Trying to migrate my ODK deployment and its data from AWS to Digital Ocean


My ODK deployment works fine on AWS. However, I would like to move the current deployment as well as its current data/state to a new virtual machine on Digital Ocean (while maintaining the domain name). Any ideas on how to achieve this in the fasted and safest way possible?

The following assumes you're comfortable on the command line and with basic networking. Also, I haven't tried this recently so I'd strongly recommend you try this out on a test install before doing it on a production install.


  • Verify your full machine backup and restore works.
  • Verify you can whitelist traffic to Central only from your IP. An upstream firewall is great for this.
  • Verify you have the same OS on the source (src) and destination (dest). If you don't, the folders noted below may not match. Adjust adjust accordingly.
  • Verify you can set the TTL of the DNS record on the domain to something low (~300 secs) to reduce downtime.
  • Verify you have an effective way to communicate a maintenance window with users.


  1. Take a full machine backup of src.
  2. Over ssh, rsync the key folders (/var/lib/docker, /root/central) from src to dest. This might take some time.
  3. Start the maintenance window.
  4. Block all incoming HTTP/S traffic to src.
  5. Shutdown Central on src with docker-compose stop;
  6. Rsync the key folders from src to dest again to pick up the latest changes to data. This will be faster than the first rsync.
  7. Shutdown src and take another full machine backup.
  8. Only allow incoming HTTP/S traffic only from your IP to dest.
  9. Update the DNS record to point to the dest. This should happen quickly if your DNS TTL is low.
  10. Bring the dest server back up (docker-compose build; docker-compose up -d).
  11. Verify you can login via the Central UI to dest, see records, preview forms, etc.
  12. Allow all incoming HTTP/S traffic to dest.
  13. Stop the maintenance window.


  • If you value speed over safety, you can skip the backups. I don't recommend it.
  • Running the first rsync outside the maintenance window should be safe, but if you want to be extra safe, you can run it after blocking all incoming traffic.