Migration & Implementation Guide
A complete roadmap for migrating to cloud development environments - from local machines, between CDE platforms, and for AI agent workspaces
Are You Ready for CDE Migration?
Evaluate if your organization is ready to adopt cloud development environments based on these key indicators
Security Concerns
You need data loss prevention (DLP) or source code never leaves the VPC
Slow Onboarding
New developers take 2-5 days to set up local environments
Environment Drift
"Works on my machine" is a daily occurrence
Compliance Mandates
HITRUST, SOC 2, or GDPR requirements for code access
Growing Teams
20+ developers or rapid scaling expected
Resource Intensive
AI/ML workloads, large builds, or database dependencies
AI Agent Adoption
Teams using AI coding agents that need sandboxed, reproducible workspaces
Multi-CDE Strategy
Already on one CDE platform and considering adding or switching to another
Team Size Considerations
Maybe - Consider if you have specific compliance or security needs
Sweet Spot - High ROI with manageable migration complexity
Highly Recommended - Substantial cost savings and standardization benefits
4-Phase Implementation Roadmap
A proven, phased approach to CDE migration - from discovery to full rollout
Phase 1: Discovery & Planning
Weeks 1-4 - Foundation and Assessment
Objectives
- Understand current development workflows and pain points
- Evaluate CDE platforms (Coder, Ona (formerly Gitpod), Codespaces, Daytona)
- Define success criteria and KPIs
- Build executive buy-in with business case
- Assess AI agent workspace needs (sandboxing, GPU access, isolation)
Key Activities
- Conduct developer surveys (pain points, tooling needs, AI agent usage)
- Audit current infrastructure (cloud providers, Kubernetes clusters)
- Security & compliance review (HITRUST, SOC 2, GDPR)
- Calculate total cost of ownership (TCO) vs. current state
- Evaluate multi-CDE strategy if migrating from an existing platform
- Create migration roadmap and timeline
Deliverables
Current state analysis with recommendations
ROI analysis and cost-benefit breakdown
Phased rollout strategy with milestones
Success Criteria
Phase 2: Pilot Implementation
Weeks 5-12 - Prove the Concept
Objectives
- Deploy CDE infrastructure in production VPC
- Create 2-3 workspace templates for pilot projects
- Validate workflows with real development teams
- Gather feedback and iterate on templates
Key Activities
- Set up Kubernetes cluster or VM infrastructure
- Deploy CDE platform (Coder, Ona, etc.)
- Configure SSO, RBAC, and security policies
- Build Terraform templates for common stacks
- Create AI agent workspace templates with sandboxed execution
- Train pilot team on VS Code Remote SSH / JetBrains Gateway
- Monitor usage, performance, and cost
Deliverables
Fully deployed, monitored, and secured
2-3 validated templates ready for scaling
Developer experience and improvement areas
Success Criteria
Phase 3: Expansion
Weeks 13-24 - Scale to Multiple Teams
Objectives
- Expand to 30-50% of development teams
- Build comprehensive template library
- Optimize cost and resource allocation
- Establish self-service workflows
Key Activities
- Roll out to additional teams (team-by-team approach)
- Create templates for all major tech stacks
- Implement auto-stop policies to control costs
- Set up monitoring dashboards (usage, cost, performance)
- Document best practices and runbooks
- Train additional platform engineers
- Roll out AI agent workspace policies (isolation, resource limits, audit trails)
Deliverables
10+ production-ready workspace templates including AI agent configurations
Self-service guides, troubleshooting, and AI agent workspace runbooks
Resource utilization and savings analysis
Success Criteria
Phase 4: Full Rollout
Week 25+ - Organization-Wide Adoption
Objectives
- Make CDEs the default for all new hires
- Migrate remaining teams from local development
- Enforce compliance and security policies
- Optimize platform for scale and efficiency
Key Activities
- Update onboarding to default to cloud workspaces
