With thanks and appreciation to the Staffordshire County Council (SCC) IT Teams; this write up continues from the original discovery project for their applications 'Starters & Leavers' and MASH linked here.
Following a successful application migration discovery project shown here; focus moved to the actual delivery project which is the subject of this post.
Following a review, it was decided that the A4S and SCC IT teams would concentrate on the migration of 'Starters & Leavers' an in house developed application hosted on on-premise Windows Servers running .net, IIS and SQL.
The Starters & Leavers application is built to handle the IT steps of the starter and leaver processes including (but not restricted to):
Creating and deleting user accounts
Adding and removing security groups
Assigning equipment and software
SCC is extremely motivated to migrate their applications into Azure and wasted no time in creating their temporary DevOps team to work closely with A4S and this resulted in a rapid project pace whilst maintaining strong controls.
A stated in discovery related post; working with the IT team at SCC is easy because of several key factors; 1) the IT team is excited and willing to learn more about Azure 2) the organisation has stated they have a cloud first strategy 3) the IT team are highly collaborative and enjoy working in the A4S online project management portal.
SCC have decided to begin migrating some of their on-premise IT systems into the cloud for several reasons that include:
Improved security and control
Reduced support overhead with potential operational savings.
Improved scalability and flexibility with the ability to scale up/down, out and in when needed
Greater control over deployments using tools such as deployment slots as well as integration into their existing Team Foundation Server (now known as Azure DevOps).
Starters and Leavers was selected as an application to migrate due to its low risk profile and lower quantity of concurrent users, it is also developed completely in house by the client's application development team.
Final Design Review
A4S and the SCC IT teams undertook a final review of the low level design document, it was at this point that the team decided to take a more committed and strategic view to migration and improved the design through the following changes:
Both application front end and SQL back end would utilise Azure PaaS offerings.
The application authentication would be re-designed to make use of cloud based authentication methods rather than LDAP.
An Azure Application Service Environment would be utilised to host the application to provide isolation, scaling and the ability to meet high memory demands when needed.
The updated design was approved through online review and was uploaded to A4S online project management tool for archive and ongoing visibility.
Senior management was fully engaged at all times during this process and it was common to receive steering, comments and questions within the project forums where quick response is provided. SCC IT were also quick to commit technical and project management resources to the project and quickly became engaged.
A4S produced design documents for the applications in scope and included designs for both non-production and production instances, where needed there was consideration for a cloud native approach and also approaches that strategically retained traditional elements of technology.
Our designs take into account the scalability and resilience needed, we also factor in security and will recommend various Microsoft Azure security technologies as best fit for the client need.
Non-Production & Production Instances
The project was split into two phases, firstly the deployment of the non-production instance where the majority of design iterations and lessons learned were undertaken. Re-designing and deploying the non-production application instance proved to be a valuable experience for the client's IT teams with staff being exposed to new skills and toolsets resulting in significant upskilling taking place.
Using a rapid amount of design iteration throughout the non-production instance deployment meant by the time the production deployment became underway; the new design, mature, settled and lower risk.
The use of an Azure DevTest subscription is used to keep non-production costs to a minimum.
Fully Automated Deployment
A4S where possible always utilise fully automated deployments through technologies such as Azure Resource Manager (ARM) templates.
The Microsoft YouTube channel includes useful ARM template videos for your review:
ARM templates can be used to deliver multiple solutions at scale with assurance that every configuration is consistent and not prone to human error during the actual deployment process.
For our client SCC; it's imperative that solutions are delivered using full automation this increases their ability to re-deploy quickly if needed using their existing TFS environment, this also meant that SCC IT team members were able to undertake practice deployments into their own development environments.
Application Environments With Security & Isolation
A4S want to ensure our clients are secure, we will include security elements in our designs ranging from Azure Front Door, integration into the necessary anti-virus infrastructure. Security for our client's applications and data are extremely important and is reflected in the design and deployed solution.
Isolated application service tiers allow the client to know that their data is truly safe from disruption caused by other environments, this choice is bespoke to the client and their application needs, alternative service plans can be deployed with less security and cost if needed.
Ease Of Migration With SQL Managed Instances
Azure SQL Managed Instances provide the client with the broadest level of SQL compatibility with all the benefits of a fully managed cloud SQL environment, this solution is a good fit for our client SCC who is potentially looking to migrate a large number of applications with the lowest migration effort possible.
For more information about Azure SQL Managed Instance click here.
Testing scripts were used to measure various aspects of the new cloud hosted solution including performance, it became evident that a significant performance improvement was experienced of around 80% with load and query times reduced from around 5 seconds to 1 second and lower when accessed from on-premise via the client's VPN, this was when compared to running the same application on-premise.
Such a significant performance improvement is expected to bring huge benefit to the client, it should also be noted there are several applications potentially for future migration that will benefit from scheduled or demand based automatic scale up and down.
Close work was undertaken to fully understand the running cost of the environment, due to the isolated nature of the chosen solution running costs were seen to be cost effective for the longer term especially as it was estimated to be capable of running almost the clients full non-production application environment potentially eliminating around 80 servers.
To provide a meaningful estimate, the Azure Cost Calculator was used in conjunction with a review of the existing on-premise environment.
Monitoring & Alerting Using Azure Monitor
To ensure proper visibility and the ability to deeply understand performance metrics; Azure Monitor has been deployed with visualisations delivered using Azure Dashboards.
The client plans to integrate Azure Monitor with their existing System Centre Operations Manager environment (SCOM) using the Microsoft provided management packs that can be found here.
Azure Dashboards are used to provide the highest level of intuitive visibility, if you wish to see another case study specifically regarding a deployment of our A4S Monitor Platform based on Azure Monitor, Log Analytics and Telegraph then please click this link.