Software EngineeringFeb 20, 2025• 4 min• Arctrait Team
Engineering migrations without downtime
How we move critical systems with zero customer disruption and measurable risk controls.
Most migrations fail quietly: hidden dependencies, stale data paths, and last-minute cutovers that wake up the incident channel. Our playbook keeps production calm while architecture evolves.
The pre-flight inventory
- Map every upstream/downstream contract and mark sync vs. async paths.
- Attach ownership and RTO/RPO to each dependency so risk is explicit.
- Build a dry-run plan that mirrors production traffic shape, not just volume.
Dual-write with exit criteria
We dual-write to the target until three things are true:
- Error budgets stay green with target writes enabled.
- Drift checks show zero divergence for a full business cycle.
- Rollback path is automated and rehearsed (IaC + playbooks).
Dark reads and replay
- Mirror production reads to the target and diff responses for correctness.
- Use deterministic fixtures for edge cases; use sampled prod payloads for entropy.
- Replay is scheduled, not ad-hoc - alerts fire on schema or contract drift.
Change window discipline
We cut over during known-good observability windows, with:
- Feature flags for rapid rollback.
- Stakeholder war-room calendarized and staffed.
- Post-cut validation scripts owned by the same team that runs the rollback.