Microsoft has been reminding their customers, for quite some time now, that Windows Server 2008 and SQL Server 2008 will be out of support as per its lifecycle support schedule. Although there is less than a year remaining for the support to expire, many organizations still have their applications hosted on these platforms.
|Product||End of Mainstream Support||End of Extended Support|
|Windows server 2008/2008 R2||13 Jan 2015||14 Jan 2020|
|SQL server 2008/2008 R2||08 July 2014||09 July 2019|
End of extended support means Microsoft will stop providing any security updates for these products, which means that all apps hosted on these platforms will be vulnerable to security threats. With so many regulations to comply with nowadays, and especially with the GDPR in place from 2018, the last thing any organization want is loss of revenue and reputation resulting from a security breach. Therefore, it is crucial for organizations to act now before it is too late.
In 2014, when we were facing with a similar risk - for Windows 2003 and SQL 2005 - we did not have many options. You had to either:
Thankfully, it is 2019 and we have made several technological advancements that can provide us with more options. Here is a quick summary of what you can do:
Given the potential for incidents like WannaCry ransomware attack, this is certainly not a reasonable option. Without any commitment from vendors to provide patches for vulnerabilities, you are always at the risk of a security breach when new threats are identified. Time and reputation lost in recovering from a security breach could adversely impact any business.
I still remember that weekend of WannaCry incident, when we had to pull together teams to install the last-minute patch on Windows 2003 servers, for our clients globally. Patches for Win2008 and Win2012 were already released and those servers were updated as part of the patching cycle.
Yes, you can get 3 more years of free security updates from Microsoft, if you can find the money and time to migrate all of those 2008 servers to Microsoft's public cloud - Azure. With this option, all you are doing is postponing the risk as you still have to spend money and effort to migrate those apps at a later date. This option reminds me of how we dumped most of our items in the garage when we moved to our new home. Though we got some sorted on the day we moved, we still had to spend the entire Christmas break sorting and moving things out of the garage and into our new home!
Microsoft does provide some useful tools to help with the migration process, but you still need to evaluate each application and plan the migration to Azure - all this needs to be done by the end of the year!
This is an option worth considering if you only have a few applications that you want to keep beyond 2019, and are already planning to rewrite those applications. Be under no illusion that this is a straight forward project; you will have to make changes to your application to get it to work on the latest OS and database, assuming that you still have the knowhow to make changes to those applications.
I was actively involved in a project to migrate Win2003 to Win2012. Although it sounds straightforward, it took us more than 2 years to rewrite parts of the application, test and migrate to Win2012/SQL2014. Even with all our efforts, we still had many servers left in 2003 that could not be upgraded for many reasons!
With the announcement of Docker Enterprise now supporting Containerization of 2003 and 2008 applications and hosting them on Windows 2016, with little or very minimal changes to the application, the threat from out-of-support OS/DB suddenly seems like an opportunity to modernize the IT landscape.
Docker and Containers have been around for several years now, but it is only last year that the same technology has been used to containerize legacy apps and to host them on the newer versions of Windows server OS. This is definitely an option worth exploring.
Containerization is about packaging your application and all its dependencies together, excluding the OS kernel. For apps hosted on Win2003/2008, this means that you take one of the base server images provided by Microsoft (such as Windows server core or nano server) and add layers of your application components to package them into a single container. Once containerized, you can run this application 'container' on any Windows server 2016 installed with Docker Enterprise Edition - it is that simple!
Containers - due to the way in which they are packaged - have a much smaller footprint than a virtual machine as it only includes the application and its dependencies, so it requires fewer resources to run, manage, and of course, reducing your overall IT footprint and licensing costs.
With container orchestration tools like Docker Swarm and Kubernetes, you can increase availability and performance of your application through features like self-healing, auto-scaling - all of which are available out of the box.
Once you have packaged your application in a 'container', it presents an opportunity to fully automate your build, test, and release processes with tools like Jenkins and integrating it with Docker/Kubernetes. With features like auto-deployment of newer container images, you can even release application changes as frequently as you wish. That's true, no more "weekend-only" deployments!
The process of containerization ensures that you have all the dependent components of your application packaged together. This means that you can now run these containers literally anywhere, such as on any Windows server 2016 server, including on-premises servers and servers hosted on your favorite public cloud platform.
If you haven't had prior experience with containers, Docker, or Kubernetes in your landscape, most of what I mentioned above may sound too good to be true. Even for those who have worked with containers in a Linux environment, the process of containerizing an app on Win2008 and hosting it on Win2016 server may still be hard to digest!
As they say - the proof of the pudding is in the eating - so, why not go ahead and build a proof of concept (POC) in your own landscape. Select that very application you couldn't get off 2003 last time around. You could of course build and test the containers on a Windows 10 PC, but to get a real feel of some of the benefits I explained above, setup a Docker EE or Kubernetes cluster for testing the containers and the deployment process.
You can get one of these container clusters set up on Alibaba Cloud in no time at all!
Containers, like I said, require a fraction of the resources you've currently allocated for the VMs. I could boldly say that you'd need only 30% less infrastructure when you containerize your apps. But don't take my word for it, check it out during your own POC.
There are also tools available to simplify the process of containerizing your apps, and the efforts will most certainly be less than re-writing parts of application, to make it work on a new Windows 2016 server.
Once you are convinced with your design, it is important to get started even with a few apps as the clock is ticking. Get the project executed in an Agile manner; learn as you migrate apps to your Docker/Kubernetes cluster and improvise along the way.
There is no point in having modern technologies if your team continues to utilize old software development methods. Transition your team to a DevOps culture, automate your build, test and deployment processes incrementally. By the end of this project, you'd have modernized not just your landscape but your entire organization too!
Let 2019 be the year, where you spend your IT budget not only to manage and mitigate risks but also to invest on optimizing and modernizing your IT Infrastructure. Let your team and business stay ahead of the competition with containerization and DevOps. Good luck!
Learn more about Alibaba Cloud's Container Service at https://www.alibabacloud.com/product/container-service
Author: Sajith Venkit
Alibaba Clouder - August 6, 2020
Alibaba Clouder - August 20, 2020
Alibaba Cloud Security - February 17, 2020
Alibaba Clouder - December 18, 2017
Alibaba Clouder - November 27, 2018
Rupal_Click2Cloud - October 13, 2020
An online computing service that offers elastic and secure virtual cloud servers to cater all your cloud hosting needs.Learn More
Marketplace is an online market for users to search and quickly use the software as image for Alibaba Cloud products.Learn More
More Posts by Alibaba Clouder