1. Assessment & Planning
Application Inventory
- Catalog all applications with dependencies using the Architecture Dashboard
- Map application portfolio:
- Core business apps vs. peripheral tools
- Customer-facing vs. internal apps
- Integration complexity (APIs, databases, external systems)
- Custom extensions and their purposes
- Dependency Analysis:
- Producer/consumer relationships
- Shared libraries and components
- Database cross-references
- External integrations (SOAP, REST, SAP, etc.)
Compatibility Assessment Tools
- Code Analyzer: OutSystems provides tools to scan OS11 apps for ODC compatibility
- Identifies unsupported patterns
- Highlights extensions that need conversion
- Flags deprecated APIs
- Manual Review: Check for:
- Traditional Web apps (not supported in ODC)
- BPT processes
- Site Properties
- Session variables usage
- Direct database queries
Migration Wave Planning
- Wave 1: Simple standalone apps with minimal dependencies
- Wave 2: Apps with moderate complexity and some integrations
- Wave 3: Core business apps with heavy dependencies
- Wave 4: Complex legacy apps requiring significant refactoring
Risk Assessment
- Business criticality
- Technical complexity
- Team expertise gaps
- Downtime tolerance
- Rollback strategies
2. Architecture Differences (OS11 vs ODC)
Infrastructure
| Aspect | OS11 | ODC |
|---|---|---|
| Hosting | Self-hosted or OutSystems Cloud | Fully managed cloud-native |
| Architecture | Monolithic platform | Microservices, containerized |
| Scaling | Vertical/horizontal with limits | Auto-scaling, elastic |
| Deployment | LifeTime | ODC Portal |
| Environments | DEV/QA/PRD managed by you | Managed by OutSystems |
Application Types
- OS11: Traditional Web, Reactive Web, Mobile
- ODC: Reactive Web Apps, Mobile Apps, Libraries, Services (no Traditional Web)
- Migration Impact: Traditional Web apps must be rebuilt as Reactive
Data & Integration
| Feature | OS11 | ODC |
|---|---|---|
| Database | Direct entity access | External database connections via integrations |
| Extensions | .NET extensions | External libraries via REST/GraphQL |
| Timers | Traditional Timers | Scheduled processes |
| BPT | Business Process Technology | Not supported (use external workflow tools) |
| Server Actions | Available | Service Actions (in Services) |
Authentication & Users
- OS11: Users module, custom auth, LDAP/AD integration
- ODC: Built-in Identity service, SSO, OIDC support
- Change: The User management architecture is completely different
Configuration
- OS11: Site Properties (per environment)
- ODC: Settings (centralized configuration)
- Change: Refactor all Site Properties to Settings
3. Code Migration Details
Unsupported Patterns & Conversions
Traditional Web → Reactive Web
- Screen flow logic needs redesign
- Ajax refresh → reactive bindings
- Web Blocks → Blocks with different lifecycle
- RichWidgets → OutSystems UI components
Extensions → External Services
- C# Extensions: Convert to REST APIs or external microservices
- Database Extensions: Use ODC database connectors
- Integration Extensions: Use REST/GraphQL integrations
- Process:
- Extract extension logic
- Create external service (Azure Function, AWS Lambda, etc.)
- Expose via REST API
- Consume in ODC app
Server Actions → Service Actions
- OS11 Server Actions run in app context
- ODC Service Actions must be in separate Service apps
- Pattern:
- Create Service app
- Move reusable Server Actions to Service Actions
- Expose as public APIs
- Consume from other apps
BPT (Business Process Technology)
- Not supported in ODC
- Alternatives:
- Azure Logic Apps
- AWS Step Functions
- Microsoft Power Automate
- Custom workflow engines
- Migration: Extract process logic, implement in external system, integrate via REST
Session Variables
- Limited support in ODC
- Pattern: Use client-side storage or database for state management
Code Refactoring Priorities
- High Priority: Security vulnerabilities, deprecated APIs
- Medium Priority: Performance anti-patterns, tight coupling
- Low Priority: Code style, minor optimizations
4. Data Migration Strategy
Database Considerations
- OS11: Each app has its own database/schema
- ODC: Apps can share external databases via connections
- Challenge: Data residency, compliance requirements
Migration Approaches
Option 1: Lift & Shift
- Export OS11 data
- Import into ODC database
- Pros: Simple, fast
- Cons: Downtime required
Option 2: Dual-Run
- Run OS11 and ODC in parallel
- Sync data bidirectionally
- Gradual cutover
- Pros: Minimal downtime
- Cons: Complex, requires sync mechanism
Option 3: Phased Migration
- Migrate apps in waves
- Keep data in OS11, access via APIs
- Gradually migrate data storage
- Pros: Lower risk
- Cons: Longer timeline
Data Integrity
- Checksum validation
- Record count verification
- Business rule validation
- Reference integrity checks
Large Dataset Handling
- Batch processing
- Incremental migration
- Archival strategy for historical data
5. Testing Strategy
Unit Testing
- Test individual Service Actions
- Test data transformations
- Test business logic in isolation
- Tools: BDD Framework, custom test modules
Integration Testing
- API endpoint testing
- Database connection testing
- External service integration testing
- Tools: Postman, automated API tests
UI Testing
- Screen navigation flows
- Form submissions
- Responsive behavior
- Cross-browser testing
- Tools: Selenium, Playwright, OutSystems automated testing
Performance Testing
- Load testing (concurrent users)
- Stress testing (breaking points)
- Endurance testing (sustained load)
- Tools: JMeter, LoadRunner, k6
Security Testing
- Authentication/authorization flows
- Data access controls
- SQL injection, XSS prevention
- OWASP Top 10 validation
Test Data Management
- Create representative test datasets
- Mask sensitive data for testing
- Automated test data generation
- Environment-specific test data
Regression Testing
- Automated test suites
- Critical business process validation
- Integration point verification
6. Deployment & CI/CD
ODC Deployment Model
- No LifeTime: ODC Portal replaces LifeTime
- Stages: Development → Staging → Production
- Automated deployments via ODC APIs
CI/CD Pipeline Setup
Pipeline Stages
- Code Commit → Trigger pipeline
- Build → Compile app in ODC
- Deploy to Dev → Automated deployment
- Automated Tests → Run test suite
- Deploy to Staging → Manual approval
- Integration Tests → Full regression
- Deploy to Production → Scheduled window
Tools Integration
- Azure DevOps
- GitHub Actions
- Jenkins
- GitLab CI/CD
ODC APIs for Automation
- Deployment API
- Configuration API
- Monitoring API
Rollback Strategy
- Tag stable versions
- Quick rollback capability
- Database rollback scripts
- Communication plan
7. Performance & Optimization
ODC Performance Characteristics
- Auto-scaling: Handles traffic spikes automatically
- Containerization: Faster cold starts than OS11
- Global CDN: Better static content delivery
- Database: May need optimization for external connections
Optimization Techniques
Query Optimization
- Minimize database round-trips
- Use aggregates efficiently
- Implement caching strategies
- Avoid N+1 query problems
API Performance
- Pagination for large datasets
- Response compression
- API rate limiting
- Async processing for long operations
Client-Side Optimization
- Lazy loading
- Code splitting
- Image optimization
- Minimize JavaScript bundle size
Caching Strategies
- Client-side caching (localStorage, IndexedDB)
- API response caching
- CDN caching for static assets
- Database query caching
Monitoring & Observability
- Application performance monitoring (APM)
- Log aggregation and analysis
- Error tracking and alerting
- User experience monitoring
8. Security & Compliance
Authentication Changes
| Aspect | OS11 | ODC |
|---|---|---|
| Identity Provider | Users module | Built-in Identity service |
| SSO | Custom integration | Native OIDC support |
| MFA | Extension required | Built-in support |
| User Management | Manual/API | ODC Portal + API |
Authorization
- Role-based access control (RBAC)
- Screen-level permissions
- API-level security
- Data-level security
Data Protection
- Encryption at rest: Automatic in ODC
- Encryption in transit: TLS by default
- Data residency: Choose ODC region carefully
- GDPR/Compliance: Understand data location implications
Security Best Practices
- Implement least privilege principle
- Regular security audits
- Dependency vulnerability scanning
- API security (OAuth 2.0, API keys)
- Input validation and sanitization
- Output encoding to prevent XSS
Compliance Considerations
- Data sovereignty: Where is data stored?
- Industry regulations: HIPAA, PCI-DSS, SOC2
- Audit trails: Logging and monitoring
- Data retention: Backup and archival policies
9. Common Pitfalls & How to Avoid Them
Pitfall #1: Expecting 1:1 Migration
- Issue: Assuming apps will migrate without changes
- Solution: Budget for refactoring, especially Traditional Web apps
- Impact: Timeline delays, budget overruns
Pitfall #2: Underestimating Extension Migration
- Issue: Extensions require a complete rewrite as external services
- Solution: Assess extensions early, plan external service development
- Impact: Critical functionality delays
Pitfall #3: Ignoring Data Migration Complexity
- Issue: Data migration treated as an afterthought
- Solution: Plan a data migration strategy from day one
- Impact: Data integrity issues, extended downtime
Pitfall #4: Insufficient Testing
- Issue: Rushing through testing to meet deadlines
- Solution: Allocate 30-40% of the timeline to testing
- Impact: Production bugs, user dissatisfaction
Pitfall #5: Not Training the Team
- Issue: Expecting developers to learn ODC on the fly
- Solution: Formal training before migration starts
- Impact: Poor code quality, longer development time
Pitfall #6: Poor Communication
- Issue: Stakeholders are unaware of the migration impact
- Solution: Regular communication, set realistic expectations
- Impact: Business disruption, loss of confidence
Pitfall #7: No Rollback Plan
- Issue: Assuming migration will succeed the first time
- Solution: Always have a rollback strategy
- Impact: Extended outages if issues occur
Pitfall #8: Ignoring Performance Testing
- Issue: Not testing under a realistic load
- Solution: Performance test every migrated app
- Impact: Production performance issues
Pitfall #9: Over-Ambitious First Wave
- Issue: Starting with the most complex apps
- Solution: Start small, build expertise
- Impact: Failed migrations, team demoralization
Pitfall #10: Not Leveraging ODC Features
- Issue: Recreating OS11 patterns instead of adopting ODC-native approaches
- Solution: Embrace ODC architecture, modernize during migration
- Impact: Missing out on ODC benefits
10. Post-Migration: Optimizing for ODC
Once migrated, take advantage of ODC-native features:
- Auto-scaling: Remove manual scaling logic
- Built-in monitoring: Leverage ODC observability
- Modern UI: Adopt the latest OutSystems UI patterns
- API-first: Refactor to microservices where beneficial
- Serverless integrations: Use Azure Functions, AWS Lambda
- Advanced security: Implement MFA, SSO, OIDC
- DevOps maturity: Enhance CI/CD pipelines
Migrating from OutSystems 11 to OutSystems Developer Cloud is not a simple platform upgrade—it’s a fundamental architectural transformation. Organizations that treat it as a straightforward “lift and shift” operation consistently face timeline delays of 5-15x, budget overruns of 300-1000%, and in some cases, complete project failure.