General Questions
Why is UBC migrating to the cloud and moving away from VMWare?
Rising costs and changes in technology availability have made it clear that UBC’s current platform is no longer sustainable for EduCloud services. Continuing along the same path would result in significantly higher expenses and reduced functionality for the community. By transitioning to a hybrid cloud model, UBC can manage costs more prudently, ensure continuity of service, and at the same time modernize its IT foundation.
This shift also accelerates UBC’s long-term goal to modernize IT infrastructure—improving scalability, reducing technical debt, and replacing outdated systems with flexible, future-ready solutions. Migrating to a hybrid cloud model lays the foundation for innovation and institutional transformation over the next decade and beyond.
How does Hybrid Cloud differ from the current EduCloud model?
EduCloud, UBC’s private cloud service, will continue to operate as the on-premises platform for provisioning virtual machines. What’s changing is the underlying technology: we’re transitioning from a VMware-based infrastructure to OpenStack—an open-source, enterprise-supported platform that also runs on-premises.
The new Hybrid Cloud Service extends services and capabilities beyond Educloud by integrating public cloud providers such as AWS and Azure. This combined model offers greater flexibility in where and how workloads are hosted, while also introducing improved cost management, enhanced security features, and the ability to scale resources more efficiently across environments.
Why would UBC not just stay with VMware and renew the license? I would like to keep my current set up.
The VMware platform is being retired and will be replaced with a similar offering to support the on-premises private cloud (EduCloud). UBC will not renew its license and the data currently on VMware will not be accessible once our license expires. Renewing the VMware license under the new pricing tiers would be prohibitively expensive, and will lock UBC into a less flexible future, which still requires significant hardware investments and refresh. Maintaining the status quo is not aligned with UBC’s long term health and sustainability.
What is the chosen path forward? What will be going into the Public Cloud vs. the Private Cloud?
UBC will pursue a hybrid model for the cloud migration aiming to migrate ~40% of UBC workloads to the public cloud (AWS, Azure), while the remaining ~60% will be hosted on a new on-premises OpenStack-based private cloud.
What will be going into the Public Cloud vs. the Private Cloud and how will workload placement decisions be made (e.g. Public vs. Private Cloud)?
A formal framework is being developed to guide which applications are best suited to the public vs. private cloud. The assessment parameters will include performance, security, compliance needs and cost-effectiveness, as well as alignment with business continuity goals, scalability needs, and long-term supportability. UBC IT will conduct workload assessments with service owners to help determine workload performance, security, and compliance requirements.
What is the scope of the cloud migration process?
In this first phase, UBC IT is focused on safely moving existing workloads from on-premises systems to the cloud. We are not redesigning or rebuilding applications at this stage. The priority is to ensure a stable, secure transition with minimal disruption, laying the groundwork for future improvements over time.
Are there any notable performance differences in moving from private on-premises services to the cloud?
Yes, there may be performance differences when moving from on-premises to cloud environments, both positive and negative. Public cloud platforms offer elastic scalability and access to powerful computing resources, which can significantly improve performance for many workloads—especially those requiring burst capacity or high availability.
However, some workloads may experience latency or throughput impacts depending on their sensitivity to network conditions, storage I/O, or how tightly integrated they are with on-prem systems. UBC will conduct workload assessments and optimizations during migration to ensure critical applications maintain or exceed current performance levels. In some cases, re-architecting may be required post-migration to fully leverage cloud-native performance benefits.
I am concerned that the performance of the public cloud may not meet my needs and requirements. Can I remain on-prem?
We understand that not all needs and applications are equal, and we’ve incorporated some flexibility into our migration strategy. The migration to the new hybrid service model offers the ability to assess workloads on a case by case basis to determine if performance-sensitive or regulated workloads can remain on-premises (private cloud via OpenStack), while other workloads can benefit from the elasticity of the public cloud (AWS, Azure).
Is there a change management plan in place to support “change” of this magnitude, importance, and complexity?
Change management will be an essential step in the successful migration process. The project has a dedicated senior change management professional resourced to support individual units impacted by this migration in their migration journey onto the cloud. Included in the change management activities is a thorough phase of stakeholder analysis, engagement and impact assessment, the development of individualized communication materials, one-on-one presentations, office hours and support, and targeted training tailored to each user group to upskill teams to comfortably and confidently manage new environments. Training programs are being designed in partnership with new cloud vendors and tailored to different user groups. Change impact assessments are already underway with individual units to carefully assess the severity of the migration impact on each group, identifying potential concerns and unique needs towards a successful migration journey. During the implementation phase, continuous support and resources will also be offered, such as help desks and online tutorials, to ease the burden of transition on everyone affected.
