Difference between revisions of "Application Modernization"
Rylan.madge (talk | contribs) |
Nicole.koch (talk | contribs) m |
||
| (27 intermediate revisions by the same user not shown) | |||
| Line 2: | Line 2: | ||
@en| | @en| | ||
| − | '''''Note: We are continuously improving this site | + | '''''Note:''''' We are continuously improving this site and information is published as we receive it. Templates and discussions related to Application Modernization can be found in the [[gccollab:file/group/1432343/all#1727776|GCCollab Core Technologies group]]. It is recommended you join that group to watch for updates. |
| − | ''''' | + | '''''Check out [https://wiki.gccollab.ca/Application_Modernization#References_.26_What.27s_New What's New] and the Discussion tab above for the latest updates !''''' |
| + | |||
| + | <!-- BACKGROUND --> | ||
| + | == Background == | ||
| + | From [https://www.budget.gc.ca/2018/docs/plan/chap-04-en.html#Enabling-Digital-Services-to-Canadians Budget 2018:] | ||
| + | |||
| + | ''"$110 million over six years, starting in 2018–19, to be accessed by Shared Services Canada’s partner departments and agencies to help them migrate their applications from older data centres into more secure modern data centres or cloud solutions."'' | ||
| + | |||
| + | Application Modernization is one of four pillars of the Workload Migration & Cloud Enablement (WLM&CE) initiative. | ||
| + | <!-- END OF BACKGROUND --> | ||
<!-- OVERVIEW --> | <!-- OVERVIEW --> | ||
== '''Overview''' == | == '''Overview''' == | ||
| − | This handbook is meant to help departments navigate the Application Modernization Investment Framework; | + | This handbook is meant to help departments navigate the Application Modernization Investment Framework; and other topic of interest: |
* Prioritizing at-risk technologies | * Prioritizing at-risk technologies | ||
* Engaging with partner departments | * Engaging with partner departments | ||
| Line 15: | Line 24: | ||
* Governance gating for endorsing modernization/migration plan and making the associated funds available | * Governance gating for endorsing modernization/migration plan and making the associated funds available | ||
* Ongoing monitoring of status | * Ongoing monitoring of status | ||
| − | + | ||
The Investment Frame work consists of two gates: | The Investment Frame work consists of two gates: | ||
| Line 22: | Line 31: | ||
'''Gate 2''': a department's plan for modernization is ready to be endorsed by governance thus authorizing the release of Application Modernization funds. | '''Gate 2''': a department's plan for modernization is ready to be endorsed by governance thus authorizing the release of Application Modernization funds. | ||
| + | |||
The Investment Framework also consists of four phases: | The Investment Framework also consists of four phases: | ||
| Line 27: | Line 37: | ||
'''Prioritization''': priorities for modernizing at-risk technologies are selected and endorsed by governance. | '''Prioritization''': priorities for modernizing at-risk technologies are selected and endorsed by governance. | ||
| − | <strong>Engagement</strong>: notify impacted departments, distribute templates to capture technical details, modernization/migration strategies, costing details | + | <strong>Engagement</strong>: notify impacted departments, distribute templates to capture technical details, modernization/migration strategies, and costing details. |
'''Discovery''': departments analyze their application portfolios to determine their strategies for modernizing at-risk technologies including a plan and cost estimates. | '''Discovery''': departments analyze their application portfolios to determine their strategies for modernizing at-risk technologies including a plan and cost estimates. | ||
| Line 33: | Line 43: | ||
'''Execution''': departments work with their partners to execute the modernization strategies identified during the discovery phase. | '''Execution''': departments work with their partners to execute the modernization strategies identified during the discovery phase. | ||
| − | + | A department's journey through the Investment Framework, or can also be found [[gccollab:file/view/1957351/enoverview-of-the-customer-journeyfr|here]] in downloadable document form. | |
<!-- APPLICATION MODERNIZATION IMAGE --> | <!-- APPLICATION MODERNIZATION IMAGE --> | ||
[[File:DepartmentalJourney.png|alt=Application Modernization Investment Framework|center|frame|Application Modernization Investment Framework - Departmental Journey]] | [[File:DepartmentalJourney.png|alt=Application Modernization Investment Framework|center|frame|Application Modernization Investment Framework - Departmental Journey]] | ||
| + | Please review the brief Frequently Asked Questions [https://gccollab.ca/file/view/1760164/enfaq-wlm-app-mod-enfrfaq-wlm-app-mod-en| FAQ]. | ||
<!-- END OF OVERVIEW --> | <!-- END OF OVERVIEW --> | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
<!-- PRIORITIZATION --> | <!-- PRIORITIZATION --> | ||
== '''Prioritization''' == | == '''Prioritization''' == | ||
| − | Priorities for investment from the Application Modernization and Workload Migration funds are based upon identifying high business value applications that are impacted by at-risk technologies. These at risk technologies can include | + | Priorities for investment from the Application Modernization and Workload Migration funds are based upon identifying high business value applications that are impacted by at-risk technologies. These at risk technologies can include, end of life software, end of life infrastructure, outdated architectures, to be decommissioned facilities such as data centres, etc… |
