By: Richard Munro
Window 2003, like its predecessors have done, shuffles off this mortal coil on July 12th, 2015. Estimates of how many Windows 2003 servers are in existence vary wildly but are often in the tens of millions, which is why just about every IT organisation has set aside budget this year to tackle this latest round of the regular headache that is an operating system retirement (or more precisely the cessation of security patches). Except, also like its predecessors, come July 13th, many organisations will still have these EOL operating systems running, often serving production needs. Why is this?
On the surface it seems to make sense to upgrade immediately – security is, after all, critically important. And yet for all this effort and cost the business return of such an upgrade is very little if anything. Let’s look at what is typically involved:
- Use of staging kit to test upgrades
- Hardware refresh to cope with new OS requirements
- Effort and resources to plan, test, and conduct the upgrades – often out of hours.
- Application testing and potential upgrade or even replacement.
- Associated effort in alterations to networks/storage configurations and documentation to cater for the changes
- Management of actual and risk based downtime
And what does the business get after all this effort? Usually the exact same application functionality it had before, with security ‘maintained’ (remember it was being patched on the old version so this is nothing new). No wonder most organisations take a managed risk approach to these upgrades which can see them deciding to carefully continue running these platforms past the cut off date as part of a longer term plan.
This time around, there is a lot of suggestion that it is an ideal opportunity to think about adopting the public cloud, and indeed it is, since you are being forced to perform work on the infrastructure anyway you may as well take the chance to modernise. Yet this is a time to be careful that your choice of public cloud is a true hybrid, which has compatibility by default. A simple test of this is to ask your cloud vendor if the platform supports Windows 2003 past July 12th. You might be surprised to find that the common answer is ‘no’, and maybe more surprised that it is not even supported today. Even with a ‘yes’ it can come with a significant extra sign up and disclaimer that in essence does not service level continued functionality of your instance! I believe in organisations having the right of choice, and these services ultimately may be the right thing for you – but I do want to make sure that people have an informed perspective on the impacts of their decisions.
So if you chose to move your Windows 2003 servers to one of these incompatible clouds – what are your options based on current support policy?
- You will probably need a staging kit. This is so that you perform all the necessary upgrade work on-premises to make it compatible with the supported operating systems on the target cloud.
- You then need to go through the act of migration to the cloud (remember an incompatible cloud with different management stacks requires migration, not copying).
- You need to ensure you have the right skills to manage the migration to this new platform, and to run/manage it when there.
- Your date to complete this by is July 12th or face the risk of your applications no longer working.
- Perhaps most critically, for all future EOL retirements, the same EOL support policy applies as on-premises but is now enforced in the cloud, which means that you have signed up to a ‘drop-dead’ date of the official retirement date from here on in.
- As hybrid functionality matures you may well also inherit this date for your retained on-premises workloads as well, if hybrid functionality requires lock-step integration to the public cloud component of your infrastructure (think DR for example).
- Upgrades to virtual machines in the cloud environment are not supported. In these models when the time comes to EOL the next operating system, you need to create a new instance and migrate the workloads to the new instance.
The options with a true hybrid cloud that is based on full compatibility (as VMware vCloud® Air™ is) are a different story and present options depending on what you want to do (using vCloud Air as an example):
- Copy the virtual machines to vCloud Air on the current platform.
- Test the upgrade process (in work hours, production is untouched).
- Once satisfied you can perform the upgrade on-premises, or simply copy back the upgraded image from vCloud Air (a true hybrid cloud allows bi-directional movement of workloads with no hidden costs like data transfer).
- Benefit from one-stop VMware support as standard during the process.
- You can do this before or after July 12th as Windows 2003 is supported on the platform (just understand the risk of security patching as you do in your own estate today).
- Use the advanced networking capabilities of NSX in vCloud Air to further isolate and protect the at-risk Windows 2003 instances.
- When the next EOL comes you can have all the same choices you have today de-risking the ‘drop-dead’ date of EOL.
Or, of course, you could also leave the workloads there in the cloud and join the many delighted customers of vCloud Air by leveraging the operational and agility benefits of the platform. For example you could take the chance to right-size the workload and reduce your costs – in vCloud Air you can resize the virtual machine without downtime. Clone and scale it temporarily to deal with seasonal peaks, or recreate your non-production environments as exact images of the production system but now only paying based on consumption.
vCloud Air, as a true hybrid cloud, supports over 90 operating system versions, allows for the seamless extension of your datacenter to enable movement of workloads in and out, and comes with the features and management stack that are trusted to support your business today – all with the same familiar interface and technology that makes it as seamless for the IT staff to use as it is for the applications to move to and from.
Of course I am not saying that you should put off your operating system upgrades – security is a huge deal and should be prioritised, but be mindful of your choices and careful about the commitments you are making. If you want to take advantage of the public cloud consumption model to reduce the cost and improve the benefits of EOL activity but want to retain the flexibility and control that you have today with such exercises, be sure to verify that your selection of a cloud supports your right to choose – which a true hybrid should.
For more information about VMware vCloud Air, visit vcloud.vmware.com, and keep an eye on the blog for upcoming tips and best practices for using vCloud Air.