AWS Partner Network (APN) Blog

Automated Migration of Multi-Tier Applications to AWS at Scale Using Veritas Cloud Mobility

By Alok Abhishek, Sr. Product Manager at Veritas
By Tushar Bandopadhyay, Distinguished Engineer (R&D) and Architect at Veritas
By Jim Huang, PhD, Sr. Partner Solutions Architect at AWS

Connect with Veritas-1

For many organizations, the amount of data they own and manage is growing at a very high rate, but so is the number of applications they’re responsible for. This growth, coupled with the heterogeneity of technology infrastructure, makes managing IT systems and applications more complex.

Customers are looking to Amazon Web Services (AWS) to increase agility, speed, and availability of complex on-premises infrastructure. By migrating IT applications to AWS, you can reduce cost, improve availability and security, and increase agility and scalability.

Many AWS customers ask for guidance in migrating their IT infrastructure that is built on top of heterogeneous technologies and multi-tier applications. This includes applications consisting of more than one layer such as web, application, and database.

Veritas is an AWS Partner Network (APN) Advanced Technology Partner with the AWS Storage Competency. Its solutions help enterprises address information management challenges including backup and recovery, business continuity, software-defined storage, and information governance.

In this post, we will explore how organizations can use the Veritas Cloud Mobility—part of the Veritas Resiliency Platform—for non-disruptive migration of complex multi-tier applications from on-premises to AWS.

Cloud Mobility Technology

For customers looking to rehost (lift and shift) workloads to AWS, Veritas Cloud Mobility simplifies migration by abstracting complexity in large-scale migration.

Cloud Mobility helps customers automate migration to AWS with several key capabilities, including virtual business services (VBS), resiliency planning, Recovery Point Objective (RPO) and Recovery Time Objective (RTO), non-disruptive rehearsals, reporting and risk insights, and failback.

Let’s take a look at each of the key aspects of the Cloud Mobility technology.

Virtual Business Services (VBS)

A VBS represents a multi-tier application as a single, consolidated entity and allows you to manage workloads based on the overall business service they support.

This eliminates the need for managing different application tiers individually, and enables a simple migration process for a large multi-tiered application that would otherwise need to be migrated at the individual system level.

Customers can define the stop and start order of multi-tier application, and Cloud Mobility will follow this order when migration is performed on the VBS. In Figure 1, we’ve shown how you can define three-tier business service layers: database, application, and web.


Figure 1 – With VBS, customers can define the stop and start order for multi-tier applications.

In this example, the database tier (lowest tier) will start first, followed by the application tier, and the web tier (top tier) will start last. To revert a multi-tier application migration, Cloud Mobility first stops the web tier (top tier), then the application tier, and lastly the database tier (lowest tier).


Figure 2 – Stop and start order for multi-tier applications can be seen in plain view of VBS.

Resiliency Plan

The Resiliency Plan provides a drag-and-drop canvas where customers can define the migration runbook by creating a workflow of steps to be performed during migration. This allows you to define steps such as rehearsal, manual task, custom script execution, and migration.

In Figure 3, you can see the drag-and-drop canvas where customers can build a runbook for migration. Once a resiliency plan is built, you can migrate at the Resiliency Plan level, which makes a complex migration project easier to plan and execute.


Figure 3 – Resiliency Plan allows you to use drag-and-drop features to define the migration runbook.

The Resiliency Plan can also be scheduled to run at specific times for purposes such as testing and change control.

In Figure 4, you can see the Resiliency Plan is scheduled to run weekly. This allows customers to migrate their workloads from on-premises to AWS, and run migration tests at specific frequencies to validate the overall migration plan.


Figure 4 – Resiliency Plan enables automation of the migration runbook.

Together, VBS and Resiliency Plan provide customers with robust capabilities for creating recovery plans that automate the orchestration necessary to ensure business functions can be quickly and accurately relocated.