| − | 1) | + | 1) TBS and SSC are working in collaboration with GC departments that demonstrate a readiness to modernize applications and migrate them to end state hosting platforms ([https://wiki.gccollab.ca/GC_Cloud_Infocentre cloud] or enterprise data centres). |
| − | 2) Departments may identify applications of high business value that are impacted by technology risks as a priority investment | + | 2) Departments may identify applications of high business value that are impacted by technology risks as a priority investment. |
| − | + | If endorsed by governance, those priorities will be eligible for access to Application Modernization funds and support from the Workload Migration program. Departments are required to complete the [https://gccollab.ca/file/view/2650400/engeneric-wlm-app-mod-gcearb-gate1-prioritizationfr a GCEARB Gate1 (Prioritization) template] and engage your Departmental Architecture Review Board before being brought forward to request endorsement by governance: | |
| + | * [https://gccollab.ca/groups/profile/2006418/enworkload-migration-working-groupfrgroupe-de-travail-sur-la-migration-des-charges-de-travail WLM Working group] | ||
| + | * [[GC EARB]] | ||
| + | * ADM CEPP | ||
| + | * DM CEPP) | ||
| − | The endorsement of priority at-risk technologies must be supported by the departments’ Application Portfolio Management (APM) data, readiness to proceed with the application modernization framework | + | The endorsement of priority at-risk technologies must be supported by the departments’ Application Portfolio Management (APM) data, readiness to proceed with the application modernization framework, and the modernization strategy that will be used (rehost, replatform, refactor, replace and to which hosting platform; data centre or [https://wiki.gccollab.ca/GC_Cloud_Infocentre cloud] services) |
In 2018, the following data centre facilities were identified as at-risk technologies to be decommissioned and the applications to be migrated or modernized to a new enterprise data centre or [https://wiki.gccollab.ca/GC_Cloud_Infocentre cloud] services. | In 2018, the following data centre facilities were identified as at-risk technologies to be decommissioned and the applications to be migrated or modernized to a new enterprise data centre or [https://wiki.gccollab.ca/GC_Cloud_Infocentre cloud] services. | ||
The first wave of workload migration projects began in 2018: | The first wave of workload migration projects began in 2018: | ||
| − | * Statistics Canada - Execution phase | + | * Statistics Canada (pathfinder) - Execution phase |
| − | * Treasury Board of Canada Secretariat - Execution phase | + | * Treasury Board of Canada Secretariat (pathfinder) - Execution phase |
* Canada Revenue Agency - Discovery/Execution phase | * Canada Revenue Agency - Discovery/Execution phase | ||
* Canada Border Services Agency - Discovery/Execution phase | * Canada Border Services Agency - Discovery/Execution phase | ||
| − | * Natural Resources Canada - Discovery phase | + | * Natural Resources Canada - Discovery/Execution phase |
| − | * Department of National | + | * Department of National Defense - Discovery phase |
* Royal Canadian Mounted Police - Discovery phase | * Royal Canadian Mounted Police - Discovery phase | ||
| − | * Environment and Climate Change Canada - | + | * Environment and Climate Change Canada - Discovery phase |
The second wave of workload migration projects began in 2019: | The second wave of workload migration projects began in 2019: | ||
| + | * Public Services and Procurement Canada - Discovery phase | ||
| + | * Health Canada - Discovery phase | ||
| + | * Employment and Social Development Canada - Discovery phase | ||
| + | * Correctional Services Canada - Discovery/Execution phase | ||
| + | * Innovation, Science and Economic Development - Discovery/Execution phase | ||
| + | * Privy Council Office - Discovery/Execution phase | ||
| + | * Global Affairs Canada - Discovery/Execution phase | ||
* Transport Canada - Execution phase | * Transport Canada - Execution phase | ||
| − | * Canadian Food Inspection Agency - | + | * Canadian Food Inspection Agency - Execution phase |
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
<!-- END OF PRIORITIZATION --> | <!-- END OF PRIORITIZATION --> | ||
| Line 88: | Line 94: | ||
== '''Engagement''' == | == '''Engagement''' == | ||
| − | Once priorities are reached and | + | Once priorities are reached and departments are notified, the TBS-OCIO project manager will provide guidance and tools to start the department's journey. |
| + | |||
| + | * [https://gccollab.ca/file/view/1760164/enfaq-wlm-app-mod-enfrfaq-wlm-app-mod-en| FAQ] | ||
| + | * [https://gccollab.ca/file/view/2649702/engeneric-wlm-app-mod-gcearb-gate1-discoveryfr| GC EARB Gate 1 (Discovery) template] | ||
| + | * [https://wiki.gccollab.ca/images/0/0e/SamplePortfolioAnalysis.png Departmental & Data Centre View dashboard] | ||
| + | * [https://gccollab.ca/file/view/3088763/engeneric-wlm-app-mod-business-casefr| Business case template]. | ||
| − | Partner | + | Partner departments are provided guidance/assistance to provide an accurate list of applications by updating the APM and to prepare for the [https://wiki.gccollab.ca/File:WLM_Governance.png governance] endorsement. |
| + | * [https://gccollab.ca/groups/profile/2006418/enworkload-migration-working-groupfrgroupe-de-travail-sur-la-migration-des-charges-de-travail WLM Working group] | ||
| + | * [[GC EARB]] | ||
| + | * ADM CEPP | ||
| + | * DM CEPP) | ||
| + | |||
| + | Once endorsed, the Government of Canada’s Chief Information Officer (GC CIO) and the Deputy Head of a department signs the [https://gccollab.ca/file/view/3089069/enmou-generic-fund-disbursement-v3docxfr| Memorandum of Understanding]. | ||
