Oracle to EC2 Migration for Large UK Government Department

While AWS offers a managed Oracle on Amazon RDS service, Version 1 found that this approach would not fully satisfy our customer’s needs. Using Oracle on Amazon RDS would lock the customer out of accessing the backend of their databases, making it costly and time-consuming to integrate the Department’s existing systems and tools with it. These technologies were already heavily used and trusted, and the Department did not want to migrate and eliminate the incumbent technology such as Active Directory, HashiCorp Vault, and shared filesystems for ETL jobs.

The Department needed to migrate over 40 databases, ranging anywhere between 500GB to over 10TB in size. To migrate these Oracle-based databases to AWS in a safe and dependable manner, with minimal changes and without creating arduous workarounds, Version 1 decided to host the customer’s Oracle databases on EC2 instances, creating automated CI/CD pipelines and database configurations to support this process and allow swift and quality-assured deployment via DevOps best practices.

The final solution followed the AWS Well Architected Framework and was highly resilient, making use of a primary database and a standby database, ready for a controlled failover via Amazon Route 53 in the event of disaster recovery procedures being initiated. These databases were provisioned using Terraform and Ansible playbooks to make use of Infrastructure as Code (IaC) and automation. Similarly, AWS Machine Images were leveraged to create a “silver image” of these databases, ensuring that major updates can be rolled out with ease.

The solution’s databases make use of Oracle and AWS storage services dependent on the type of data being stored, ensuring right-sizing for use, and therefore saving on over-provisioned resource costs. The solution allowed the Department to bring their own licenses with them to AWS, and due to the accessibility of using EC2 to host the databases, this allowed for use of both Oracle and AWS services in conjunction:
• Oracle Grid Infrastructure for database, volume management and database restart capabilities.
• Oracle Active Data Guard which makes the solution highly resilient across multiple availability zones.
• AWS EBS volume snapshots and/or Oracle Recovery Manager for backup and recovery.
• Oracle Automatic Storage Management for simplified volume management.

To create this solution, Version 1 made use of security and monitoring technology already familiar with the Department, ensuring their staff were ready to keep working seamlessly in the cloud. Oracle Enterprise Manager (OEM) was used to monitor and manage primary and standby databases to provide real-time data protection, and Amazon CloudWatch, ElasticSearch and Grafana were used as monitoring and observability tools.

Version 1’s solution has resulted in fully customisable Oracle databases on the cloud with minimal changes made to the original databases themselves. The result of this Oracle on EC2 solution for the customer are peace of mind and savings on time and labour, not only during the migration itself but also in the future due to the solution’s automated nature.

Details of these benefits are as follows:

•  Previously, the end-to-end manual provisioning of an Oracle Database would take up to 4 weeks. The Version 1 solution reduced this time to 3 hours.
•  Automated infrastructure testing reduced manual post-deployment checks from 4 hours’ work to 20 minutes.
• This solution was ideal for the customer’s use case; one where databases were to be migrated to the cloud with minimal changes made to the databases themselves, (the AWS recommended “lift-and-shift”). This like-for-like migration allowed databases to spin up within 1 hour.
• Provides complete database management to the customer, allowing direct integration with and full utilisation of existing technology suite e.g., Active Directory.
•  Creation of highly resilient databases with controlled failover capabilities in case of disaster recovery.
• Immutable and repeatable migrations allowing for the customer’s full fleet of 40+ Oracle Databases to be migrated quickly and predictably.
• Multiple storage options for various use cases and preferences available e.g., Use of Oracle Grid Infrastructure, Oracle Recovery Manager and EBS.
• Integration of automated CI/CD pipelines and database configuration.
• Simplified patching strategy for the future saving on time and labour and by extension, ensuring a more secure environment.
• Securely architected solution making use of data encryption at rest and in flight.
• Infrastructure as Code allowing not only repeatable deployments, but also easier auditing and inventory in the future.
• The customer is operating in a hybrid manner. This solution resulted in further integration with pre-existing AWS systems, lowering latency and saving on costs.

As the customer’s needs or position changes, this solution also has the potential for future growth, such as further enhancements to security through DevSecOps, and the leveraging of more Oracle licenses to expand the databases’ functionality via technology such as Oracle Secure Backup or Oracle Advanced Compression.