Will staff lose their jobs due to the efficiencies gained from moving to the cloud?
There are no layoffs planned as a result of this migration. However, roles and responsibilities will evolve to be more suited to the needs of cloud-first requirements. The goal of this migration is to both position UBC for future-resiliency and to empower internal teams with future-ready skills.
Key Dates
When is this migration planned for?
The migration is planned to be completed by June 2026 to align with the conclusion of UBC’s current enterprise agreement and ensure uninterrupted services. This timeline allows the university to transition in a phased and orderly way, minimizing disruption while preparing for a more flexible, future-ready hybrid cloud environment.
Will the migration happen all at once or in a phased approach?
The migration roll out will take place in phases, allowing for adjustments and fine-tuning before full-scale implementation. Phase 1 will impact UBC IT only. Phase 2 will impact the broader UBC Community, who is leveraging existing VMWare technologies. During Phase 1, development environments will be migrated first with the support and leadership of the UBC IT Systems Team. Pilot programs will also be offered with select departments to identify potential issues and gather feedback. Throughout later phases of the migration, continuous support and resources such as help desks and online tutorials will also be offered to ease any burden of transition on those affected.
Will there be a pilot environment to test out the new system? If so, when can units have access to the Pilot environment?
Pilot migrations are part of the implementation plan, but there will not be a separate “pilot environment” for open-ended exploration. The term “pilot” in this context refers to carefully planned migrations of select workloads—beginning with UBC IT Development—in late August 2025. These early migrations will help validate tools, processes, and readiness before expanding to other units. For OpenStack, once the environment is fully validated and deemed production-ready, decisions will be made about when to transition it to become the primary on-premises provisioning platform, at which point VMware will shift into a read-only state.
Migration Effort and Support for Users
How much effort will be required from my team to support the migration?
The migration process has been designed so that the UBC IT team shoulders as much of the complexity, work, and risk as possible, keeping the effort required from your unit as light as can be.
Your role will be limited to a few key steps:
- Assessment: Helping us confirm what is currently hosted on your virtual machine, including application dependencies and connectivity requirements.
- Preparation: Confirm required access (such as firewall rules) is in place to allow replication and testing.
- Testing: For workloads migrating into the public cloud, validating application functionality before production cutover.
- Cutover and Validation: After our team completes the initial configuration and migration, confirming that your applications and services still work as expected and that the migrated information is intact.
UBC IT will handle set up of your accounts in the new hosting environments, execute the migration, and assist with troubleshooting efforts.
This approach ensures that the process is smooth, low effort, and convenient for you, while we manage the technical risks and heavy lifting.
Will my team be trained to manage the cloud services?
Yes. A key part of the successful migration is to upskill teams so they feel comfortable and confident in managing their services in their new cloud-based environments. Training programs are being designed now with cloud vendors.
What if my VM is tied to a commercial software license server that may break if technical details like MAC address, IP, or hostname change? Will client IPs or organizational structures change when we move to OpenStack?
For on-premises workloads moving to OpenStack, client IP addresses will not change. IP changes will only occur when workloads are migrated to the public cloud.
However, MAC addresses will change as part of the migration process. Many commercial software license servers are tightly bound to machine-specific attributes such as MAC address, IP, hostname, or disk serial number. When a MAC address changes, license validation may be affected.
In these cases:
- Clients will need to work directly with their software vendors to revalidate or update licensing, as UBC IT cannot negotiate licensing agreements on behalf of departments.
- UBC IT will support this process by providing the necessary technical details (e.g., new MAC addresses) and guidance to help facilitate conversations with vendors.
- Historically, when MAC addresses have changed (e.g., due to VM re-provisioning), units themselves have resolved licensing updates with their vendors — this same approach will apply here.
- In exceptional cases, migrations may be planned for after critical academic periods (e.g., post-term) to minimize risk and disruption.
These situations are expected to be relatively uncommon. Where they do arise, UBC IT will partner closely with affected units to minimize the impact on teaching and research continuity.
What will the OpenStack management console look like for sysadmins, and how will it differ from what we use today?
