In 2020, TCG supported NIH in migrating the NITRC website and neuroscience research tool to the cloud. NITRC is the central hub for neuroimaging scientists to collaborate and share resources, but as a legacy site it required the improved bandwidth, download speeds for researchers, and overall performance that would come with a switch to the cloud. In addition, NITRC required updates to its operating systems and programming languages which would be unsupported in the near future. Leveraging DevOps practices and Ansible allowed TCG and NIH to address the complex migration and updates concurrently, leading to a cost effective and efficient modernization of a legacy system.
NIH developed the NITRC website with TCG’s support in 2007. In 2020, the server was using an operating system and programming languages—Centos 6 with PHP 5.4 and Python 2—that would be completely unsupported by the end of the year, at which point lack of vendor patches would make NITRC vulnerable to security threats, data loss, and compliance issues.
NIH also wanted to move their servers from a traditional data center to the cloud through Amazon Web Services (AWS), a pay-as-you-go cloud provider. The number of services offered by NITRC, including e-mail, antivirus, source code control, and file hosting were all run on the same server and would require a great deal of configuration, integration, and testing. Challenges included:
- An 8 month period to complete updates and migration of the legacy website, which had 12 terabytes of data and 261,423 users,
- The need to address software/package and language dependencies, as upgrading a language or a certain piece of software could in turn trigger an upgrade requirement for other tools as well.
To migrate the site in the required window and perform the necessary updates, TCG and NITRC chose to automate the migration and perform the updates concurrently, opting out of the “lift and shift” migration model, the most basic form of cloud migration in which a system is transferred to the cloud as-is. The team chose to use Ansible for the migration, one of the most popular open-source DevOps tools. Automation, particularly deployment automation, was a key feature of Ansible and a key part of our solution.
As one of the best tools for software provisioning and configuration management, Ansible also allowed the team to manage the OS and language upgrades, integration, and testing.
In alignment with DevOps practices, we conducted frequent deployments from scratch, as this ensured that any issues at any stage of deployment would be caught and addressed as soon as possible. It was not uncommon for deployments to be happening two or three times a day, so the automated deployment was critical for effective time management.
In December 2020, we successfully migrated NITRC from it’s former hosting system to AWS in one fell swoop using Ansible, allowing us to save on time and cost. During the switchover, we had 0 downtime with a 4 hour maintenance window of reduced functionality during which the site was read-only. Given that 95% of NITRC’s use is reading data, downloading files, and performing searches, our user base was largely unaffected during this time.
As a result of the migration, we fully mitigated the concerns of security threats, data loss, and compliance.
As an unexpected outcome, the team found that automating deployment made setting up development, test, and staging environments a much quicker process, so the automations set up as part of the migration process remain useful even after that process is completed.