您现在访问的是微软AZURE全球版技术文档网站,若需要访问由世纪互联运营的MICROSOFT AZURE中国区技术文档网站,请访问 https://docs.azure.cn.

云迁移对立模式Cloud migration antipatterns

客户在采用云的迁移阶段经常会遇到对立模式。Customers often experience antipatterns during the migration phase of cloud adoption. 以下度量值有助于避免迁移对立模式:The following measures help to avoid migration antipatterns:

  • 确保安全和合规性 guardrails。Making sure security and compliance guardrails are in place.
  • 了解潜在的应用程序和服务器依赖项。Understanding potential application and server dependencies.
  • 选择基于彻底评估的体系结构。Choosing an architecture based on a thorough assessment.

对立模式:在没有 guardrails 的情况下迁移、现代化或创新Antipattern: Migrate, modernize, or innovate without guardrails

当客户将其首个工作负荷部署到云时,他们将其视为用于测试创新解决方案的平台。When customers deploy their first workloads to the cloud, they consider it as a platform to test innovative solutions. 它们具有云中提供的灵活性。They enjoy the flexibility that's available within the cloud. 但是,每当这些工作负荷投入工作时,需要保存公司数据或需要访问公司系统,进度会下降,因为他们需要遵守符合性、法规和安全标准。But, whenever these workloads become productive, need to hold company data, or need access to company systems, progress slows down as they need to adhere to the compliance, regulatory, and security standards.

示例:省略安全 guardrailsExample: Omit security guardrails

公司希望将其在线商店现代化,以改善其用户体验。A company wants to modernize its online shop to improve its user experience. 应通过将在线商店网站和基础清单数据库移到 Azure 来实现现代化。The modernization should be done by moving the online shop website and the underlying inventory database to Azure. 由于清单数据库与公司的 SAP 系统之间存在依赖关系,因此这些系统需要进行通信。Because dependencies exist between the inventory database and the company's SAP system, those systems need to communicate. 因此,该公司需要构建混合云。So, the company needs to build up a hybrid cloud.

Online 店团队具有创新性,因此它开始现代化应用程序,但不考虑混合连接的安全要求。The online shop team is innovative, so it begins modernizing the application, but it doesn't consider security requirements because of the hybrid connection. 在测试应用程序时,它发现 IT 安全团队不允许在 Azure 和本地系统之间进行通信,因为不满足安全性和符合性要求。When it tests the application, it finds that the IT security team doesn't allow communication within Azure and on-premises systems, because security and compliance requirements aren't met.

首选结果:建立安全性和符合性 guardrailsPreferred outcome: Establish security and compliance guardrails

在将工作负荷转移到云之前,请设置安全性和符合性 guardrails。Before you shift workloads to the cloud, put security and compliance guardrails in place. 这些 guardrails 确保工作负荷遵循安全性和符合性要求。These guardrails make sure that workloads follow security and compliance requirements. 让云监管和云安全团队在 Azure 登陆区域内提供 guardrails。Have the cloud governance and cloud security teams deliver the guardrails within an Azure landing zone. 检查 guardrails,尤其是对于混合工作负荷。Check the guardrails with IT, especially for hybrid workloads. 有关如何定义支持工作负荷团队的 guardrails 的帮助,请参阅 云采用框架企业级登陆区域体系结构 ,使其以快速、一致、相容和安全的方式工作。See Cloud Adoption Framework enterprise-scale landing zone architecture for help with defining guardrails that support workload teams, so that they work in a fast, consistent, compliant, and secure manner.

对立模式:无需评估即可迁移、现代化或创新Antipattern: Migrate, modernize, or innovate without an assessment

当公司考虑迁移或现代化项目时,它需要了解潜在的应用程序和服务器依赖项,以便可以更准确地进行规划。When a company considers a migration or modernization project, it needs to understand potential application and server dependencies so that it can plan more accurately. 在应用程序创新方案中,公司通过使用体系结构设计会话和参考体系结构而不是 aimless 工程工作,获得更多的成功。In application innovation scenarios, a company experiences more success by using architectural design sessions and reference architectures instead of aimless engineering efforts.

示例:通过迁移而不进行全面规划导致停机时间Example: Cause downtime by migrating without planning thoroughly

团队成员计划将应用程序迁移到云,以减少公司的碳足迹。A team member plans to migrate applications to the cloud to reduce the company's carbon footprint. 用于标识要迁移的第一个资产的迁移计划基于配置管理数据库 (CMDB) 条目和单个应用程序所有者调查。The migration plan, which identifies the first asset to migrate, is based on configuration management database (CMDB) entries and a single application owner interview. 在团队成员迁移某个应用程序的数据库服务器后,多个其他应用程序所有者就会调用它来抱怨其应用程序不能正常工作。After the team member migrates one of the application's database servers, several other application owners call IT to complain that their applications aren't working properly. CMDB 中描述的依赖项不再准确,导致其他应用程序中出现意外停机。The dependencies depicted in the CMDB aren't accurate anymore, causing unexpected downtime in other applications.

首选结果:在迁移或现代化之前评估基础结构Preferred outcome: Assess infrastructure before migrating or modernizing

对于大规模迁移或现代化项目,请在迁移开始之前执行基础结构评估。For a large-scale migration or modernization project, perform an infrastructure assessment before migration starts. 此评估有助于识别依赖项和兼容性问题。This assessment helps you identify dependencies and compatibility issues. 请参阅 azure 迁移指南 ,了解适用于 Azure Microsoft 云采用框架 提供的有关 迁移最佳实践的详细信息。See Azure migration guide for detailed information that the Microsoft Cloud Adoption Framework for Azure provides on migration best practices.