- Migrate last 20-30% of holdout teams
- Implement advanced features (GPU workspaces, ML templates, AI agent sandboxes)
- Fine-tune auto-scaling and cost controls
- Evaluate multi-CDE governance for teams with diverse platform needs
- Conduct retrospectives and continuous improvement
Deliverables
100% developer adoption across organization
DLP policies, audit logs, compliance reports
KPI dashboard with ongoing metrics
Success Criteria
Infrastructure Requirements
Resource planning and infrastructure setup for cloud development environments
Kubernetes Cluster Sizing
Small Team (10-20 devs)
Medium Team (20-50 devs)
Large Team (50+ devs)
Cloud Provider Recommendations
Amazon Web Services (AWS)
EKS (Elastic Kubernetes Service) or EC2 instances
- Best for: Large enterprises, extensive service integration
- Instance types: c6i.4xlarge, m6i.8xlarge (CPU-optimized), p4d.24xlarge (GPU workloads)
- Storage: EBS gp3 volumes (3000 IOPS baseline, scalable)
Microsoft Azure
AKS (Azure Kubernetes Service) or Azure VMs
- Best for: Microsoft-centric organizations (.NET, Windows development)
- VM types: Standard_D16s_v5, Standard_E32s_v5, NC-series (GPU)
- Storage: Azure Premium SSD (P30/P40 disks)
Google Cloud Platform (GCP)
GKE (Google Kubernetes Engine) or Compute Engine
- Best for: AI/ML workloads, container-native workflows
- Machine types: n2-standard-16, c2-standard-30, a2-highgpu-1g (GPU)
- Storage: Persistent Disk SSD (pd-ssd, balanced pd-balanced)
Network Requirements
Bandwidth & Latency
VPC & Security
On-Premises Deployment
When to Consider
- Strict data residency requirements
- Air-gapped or classified environments
- Existing on-prem Kubernetes infrastructure
- Cost optimization for very large teams (100+ devs)
Additional Requirements
- Dedicated platform engineering team for maintenance
- Monitoring and alerting infrastructure
- Backup and disaster recovery plan
- High-availability setup (3+ master nodes)
Team Preparation & Change Management
Successful migration depends on people, not just technology
Developer Training Requirements
Core Skills (2-4 hours)
- Creating and managing workspaces
- Connecting via VS Code Remote SSH or JetBrains Gateway
- Understanding resource limits and quotas
- Debugging connection issues
Advanced Topics (4-8 hours)
- Customizing workspace templates (DevContainers)
- Managing secrets and environment variables
- Port forwarding and local tunneling
- Using GPU workspaces for AI/ML
- Configuring AI agent workspaces (sandboxing, MCP servers, tool access)
- Multi-CDE workflows and cross-platform DevContainers
Change Management Strategies
Early Communication
Announce the migration 3-6 months in advance. Share the "why" - security, compliance, faster onboarding, cost savings.
"We're moving to cloud development environments to improve security and eliminate 'works on my machine' issues. This will make onboarding new developers 90% faster and ensure everyone has the same tooling."
Identify Champions
Find 2-3 enthusiastic developers per team to be early adopters and help evangelize the platform.
- Give champions early access to the pilot
- Empower them to help teammates during rollout
- Recognize their contributions publicly
Feedback Loops
Create dedicated Slack channels, office hours, and regular surveys to capture pain points.
Technical questions and troubleshooting
Feature requests and improvement ideas
Address Concerns Proactively
Anticipate common objections and prepare clear responses:
Response: You can replicate your exact setup in a DevContainer. Plus, you'll get faster builds and never worry about "works on my machine."
Response: VS Code Remote caches files locally. You can work offline and changes sync when reconnected.
Response: With proper bandwidth (25+ Mbps) and same-region deployment, most developers report faster builds and indexing.
Response: Local AI agents have no sandbox, no audit trail, and full access to your machine. CDEs give agents isolated workspaces with logging, resource limits, and zero risk to your local environment.