<!-- END OF ENGAGEMENT --> | <!-- END OF ENGAGEMENT --> | ||
| Line 102: | Line 119: | ||
==== <big>Determine Modernization Vision for the Organization</big> ==== | ==== <big>Determine Modernization Vision for the Organization</big> ==== | ||
| − | + | This is an opportunity to determine the direction for the organization and ensure those performing the subsequent portfolio analysis steps understand the vision to modernize and be more transformative! Perhaps your organization has already begun a modernization journey. In today's IT environment [https://wiki.gccollab.ca/GC_Cloud_Infocentre cloud] technologies combined with DevOps methods are having a large impact on how IT is delivered. Amongst the goals of these technologies and methods is to decrease lead time and time to market; in summary: | |
| − | + | * Deliver IT faster | |
| − | This is an opportunity to determine the direction for the organization | ||
| − | * | ||
| − | |||
* Increase reliability | * Increase reliability | ||
* Increase security | * Increase security | ||
* Increase quality | * Increase quality | ||
| − | + | These changes can be wide sweeping impacting roles, responsibilities, and culture. They are not undertaken in a year, but instead must be seen as a journey of maturity and continuous improvement. While some organizations have started this journey years ago and are ready to go "all in" on [https://wiki.gccollab.ca/GC_Cloud_Infocentre cloud] and the workforce are DevOps practitioners, others have not begun the journey. | |
| − | + | Here is a simple visual for plotting your [https://wiki.gccollab.ca/GC_Cloud_Infocentre cloud] adoption . | |
| − | |||
| − | |||
[[Image:Cloud maturity map .png]] | [[Image:Cloud maturity map .png]] | ||
| − | Start small with a few low risk applications. A team of developers from within your existing workforce would lead an initative to migrate those low risk workloads to the [https://wiki.gccollab.ca/GC_Cloud_Infocentre cloud]. The build from these experiences and | + | Start small with a few low risk applications. A team of developers from within your existing workforce would lead an initative to migrate those low risk workloads to the [https://wiki.gccollab.ca/GC_Cloud_Infocentre cloud]. The build from these experiences and transfer these skills to train others. As the number of workloads grow, the need for more sophisticated methods such as automation and DevOps will need to be applied. This will facilitate scaling without impacting agility. Existing governance and roles will also need to evolve. Review the [https://gccollab.ca/file/view/3691530/engc-cloud-rr-matrixfr GC Cloud R&R Matrix] to ensure your organization is ready to undertake the required roles to support [https://wiki.gccollab.ca/GC_Cloud_Infocentre cloud] services. |
| − | See the [[gccollab:file/view/1994079/encloud-fitness-scorecardfr|simple cloud fitness scorecard]] to assess low risk workloads for cloud migration. It provides | + | See the [[gccollab:file/view/1994079/encloud-fitness-scorecardfr|simple cloud fitness scorecard]] to assess low risk workloads for cloud migration. It provides a short list to help with the decision as to where to start and to identify low risk and low effort migrations. Any application can be migrated to the [https://wiki.gccollab.ca/GC_Cloud_Infocentre cloud] with enough time and effort. |
==== <big>Determine Rationalization and Retirement Opportunities</big> ==== | ==== <big>Determine Rationalization and Retirement Opportunities</big> ==== | ||
| Line 136: | Line 148: | ||
==== <big>Document Migration Strategy and Targets</big> ==== | ==== <big>Document Migration Strategy and Targets</big> ==== | ||
| − | By the end of this step you will have analyzed your portfolio of applications, updated key data in APM, chose the | + | By the end of this step you will have analyzed your portfolio of applications, updated key data in APM, chose the migration strategy for each application (one of the 5 Rs), and the target for each application ([https://wiki.gccollab.ca/GC_Cloud_Infocentre cloud] or EDC). |
| − | |||
| − | |||
===== '''<u>Choose the Appropriate Migration Strategy</u>''' ===== | ===== '''<u>Choose the Appropriate Migration Strategy</u>''' ===== | ||
| Line 185: | Line 195: | ||
With a rehost migration strategy, the application undergoes no changes and is migrated as-is to a new data centre or cloud. This is the simplest and least effort migration strategy. | With a rehost migration strategy, the application undergoes no changes and is migrated as-is to a new data centre or cloud. This is the simplest and least effort migration strategy. | ||
| − | For workloads migrating to [https://wiki.gccollab.ca/GC_Cloud_Infocentre cloud], it is strongly advised that | + | For workloads migrating to [https://wiki.gccollab.ca/GC_Cloud_Infocentre cloud], it is strongly advised that the resources (network, compute, storage) be optimized and reduced to the smallest size possible. Additionally using reserved instances for production workloads and turning off unused servers during off-hours will help ensure a lower monthly bill from your cloud provider. |
====== '''Replatform (lift, shift, and tinker)''' ====== | ====== '''Replatform (lift, shift, and tinker)''' ====== | ||
With a replatform strategy, the application undergoes minor changes as it is migrated to a new data centre or cloud. Replatforming strategies may include, but as not limited to: | With a replatform strategy, the application undergoes minor changes as it is migrated to a new data centre or cloud. Replatforming strategies may include, but as not limited to: | ||
