Dezen Technology
All articles
ArchitectureMay 15, 20268 min read

Monolith migration: the strangler-fig playbook

The big-bang rewrite is the most consistently bad idea in software. Proxy in front, extract one route at a time, shrink the monolith to nothing. No migration day.

Monolith migration: the strangler-fig playbook

The big-bang rewrite is the most consistently bad idea in software engineering. Companies that try to replace a working monolith with a brand-new microservices version, in parallel, almost always fail — they either ship the new system years late, or never finish, or finish and discover it does 60% of what the old one did.

The strangler-fig pattern is the alternative that actually works. Named after the vine that grows over a host tree, then eventually replaces it. Same idea: start with the monolith, extract one route at a time, and let the monolith shrink to nothing.

Strangler-fig migration — four steps from monolith to services through a reverse proxy

Step 1: The monolith

Where you start. All routes go to the monolith. One process, one database, one deploy. You’re not changing this yet — just acknowledging it.

Step 2: Put a reverse proxy in front

Add a proxy (nginx, Envoy, Cloudflare Workers, AWS ALB — whatever you’re comfortable with). Every request now goes through the proxy, which forwards 100% of traffic to the monolith. From the user’s perspective, nothing changed. From your perspective, you now have a control point.

This step alone is worth doing for a week of stability before the next move. Watch the metrics. Make sure the proxy isn’t adding latency. Don’t proceed until step 2 is rock-solid.

Step 3: Extract one route

Pick a route that’s self-contained — doesn’t touch 7 different domain entities, doesn’t require deep database joins with everything. Common first picks: billing webhooks, file upload, email sending, search.

Build a new service that implements that route. Deploy it. Configure the proxy: “requests to /api/billing/*go to the new service; everything else still to the monolith.”

Critical: the new service can call back into the monolith for data it doesn’t own yet. That’s fine. Decoupling is gradual.

Step 4: Repeat

Extract the next route. And the next. The monolith shrinks; the constellation of services grows. After 18-36 months, the monolith is small enough that you can either delete it or fold it into one final service.

At no point is there a “big migration day.” The system is always running. The team is always shipping new features alongside the migration. The business never has a six-month outage of feature development.

Pitfalls to avoid

  • Extracting domain boundaries that aren’t real.A route isn’t a service boundary. Map your bounded contexts first. Don’t extract a route until you understand the data ownership.
  • Shared databases across the boundary.The new service should eventually own its own database. Sharing the monolith’s database is fine for a transition period but becomes the new monolith if you let it persist.
  • Distributed transactions. Resist them. Use eventual consistency + sagas. If you find yourself wanting 2-phase commit across services, the extraction boundary is wrong.
  • Letting the proxy logic get complicated.Route-based forwarding is fine. Header-based feature flags are fine. Once the proxy is doing business logic, you’ve recreated a monolith in the proxy.

When to NOT extract

Not every monolith needs to be broken up. Strangler-fig is the right pattern when:

  • The team has grown past the point of one shared codebase being productive
  • There are genuine scaling differences across surfaces
  • You’re trying to introduce technology heterogeneity (e.g. ML in Python alongside a Rails monolith)

If none of these apply, leave the monolith alone. The world’s most successful monoliths (Stack Overflow, Basecamp) ran on single deployments for over a decade by choice.

How we approach this

Most of our Cloud & DevOps engagements involving legacy migration follow this exact playbook. We start with the proxy. We extract one route. We measure. We extract the next. Six to twelve months in, the legacy monolith is a thin shell. Two years in, it’s gone. The business never noticed a migration.

Takeaways

  • The big-bang rewrite is the most consistently bad idea in software. Don’t.
  • Strangler-fig: proxy in front, extract one route at a time, shrink the monolith.
  • Get the proxy stable before extracting anything.
  • Don’t extract route by route — extract by bounded context.
  • Some monoliths shouldn’t be extracted. Honest decision.
Keep reading

More from the engine room

AI in QA: where it helps, where it doesn’t

May 27, 2026

AI in QA: where it helps, where it doesn’t

AI augments QA throughput — test generation, triage, visual regression. It doesn’t replace QA judgment: strategy, exploratory testing, and defining correctness stay human.

Read More
Controlling LLM costs in production

May 25, 2026

Controlling LLM costs in production

Four levers cut spend 10x without cutting quality: route by difficulty, cache, trim context, batch and stream. Measure cost-per-feature first; set budget guardrails always.

Read More
RAG vs fine-tuning: which do you actually need?

May 23, 2026

RAG vs fine-tuning: which do you actually need?

Facts → RAG. Behavior → maybe fine-tune. Most business AI features want RAG even when teams ask for fine-tuning. The decision rule and the order to try things in.

Read More
Agentic features in SaaS: the maturity ladder

May 21, 2026

Agentic features in SaaS: the maturity ladder

From manual to autonomous — four levels of autonomy and the guardrails each needs. Match autonomy to the cost of being wrong, not to how impressive it sounds.

Read More
Offline-first mobile: the app that works on the subway

May 19, 2026

Offline-first mobile: the app that works on the subway

The UI never waits on the network. Local DB, sync engine, server — with conflict resolution per data type. The architecture that makes mobile apps feel instant.

Read More
Lift-and-shift vs refactor: how to actually decide

May 17, 2026

Lift-and-shift vs refactor: how to actually decide

Lift-and-shift is fast, cheap to do, expensive to keep. Refactor is months of work with structural upside. The matrix — and why half-finished refactors are the worst path.

Read More
SOC 2 readiness in plain English

May 13, 2026

SOC 2 readiness in plain English

Five Trust Service Criteria, Security mandatory and the rest optional. Type 1 vs Type 2. The pragmatic 6-month timeline — not the year-long ordeal it’s made out to be.

Read More
OWASP top risks for 2026 — with what to actually do

May 11, 2026

OWASP top risks for 2026 — with what to actually do

The ten vulnerability classes that show up in real breaches, each with the single most important defensive action. Plus the 80/20 of web security.

Read More
View all blogs

Let’s Build the Future Together!

Contact our team today and turn your ideas into reality.

Let’s Discuss
Contact Details : sales@dezentech.com Sy. No:40, Flat No:402, SIRISAMPADHA ARCADE I, Plot no:18-21, behind Union Bank of India, Khajaguda, Hyderabad, Telangana 500104