^ter, B. (2013). Enhance your Model- driven Modernization Process. 3.

Kure, E. (2018, February 19). Adopsi Cloud di Indonesia Masih Rendah. Retrieved March 7, 2018, from BeritaSatu:

http://id.beritasatu.com/telecommunication/adopsi-cloud-di-indonesia-masih- rendah/172065

Laszewski, T., & Nauduri, P. (2011). Migrating to the Cloud. Syngress.

Laudon, K. C., & Laudon, J. P. (2007). Sistem Informasi Manajemen Edisi 10. Jakarta: Penerbit Salemba Empat.

Leong, L., Smith, D., Bala, R., & Lowery, C. (2017). Critical Capabilities for Public Cloud Infrastructure as a Service, Worldwide. Stampford: Gartner Inc,.

M.N., R. (2015). Cloud Computing. Delhi: PHI Learning Private Limited.

Mohagheghi, P., Berre, A.-J., Henry, A., & Sadovykh, A. (2010). REMICS- REuse and Migration of Legacy Applications to Interoperable Cloud Services. Univ. of Pau - Netfective Technology- France (p. 3). France: Fundacion European Software Institute.

Monk, E., & Wagner, B. (2013). Concept in Enterprise Resource Planning. Boston: Course Technology.

Nugroho, A. (2010). Rekayasa Perangkat Lunak Berbasis Objek dengan Metode USDP. Yogyakarta: Penerbit Andi.

Pahl, C., Xiong, H., & Walshe, R. (2013). A comparison of on-premise to cloud migration approaches. Springer, (p. 2). Malaga.

Rainer Jr., R. K., Prince, B., & Casey, C. (2015). Introduction to Information Systems. Singapore: Wiley.

Ronthal, A., Edjlali, R., & Greenwald, R. (2018). Magic Quadrant for Data Management Solutions for Analytics. Stamford: Gartner.

Rosa, A., & Shalahudin, M. (2011). Modul Pembelajaran Rekayasa Perangkat Lunak (Terstruktur dan Berorientasi Objek). Bandung: Modula.

Rosa, A., & Shalahudin, M. (2014). Rekayasa Perangkat Lunak Struktur dan Berorientasi Objek. Bandung: Informatika.

Rouse, M. (2012, May 1). Tech Target. Retrieved March 8, 2018, from https://searchcloudapplications.techtarget.com/definition/cloud-migration

Satzinger, J. W., Jackson, R. B., & Burd, S. D. (2012). System Analysis and Design in a Changing World. Boston: Course Technology.

Sugiyono. (2008). Metode Penelitian Bisnis. Bandung: Alfabeta.

Suharsono, & Retnoningsih, A. (2017). Kamus Besar Bahasa Indonesia. Semarang: Widya Karya.

Sutarman. (2012). Pengantar Teknologi Informasi. Jakarta: Bumi Aksara.

Tripathy, P., & Naik, K. (2015). Software Evolution And Maintenance. Canada: WILEY.

Widodo, P. (2011). Pemodelan Sistem Berorientasi ObyekDengan UML. Yogyakarta: Graha Ilmu.

Wikipedia. (2018). Microsoft Azure. Retrieved from Wikipedia:

https://en.wikipedia.org/wiki/Microsoft_Azure Woods, Jeff;. (2011). Five Options for Migrating Applications to the Cloud: Rehost, Refactor, Revise, Rebuild or Replace. (pp. 10-14). Mexico City: Gartner.

Wu, B., Lawless, D., Bisbal, J., Richardson, R., Grimson, J., Wade, V., & O’Sullivan, D. (1997). The Butterfly Methodology : A Gateway-free Approach for Migrating Legacy Information Systems. Proceedings of the 3rd IEEE Conference on Engineering of Complex Computer Systems (ICECCS97) (pp. pp. 200-205). Como: IEEE Computer Society.

ATTACHMENTS

Interview Transcript with T. W.K. (Cloud Architect of Project PT.XYZ) Q:

What is the problems in PT.XYZ that trigger the idea to move to cloud?

A: Capital Expenses (CAPEX) to Operational Expenses (OPEX), reduce Total Cost of Ownership (TCO), scalability and flexibility, efficiency, security.

Q: What is the cloud provider vendor that PT.XYZ using?

A: AWS.

Q: Why AWS?

A: AWS is cheaper you can try use the calculator and compare.

Q: Which business / technical processes can we compare and describe before and after migration to the cloud?

A: Well you can compare the commercial process, technical processes like launching a server, generate consolidated IT assets, when terminating a server and many more. Q: What AWS products PT.XYZ are using?

A: As you can see. There are so many, like EC2, VPC, Direct Connect, EBS volumes, etc.

Q: Talking about after adopting the cloud, are there any departments or roles got replaced or added?

A: Yes, the cloud team included people whose understand more about cloud architecture and AWS environment management.

Interview Transcript with A. P. (Cloud Migration Lead of Project PT.XYZ)

Q: What strategy that PT.XYZ chose in adopting the cloud?

A: Hybrid.

Q: Why not all servers can be migrated?

A: It’s the business needs, different server different purposes, some servers cannot be migrated like the financial systems, in contract support with third-party vendor, a monitoring server, or it’s too old.

Q: What kind of cloud service that PT.XYZ will use on cloud?

A:IaaS.

Q: Why IaaS?

A: Client has existing data center and the objective is to move this data center to cloud so from CAPEX to OPEX.

Q: What is the cloud migration methodology?

A: Rehost/lift-shift.

Q: Why rehost/lift-shift?

A: Quicker and more cost efficient.

Q: What is the step by step of the migration process?

A: Assess, plan, design, build, execute, validate, and handover it.

Q: What is the scope of the migration? 150 applications, translating to 244 servers,

residing in on-premise data center

Q: What the migration tools that will be used?

A: Double Take and AWS VM Import/Export.

Q: When to use Double Take and when to use the AWS VM Import/Export?

A: Double Take for servers that are more critical because shorter downtime is needed, VM Import/Export vice versa.

Abbildung in dieser Leseprobe nicht enthalten

Attachment 1 (A1) The Main On-Premise Data Center in PT.XYZ Head Office Building

Source: Author’s Documentation

Abbildung in dieer Leseprobe nicht enthalten

Attachment 2 (A2) One of The Floor Servers Entrance Door

Source: Author’s Documentation

Abbildung in dieser Leseprobe nicht enthalten

Attachment 3 (A3) The Floor Servers

Source: Author’s Documentation

Details

Pages
153
Year
2018
ISBN (Book)
9783668861008
Language
English
Catalog Number
v446743
Grade
Tags
cloud migration remics

Author

Share

Previous

Title: Cloud Migration from on-premise data center to AWS at PT.XYZ