| − | Addressing end of life (EOL) software such as those deprecated by IT Policy Implementation Notice [https://www.canada.ca/en/treasury-board-secretariat/services/information-technology/policy-implementation-notices.html ITPINs] | + | * Addressing end of life (EOL) software such as those deprecated by IT Policy Implementation Notice [https://www.canada.ca/en/treasury-board-secretariat/services/information-technology/policy-implementation-notices.html ITPINs] |
| − | + | * Moving to Platform-as-a-Service (PaaS) for commoditized services such as databases, web servers, file servers, container orchestration, moving to a PaaS allows for a serverless architecture. | |
| − | + | A serverless architecture negates the need to manage and patch operating systems, middleware and manage server instances. This also reduces an organization's IT Lifecycle Management burden. Users sometimes worry that using PaaS will cause vendor lock-in. By using PaaS that have alternatives elsewhere in the market will avoid lock-in. Being able to extract your business data and business rules from a PaaS is key to avoiding lock-in. Most cloud providers offer database, web server, and file server platforms. While migrating from one to another may not be completely painless, migration tools and APIs exist to allow for this possibility. | |
Containers is an increasingly popular method to deploy applications. If your application is stateless, moving it to a container will not only help portability, but also help with your organization's adoption of DevOps practices. | Containers is an increasingly popular method to deploy applications. If your application is stateless, moving it to a container will not only help portability, but also help with your organization's adoption of DevOps practices. | ||
| Line 238: | Line 248: | ||
=== ''Gate2: GC EARB Endorsement and MoU to Release Funds'' === | === ''Gate2: GC EARB Endorsement and MoU to Release Funds'' === | ||
| − | + | The analysis and planning undertaken as part of the discovery phase will be presented to GC EARB to request endorsement to release the funds for the execution phase. The [https://gccollab.ca/file/view/2650673/engeneric-wlm-app-mod-gcearb-gate2-executionfr generic template] is to be completed to present the discovery analysis and funding approval to move to the execution phase. | |
| − | + | As part of the GC EARB, a CIO will explain their migration strategy and target choices. This includes how those choices align to the Cloud First policy (Cloud First 4.4.1.9 / Data Residency 4.4.1.10 / Non-Public Cloud GC EARB Assessments 4.1.1.2.4) of the [https://www.tbs-sct.gc.ca/pol/doc-eng.aspx?id=32601 Directive on Service and Digital]. If and when endorsement is provided by GC EARB, approval will be requested from the GC CIO. A [https://gccollab.ca/file/view/3089069/enmou-generic-fund-disbursement-v3docxfr Memorandum of Understanding] between the GC CIO and the deputy head of the requesting department will be agreed to by both parties. | |
| − | |||
| − | As part of the GC EARB a CIO will explain their migration strategy and target choices. This includes how those choices align to the Cloud First policy (Cloud First 4.4.1.9 / Data Residency 4.4.1.10 / Non-Public Cloud GC EARB Assessments 4.1.1.2.4) of the [https://www.tbs-sct.gc.ca/pol/doc-eng.aspx?id=32601 Directive on Service and Digital]. If and when endorsement is provided by GC EARB, approval will be requested from the GC CIO. A [https://gccollab.ca/file/view/3089069/enmou-generic-fund-disbursement-v3docxfr Memorandum of Understanding] between the GC CIO and the deputy head of the requesting department will be agreed to by both parties. | ||
=== ''Reporting Requirements'' === | === ''Reporting Requirements'' === | ||
| − | As per section 3: Reporting Requirements of the signed MOU between your department and TBS, the executive project dashboard is due at the end of each quarter. Please find the [https:// | + | As per section 3: Reporting Requirements of the signed MOU between your department and TBS, the executive project dashboard is due at the end of each quarter. Please find the [https://gccollab.ca/file/view/6712988/enwlm-appmod-quarterly-reporting-dashboard-draftfr Quarterly Reporting Dashboard tool] to be used to report the status of your modernization strategies to the TBS Oversight Team. This is a standard template that is used to monitor projects with [https://intranet.canada.ca/wg-tg/go-sg/dwnld-eng.asp instructions]. |
<!-- END OF DISCOVERY --> | <!-- END OF DISCOVERY --> | ||
| Line 251: | Line 259: | ||
== '''Execution''' == | == '''Execution''' == | ||
| − | The analysis and planning undertaken as part of discovery will be presented to the [https://wiki.gccollab.ca/File:WLM_Governance.png governance] structure as part of requesting endorsement for releasing funds for the execution phase. A new model for funding calculations is currently being developed and will be ready for utilization by the end of September 2020. A Memorandum of Understanding between the Government of Canada’s Chief Information Officer (GC CIO) and the Deputy Head of a department will be agreed upon | + | The analysis and planning undertaken as part of discovery will be presented to the [https://wiki.gccollab.ca/File:WLM_Governance.png governance] structure as part of requesting endorsement for releasing funds for the execution phase. A new model for funding calculations is currently being developed and will be ready for utilization by the end of September 2020. A Memorandum of Understanding between the Government of Canada’s Chief Information Officer (GC CIO) and the Deputy Head of a department will be agreed upon to secure the funding. |
[[Image:Execution Swimlanes v1.png]] | [[Image:Execution Swimlanes v1.png]] | ||
| Line 281: | Line 289: | ||
