Migrating OpenShift Container Platform to AWS EKS-Explained

Migrating from OpenShift to Amazon Elastic Kubernetes Service (EKS) involves several steps, from planning and assessment to execution and optimization. This article provides a detailed walkthrough, including architectural considerations.

Why Migrate to AWS EKS?

1. Scalability: AWS EKS offers seamless scalability, allowing you to handle varying workloads efficiently.
2. Integration: EKS integrates well with other AWS services, providing a cohesive ecosystem for your applications.
3. Cost Efficiency: AWS’s pay-as-you-go model can be more cost-effective, especially for dynamic workloads.
4. Security: AWS provides robust security features, including compliance with various industry standards.

Pre-Migration Considerations

1. Assessment: Evaluate your current OpenShift environment, including applications, configurations, and dependencies.
2. Planning: Develop a detailed migration plan, including timelines, resource allocation, and risk management.
3. Training: Ensure your team is familiar with AWS EKS and its features. AWS offers various training resources and certifications.

Architecture Overview

Before diving into the migration steps, let’s look at the architecture of both OpenShift and AWS EKS.

OpenShift Architecture

• Master Nodes: Manage the OpenShift cluster, including API server, controller manager, and scheduler.
• Worker Nodes: Run the application workloads.
• ETCD: Stores the cluster state and configuration.
• Networking: Typically uses OpenShift SDN or other CNI plugins.
• Storage: Uses persistent volumes (PVs) and persistent volume claims (PVCs) for storage.

AWS EKS Architecture

• EKS Control Plane: Managed by AWS, includes the API server, etcd, and control plane components.
• Worker Nodes: EC2 instances or Fargate that run the application workloads.
• Networking: Uses Amazon VPC for networking, with support for various CNI plugins.
• Storage: Integrates with AWS storage services like EBS, EFS, and S3.

Migration Steps

1. Set Up AWS Environment

• Create an AWS Account: If you don’t have one, create an AWS account.
• IAM Roles and Policies: Set up IAM roles and policies to manage access and permissions.
• VPC Configuration: Configure VPC, subnets, and security groups to match your network requirements.

2. Install and Configure EKS

• Create EKS Cluster: Use the AWS Management Console, CLI, or CloudFormation templates to create an EKS cluster.
• Configure kubectl: Set up kubectl to interact with your EKS cluster.

3. Translate YAML Files

OpenShift and Kubernetes are both based on Kubernetes, but OpenShift adds some custom resources and configurations. Here’s how to translate the YAML files:

a. Deployment Configurations

OpenShift uses DeploymentConfig objects, while Kubernetes uses Deployment objects.

OpenShift DeploymentConfig Example:

apiVersion: apps.openshift.io/v1
kind: DeploymentConfig
metadata:
  name: my-app
spec:
  replicas: 3
  template:
    metadata:
      labels:
        app: my-app
    spec:
      containers:
      - name: my-app
        image: my-app-image
        ports:
        - containerPort: 8080        

Kubernetes Deployment Equivalent:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-app
spec:
  replicas: 3
  selector:
    matchLabels:
      app: my-app
  template:
    metadata:
      labels:
        app: my-app
    spec:
      containers:
      - name: my-app
        image: my-app-image
        ports:
        - containerPort: 8080        

b. Routes and Ingress

OpenShift uses Route objects for exposing services, while Kubernetes uses Ingress.

OpenShift Route Example

apiVersion: route.openshift.io/v1
kind: Route
metadata:
  name: my-app
spec:
  to:
    kind: Service
    name: my-app
  port:
    targetPort: 8080        

Kubernetes Ingress Equivalent:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: my-app
spec:
  rules:
  - host: my-app.example.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: my-app
            port:
              number: 8080        

c. Persistent Volumes

OpenShift and Kubernetes handle persistent volumes similarly, but you may need to adjust storage classes and access modes.

OpenShift PersistentVolumeClaim Example:

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: my-pvc
spec:
  accessModes:
  - ReadWriteOnce
  resources:
    requests:
      storage: 1Gi        

Kubernetes PersistentVolumeClaim Equivalent:

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: my-pvc
spec:
  accessModes:
  - ReadWriteOnce
  resources:
    requests:
      storage: 1Gi        

4. Migrate Applications

• Container Images: Push your container images to Amazon ECR (Elastic Container Registry).
• Manifests: Update Kubernetes manifests to be compatible with EKS.
• Data Migration: Migrate persistent data to AWS services like RDS, S3, or EFS.

5. Testing and Validation

• Staging Environment: Deploy applications in a staging environment on EKS.
• Testing: Perform thorough testing to ensure applications function as expected.
• Validation: Validate performance, security, and compliance requirements.

6. Cutover

• Cutover Strategy: Plan a cutover strategy, including a rollback plan in case of issues.
• Final Migration: Perform the final migration during a maintenance window to minimize impact.
• Monitoring: Monitor the new environment closely for any issues.

Post-Migration Activities

1. Optimization: Continuously monitor and optimize your EKS environment for performance and cost.
2. Security: Implement AWS security best practices, including regular audits and updates.
3. Training and Support: Provide ongoing training for your team and leverage AWS support services as needed.

Conclusion

Migrating from OpenShift to AWS EKS can unlock numerous benefits, from improved scalability to cost savings. By following a structured approach and leveraging AWS’s extensive resources, architects & cloud engineers can ensure a smooth and successful migration.

-- Alok Saraswat

Reference-- AWS Web Service Documentation