Summary Prerequisites and limitations Architecture Tools Epics Related resources

Migrate on-premises Java applications to AWS using AWS App2Container

Created by Dhananjay Karanjkar (AWS)

Source: Applications	Target: Containerized application deployed on Amazon ECS	R Type: Replatform
Environment: PoC or pilot	Technologies: Migration; Web & mobile apps	Workload: Open-source
AWS services: Amazon EC2 Container Registry; Amazon ECS

Summary

AWS App2Container (A2C) is a command line tool that helps transform existing applications running in virtual machines into containers, without needing any code changes. A2C discovers applications running on a server, identifies dependencies, and generates relevant artifacts for seamless deployment to Amazon Elastic Container Service (Amazon ECS) and Amazon Elastic Kubernetes Service (Amazon EKS).

This pattern provides the steps for remotely migrating on-premises Java applications deployed on an application server to AWS Fargate or Amazon EKS by using App2Container through the worker machine.

The worker machine can be used in the following use cases:

Docker installation is not allowed or not available on the application servers where the Java applications are running.
You must manage the migration of multiple applications deployed on different physical or virtual servers.

Prerequisites and limitations

Prerequisites

An application server with a Java application running on a Linux server
A worker machine with a Linux operating system
A worker machine with at least 20 GB of available disk space

Limitations

Not all applications are supported. For more information, see Supported applications for Linux.

Architecture

Source technology stack

Java applications running on Linux server

Target technology stack

AWS CodeBuild
AWS CodeCommit
AWS CodeDeploy
AWS CodePipeline
Amazon Elastic Container Registry
AWS Fargate

Target architecture

Tools

Tools

AWS App2Container – AWS App2Container (A2C) is a command line tool to help you lift and shift applications that run in your on-premises data centers or on virtual machines, so that they run in containers that are managed by Amazon ECS or Amazon EKS.
AWS CodeBuild – AWS CodeBuild is a fully managed build service in the cloud. CodeBuild compiles your source code, runs unit tests, and produces artifacts that are ready to deploy.
AWS CodeCommit – AWS CodeCommit is a version control service hosted by Amazon Web Services that you can use to privately store and manage assets (such as documents, source code, and binary files) in the cloud.
AWS CodePipeline – AWS CodePipeline is a continuous delivery service you can use to model, visualize, and automate the steps required to release your software.
Amazon ECS – Amazon Elastic Container Service (Amazon ECS) is a highly scalable, fast container management service that for running, stopping, and managing containers on a cluster.
Amazon ECR – Amazon Elastic Container Registry (Amazon ECR) is an AWS managed container image registry service that is secure, scalable, and reliable.
Amazon EKS – Amazon Elastic Kubernetes Service (Amazon EKS) is a managed service that you can use to run Kubernetes on AWS without needing to install, operate, and maintain your own Kubernetes control plane or nodes.
AWS Fargate – AWS Fargate is a technology that you can use with Amazon ECS to run containers without having to manage servers or clusters of Amazon Elastic Compute Cloud (Amazon EC2) instances. With Fargate, you no longer have to provision, configure, or scale clusters of virtual machines to run containers.

Epics

Task	Description	Skills required
Create a secret to access the application server.	To access the application server remotely from the worker machine, create a secret in AWS Secrets Manager. For your secret, you can use either the SSH private key or the Certificate and the SSH private key. For more information, see Manage secrets for AWS App2Container.	DevOps, Developer

Task	Description	Skills required
Install the tar file.	Run `sudo yum install -y tar`.	DevOps, Developer
Install the AWS CLI.	To install the Amazon Command Line Interface (AWS CLI), run `curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"`. Unzip `awscliv2.zip`. Run `sudo ./aws/install`.	DevOps, Developer
Install App2Container.	Run the following commands: `curl -o AWSApp2Container-installer-linux.tar.gz https://app2container-release-us-east-1.s3.us-east-1.amazonaws.com/latest/linux/AWSApp2Container-installer-linux.tar.gz` `sudo tar xvf AWSApp2Container-installer-linux.tar.gz` `sudo ./install.sh`	DevOps, Developer
Configure the profiles.	To configure the AWS default profile, run `sudo aws configure`. To configure the named AWS default profile, run `sudo aws configure --profile <profile name>`.	DevOps, Developer
Install Docker.	Run the following commands. `sudo yum install -y docker` `sudo systemctl enable docker & sudo systemctl restart docker`
Initialize App2Container.	To initialize App2Container, you need the following information: `workspace`: To store application containerization artifacts. We recommend providing a directory path that has at least 20 GB of free disk space. `awsProfile`: AWS profile configured on the server. This is required to upload artifacts to Amazon S3, run the `containerize` command, and generate AWS artifacts for deployment on Amazon ECS or Amazon EKS. `s3Bucket`: To extract and store AWS artifacts. `metricsReportPermission`: To collect and store metrics reported. `dockerContentTrust`: To sign the Docker image. Run `sudo app2container init`.	DevOps, Developer

Task Description Skills required

Configure the worker machine to remotely connect and run App2Container commands on the application server.

