Cloud Migration
From on-prem to cloud. Zero downtime.
Strategic migration with 5R assessment, hybrid bridge and gradual switching. Not lift & shift at triple the cost.
Why lift & shift doesn’t work¶
Moving on-prem VMs 1:1 to the cloud is the fastest path to triple the costs with the same problems. VMs designed for dedicated hardware inefficiently utilize cloud resources. Missing auto-scaling, managed services, cloud-native patterns.
5R Assessment Framework¶
For each workload we decide the strategy:
| Strategy | When to use | Example |
|---|---|---|
| Rehost | Legacy with short lifespan, quick win | Old reporting server → VM in cloud |
| Replatform | Functional app, benefit from managed services | .NET app → App Service + managed SQL |
| Refactor | Core system, need for scaling | Monolith → microservices on K8s |
| Replace | Commodity function, SaaS exists | On-prem email → Microsoft 365 |
| Retire | Nobody uses, nobody admits | Shadow IT, abandoned projects |
Typical mix: 20% rehost, 40% replatform, 25% refactor, 10% replace, 5% retire.
Migration Waves¶
We don’t migrate everything at once. Waves of 2-4 workloads:
Wave 0 — Foundation (2-4 weeks): Landing zone, networking, IAM, security baseline, monitoring. Terraform modules for standard patterns.
Wave 1 — Pilot (4-6 weeks): 2-3 workloads with different risk profiles. Process validation, tooling, networking. Lessons learned.
Wave 2-N — Production (2-4 workloads/month): Systematic migration. Hybrid bridge, traffic shifting, automated validation. Each wave more efficient thanks to mature tooling.
Wave Final — Consolidation (4-6 weeks): Decommission on-prem. FinOps optimization. Documentation. Knowledge transfer.
Dependency Mapping¶
Before migrating the first server, you need to know what depends on what. Automated discovery (Azure Migrate, AWS Migration Hub) + manual validation with application owners.
Output: dependency graph with risk scoring. Workloads with fewest dependencies migrate first. Tight clusters migrate together.
Hybrid Bridge¶
Transitional period where on-prem and cloud coexist:
- Networking: VPN or ExpressRoute/Direct Connect. Low-latency connection.
- DNS: Gradual endpoint switching. Traffic splitting for canary.
- Data sync: CDC for real-time replication. Consistency validation.
- Monitoring: Unified dashboard across both environments.
- Rollback: Switch back anytime. Hybrid bridge remains until migration is stable.
Časté otázky
Assessment: 2-4 weeks (from 300K CZK). Pilot: 4-6 weeks. Full migration: depends on number of workloads. Typically, investment pays back in 12-18 months through FinOps optimization.
Yes. Hybrid cloud is a legitimate long-term strategy. VPN/ExpressRoute, consistent management, unified monitoring. Sometimes on-prem is the right choice (data residency, latency).
Every step has a rollback plan. Hybrid bridge means the old system runs until the new one proves quality. We never disconnect on-prem without validation.