| − | <!-- REFERENCES --> | + | <!-- REFERENCES & WHAT'S NEW --> |
| − | == '''References''' == | + | == '''References & What's New''' == |
| − | + | ====== '''WHAT'S NEW''' ====== | |
| + | NEW! (Jan-2021) Visit the [https://can01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.gcpedia.gc.ca%2Fwiki%2FM365-playbook%2Fhome&data=04%7C01%7Cnicole.koch%40tbs-sct.gc.ca%7C2e5e1b863a354b3bf49708d8bc8d7a3b%7C6397df10459540479c4f03311282152b%7C0%7C0%7C637466663110726935%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=aVRNmcoUkdFO7xIuqyT7qKXuWbMlluBrCKssZNQcDJA%3D&reserved=0 M365 Playbook on GCpedia] | ||
| − | + | [https://gccollab.ca/file/group/2731824/all#5536103 Enterprise IT Service Standards] - Standard on; IT Profile, IT Entitlements, IT Service Common Configurations, Enterprise IT Service Usage Restrictions and more! | |
| − | + | [https://youtu.be/GzyNlkiCbeE FWDThinking Episode 5.2: Showing What’s Possible—an extended interview with Minister Murray] | |
| − | NEW! | + | NEW! [https://gccollab.ca/file/view/6331829/encomplianceweek-accelerating-protected-workloads-sept-2020fr Accelerating Protected Workloads (Sept 2020)] |
| − | + | [https://api.canada.ca/en/homepage API Store] [https://gccollab.ca/groups/profile/1466411/enapi-storefrmagasin-api API GC Collab] | |
| − | + | !! TBS [https://wiki.gccollab.ca/GC_Enterprise_Architecture/Enterprise_Solutions#Security_Architecture_and_Privacy GC Enterprise Architecture/Enterprise Solutions] | |
| − | + | PSPC [https://www.gcpedia.gc.ca/wiki/En/GCPS EA and GC Programs and Solutions] | |
| − | + | !! [https://www.canada.ca/en/government/system/digital-government/digital-government-innovations/cloud-services/security-playbook-information-system-solutions-cloud.html Security Playbook for Information System Solutions ] | |
| − | + | The Canada School of Public Service (CSPS) Digital Academy is offering a virtual learning program: [https://learn-apprendre.csps-efpc.gc.ca/application/en/content/getting-started-cloud-computing-i621-0 Getting Started with Cloud Computing] | |
| − | + | !! [https://gccollab.ca/groups/profile/4209321/enssc-cpmsd-cloud-adoption-playbooksfrgroupe-de-ru00e9vision-des-documents-dadoption-de-linformatique-en-nuage-pru00e9paru00e9-par-la-dsgpi Cloud Adoption Playbooks] | |
| − | + | [https://gccollab.ca/discussion/view/5344264/enstratosphere-2020fr Stratosphere Cloud Event] | |
| − | [https:// | + | !! [https://gccollab.ca/file/group/1432343/all#5335607 DEPARTMENTAL CLOUD STRATEGIES] |
[https://wiki.gccollab.ca/Workload_Migration_(WLM)_Program Workload Migration SSC WLM Program] | [https://wiki.gccollab.ca/Workload_Migration_(WLM)_Program Workload Migration SSC WLM Program] | ||
| − | [https://wiki.gccollab.ca/GC_Cloud_Infocentre Cloud Infocentre] | + | !! [https://wiki.gccollab.ca/GC_Cloud_Infocentre Cloud Infocentre] |
[https://gccollab.ca/file/view/3671533/enworkload-placement-in-hybrid-it-gartnerfr Gartner: Workload Placement in Hybrid IT] | [https://gccollab.ca/file/view/3671533/enworkload-placement-in-hybrid-it-gartnerfr Gartner: Workload Placement in Hybrid IT] | ||
| Line 355: | Line 364: | ||
[https://medium.com/core-technologies/5-4-3-2-1-cloud-a904f99d56cd 5–4–3–2–1 — Cloud!] | [https://medium.com/core-technologies/5-4-3-2-1-cloud-a904f99d56cd 5–4–3–2–1 — Cloud!] | ||
| − | <!-- END OF REFERENCES --> | + | <!-- END OF REFERENCES & WHAT'S NEW --> |
<!-- GOVERNANCE --> | <!-- GOVERNANCE --> | ||
| Line 628: | Line 637: | ||
<!-- Références --> | <!-- Références --> | ||
== '''Références''' == | == '''Références''' == | ||
| + | Consultez le Guide sur [://can01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.gcpedia.gc.ca%2Fwiki%2FM365-playbook%2Fhome&data=04%7C01%7Cnicole.koch%40tbs-sct.gc.ca%7C2e5e1b863a354b3bf49708d8bc8d7a3b%7C6397df10459540479c4f03311282152b%7C0%7C0%7C637466663110726935%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=aVRNmcoUkdFO7xIuqyT7qKXuWbMlluBrCKssZNQcDJA%3D&reserved=0 M365 sur GCpédia] | ||
====== '''Politiques et normes du Conseil du Trésor''' ====== | ====== '''Politiques et normes du Conseil du Trésor''' ====== | ||
Revision as of 14:22, 25 January 2021
Note: We are continuously improving this site and information is published as we receive it. Templates and discussions related to Application Modernization can be found in the GCCollab Core Technologies group. It is recommended you join that group to watch for updates.
Check out What's New and the Discussion tab above for the latest updates !
Background[edit | edit source]
From Budget 2018:
"$110 million over six years, starting in 2018–19, to be accessed by Shared Services Canada’s partner departments and agencies to help them migrate their applications from older data centres into more secure modern data centres or cloud solutions."
Application Modernization is one of four pillars of the Workload Migration & Cloud Enablement (WLM&CE) initiative.
Overview[edit | edit source]
This handbook is meant to help departments navigate the Application Modernization Investment Framework; and other topic of interest:
- Prioritizing at-risk technologies
- Engaging with partner departments
- Performing an analysis of departmental application portfolios
- Planning for addressing the at-risk technologies through modernization
- Governance gating for endorsing modernization/migration plan and making the associated funds available
- Ongoing monitoring of status
The Investment Frame work consists of two gates:
Gate 1: a scope of at-risk technologies has been identified and approved by governance for modernization or decommissioning
Gate 2: a department's plan for modernization is ready to be endorsed by governance thus authorizing the release of Application Modernization funds.