The combination of VBS and Resiliency Plan gives you the ability to migrate applications from on-premises to AWS in a single click. This reduces the risk of human error by automating the steps required in a migration.

Recovery Point Objective (RPO) and Recovery Time Objective (RTO)

Cloud Mobility provides near-zero RPO using real-time data replication (async replication). It deploys an in-guest I/O tap module on the on-premises virtual/physical machine and replicates the data to AWS.

When migrating, Cloud Mobility gracefully shuts down the on-premises production environment and brings it up in the target AWS environment with no data loss. Migration includes customization of compute, storage, and network, and is fully automated. Migration of multi-tier workloads using Cloud Mobility provides low RTO.

In Figure 5, you can see data is 100 percent synced up in real-time to AWS, and the workload is ready to be migrated to AWS.


Figure 5 – Cloud Mobility showing sync status and replication lag for near-zero RPO.

Non-Disruptive Rehearsals

For large-scale migration of critical workloads, it’s important customers can test the migration without impacting production environment.

Cloud Mobility provides the ability to test migration in an isolated network to proactively identify any issues or assess the readiness of the migration.

In Figure 6, you can see Cloud Mobility usages data in AWS to create a test instance and performs a test migration without impacting production workload.


Figure 6 – Cloud Mobility automates network, storage, and compute customization for rehearsal on AWS.

As shown the following figure, rehearsal workflow in Cloud Mobility instantiates an Amazon Elastic Compute Cloud (Amazon EC2) instance in AWS, which customers can use to test the migration.


Figure 7 – Cloud Mobility leaves the on-premises workload untouched while bringing the test workload into AWS.

Reporting and Risk Insights

Along with providing reports of migration (and rehearsals) operations, which can be used for planning, compliance, and audit purposes, Cloud Mobility also provides end-to-end visibility of risks related to business continuity in a single console.

Operational reporting capabilities of Cloud Mobility provide reports on how long it took to perform test migration and actual migration of workloads. This helps customers plan overall migration.

Risk insights capabilities of Cloud Mobility also help customers asses cloud migration readiness by monitoring recovery, continuity and availability risks. This covers risks such as replication lag, encryption key not enabled, and infrastructure configuration drifts.


Sometimes, even the most meticulously planned project goes wrong. Veritas Cloud Mobility provides a reverse replication feature that is critical for contingency planning.

In such a situation, you can bring the workload back to on-premises (with incremental data generated when the workload was running on AWS), fix the issue, and then migrate the workload back to AWS.

Cloud Mobility Architecture

Cloud Mobility is designed for scale out and fault tolerance. Cloud Mobility has four main components:

  • Resiliency Manager (RM): Resiliency Manager provides the services required for migrating (or protecting) assets, such as virtual machines (VM). It discovers and manages information about data center assets from an Infrastructure Management Server (IMS). The RM stores the asset information in its data repository and displays the information in its management console. More than one RM can be installed for redundancy and fault tolerance.
  • Infrastructure Management Server (IMS): An IMS discovers and monitors assets within a data center, sending information about the assets to the Resiliency Manager so it can manage the assets.
    Management operations on assets (starting or stopping VMs, for example) that you initiate from the web console are carried out by the IMS, which is stateless and easily replaceable. More than one IMS can be deployed per data center to distribute load and increase efficiency.
  • Replication Gateway (GW): The GW provides data replication across sites, acting like a staging server that aggregates and batches data from multiple VMs during replication. It receives data from the in-guest I/O tap module on the VM guests and replicates the data to AWS. The GW also performs data optimization like local deduplication and compression.
    Its on-source data center is always paired with a GW on the target data center, which is a staging server that applies the data from the source data center storage. Gateway is easily replaceable, and more than one GW can be installed to distribute load.
  • Data Gateway (DGW – Optional): DGW provides customers an object storage replication mode for the migration of assets to AWS. It acts like a communications channel between the on-premises Replication Gateway and cloud GW. The data being replicated from the on-premises data center gets compressed and stored in an Amazon Simple Storage Service (Amazon S3) bucket in the form of objects.
    Several AWS service components such as Amazon DynamoDB, Amazon API Gateway, Amazon Simple Notification Service (SNS), AWS Lambda, and Amazon Simple Queue Service (SQS) get deployed as part of DGW deployment. Read more in the Veritas documentation on resources created After DGW deployment.