Task	Description	Skills required
Configure the worker machine to remotely connect and run App2Container commands on the application server.	To configure the worker machine, the following information is required: `Server FQDN`: The fully qualified domain name of the application server. `Server IP address`: The IP address of the application server. Either the FQDN or the IP address is sufficient. `SecretARN`: The Amazon Resource Name (ARN) of the secret that is used to connect to the application server and is stored in Secrets Manager. `AuthMethod`: The `key` or `cert` authentication method. Run `sudo app2container remote configure`.	DevOps, Developer

To configure the worker machine, the following information is required:

Server FQDN: The fully qualified domain name of the application server.
Server IP address: The IP address of the application server. Either the FQDN or the IP address is sufficient.
SecretARN: The Amazon Resource Name (ARN) of the secret that is used to connect to the application server and is stored in Secrets Manager.
AuthMethod: The key or cert authentication method.

Run sudo app2container remote configure.

DevOps, Developer

Task Description Skills required

Discover the on-premises Java applications.

Task	Description	Skills required
Discover the on-premises Java applications.	To remotely discover all the applications running on the application server, run the following command. `sudo app2container remote inventory --target <FQDN/IP of App server>` This command generates a list of deployed applications in `inventory.json`.	Developer, DevOps
Analyze the discovered applications.	To remotely analyze each application by using the application-id obtained in the inventory stage, run the following command. `sudo app2container remote analyze --application-id <java-app-id> --target <FQDN/IP of App Server>` This generates `analysis.json` file in the workspace location. After this file is generated, you can alter the containerization parameters based on your needs.	Developer, DevOps
Extract the analyzed applications.	To generate an application archive for the analyzed application, remotely run the following command, which will generate the tar bundle in the workspace location. `sudo app2container remote extract --application-id <application id> --target <FQDN/IP of App Server>` Extracted artifacts can be generated on the local worker machine.	Developer, DevOps

To remotely discover all the applications running on the application server, run the following command.

sudo app2container remote inventory --target <FQDN/IP of App server>

This command generates a list of deployed applications in inventory.json.

Developer, DevOps

Analyze the discovered applications.

To remotely analyze each application by using the application-id obtained in the inventory stage, run the following command.

sudo app2container remote analyze --application-id <java-app-id> --target <FQDN/IP of App Server>

This generates analysis.json file in the workspace location. After this file is generated, you can alter the containerization parameters based on your needs.

Developer, DevOps

Extract the analyzed applications.

To generate an application archive for the analyzed application, remotely run the following command, which will generate the tar bundle in the workspace location.

sudo app2container remote extract --application-id <application id> --target <FQDN/IP of App Server>

Extracted artifacts can be generated on the local worker machine.

Developer, DevOps

Task Description Skills required

Containerize the extracted artifacts.

Task	Description	Skills required
Containerize the extracted artifacts.	Containerize the artifacts extracted in the previous step by running the following command. `sudo app2container containerize --input-archive <tar bundle location on worker machine>`	Developer, DevOps
Finalize the target.	To finalize the target, open `deployment.json`, which is created when the `containerize` command runs. To specify AWS Fargate as the target, set `createEcsArtifacts` to `true`. To set Amazon EKS as the target, set `createEksArtifacts` to true.	Developer, DevOps

Containerize the artifacts extracted in the previous step by running the following command.

sudo app2container containerize --input-archive <tar bundle location on worker machine>

Developer, DevOps

Finalize the target.

To finalize the target, open deployment.json, which is created when the containerize command runs. To specify AWS Fargate as the target, set createEcsArtifacts to true. To set Amazon EKS as the target, set createEksArtifacts to true.

Developer, DevOps

Task Description Skills required

Generate AWS deployment artifacts on the worker machine.

Task	Description	Skills required
Generate AWS deployment artifacts on the worker machine.	To generate deployment artifacts, run the following command. `sudo app2container generate app-deployment --application-id <application id>` This generates the `ecs-master.yml` AWS CloudFormation template in the workspace.	DevOps
Provision the artifacts.	To further provision the generated artifacts, deploy the AWS CloudFormation template by running the following command. `aws cloudformation deploy --template-file <path to ecs-master.yml> --capabilities CAPABILITY_NAMED_IAM --stack-name <application id>–ECS`	DevOps
Generate the pipeline.	Modify `pipeline.json`, which was created in the previous story, based on your needs. Then run the `generate pipeline` command to generate the pipeline deployment artifacts.	DevOps

To generate deployment artifacts, run the following command.

sudo app2container generate app-deployment --application-id <application id>

This generates the ecs-master.yml AWS CloudFormation template in the workspace.

DevOps

Provision the artifacts.

To further provision the generated artifacts, deploy the AWS CloudFormation template by running the following command.

aws cloudformation deploy --template-file <path to ecs-master.yml> --capabilities CAPABILITY_NAMED_IAM --stack-name <application id>–ECS

DevOps

Generate the pipeline.

Modify pipeline.json, which was created in the previous story, based on your needs. Then run the generate pipeline command to generate the pipeline deployment artifacts.

DevOps

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Migrate from on-premises MySQL to Aurora MySQL using Percona XtraBackup

Migrate shared file systems in an AWS large migration