The Investment Framework also consists of four phases:
Prioritization: priorities for modernizing at-risk technologies are selected and endorsed by governance.
Engagement: notify impacted departments, distribute templates to capture technical details, modernization/migration strategies, and costing details.
Discovery: departments analyze their application portfolios to determine their strategies for modernizing at-risk technologies including a plan and cost estimates.
Execution: departments work with their partners to execute the modernization strategies identified during the discovery phase.
A department's journey through the Investment Framework, or can also be found here in downloadable document form.
Please review the brief Frequently Asked Questions FAQ.
Prioritization[edit | edit source]
Priorities for investment from the Application Modernization and Workload Migration funds are based upon identifying high business value applications that are impacted by at-risk technologies. These at risk technologies can include, end of life software, end of life infrastructure, outdated architectures, to be decommissioned facilities such as data centres, etc…
1) TBS and SSC are working in collaboration with GC departments that demonstrate a readiness to modernize applications and migrate them to end state hosting platforms (cloud or enterprise data centres).
2) Departments may identify applications of high business value that are impacted by technology risks as a priority investment.
If endorsed by governance, those priorities will be eligible for access to Application Modernization funds and support from the Workload Migration program. Departments are required to complete the a GCEARB Gate1 (Prioritization) template and engage your Departmental Architecture Review Board before being brought forward to request endorsement by governance:
- WLM Working group
- GC EARB
- ADM CEPP
- DM CEPP)
The endorsement of priority at-risk technologies must be supported by the departments’ Application Portfolio Management (APM) data, readiness to proceed with the application modernization framework, and the modernization strategy that will be used (rehost, replatform, refactor, replace and to which hosting platform; data centre or cloud services)
In 2018, the following data centre facilities were identified as at-risk technologies to be decommissioned and the applications to be migrated or modernized to a new enterprise data centre or cloud services.
The first wave of workload migration projects began in 2018:
- Statistics Canada (pathfinder) - Execution phase
- Treasury Board of Canada Secretariat (pathfinder) - Execution phase
- Canada Revenue Agency - Discovery/Execution phase
- Canada Border Services Agency - Discovery/Execution phase
- Natural Resources Canada - Discovery/Execution phase
- Department of National Defense - Discovery phase
- Royal Canadian Mounted Police - Discovery phase
- Environment and Climate Change Canada - Discovery phase
The second wave of workload migration projects began in 2019:
- Public Services and Procurement Canada - Discovery phase
- Health Canada - Discovery phase
- Employment and Social Development Canada - Discovery phase
- Correctional Services Canada - Discovery/Execution phase
- Innovation, Science and Economic Development - Discovery/Execution phase
- Privy Council Office - Discovery/Execution phase
- Global Affairs Canada - Discovery/Execution phase
- Transport Canada - Execution phase
- Canadian Food Inspection Agency - Execution phase
Engagement[edit | edit source]
Once priorities are reached and departments are notified, the TBS-OCIO project manager will provide guidance and tools to start the department's journey.
- FAQ
- GC EARB Gate 1 (Discovery) template
- Departmental & Data Centre View dashboard
- Business case template.
Partner departments are provided guidance/assistance to provide an accurate list of applications by updating the APM and to prepare for the governance endorsement.
- WLM Working group
- GC EARB
- ADM CEPP
- DM CEPP)
Once endorsed, the Government of Canada’s Chief Information Officer (GC CIO) and the Deputy Head of a department signs the Memorandum of Understanding.
Discovery[edit | edit source]
Application Portfolio Analysis[edit | edit source]
The next three steps are an opportunity for your departments to assess its portfolio of applications and document your decisions as to how you will reduce, sustain, and modernize that portfolio.
Determine Modernization Vision for the Organization[edit | edit source]
This is an opportunity to determine the direction for the organization and ensure those performing the subsequent portfolio analysis steps understand the vision to modernize and be more transformative! Perhaps your organization has already begun a modernization journey. In today's IT environment cloud technologies combined with DevOps methods are having a large impact on how IT is delivered. Amongst the goals of these technologies and methods is to decrease lead time and time to market; in summary:
- Deliver IT faster
- Increase reliability
- Increase security
- Increase quality
These changes can be wide sweeping impacting roles, responsibilities, and culture. They are not undertaken in a year, but instead must be seen as a journey of maturity and continuous improvement. While some organizations have started this journey years ago and are ready to go "all in" on cloud and the workforce are DevOps practitioners, others have not begun the journey.
Here is a simple visual for plotting your cloud adoption .
Start small with a few low risk applications. A team of developers from within your existing workforce would lead an initative to migrate those low risk workloads to the cloud. The build from these experiences and transfer these skills to train others. As the number of workloads grow, the need for more sophisticated methods such as automation and DevOps will need to be applied. This will facilitate scaling without impacting agility. Existing governance and roles will also need to evolve. Review the GC Cloud R&R Matrix to ensure your organization is ready to undertake the required roles to support cloud services.
See the simple cloud fitness scorecard to assess low risk workloads for cloud migration. It provides a short list to help with the decision as to where to start and to identify low risk and low effort migrations. Any application can be migrated to the cloud with enough time and effort.
