I once heard someone say, "What the cloud migration strategies lack at the moment is a methodology to Lift-and-Shift connections to the cloud." Let's digest that.
In today's landscape, maintaining a competitive edge and delivering a high-quality customer experience is becoming synonymous with migrating to the cloud. As of 2022, [57% of organizations](https://info.flexera.com/CM-REPORT-State-of-the-Cloud)57% of organizations are migrating more workloads to the cloud.
A typical decision in the cloud migration strategy is to containerize existing workloads when possible and adopt Kubernetes as the platform of choice. However, to fully reap the benefits of the cloud requires more than just lifting-and-shifting monolithic workloads to Kubernetes. It requires a migration and modernization strategy that can work at scale by simultaneously supporting legacy workloads, modernization efforts to re-architect to microservices, and greenfield development.
The unintended consequence of many cloud migrations is the overhead of managing the connectivity of application states that become distributed across on-prem and the cloud (i.e., the hybrid cloud paradigm).
Here we want to introduce the Crawl/Walk/Run Cloud Migration Strategy, which uses Kong Konnect and Kong Mesh as the underlying technologies. It will support any cloud migration transformation strategy to Kubernetes or ECS at scale.
The purpose is to offer a powerful networking solution that is both sustainable and flexible.
The migration strategy provides a solid platform to support any tech decision related to modernization and move-to-cloud strategy — Kubernetes, ECS, and EC2.
It prescribes how to build a network foundation layer that can support any cloud migration strategy (lift-and-shift, green development, re-architect to microservices), even simultaneously if needed.
This is an approach that allows businesses and the engineering teams to work cohesively to reach the cloud.
So who is this strategy for? It's for product leaders and for engineering leaders that want to reach the cloud.
From a technical perspective, the objective is to create a cross-platform logical network topology that allows VM-based applications and cloud-based applications to easily communicate.
**Kong Mesh** natively supports creating a distributed mesh network that spans on-prem monolith services and microservices in Kubernetes.
**Kong Konnect **natively supports multi-platform deployments and Kong Mesh to offer north-south security from anywhere including being a part of the mesh network.
An example of the joint solution of Kong Mesh and Kong Konnect is represented with the diagram below:
**Kong Mesh **
**Kong Konnect **
Once the networking foundation is in place, the same traffic management features offered by all service mesh technologies still apply to the mesh network being managed by Kong Mesh.
As a result, the same L4 and L7 traffic routing capabilities can now be used to retire monolithic APIs one at a time and redirect traffic to new microservices.
But, it's important to note, the routing decision is not made by the gateway; it's made by Kong Mesh. In other words, the migration process is abstracted, from the gateway perspective, by the mesh. Gateway is responsible for enforcing mesh-wide north/south security-related policies.
Introducing technologies into an organization is extremely daunting. We often bite off more than we can chew. So we developed a three-phased approach that allows organizations to incrementally build out the network foundation.
The objective of the *Crawl *phase is to control the exposure of the entire application regardless of where the application will be deployed. There should be no major changes to the monolith or to the functionality that an API consumer experiences.
Check out [*A Crawl/Walk/Run Strategy – Part 1: Crawl*](https://www.youtube.com/watch?v=fKgO6I9H27k)*A Crawl/Walk/Run Strategy – Part 1: Crawl* on YouTube for more details.
In the *Walk* phase, it's all about setting up the mesh network foundations, teams building out new microservices in the cloud, and preparing for the cutover. These activities (building the mesh and building out microservices) can happen in parallel. At the end of the day, the expectation for an API consumer is that there will be no major changes to the monolithic application's functionality.
Check out [*A Crawl/Walk/Run Strategy – Part 2: Walk*](https://www.youtube.com/watch?v=GLuBYeqBcHQ)*A Crawl/Walk/Run Strategy – Part 2: Walk* on YouTube for more details.
In the final phase, with the network foundation in place, consisting of both Gateway and Mesh, it’s time to migrate components of the monolith. Using the new platform, expose the new microservice by defining routing policies and pair down the behavior of the monolith. If the rollout is unsuccessful and these changes need to be rolled back, rollback strategies are much easier to handle because the traffic management is centralized to the mesh.
Check out [*A Crawl/Walk/Run Strategy – Part 3: Run*](https://www.youtube.com/watch?v=69hUIW7H)*A Crawl/Walk/Run Strategy – Part 3: Run* on YouTube for more details.
Check out Marco Palladino, CTO, and Andrew Huffman, Director of Partner Engineering, stepping through the Cloud/Walk/Run strategy live at [AWS re:invent 2022.](https://www.youtube.com/watch?v=tbtV8UQKm_s)AWS re:invent 2022.
We've open sourced the tutorial: go ahead and download the [GitHub Repository](https://github.com/Kong/cloud-migration-journey)GitHub Repository to run through the self-paced tutorial on your own.
Or, check out our three-part video series made to accompany the tutorial [on YouTube](https://www.youtube.com/watch?v=fKgO6I9H27k)on YouTube.
GraphQL is a query language to enable applications to fetch data from servers. In fact, as it isn't tied to any specific database or storage engine, GraphQL can aggregate data from multiple sources to create a natural representation of your data.
[](https://konghq.com/blog/engineering/restful-admin-apis-aws-appsync-graphql-services)
Today, we're thrilled to announce that Kong Enterprise and Kong Konnect Data Planes are now validated to run on AWS Graviton3 processors and Amazon Linux 2023 OS. As an APN Advanced Tier Partner of AWS, we were delighted to have the opportunity to
[](https://konghq.com/blog/engineering/validated-aws-graviton3-al2023)
A critical and challenging requirement for many organizations is meeting audit and compliance obligations. The goal of compliance is to secure business processes, sensitive data, and monitor for unauthorized activities or breaches. AWS CloudTrail
[](https://konghq.com/blog/engineering/aws-cloudtrail-lake-isv-launch-partner)
From the modern application platform perspective, products should allow architects and DevOps teams to support dynamic topologies. That means a multi-platform capability is required but not sufficient. In fact, for several reasons, companies are loo
[](https://konghq.com/blog/engineering/aws-cloud-development-kit)
We created the Terraform API gateway module to help you follow DevOps best practices while implementing Kong using infrastructure as code (IaC). Terraform is an open source tool that allows you to implement IaC using a declarative declaration defini
[](https://konghq.com/blog/engineering/terraform-api-gateway-module)
At Kong, we leverage many tools to protect our services and customers. Terraform from HashiCorp allows us to automate the process with Infrastructure as Code (IaC). Another important tool is Amazon Web Services (AWS) GuardDuty , a continuous mo
[](https://konghq.com/blog/engineering/configuring-aws-guardduty-lambda-slack-notifications)
In one of our posts, Kong AI/MCP Gateway and Kong MCP Server technical breakdown, we described the new capabilities added to Kong AI Gateway to support MCP (Model Context Protocol). The post focused exclusively on consuming MCP server and MCP tool
[](https://konghq.com/blog/engineering/ai-agent-with-strands-kong-aimcp-gateway-bedrock)