Tencent's Internal Business Migration to Public Cloud: Strategies, Practices, and Lessons

Tencent, as a digital transformation partner for traditional industries, has been moving its massive internal services from private data centers to public cloud. The speaker, Zhou Xiaojun, outlines the motivations, value, and detailed process of this migration.

Why migrate to the cloud? Before 2018, Tencent's business units operated in isolated "chimney" architectures, each with its own frameworks, tools, and storage, causing duplication and low efficiency. To break this siloed model, Tencent launched two parallel strategies: open‑source collaboration and the "self‑developed business cloud migration" initiative.

Value of migration includes higher development efficiency (rapid 0‑to‑1 product delivery), better engineer experience (access to industry‑standard cloud services), and customer value (sharing cloud expertise and open‑source projects).

Migration process is divided into three stages:

Stage 1 (2017): Live‑streaming services moved to public cloud, establishing a full‑stack cloud environment.

Stage 2: Sandbox cloud – logical isolation on public cloud using IaaS resources, serving as a platform foundation.

Stage 3 (post‑2018): Full migration of all services from private to public cloud.

Each business follows one of three migration paths: after‑refactor migration, incremental refactor‑while‑migrating, or migrate‑first‑then‑refactor.

Key migration steps include testing (network, storage, VM, performance), designing migration solutions (security, capacity, service and data migration plans), actual migration (access, logic, data, file storage), hybrid‑cloud coexistence (gradual traffic shift with monitoring), and post‑migration monitoring (service quality, latency, availability).

Security is integrated throughout, with dedicated VPCs, network protection, host protection, vulnerability scanning, and application‑level defenses, aligning public‑cloud security products with Tencent's internal security mechanisms.

Database migration offers four patterns: private‑component to public Redis (cold migration), open‑source component migration via DTS, direct deployment of private components on cloud, and hybrid sync using a data‑synchronization center.

Cloud management platform adapts existing CMDB, monitoring, and cost‑allocation tools to support multi‑cloud and hybrid environments, ensuring consistent resource governance across private and public clouds.

Cloud‑native adoption includes container‑based delivery, DevOps pipelines, micro‑service frameworks, and the use of Tencent Kubernetes Engine (TKE) with custom extensions for cross‑region scaling, IP‑based access control, and automated capacity prediction.

Finally, the presentation summarizes five key takeaways: fully embrace cloud‑native, adopt DevOps, migrate internal tools to the cloud, foster open‑source collaboration, and continuously refine public‑cloud infrastructure through large‑scale production experience.