雲端遷移反模式Cloud migration antipatterns

客戶通常會在雲端採用的遷移階段遇到反模式。Customers often experience antipatterns during the migration phase of cloud adoption. 下列量值有助於避免遷移反模式:The following measures help to avoid migration antipatterns:

  • 確定安全性與合規性護欄都已就緒。Making sure security and compliance guardrails are in place.
  • 瞭解潛在的應用程式和伺服器相依性。Understanding potential application and server dependencies.
  • 根據徹底的評量選擇架構。Choosing an architecture based on a thorough assessment.

反模式:不護欄來遷移、現代化或創新Antipattern: Migrate, modernize, or innovate without guardrails

當客戶將其第一個工作負載部署到雲端時,會將其視為測試創新解決方案的平臺。When customers deploy their first workloads to the cloud, they consider it as a platform to test innovative solutions. 他們享有雲端中可用的彈性。They enjoy the flexibility that's available within the cloud. 但是,只要這些工作負載變得生產力、需要保存公司資料,或需要存取公司系統,進度會變慢,因為他們需要遵守合規性、法規和安全性標準。But, whenever these workloads become productive, need to hold company data, or need access to company systems, progress slows down as they need to adhere to the compliance, regulatory, and security standards.

範例:省略安全性護欄Example: Omit security guardrails

公司想要將其線上商店現代化,以改善其使用者體驗。A company wants to modernize its online shop to improve its user experience. 您應將線上商店網站和基礎清查資料庫移至 Azure,以進行現代化。The modernization should be done by moving the online shop website and the underlying inventory database to Azure. 因為清查資料庫與公司的 SAP 系統之間存在相依性,所以這些系統必須進行通訊。Because dependencies exist between the inventory database and the company's SAP system, those systems need to communicate. 因此,公司需要建立混合式雲端。So, the company needs to build up a hybrid cloud.

線上店麵團隊是創新的,因此它會開始現代化應用程式,但由於混合式連線,因此不會考慮安全性需求。The online shop team is innovative, so it begins modernizing the application, but it doesn't consider security requirements because of the hybrid connection. 當它測試應用程式時,它發現 IT 安全性小組不允許在 Azure 和內部部署系統內進行通訊,因為不符合安全性和合規性需求。When it tests the application, it finds that the IT security team doesn't allow communication within Azure and on-premises systems, because security and compliance requirements aren't met.

慣用結果:建立安全性與合規性護欄Preferred outcome: Establish security and compliance guardrails

將工作負載移至雲端之前,請先將安全性和合規性護欄放在原處。Before you shift workloads to the cloud, put security and compliance guardrails in place. 這些護欄可確保工作負載符合安全性和合規性需求。These guardrails make sure that workloads follow security and compliance requirements. 讓雲端治理和雲端安全性小組在 Azure 登陸區域內提供護欄。Have the cloud governance and cloud security teams deliver the guardrails within an Azure landing zone. 請檢查護欄,特別是針對混合式工作負載。Check the guardrails with IT, especially for hybrid workloads. 請參閱 雲端採用架構的企業規模登陸區域架構 ,以取得可支援工作負載小組的護欄,使其能以快速、一致、符合規範且安全的方式運作。See Cloud Adoption Framework enterprise-scale landing zone architecture for help with defining guardrails that support workload teams, so that they work in a fast, consistent, compliant, and secure manner.

反模式:不需評量即可遷移、現代化或創新Antipattern: Migrate, modernize, or innovate without an assessment

當公司考慮遷移或現代化專案時,它需要瞭解潛在的應用程式和伺服器相依性,以便更精確地進行規劃。When a company considers a migration or modernization project, it needs to understand potential application and server dependencies so that it can plan more accurately. 在應用程式創新案例中,公司使用架構設計會話和參考架構,而不是 aimless 工程工作,來體驗更多的成就。In application innovation scenarios, a company experiences more success by using architectural design sessions and reference architectures instead of aimless engineering efforts.

範例:在未進行完整規劃的情況下遷移,導致停機時間Example: Cause downtime by migrating without planning thoroughly

小組成員計畫將應用程式遷移至雲端,以降低公司的碳足跡。A team member plans to migrate applications to the cloud to reduce the company's carbon footprint. 遷移計畫(識別要遷移的第一個資產)是根據設定管理資料庫 (CMDB) 專案和單一應用程式擁有者訪談。The migration plan, which identifies the first asset to migrate, is based on configuration management database (CMDB) entries and a single application owner interview. 當小組成員遷移其中一個應用程式的資料庫伺服器之後,其他幾個應用程式擁有者就會呼叫它,以抱怨他們的應用程式無法正常運作。After the team member migrates one of the application's database servers, several other application owners call IT to complain that their applications aren't working properly. CMDB 中所描述的相依性不再是正確的,導致其他應用程式發生非預期的停機。The dependencies depicted in the CMDB aren't accurate anymore, causing unexpected downtime in other applications.

慣用結果:在遷移或現代化前評估基礎結構Preferred outcome: Assess infrastructure before migrating or modernizing

針對大規模的遷移或現代化專案,請在開始遷移之前執行基礎結構評定。For a large-scale migration or modernization project, perform an infrastructure assessment before migration starts. 這項評估可協助您找出相依性和相容性問題。This assessment helps you identify dependencies and compatibility issues. 如需適用于azure 的 Microsoft 雲端採用架構提供的最佳做法詳細資訊,請參閱azure 遷移指南See Azure migration guide for detailed information that the Microsoft Cloud Adoption Framework for Azure provides on migration best practices.