Handling Resistance & Pushback
Common Resistance Points
- Senior developers attached to local workflows
- Fear of losing customization and control
- Concerns about internet dependency
- Skepticism about promised benefits
Mitigation Strategies
- Involve skeptics in the pilot design phase
- Allow gradual adoption (not forced overnight)
- Provide 1-on-1 support for resistant users
- Share success stories from pilot team
Common Migration Patterns
Choose the right rollout strategy for your organization
Team-by-Team Migration
Migrate one team at a time, starting with the most enthusiastic or least complex
Best For
- Organizations with 20-100 developers
- Teams with varying tech stacks
- When you need gradual validation
Typical Timeline
Project-by-Project Migration
Migrate specific projects or repos, allowing developers to use CDEs for some work and local for others
Best For
- New greenfield projects
- Compliance-driven migrations (specific repos need CDE)
- Testing CDEs on low-risk projects first
Considerations
Big Bang Migration
Migrate entire organization on a single cutover date (after extensive pilot testing)
Best For
- Small teams (under 20 developers)
- Homogeneous tech stack
- Urgent compliance deadlines
Risks
AI Agent Workspace Migration
In 2026, AI coding agents are a core part of the development workflow. Plan your CDE migration to support both human developers and autonomous AI agents from day one.
Why AI Agents Need CDE Infrastructure
AI agents running code on local machines is a security and governance gap
Sandboxed Execution
AI agents can execute code, install packages, and modify files in isolated workspaces without risk to production systems or developer machines.
Full Audit Trails
Every action an AI agent takes - file edits, terminal commands, network requests - is logged in the CDE platform for compliance and review.
Ephemeral Workspaces
Spin up short-lived workspaces for each AI agent task, then destroy them automatically. No state leakage between tasks.
AI Agent Workspace Requirements
Infrastructure Needs
- MicroVM or container isolation per agent session
- Network policies restricting agent egress to approved endpoints
- Resource quotas per agent (CPU, memory, disk, execution time)
- GPU access for agents running local model inference
- Fast workspace startup (under 30 seconds for agent tasks)
Security and Governance
- Tool-level permissions (which tools/APIs agents can access)
- Human-in-the-loop approval gates for destructive operations
- Secrets injection scoped to agent role (not full developer access)
- Session recording and command logging for post-hoc review
- Automatic workspace teardown after agent task completion
CDE Platform Support for AI Agents (2026)
Terraform-based agent templates, API-driven workspace creation, MCP server integration
Ephemeral workspaces, CDE automation API, built-in agent orchestration
Copilot Workspace integration, prebuilt DevContainers, GitHub Actions synergy
Open-source flexibility, provider-agnostic agent workspaces, DevContainer reuse
Migrating Between CDE Platforms
Already using a CDE and considering a switch? CDE-to-CDE migration is increasingly common as the market matures and team needs evolve.
Common CDE-to-CDE Migration Paths
GitHub Codespaces to Coder or Ona
Common when teams outgrow Codespaces' managed model and need self-hosted infrastructure, custom networking, or multi-cloud support.
Ona to Coder (or vice versa)
Driven by infrastructure preferences (Kubernetes-native vs. Terraform-based), pricing changes, or feature requirements like Coder's multi-cloud templates.
Single CDE to Multi-CDE Strategy
Rather than fully switching, organizations increasingly run multiple CDEs - for example, Codespaces for open-source contributors and Coder for internal teams with compliance requirements.
What Transfers Between CDE Platforms
Portable (Low Migration Effort)
- DevContainer configurations (devcontainer.json)
- Docker images and container registries
- VS Code extensions and settings (settings.json)
- Dotfiles repositories
- Source code and Git repositories
Platform-Specific (Rework Required)
- Workspace templates (Terraform, YAML, or platform-native)
- SSO/OIDC and RBAC configurations
- Auto-stop and resource quota policies
- Prebuild and image caching pipelines
- Monitoring, alerting, and cost dashboards
Multi-CDE Strategy Best Practices
Governance
- Use a unified identity provider (SSO/OIDC) across all platforms
- Standardize on DevContainers as the portable workspace format
- Centralize audit logs from all CDE platforms into a single SIEM
- Define clear criteria for which teams use which platform
Cost Management
- Use consistent tagging (team, project, environment) across providers
- Enforce auto-stop policies on every platform
- Build a cross-platform cost dashboard for leadership visibility
- Review platform consolidation opportunities quarterly
Success Metrics & KPIs
Measure the impact of your CDE migration with these key performance indicators
Developer Experience
Operational Efficiency
Cost Optimization
Security & Compliance
Baseline Measurement Checklist
Before starting your migration, collect these baseline metrics to measure improvement: