Cloud Infrastructure Migration Planning update – December 2018

By Paul Petersen | December 21, 2018

Welcome to the Cloud Infrastructure Migration Planning (CIMP) update, provided by the Cloud Advisory Group (CAG). The mission of the CAG is to facilitate the adoption of cloud computing across LITS for the purpose of migrating Emory’s on-premises data center infrastructure to Amazon Web Service (AWS).

The goal of this monthly article is to provide project teams, stakeholders, and interested community members with progress reports, updates on key discussion topics, and noteworthy events.

In This Update:

  • AWS re:Invent
  • Cloud Infrastructure Migration Planning (CIMP) Highlights
  • What is the Review Board?
  • Workshops

AWS re:Invent

AWS re:Invent is an annual learning conference hosted by Amazon Web Services for the global cloud computing community. The event features keynote announcements, training and certification opportunities, access to more than 2,000 technical sessions, a partner expo, after-hours events, and so much more. Emory sent several individuals to attend in Vegas this year, and here’s what they had to say: 

From Derek Cox:

“One of my favorite parts of the conference was the Hackathon for Charity. Since organizations typically develop solutions in silos, I wanted to see how people from different technology backgrounds (front-end developer, back-end developer, sys/ops engineer, and program manager) come together to build out a solution.

Although we did not win (we were short a front-end developer and our back-end developer was a .Net programmer and was not that skilled with server-less technology), the judges from Game Changer said that out of the designs, ours was the best. Next time we will have to fully evolve the code into the design.

The Hackathon design from Derek Cox’ team.

Overall, it was a great learning experience and I met my objective of how to see how a program comes together with the various IT Resources.”

From Rohith Mandala:

“My main focus attending this conference was to get some insight into AWS migration strategies and implementation for CI/CD, JMS, Containers, and ESB solutions. I met some good folks from different areas of IT and got to know their experiences working with AWS and the current trends in software development and operations on the cloud. The conference was well-organized in terms of the quality of content provided in the sessions, workshops and vendor booths. I highly recommend attending this conference, but plan well ahead to beat the crowd to get seats into the sessions and workshops that interest you.”

Cloud Infrastructure Migration Planning Project Highlights

As you may recall from Mark Kawasaki’s November 2018 article, the Emory Cloud Infrastructure Migration Planning (CIMP) project seeks to research and recommend strategies and options for the migration of Emory University IT assets to the cloud. The scope of services will include all LITS-managed IT assets residing in one of the existing data centers.

Last week, the CIMP project ended Sprint 9 with a 90-minute Sprint Review session. This extra-long review session was the result of missing the Sprint 8 Review due to the Thanksgiving holiday. Below is a list of a few of the accomplishments presented during the review session:

  • IAM Roles and PoliciesIn an easy-to-follow presentation, Zach Cox outlined three conceptual approaches for controlling access to our AWS accounts and resources.
    • The first approach was horizontal support roles that provide access to a set of resources across all applications. For example, the database team may have a role that would allow them to access the AWS database resources across all applications.
    • The second approach was vertical support roles that provide access to all resources for a particular application. In this model, there would be a role for each application and the database team would be added to the application roles that they support.
    • The final approach was a hybrid design that would use a combination of the horizontal and vertical access methods. With this approach, the Application support teams would be part of vertical roles while the infrastructure support teams, like the database team, would be part of a horizontal role.  The presentation was aided greatly by several diagrams Zach created that can be found here: https://wiki.service.emory.edu/display/EAWS/CIMP-205+-+Define+Emory+Roles+and+Conceptual+IAM+Policies
  • PeopleSoft ELM Migration Raj Garrepally described his experience of successfully migrating a pilot instance of PeopleSoft ELM to AWS. Similar to the other test migrations, Raj used a modified “lift-and-shift” approach for the web and application servers and AWS RDS for the databases. He was also able to use an AWS load-balancer instead of the on-premises F5 load-balancer. Raj also reported that while no formal performance measurements had been taken, the application seemed to function in AWS like it does on campus. As a next step, Raj will be testing AWS auto-scaling.

  • Rohith Mandala (on right).

    Cloud Formation Pipeline Demonstration Building on work done from the “AWS at Emory” project, Rohith Mandala was able to build an automated pipeline that deploys and tests the basic account CloudFormation template every time a change is made. This infrastructure will help to increase the speed of our CloudFormation template development efforts. Rohith used the native pipeline capabilities present in Bitbucket along with several utility programs written as part of the AWS at Emory project to accomplish this task.

Here is a link to the meeting recording of the Sprint Review session:

https://emory.app.box.com/file/364091297430 (download and play locally for best quality)

As we enter the holiday seasonEmory’s winter recess comes at a very good time for the Cloud Infrastructure Migration Planning (CIMP) project. We have one more sprint (number 10) before the winter recess. Then we will break and not start our next sprint until January 7.

What/Who is the Review Board?

In August, the Cloud Infrastructure Migration Planning (CIMP) project established the Review Board to act as a sounding board and approval body that sits between the Cloud Advisory Group and the Cloud Steering Committee. The Review Board includes the following project stakeholders: Sriram Chari, John Connerat, John Ellis, Jimmy Kincaid, Brad Sanford, and Steve Wheat.

Unlike the Cloud Steering Committee, the Review Board has the time to listen and discuss technical and process details of the project. In fact, the members of the Review Board seem to relish in the details, which has made the Review Board an extremely valuable, and sometimes difficult, check-point for key design decisions.

Presenting to this very technical Review Board made up of mostly LITS Leadership has been an important milestone for project team members from both a technical and professional development perspective. Repeat presenters to the Review Board have learned to be more effective presenters and to better anticipate questions. This has resulted in higher-quality proposals and recommendations, which has led to quicker decisions for the project team.

Zach Cox

“My Review Board experience was very informative, especially regarding the valuable feedback they gave,” said Zach Cox, cloud security specialist. “Their input allowed me to fine-tune my approach and ensured I was working in the right direction for leadership. It’s absolutely wonderful to have this interaction between the working group and the steering committee.”

The current meeting schedule is roughly every two weeks. The format for the meetings is to have rotating presenters from the project team go before the Review Board. If you would like to listen to the December 5 Review Board meeting, here is a link:

https://emory.app.box.com/file/362733132810 (download and play locally for best quality)

Workshops

The CIMP project includes more than twenty-five team members with different skills and levels of experience. One of the challenges of having such a diverse team is we don’t know enough collectively about AWS to design and build an effective solution. Typically, we have a common understanding of what we would like to achieve and we know technically what we would like to do, but we are not familiar with all of the configuration options within AWS to know the best way to implement it. Sometimes this problem extends beyond technical details to the actual words we use to talk about the options.

The project team is developing a series of workshops to help address these issues. The purpose of these workshops is to bring the larger team together to go over key AWS features and work through exercises together. This has helped to develop a common understanding and vocabulary, which has helped to make the team more efficient.

To date we have had the following workshops and we are in the planning stages of a DevOps workshop and Database workshop:

AWS Security – Part I

AWS Security – Part II

Identity & Access Management (coming soon)

While the initial intent of these workshops was to address the needs of specific teams, we have found the workshops to be beneficial for the entire team. I suspect the same is true for staff outside of the project team.

Contact Us

If you have questions or want to get more involved with the migration work, please contact us at: LITSCloudAdvisoryGroup [at] emory [dot] edu.

You may also reach out directly to any of the CAG members: Alex Berry, Ramya Bommareddy, Joel Burke, Steve Collins, Zach Cox, Eddie Feliciano, Mark Kawasaki, or Paul Petersen.

Please let us know if you have feedback on the content or format of our update.

This entry was posted in Projects and Processes and tagged , . Bookmark the permalink. Post a comment or leave a trackback: Trackback URL.

Post a Comment

Your email is never published nor shared. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

*
*