Strangler Fig Migration
Incrementally route traffic to new components behind stable interfaces
- Early, measurable value
- Low blast radius
- Reversible changes
technology-strategy17 min read
Gradual Migration vs Complete Rewrite: Making the Call
A practical, decision-ready guide to choose between a gradual migration (e.g., strangler) and a complete rewrite. Includes decision criteria and signals, time-to-value vs risk matrix, execution playbooks, governance guardrails, anti-patterns, and where AI safely accelerates analysis, refactoring, and testing.
By Solution Engineering Team
Summary
Choose migration or rewrite based on objective signals: business criticality, risk, time-to-first-value, architectural rot, compliance pressure, and talent availability. Favor gradual migration when you can isolate seams and deliver value in increments; prefer a rewrite when foundational constraints block progress or regulatory risk is acute.
Decision Criteria and Observable Signals
| Category | Signals favoring Gradual Migration | Signals favoring Complete Rewrite |
|---|---|---|
| Architecture Fitness | Clear domain seams; adapters possible; data can be duplicated | Tight coupling everywhere; shared DB schema with no boundaries |
| Business Continuity | Continuous value delivery required; strict SLAs | Limited downtime acceptable if it eliminates ongoing risk |
| Compliance & Security | Fixes possible via refactor/controls without upending core | Systemic issues need foundational redesign |
| Team & Talent | Existing team can maintain legacy while carving out modules | Legacy is unmaintainable; new stack attracts talent |
| Time-to-Value | Immediate wins required via incremental delivery | Willing to delay benefits for clean foundation |
| Data Constraints | Feasible CDC, dual-write, or event sourcing | Data model is irreparably wrong; needs new canonical model |
Option Patterns (When and Why)
Replatform to Managed Services
Lift critical capabilities to managed services to reduce ops risk
- Immediate reliability gains
- Frees team for refactoring
- Clear rollback paths
Module Rewrite Behind Facade
Rewrite bounded modules while preserving legacy contracts
- Improves code quality
- Progressive testing
- Natural legacy sunset
Greenfield + Anti-Corruption Layer
Build new domain service with boundary adaptation
- Protects from legacy debt
- Event-driven integration
- Reduces data risk
Complete Rewrite
Rebuild on fit-for-purpose stack with feature freeze
- Eliminates constraints
- Corrects data model
- Clean platform slate
Time-to-Value vs Risk Matrix
| Path | First Value | Risk Level | Key Dependencies |
|---|---|---|---|
| Strangler/Incremental | 2-8 weeks | Low-Medium | Stable contracts, route control, feature flags |
| Replatform First | 2-6 weeks | Low | Cloud readiness, IaC maturity |
| Module Rewrite | 6-16 weeks | Medium | Contract tests, facade performance |
| Greenfield + ACL | 8-24 weeks | Medium-High | Domain modeling, data sync |
| Complete Rewrite | 16-40+ weeks | High | Design validation, migration strategy |
Execution Playbooks
Gradual Migration (12-24 weeks)
Stabilize and Measure (1-2 weeks)
Introduce SLOs, feature flags, and automated rollback
- SLOs and golden signals
- Rollback scripts
Identify Seams and Contracts (1-2 weeks)
Map APIs, events, and DB boundaries; add facade if needed
- Seam map and backlog
- Contract tests
Carve and Route (2-6 weeks)
Build new component; route small traffic percentage and observe
- New service in production
- Canary dashboard
Iterate and Expand (4-8 weeks)
Scale traffic; deprecate legacy paths; update runbooks
- Legacy sunset plan
- Updated runbooks
Complete Rewrite (16-40+ weeks)
Feature Freeze and Discovery (2-4 weeks)
Freeze features; align on scope, compliance, and data model
- Decision memo with criteria
- Domain/data model
Architecture and Scaffolding (2-6 weeks)
Stand up platform foundations, CI/CD, security baselines
- Reference architecture
- Developer experience
Incremental Vertical Slices (6-20 weeks)
Deliver end-to-end slices; validate with dark launches
- Slice demos with telemetry
- Risk reviews
Migration and Cutover (2-8 weeks)
Run parallel for critical paths; execute data migration
- Cutover runbook
- Data reconciliation
AI-Assisted Modernization
Code Analysis
Architecture extraction from repos and infrastructure
- Faster discovery
- Better planning
- Risk identification
Dependency Mapping
Automated code graph analysis and impact assessment
- Accurate scoping
- Change impact
- Migration sequencing
Test Generation
Automated test creation for behavior verification
- Faster validation
- Better coverage
- Regression safety
Refactoring Suggestions
Safe code modernization with review requirements
- Accelerated work
- Quality improvements
- Human oversight
Data Migration
Schema inference and mapping verification helpers
- Fewer errors
- Faster execution
- Better reconciliation
Guardrails
No production PII to external AI; private models only
- Security
- Compliance
- Risk management
Governance Guardrails
Behavior Protection
Contract tests and feature flags for all changes
- Quality assurance
- Risk reduction
- Safe deployment
Security Compliance
SBOM generation and CVE remediation before cutovers
- Security posture
- Compliance
- Risk management
Audit Trail
Comprehensive logging for data access and migration steps
- Transparency
- Accountability
- Incident response
Decision Gates
Measurable exit criteria and rollback readiness checks
- Progress tracking
- Risk management
- Quality control
Verification
Post-cutover SLOs, data reconciliation, and telemetry
- Success validation
- Issue detection
- Continuous improvement
Anti-Patterns to Avoid
Big-Bang Without Kill-Switches
Rewrites without criteria or interim value delivery
- Reduced risk
- Better outcomes
- Stakeholder confidence
Microservices Without Maturity
Architectural changes without operational readiness
- Stability
- Maintainability
- Team effectiveness
Shared Database Migrations
Breaking domain boundaries during data migration
- Clean architecture
- Better performance
- Easier maintenance
Unbounded Scope Creep
Disguising new features as parity requirements
- Focus
- Timely delivery
- Budget control
Ignoring Data Lineage
Delaying reconciliation until migration completion
- Data quality
- Fewer errors
- Easier validation
Unreviewed AI Code
Treating AI-generated code as authoritative without validation
- Quality assurance
- Security
- Maintainability
Decision Triggers
Choose Migration When
You can isolate seams; business needs continuous delivery; outages risk revenue
- Lower risk
- Faster value
- Business continuity
Choose Rewrite When
Framework EOL is imminent; data model and security are fundamentally broken
- Long-term solution
- Technical debt elimination
- Future-proofing
Choose Hybrid When
Core domain needs clean model while peripheral capabilities are refactored
- Balanced approach
- Risk management
- Progressive improvement
Prerequisites
- Agreement on business objectives, SLAs, and acceptable risk windows
- Access to code repos, CI/CD, telemetry, and non-production environments
- Initial data inventory and system architecture documentation
- Change management policy for feature flags, canaries, and rollbacks
References & Sources
- Strangler Fig Application Pattern— Martin Fowler's original pattern for incremental legacy replacement
- Decomposing Monoliths into Microservices— Google Cloud's guidance on system decomposition strategies
- AWS Legacy Modernization Patterns— AWS prescriptive guidance for legacy system modernization
- NIST Secure Software Development Framework— NIST guidelines for secure software development practices
Related Articles
When Technical Strategy Misaligns with Growth Plans
Detect misalignment early and realign tech strategy to growth
Read more →When Startups Need External Technical Guidance
Clear triggers, models, and ROI for bringing in external guidance—augmented responsibly with AI
Read more →Technology Stack Upgrade Planning and Risks
Ship safer upgrades—predict risk, tighten tests, stage rollouts, and use AI where it helps
Read more →Technology Stack Evaluation: Framework for Decisions
A clear criteria-and-evidence framework to choose and evolve your stack—now with AI readiness and TCO modeling
Read more →Technology Roadmap Alignment with Business Goals
Turn strategy into a metrics-driven, AI-ready technology roadmap
Read more →Make the Right Modernization Call
Get a decision memo with evidence, risk envelopes, and a 90-day plan for safer, faster delivery.