The shift to OpenStack will introduce a new user interface and management console for provisioning and managing virtual datacenter resources. While some concepts will feel familiar, others will look and operate differently.
UBC IT recognizes that local sysadmins will need clear guidance on these changes, so we are preparing demos, walkthroughs, and training materials to ensure the new environment is well understood before migration begins. Our goal is to make the transition as smooth and predictable as possible, with the right support available at every step.
Data, Billing and Cost Management
As data demands continue to grow, did the migration business case account for projected increases in data usage over time?
Yes. UBC's historical analysis estimates an annual growth in data storage of 40% per year.
KPMG’s independent analysis that informed the migration decision factored this level of progressive increase in data usage into future cost and capacity planning.
Will this cloud migration cost departments more that the status quo?
Yes, the cloud migration will introduce new costs for departments—not because the overall service is more expensive, but due to a change in how costs are allocated.
With the expiration of UBC’s VMware license and the shift to a cloud-based model, UBC IT will no longer subsidize service costs for individual units. Instead, departments will be responsible for managing their own cloud usage and associated expenses. This change is intended to promote more efficient resource use and cost transparency. To support this shift, UBC IT will provide dashboards, training, and tools to help units monitor and optimize their cloud spending.
If departments move their workloads to Public Cloud, will they be responsible for their own data spending and budgets?
Yes - but within a centrally managed model. While individual units will be accountable for the cloud resources they consume, all public cloud usage will flow through UBC’s centrally managed payer account. This allows UBC IT to provide consolidated billing, governance, and cost optimization across the institution. Units will receive detailed visibility into their usage through dashboards and reports, along with support, training, and tools to help manage and optimize their cloud spend effectively.
How will this solution be more cost-effective than the status quo?
While the upfront costs of cloud migration are substantial, the long-term savings make this approach significantly more cost-effective than maintaining the current on-premise infrastructure. The cost advantages stem from reducing technical debt, eliminating underused or idle capacity, and optimizing infrastructure for actual usage. Unlike the status quo, which locks UBC into escalating licensing costs and hardware refresh cycles, the hybrid cloud model offers greater financial flexibility and scalability. This assessment is reinforced by independent audits and cost modeling conducted by KPMG, which identified the hybrid approach as the most strategic and cost-effective path forward.
Will AWS charge individual units for data moving in and out of our shared public cloud (e.g. egress)?
No. Egress charges are currently waived by both AWS and Azure within the shared cloud environment for internal traffic of data. UBC will have to continue negotiating these into the near future.
How will software Licensing be handled in the cloud?
Application and operating system licensing is not part of the hybrid cloud service offering and needs to be handled individually. Each public cloud vendor may have different requirements and offer different options for individual units. Modernization of services can also eliminate the need for traditional software licensing. It’s best to consult with the specific cloud provider for specific details.
Operating System Implications
Will the cloud migration support the current RedHat Operating System (RHEL)?
UBC’s site-wide RedHat Enterprise Linux license has less than one year remaining before expiry. Alternatives are being evaluated, and where possible, teams are encouraged to migrate applications to more cost-effective and supported OS platforms.
Unsupported operating system versions such as RHEL7 and below will need to be phased out before June 2026 and replaced with supported operating systems.
What will RedHat’s Operating System be replaced with?
This has not yet been determined. Alternatives are being evaluated, and where possible, teams are encouraged to migrate applications to more cost-effective and supported OS platforms.
IPs
Will the migration require re-IP’ing?
Workloads that remain on-premises as part of the new EduCloud stack (migrated from VMware to OpenStack) will continue to use the same networks, IP addresses, firewalls and security features. Workloads that migrate to public cloud will need to be re-IP'ed and this will be completed as part of the migration. Adjustments to departmental firewalls will be required to ensure service continuity.
Why do we need to Re-IP?
Re-IPing is necessary due to differences in networking architectures between the current on-premise EduCloud system and the new hybrid cloud environment. Re-IPing ensures proper routing, segmentation, and security compliance.
What is the protocol for Re-IPing?
For workloads being migrated to an environment requiring re-IPing, a standardized procedure will be provided, including IP assignment ranges, DNS updates, and network validation testing.
What are the implications for Re-IPing?
Re-IPing may impact application dependencies, firewall rules, and connectivity. Thorough planning and testing will be required to avoid service disruption, and UBC IT will support individual units affected by these changes on a case-by-case basis.