在现代化项目中,使用附加的应用程序评估来识别编码对立模式、兼容性问题和技术债务。In modernization projects, use additional application assessments to identify coding antipatterns, compatibility issues, and technical debt. 有关现代化方面的详细信息,请参阅 适用于 Azure 的应用程序迁移示例概述For more information about modernization aspects, see Overview of application migration examples for Azure.

对于创新项目,请参阅 Azure 创新解决方案指南概述 ,了解有关如何确定正确的规划和开发创新云解决方案的帮助。For innovation projects, see Azure innovative solutions guide overview for help with identifying the correct way to plan and develop an innovative cloud solution.

对于需要体系结构更改的任务关键型工作负荷或工作负荷,请使用 Azure Well-Architected 框架体系结构设计会话 (ADS) ,以帮助设计、生成和部署在企业内进行缩放的高质量、强健的体系结构。For mission-critical workloads or workloads which require architectural change, use the Azure Well-Architected Framework or an architectural design session (ADS) to help design, build, and deploy a high-quality, robust architecture that scales within an enterprise. 使用 ADS 白板发现、构想和规划解决方案。Use ADS whiteboards to discover, envision, and plan the solution.

对立模式:决定体系结构Antipattern: Dictate an architecture

在云中进行开发时,公司可能会采用微服务优先策略,假设微服务体系结构始终优于传统的整体体系结构。A company might pursue a microservice-first strategy when developing in the cloud, assuming that a microservice architecture always outperforms a traditional, monolithic architecture. 如果公司不对其应用程序执行正确的应用程序评估和截止工作,此策略可能会失败。If the company doesn't perform a proper application assessment and due diligence for its application, this strategy can fail. 其他体系结构方法可能更适合应用程序。Other architectural approaches might be more suitable for the application. 对于所有情况,选择或口述微服务体系结构或体系结构通常会导致项目失败。Choosing or dictating a microservice architecture or an architecture for all situations often results in failed projects.

示例:对所有应用程序使用微服务体系结构Example: Use a microservice architecture for all applications

公司的首席信息官 (CIO) 在云中构建新的应用程序时,将使用微服务的体系结构。A company's chief information officer (CIO) establishes a policy of using a microservice architecture when building up new applications in the cloud. 公司开发人员从未使用过微服务体系结构。The company developers have never worked with the microservice architecture. 他们需要开发一个简单的 web 应用。They need to develop a simple web app. 在应用程序处理完几个月后,开发人员认识到,如果他们已开始使用整体体系结构,他们可能已经完成了开发。After working on the application for a few months, the developers realize that they probably would have already finished development if they had started with a monolithic architecture. 公司尚未实现更快的上市时间,还有其他好处。The company hasn't achieved a faster time to market, among other benefits.

首选结果:针对评估的基本体系结构决策Preferred outcome: Base architectural decisions on assessments

根据特定的体系结构样式,而不是 fixating,根据用例或体系结构的评估和截止时间制定体系结构决策。Instead of fixating on a specific architecture style, make an architectural decision based on an assessment and due diligence of the use case or an architecture. 不要限制可以使用的体系结构,因为自由选择是云的主要优势之一。Don't limit what architectures can be used, because freedom of choice is one of the major benefits of the cloud. 只需选取一种体系结构,因为它的形式是对立模式。Picking an architecture just because it's in fashion is an antipattern to avoid. 有关详细信息,请参阅 Azure 应用程序体系结构指南云设计模式For more information, see the Azure application architecture guide and cloud design patterns.

对立模式:使用单个订阅Antipattern: Use a single subscription

公司通常决定只使用一个订阅来承载其所有工作负荷。Companies often decide to use only one subscription to host all their workloads. 它们通常在实现需要加速所有其他操作的快速迁移时进行选择。They usually make this choice when implementing rapid migrations that require speed over everything else. 这种决定会导致不太受控制的环境。This decision leads to poorly governed and designed landscapes. 这些公司可以快速地遇到订阅限制,这意味着他们需要重新设计体系结构。These companies can quickly run into subscription limits, which means they need to redesign the architecture.

示例:在一个订阅下迁移Example: Migrate under one subscription

集团决定将其酒店分成不同的公司。A conglomerate decides to spin off its hotel division into a separate company. 宾馆部门需要将其 IT 资产移动或迁移到新位置。The hotel division needs to move or migrate its IT assets to a new place. 新的酒店公司选择云优先的方法,并将所有 IT 资产迁移到云。The new hotel company chooses a cloud-first approach and migrates all IT assets to the cloud. 由于存在时间限制,新公司会将所有内容迁移到一个订阅中,并使用非常大的虚拟网络,在这种情况下,可以正确地分隔职责和安全模型。Because of time constraints, the new company migrates everything into one subscription and uses a huge virtual network, where there are few possibilities for separating duties and the security model properly. 旋转结束后三个月后,酒店公司会确定其资产不太安全,不受管辖,而是在订阅限制下运行。Three months after the spin-off is complete, the hotel company determines that its assets are less secure and governed than before, and that it's running into subscription limits.

首选结果:使用分段策略Preferred outcome: Use a segmentation strategy

在迁移到 Azure 之前,请将不同的职责划分到不同的环境并为其规划。Separate various duties and plan for a different environment before you migrate to Azure. 将不同阶段组合到一个订阅中时,可以快速访问订阅限制。You can reach subscription limits quickly when you combine different stages into one subscription. 建立 分段战略 ,使其更易于 实现管理和合规性Establish a segmentation strategy to make it easier to implement governance and compliance.

后续步骤Next steps