Determine Rationalization and Retirement Opportunities[edit | edit source]
By the end of this step you will have assessed your portfolio and infrastructure for rationalization and retirement opportunities.
Obsolete Repositories[edit | edit source]
There are GC applications – content management systems / web-database systems - that are no longer actively used but maintained because they may contain information that might be required in the future e.g. to respond to an ATIP request.
- Departments should have an active Information Management (IM) function that can verify the actual data retention requirements applicable to a specific application.
- Departments should recognize the cost of unnecessary data retention and actively dispose of data that has been deemed unnecessary. Unnecessary data is both a cost and a liability.
Obsolete Applications[edit | edit source]
Your application portfolio rates the business value of applications. Review low business value applications. Assess whether these applications are still needed:
- Use access/update logs to identify applications that have received few updates in the past two years.
- Identify the most recent users and inquire as to the business value of the application.
Document Migration Strategy and Targets[edit | edit source]
By the end of this step you will have analyzed your portfolio of applications, updated key data in APM, chose the migration strategy for each application (one of the 5 Rs), and the target for each application (cloud or EDC).
Choose the Appropriate Migration Strategy[edit | edit source]
For each application you need to determine you migration strategy (aka the 5Rs).
| Strategy | Alternative Name | Full Description | Data Centre | Cloud |
|---|---|---|---|---|
| Retire | Decomission | Retire, decommission, sunset application. Eliminate it from the portfolio. | ||
| Rehost | Lift and shift | Redeploy applications to a different hardware environment and change the application’s infrastructure configuration. Also called Lift-and-shift. Move the solution as is, or with minor changes, to a new hosting environment (small investment of resources). | X | X |
| Replatform | Lift, shift, and tinker | Change OS / Middleware. Requiring some level of application change (medium investment of resources to change). | X1 | X |
| Refactor | Re-architect | Application will be redesigned. Sections of the application will be re-written for improvement/optimization purposes (medium to large investment of resources to change). | X | |
| Replace | Repurchase | Replace application's functionality by a new solution acquired or developed by department (medium to large investment of resources). The application will be decommissioned once replaced. | X |
1Appropriate when addressing end of life OSes
Rehost (lift and shift)[edit | edit source]
With a rehost migration strategy, the application undergoes no changes and is migrated as-is to a new data centre or cloud. This is the simplest and least effort migration strategy.
For workloads migrating to cloud, it is strongly advised that the resources (network, compute, storage) be optimized and reduced to the smallest size possible. Additionally using reserved instances for production workloads and turning off unused servers during off-hours will help ensure a lower monthly bill from your cloud provider.
Replatform (lift, shift, and tinker)[edit | edit source]
With a replatform strategy, the application undergoes minor changes as it is migrated to a new data centre or cloud. Replatforming strategies may include, but as not limited to:
- Addressing end of life (EOL) software such as those deprecated by IT Policy Implementation Notice ITPINs
- Moving to Platform-as-a-Service (PaaS) for commoditized services such as databases, web servers, file servers, container orchestration, moving to a PaaS allows for a serverless architecture.
A serverless architecture negates the need to manage and patch operating systems, middleware and manage server instances. This also reduces an organization's IT Lifecycle Management burden. Users sometimes worry that using PaaS will cause vendor lock-in. By using PaaS that have alternatives elsewhere in the market will avoid lock-in. Being able to extract your business data and business rules from a PaaS is key to avoiding lock-in. Most cloud providers offer database, web server, and file server platforms. While migrating from one to another may not be completely painless, migration tools and APIs exist to allow for this possibility.
Containers is an increasingly popular method to deploy applications. If your application is stateless, moving it to a container will not only help portability, but also help with your organization's adoption of DevOps practices.
Refactor (Re-Architect)[edit | edit source]
Refactoring is the most costly and time consuming of all strategies. This is an opportunity to take full advantage of cloud-native architectures by introducing elastic scaling of resources.
Adding disaster recover capabilities is other option for refactoring.
Migrating away from less common OSes such AIX, UNIX, or Solaris may require extensive changes to the application.
Due to the high cost of refactoring, this strategy should only be applied to high business value applications.
Replace (Repurchase)[edit | edit source]
This is an opportunity to determine if Software-as-a-Service (SaaS) solutions for some of the COTS or custom built application you may have running today. Migrating to SaaS is an opportunity to access the latest version of that service and to lower lifecycle management burden. For example, if you operate a legacy email application, you may want to take the opportunity to replace it with Office 365.
Choose Your Migration Target[edit | edit source]
Choose the target, or where the application will be migrated to, for each application.
Enterprise Data Centre (EDC): a new data centre with low technical risks
Cloud: a public cloud service provider available from the SSC GC Cloud Brokering Service
Identify Data Centre[edit | edit source]
Ensure applications are correctly allocated to its current legacy data centre. The data centre is an essential reporting dimension when TBS tracks your portfolio's progress.
Identify Mission Critical Applications[edit | edit source]
Ensure mission critical applications are correctly identified.
Identify Operating Systems[edit | edit source]
Ensure the operating systems for each application are correctly identified. This will be used to ensure all operating systems beyond end-of-life are addressed through a replatform.
Generate Portfolio Analysis Dashboard[edit | edit source]
Request that TBS generate a dashboard of your application portfolio. This will ensure your decisions have been correctly reflected. A sample of the dashboard that is generated is found here:
Engage SSC Project Manager and WLM Factory[edit | edit source]
It is likely you have already been working with your SSC Project Manager. If not, talk to your Service Delivery Manager. At this point it would be prudent to work with a supplier qualified on the WLM Factory to help with planning and cost estimates.