Figure 8 – Cloud Mobility architecture.

How to Use Veritas Cloud Mobility

The Veritas Resiliency Platform is deployed as a virtual appliance in your on-premises environment, and can be installed via AWS Marketplace.

Automated rehosting (lift and shift) using the Cloud Mobility migration tool consists of several steps:

  1. Setting up asset infrastructure
  2. Preparing the host for replication
  3. Configuration
  4. Rehearsal (test)

When setting up asset infrastructure, you add on-premises and cloud infrastructure to Cloud Mobility.

Next, when preparing the host for replication, you identify the system to be migrated and configure them with Cloud Mobility’s IO Tap driver, which replicates the machine to AWS at near real-time RPO.

You’ll then configure the target machine (storage, compute, network, and security) configuration for each on-premises machine. Map the source network to the target network and define a rehearsal network to perform non-disruptive testing.

For multi-tier applications, you’ll define a virtual business service (including the order of stop and start) and Resiliency Plan for large-scale migration.

Cloud Mobility provides rehearsal functionality so you can test migration of the systems in an isolated, non-production network segment. This helps ensure they are working properly prior to a full migration event.

Testing is achieved using snapshots of replicated data on AWS, which is then attached to a just-in-time provisioned Amazon EC2 instance used for testing purposes.

Once you are satisfied with testing, use the “clean up rehearsal” feature provided by Cloud Mobility to clean up resources that were created for testing. This includes Amazon EC2 and Amazon Elastic Block Store (Amazon EBS) storage.

For your planned migration, you will be ready to rehost workloads on AWS after testing the migration. This is a single-click operation using Cloud Mobility, and your on-premises workload is instantiated on AWS (this does not involve any format conversion).

Migration operations gracefully shut down on-premises physical and virtual machines and starts them in AWS. From there, AWS resources such as Amazon EC2 instances and Amazon EBS storage are created just-in-time during the migration. This means resources only run during testing and migration, minimizing the cost of migration.

As part of the migration process, Cloud Mobility performs validation of data consistency and replication state. If successful, Cloud Mobility stops the on-premises VM, unregisters the VM, reverses the replication (optional), and creates a network interface. It then connects the virtual machine to AWS, registers the VM on AWS, attaches AWS storage volume, starts an Amazon EC2 instance, and checks AWS instance status.

In this process, replication ensures consistent data of the assets is made available on AWS, and all network, storage, compute, and security customization is automated. After migration, you can decommission on-premises machines.


Migration of complex, large-scale deployments with heterogeneous infrastructure does not need to be daunting. As we have shown in this post, with Veritas Cloud Mobility, you can migrate on-premises workloads to AWS at scale.

Automation technology such as Virtual Business Services (VBS) and Resiliency Plan provided by Cloud Mobility simplify the complex application migration by automating stop and start sequence of multi-tier application, and by executing large scale migration at runbook level.

In addition to automation, Cloud Mobility provides near real-time replication to avoid any data loss during migration.

Finally, non-disruptive rehearsal, risk monitoring, and reverse replication provide features to help you plan migration and recover in case of failure.

For more information on Cloud Mobility, refer to following resources:


Veritas – APN Partner Spotlight

Veritas is an AWS Storage Competency Partner. It helps enterprises address information management challenges including backup and recovery, business continuity, software-defined storage, and information governance.

Contact Veritas | Solution Overview | AWS Marketplace

*Already worked with Veritas? Rate this Partner

*To review an APN Partner, you must be an AWS customer that has worked with them directly on a project.