Accelerate Your Cloud Migration with Alibaba ACK: Best Practices & Tools

Background

On July 24, Alibaba Cloud held its Developer Conference in Shanghai, focusing on cloud infrastructure, cloud databases, open‑source big data, IoT, and cloud‑native topics. The event shared practical cloud‑native development knowledge with thousands of developers.

Why Choose ACK?

Alibaba Cloud Container Service for Kubernetes (ACK) is built on Alibaba Cloud’s reliable IaaS, offering high elasticity, low cost, and global access. It inherits Alibaba Cloud’s security architecture, providing full‑stack security hardening from infrastructure to container runtime. ACK also extends standard Kubernetes with enterprise‑grade features while avoiding vendor lock‑in.

Reliability, stability, security, and flexibility are guaranteed by the underlying IaaS.

Full‑dimensional security from infrastructure to container runtime.

Enhanced capabilities on top of standard Kubernetes.

Key Questions Before Migration

How can ACK ensure business reliability, stability, security, and flexibility?

How to design a migration plan that moves workloads smoothly to ACK?

How should applications be refactored to leverage ACK’s advanced scaling capabilities?

Overall Migration Architecture

The migration process covers cluster planning, data migration, monitoring switch, log switch, and final production traffic cut‑over or mesh integration.

Cluster Planning : Choose appropriate machine types (CPU, GPU, ECS, or bare‑metal), decide between VPC or classic network, and select pod networking mode (Flannel or Terway).

Capacity Planning : Start with capacity that meets initial workload, then enable dynamic auto‑scaling.

Security Enhancements : Configure security groups, use private images with scanning, and define network policies for inter‑service communication.

Monitoring Switch : Adopt Alibaba Cloud’s full‑stack monitoring and replace custom log solutions with SLS (Log Service).

Data Migration : Migrate databases, storage, and container images using Alibaba Cloud’s enterprise‑grade migration tools to ensure reliability and safety.

Application Refactoring : Update image references, optimize service exposure, adjust storage mounting, and provide a CI/CD pipeline for rapid iteration.

After all components are validated, production traffic can be switched to the ACK cluster.

Migration Scenarios

Full Migration : All applications are moved to ACK, tested, and then production traffic is switched over in one step.

Smooth Migration : ACK manages on‑premise nodes or hybrid clusters, allowing gradual migration and minimal business impact.

Full migration is simpler; smooth migration is more complex but reduces disruption.

Open‑Source Tools and Solutions

Alibaba Cloud provides several open‑source tools to accelerate migration: ack-image-builder: Template for creating custom ACK node images with validation. sync-repo: Bulk migration of container images to ACR (Alibaba Cloud Container Registry). velero plugin: Migrates complete applications from other Kubernetes clusters to ACK. derrick: Detects source project type and generates Dockerfiles and deployment YAMLs.

SMC (Migration Center): Converts virtual machines to container images for ACK.

Data Migration

Reliable data migration uses enterprise tools matched to data types, such as DOMS (online data migration service), OSS migration utilities, and the “Lightning Cube” offline massive‑data transfer solution.

Application Refactoring & Optimization

For K8s‑to‑K8s scenarios, focus on adapting to auto‑scaling and other cloud‑native capabilities. For traditional VM‑based workloads, containerize applications, migrate network configurations using iptables, External, or CoreDNS PrivateZone, and employ Istio for service mesh, routing, and observability.

Case Studies

Typical cases include users with high‑performance networking needs, deep‑learning workloads requiring large‑scale GPU clusters, and customers demanding bare‑metal servers. These scenarios demonstrate ACK’s flexibility across diverse workloads.

Hybrid Cloud Management 2.0

ACK’s Hybrid Management 2.0 offers unified control for IDC‑owned and cloud‑based Kubernetes clusters, providing:

Unified security governance, application management, monitoring, and logging.

Dynamic elasticity for automatic scaling during traffic spikes.

Service governance features such as locality routing, fault‑tolerance, and gray‑release, supporting multi‑region disaster recovery and active‑active deployments.

Edge ACK

Edge@ACK integrates edge containers with Alibaba Cloud CDN, turning edge nodes into compute‑storage‑network‑security capable cloud‑edge nodes, enabling high‑frequency, high‑interaction data processing.

References

https://cs.console.aliyun.com/

https://github.com/alibaba/derrick

https://github.com/AliyunContainerService/ack-image-builder

https://github.com/AliyunContainerService/sync-repo

https://cr.console.aliyun.com/

https://github.com/AliyunContainerService/velero-plugin

http://cloud.video.taobao.com/play/u/3300558962/p/1/e/6/t/1/232004050150.mp4