Firewalls and Networking
What challenges do you expect to face for existing networking configurations on the public cloud?
During the migration, a key shift will be moving from widespread use of public IPs to private IP ranges, requiring updated routing, firewall rules, and NAT configurations. UBC IT will support individual units affected by these changes to update their networking configurations.
Will Migrations and replication of VMs take into consideration pre-existing firewalls?
Yes, pre-existing firewall configurations will be reviewed and adapted to work in the new hybrid environment, while on-premises firewalls will remain the same as prior to the migration.
Backups
What is the new protocol for backups in the cloud?
As part of the migration, backup processes will transition from current on-prem practices to cloud-aligned approaches. Backup strategies will be updated to reflect the needs of each workload and will follow established best practices around security, retention, and reliability. UBC IT will provide guidance and support to ensure backup processes remain compliant and fit-for-purpose across both public and private cloud environments. Further details on backup tools and procedures will be shared as part of the implementation phase.
What will the backup retention policy be once we move to the cloud?
UBC IT will adhere to the backup retention policy of 90 days.
PIA
Will UBC community members be required to submit departmental PIA requests for the data they are migrating as part of the VMware migration project?
No.
Individual departments will not be required to submit their own Privacy Impact Assessments (PIAs) for the VMware migration. This process is being centrally managed by the project team in collaboration with UBC’s PrISM office. The project’s overall privacy and security implications are being addressed at the institutional level, so no additional action is required from units in this regard. This clarification will be communicated as part of the broader change management and stakeholder engagement efforts.
Security and Patching
Will our data be safe in the public cloud?
Security and governance are foundational considerations to the migration project, with centralized controls, encryption, patch automation, and continuous monitoring planned in the cloud. UBC’s PrISM team is conducting a phased STRA to proactively assess and mitigate risks, to ensure all data will be safely stored in the public cloud.
Are there risks in moving to a hybrid cloud for the first time?
Yes, transitioning to a hybrid cloud for the first time carries inherent risks—especially given the complexity and scale of UBC’s IT environment. However, these risks are being actively mitigated through a carefully phased implementation plan that includes:
- A pilot environment to identify and address issues early
- Migration support led by UBC IT
- Extensive staff training to build internal capability and confidence
This structured approach is designed to reduce disruption, build momentum through early wins, and ensure a successful, stable migration.
Contingency and Resiliency Planning
What are the Site and Data Resiliency considerations given the migration and centralization into one platform (Open Stack & AWS)?
UBC is pursuing a hybrid approach precisely to maintain resiliency—leveraging both public cloud redundancy and on-prem infrastructure.
The migration necessitates moving away from traditional Disaster Recovery approaches and embrace cloud-native paradigms and orientations to offer more high availability design. Services that require the level of resiliency that a traditional level of Disaster Recover provides will be moved to public cloud and designed accordingly.
What happens in case of a disaster (e.g., fire or earthquake)?
The migration will enable UBC to benefit from cloud-native paradigms and approaches to Disaster Recovery, offering more high availability design, greater resiliency, and third-party managed policies that support comprehensive recovery. In the case of a natural disaster, we will work with our cloud providers to leverage the contingencies and recovery policies they have available.
Community Implications
What will happen to BCNET and other universities currently dependent on EduCloud services?
UBC is in ongoing discussions with BCNET and other external community members impacted to determine what route best serves them and their members in their continued access to critical services. Multiple scenarios are being explored to transition those services safely, conveniently and efficiently, including shared cloud environments. We will share more details as consensus builds on key decisions.
Misc Questions
What about VMware sites that have Pair Database and dependencies? Can they be migrated together with whatever they are dependent on?
Yes, dependency mapping is a key part of the workload assessment process to ensure paired migrations minimize downtime and performance issues.
What is the suggested migration path forward for virtual appliances?
Virtual appliances will be assessed on a case-by-case basis for cloud compatibility. Those that can be containerized or refactored may be migrated; others may need replacements.
What is “AWS Well-Architected” Framework?
The AWS Well-Architected Framework helps you understand the pros and cons of decisions you make while building systems on AWS. By using the framework you will learn architectural best practices for designing and operating reliable, secure, efficient, and cost-effective systems in the cloud. For more information please visit: https://docs.aws.amazon.com/wellarchitected/latest/framework/welcome.html