在現代化專案中,請使用其他應用程式評量來識別編碼反模式、相容性問題和技術債務。In modernization projects, use additional application assessments to identify coding antipatterns, compatibility issues, and technical debt. 如需現代化層面的詳細資訊,請參閱 Azure 應用程式遷移範例的總覽For more information about modernization aspects, see Overview of application migration examples for Azure.

針對創新專案,請參閱 Azure 創新解決方案指南 ,以取得協助來識別規劃和開發創新雲端解決方案的正確方式。For innovation projects, see Azure innovative solutions guide overview for help with identifying the correct way to plan and develop an innovative cloud solution.

對於需要架構變更的任務關鍵性工作負載或工作負載,請使用 Azure Well-Architected 架構架構設計會話 (ADS) 協助您設計、建立及部署高品質、穩固的架構,以在企業內調整規模。For mission-critical workloads or workloads which require architectural change, use the Azure Well-Architected Framework or an architectural design session (ADS) to help design, build, and deploy a high-quality, robust architecture that scales within an enterprise. 使用 ADS 白板來探索、構想和規劃解決方案。Use ADS whiteboards to discover, envision, and plan the solution.

反模式:聽寫架構Antipattern: Dictate an architecture

在雲端中進行開發時,公司可能會採用微服務優先的策略,假設微服務架構永遠優於傳統的整合型架構。A company might pursue a microservice-first strategy when developing in the cloud, assuming that a microservice architecture always outperforms a traditional, monolithic architecture. 如果公司沒有針對其應用程式執行適當的應用程式評定和到期的工作,此策略可能會失敗。If the company doesn't perform a proper application assessment and due diligence for its application, this strategy can fail. 其他架構方法可能更適合應用程式。Other architectural approaches might be more suitable for the application. 選擇或聽寫微服務架構或適用于所有情況的架構,通常會導致失敗的專案。Choosing or dictating a microservice architecture or an architecture for all situations often results in failed projects.

範例:將微服務架構用於所有應用程式Example: Use a microservice architecture for all applications

公司的首席資訊長 (CIO) 在雲端中建立新的應用程式時,會建立使用微服務架構的原則。A company's chief information officer (CIO) establishes a policy of using a microservice architecture when building up new applications in the cloud. 公司開發人員從未使用過微服務架構。The company developers have never worked with the microservice architecture. 他們需要開發簡單的 web 應用程式。They need to develop a simple web app. 在處理應用程式幾個月之後,開發人員發現他們可能已完成開發,如果它們已開始使用整合型架構。After working on the application for a few months, the developers realize that they probably would have already finished development if they had started with a monolithic architecture. 公司尚未達到更快的上市時間,還有其他優點。The company hasn't achieved a faster time to market, among other benefits.

慣用結果:評定的基礎架構決策Preferred outcome: Base architectural decisions on assessments

與其根據特定架構樣式進行 fixating,請根據使用案例或架構的評量和到期時間來制定架構決策。Instead of fixating on a specific architecture style, make an architectural decision based on an assessment and due diligence of the use case or an architecture. 請勿限制可使用的架構,因為自由選擇是雲端的其中一項主要優點。Don't limit what architectures can be used, because freedom of choice is one of the major benefits of the cloud. 因為它的反模式方式是要避免的,因此只挑選架構。Picking an architecture just because it's in fashion is an antipattern to avoid. 如需詳細資訊,請參閱 Azure 應用程式架構指南雲端設計模式For more information, see the Azure application architecture guide and cloud design patterns.

反模式:使用單一訂用帳戶Antipattern: Use a single subscription

公司通常決定只使用一個訂用帳戶來裝載其所有工作負載。Companies often decide to use only one subscription to host all their workloads. 它們通常會在執行需要速度更快的快速遷移時進行這項選擇。They usually make this choice when implementing rapid migrations that require speed over everything else. 這種決策會導致設計不佳的環境。This decision leads to poorly governed and designed landscapes. 這些公司可以快速地遇到訂用帳戶限制,這表示他們需要重新設計架構。These companies can quickly run into subscription limits, which means they need to redesign the architecture.

範例:在一個訂用帳戶下遷移Example: Migrate under one subscription

集團決定將旅館部門旋轉為不同的公司。A conglomerate decides to spin off its hotel division into a separate company. 旅館部門必須將其 IT 資產移動或遷移至新的位置。The hotel division needs to move or migrate its IT assets to a new place. 新旅館公司選擇雲端優先的方法,並將所有 IT 資產遷移至雲端。The new hotel company chooses a cloud-first approach and migrates all IT assets to the cloud. 由於有時間限制,新的公司會將所有專案遷移至一個訂用帳戶,並使用龐大的虛擬網路,在此可以正確地分隔職責和安全性模型。Because of time constraints, the new company migrates everything into one subscription and uses a huge virtual network, where there are few possibilities for separating duties and the security model properly. 在完成微調之後的三個月後,旅館公司會判斷其資產的安全性與管理方式不受保護,而且會在訂用帳戶限制內運作。Three months after the spin-off is complete, the hotel company determines that its assets are less secure and governed than before, and that it's running into subscription limits.

慣用結果:使用分割策略Preferred outcome: Use a segmentation strategy

在遷移至 Azure 之前,請先分隔不同的職責,並規劃不同的環境。Separate various duties and plan for a different environment before you migrate to Azure. 當您將不同的階段合併成一個訂用帳戶時,可以快速觸及訂用帳戶限制。You can reach subscription limits quickly when you combine different stages into one subscription. 建立 分割策略 ,讓您更輕鬆地 實行治理和合規性Establish a segmentation strategy to make it easier to implement governance and compliance.

下一步Next steps