DMS Migration (Hybrid-Cloud)
2025
Multi-terabyte, multi-million-record migration from on-premise NFS storage to Oracle Cloud Infrastructure object storage (in-region) using Strangler Fig with per-document backend-flag tracking — zero-downtime cutover.
The problem
A multi-terabyte, multi-million-record document store lived on aging on-premise NFS hardware. Capacity was tight; the operational cost was high; disaster recovery was complex.
The constraint
Documents are read continuously by the Balady citizen super-app. A big-bang cutover would have meant downtime — unacceptable.
The architecture
A hybrid-cloud bridge: on-premise NFS → Oracle Cloud Infrastructure (OCI) object storage in-region, transported over a site-to-site IPSec VPN.
The migration uses a Strangler Fig pattern: each document carries a
backend flag in its Oracle metadata (legacy or object-storage) that
routes reads to the right backend. New writes go straight to OCI; old documents
are background-migrated in batches; the flag flips per document as it moves.
The Attachments Service connects directly to OCI over the VPN to avoid an extra latency hop. Apigee supplies short-lived S3 credentials.
Trade-offs (ADRs)
- Per-document backend flag over a global cutover date — incremental migration, instant rollback per document
- VPN over public S3 endpoint — latency + sovereignty
- Apigee for credentials over direct IAM — keeps the secret store centralized
Outcome
Migration completed with zero downtime for the citizen-facing API. Pilot product validated the pattern before rollout to the full estate.