Document Project Milestones (Roadmap)[edit | edit source]
Gate2: GC EARB Endorsement and MoU to Release Funds[edit | edit source]
The analysis and planning undertaken as part of the discovery phase will be presented to GC EARB to request endorsement to release the funds for the execution phase. The generic template is to be completed to present the discovery analysis and funding approval to move to the execution phase.
As part of the GC EARB, a CIO will explain their migration strategy and target choices. This includes how those choices align to the Cloud First policy (Cloud First 4.4.1.9 / Data Residency 4.4.1.10 / Non-Public Cloud GC EARB Assessments 4.1.1.2.4) of the Directive on Service and Digital. If and when endorsement is provided by GC EARB, approval will be requested from the GC CIO. A Memorandum of Understanding between the GC CIO and the deputy head of the requesting department will be agreed to by both parties.
Reporting Requirements[edit | edit source]
As per section 3: Reporting Requirements of the signed MOU between your department and TBS, the executive project dashboard is due at the end of each quarter. Please find the Quarterly Reporting Dashboard tool to be used to report the status of your modernization strategies to the TBS Oversight Team. This is a standard template that is used to monitor projects with instructions.
Execution[edit | edit source]
The analysis and planning undertaken as part of discovery will be presented to the governance structure as part of requesting endorsement for releasing funds for the execution phase. A new model for funding calculations is currently being developed and will be ready for utilization by the end of September 2020. A Memorandum of Understanding between the Government of Canada’s Chief Information Officer (GC CIO) and the Deputy Head of a department will be agreed upon to secure the funding.
Close Out[edit | edit source]
Lessons Learned[edit | edit source]
Change is hard. Cloud requires a major culture shift in the organization, especially in IT as it means radical transformation to some roles. Do not underestimate the fear that people will have. Organizational change management must be at the forefront.
Strong support required by deputy head and all levels of senior leadership. Due to the magnitude of change required and the underlying complexity, the senior management table MUST demonstrate consistent, strong leadership to ensure success.
Cloud is a journey, not a destination. It is very complex, and will take longer than you think. Start now, before you have all of the information. BUT – start smaller and simple, avoid serious injury when you fall. Because you will fall. Learn to crawl before trying to run. Fully embracing cloud will take years.
Partner with others. Having an integrated project team with SSC has been key success factor. Leverage the expertise of industry and of others that have gone before you.
Strong support required by deputy head and all levels of senior leadership.
Shallow pool of resources with the required expertise. Resources are routinely targeted by other departments and private sector. Ability to attract and retain talent is key, and is very challenging in public sector environment.
Products may not be as advertised. While the products may be released as GA, and have been tested on the open market, they do not necessarily function as intended. There may be a lot of back and forth with the vendor (in our case MS) in order to get the functionality you were expecting - add some contingency time to your project for this.
Voice your concerns immediately. You have to watch your costs like a hawk and have a strong understanding of what the costs should be - more importantly, you have to voice your concerns immediately to the vendor so that they can investigate and adjust. eg Log analytics
Be like water You have to work with a singular vision and purpose, but you have to be like water otherwise. The landscape in the cloud is ever changing - gone are the days of set it and forget it. Also, politically, there are always changes too - so you must be prepared to pivot when needed. eg. Pathfinder, APDC Closure, desktop, etc...
References & What's New[edit | edit source]
WHAT'S NEW[edit | edit source]
NEW! (Jan-2021) Visit the M365 Playbook on GCpedia
Enterprise IT Service Standards - Standard on; IT Profile, IT Entitlements, IT Service Common Configurations, Enterprise IT Service Usage Restrictions and more!
FWDThinking Episode 5.2: Showing What’s Possible—an extended interview with Minister Murray
NEW! Accelerating Protected Workloads (Sept 2020)
!! TBS GC Enterprise Architecture/Enterprise Solutions
PSPC EA and GC Programs and Solutions
!! Security Playbook for Information System Solutions
The Canada School of Public Service (CSPS) Digital Academy is offering a virtual learning program: Getting Started with Cloud Computing
!! DEPARTMENTAL CLOUD STRATEGIES
Workload Migration SSC WLM Program
Gartner: Workload Placement in Hybrid IT
DPI - Charting a path to success for Workload Migration: Approaches and Best Practices
TB Policies & Standards[edit | edit source]
Directive on Service and Digital
Guidance[edit | edit source]
Government of Canada Digital Playbook (draft)
Government of Canada Cloud Adoption Strategy
Government of Canada Security Control Profile for Cloud-Based GC IT Services
Government of Canada Cloud Security Risk Management Approach and Procedures
CSE ITSG-22 Baseline Security Requirements for Network Security Zones in the Government of Canada
CSE ITSG-38 Network Security Zoning – Design Consideration for Placement of Services within Zones
CSE ITSG.30.031 V2 User Authentication Guidance for Information Technology Systems
CSE ITSG.40.062 Guidance on Securely Configuring Network Protocols
Blog[edit | edit source]
The GC Accelerators - Accelerating the Secure Adoption of Cloud Services
Part 1: Application Modernisation — Making IT Delivery Less Effort
Part 2: Application Modernisation — Understanding Modernisation Strategies
Part 3: Application Modernisation — Assessing Your Portfolio
Part 4: Application Modernisation — Choosing Your Target
Part 4 ¾: Application Modernisation – Continuous Modernisation
Governance[edit | edit source]
