How to Migrate Enterprise Workloads to Alibaba Cloud ACK: Best Practices and Tools

Cloud native technologies are reshaping the software lifecycle, and Alibaba Cloud was an early adopter of these technologies in China. The Container Service team has helped many customers—ranging from top‑10 enterprises to overseas users—migrate their workloads to ACK, addressing diverse scenarios such as moving from other cloud providers, on‑premises data centers, or custom Kubernetes clusters.

Key Questions Before Migration

How does ACK ensure reliability, stability, security, and flexibility for user workloads?

How to design a migration plan that moves business smoothly to ACK?

How should applications be refactored to leverage ACK’s extended capabilities?

Why Choose ACK?

ACK is built on Alibaba Cloud’s reliable IaaS platform, offering high elasticity, low cost, and global access. It inherits Alibaba Cloud’s security architecture, providing full‑stack hardening from infrastructure to container runtime. Over thousands of enterprises have validated ACK during major events like Double‑11, and ACK adds significant enhancements on top of standard Kubernetes without vendor lock‑in.

Overall Migration Architecture

The migration process covers cluster planning, data migration, monitoring and logging switch, and final production traffic cut‑over. Key steps include:

Cluster planning: select appropriate instance types (CPU, GPU, ECS, or bare‑metal) based on workload.

Network planning: choose VPC or classic network, and pod communication mode (Flannel or Terway).

Capacity planning: provision initial capacity and enable dynamic scaling.

Security hardening: configure security groups, private image scanning, and network policies.

Monitoring & logging: adopt Alibaba Cloud’s full‑stack monitoring and migrate logs to SLS.

Data migration: move databases, storage, and container images using Backup Center and other tools.

Application refactoring: update image references, optimize service exposure, adjust storage mounts, and provide a CI/CD pipeline.

Enterprise Container Lifecycle Model

The model aligns time phases with business roles: business architects evaluate TCO and value, IT architects design cluster capacity and network, while system and application admins execute the migration details. The goal is a more stable, cost‑effective, and efficient cloud‑native environment.

Migration Strategies

Two main approaches are supported:

Full migration : move all workloads, test, then switch production traffic once the new environment is stable.

Smooth migration : run hybrid clusters (on‑premises + ACK) and gradually shift services, minimizing business impact.

Tools and Open‑Source Projects

Several tools have been open‑sourced to accelerate migration: ack-image-builder: creates custom node images that meet ACK requirements. sync-repo: bulk migrates container images to Alibaba Cloud Container Registry (ACR).

Backup Center: provides backup, restore, and cross‑cluster migration for stateful applications, supporting various on‑prem storage types (SAN, Ceph, NFS, etc.).

Derrick: detects source project type and generates Dockerfiles and Kubernetes manifests automatically.

Backup Center Migration Steps

Create an on‑premises Kubernetes cluster (e.g., Rancher) and register it.

Provision a managed ACK cluster and deploy backup service components.

Install backup components on the on‑premises cluster, create backup tasks for applications and PV data.

Restore the backed‑up data and applications into the ACK cluster.

Supported On‑Premises Storage Types

Block storage: SAN, Ceph OSD, local LVM.

File systems: HostPath, NFS, NetApp, GlusterFS, CephFS.

Object storage: Ceph S3.

Application Refactoring and Optimization

For Kubernetes‑to‑Kubernetes migrations, focus on leveraging ACK’s auto‑scaling and advanced networking. For traditional VM‑based workloads, additional effort is needed: containerize applications (using SMC migration center), adjust networking (iptables, CoreDNS, Istio), and ensure data migration.

Case Studies

Examples include high‑performance networking requirements, large‑scale GPU workloads for deep learning, and bare‑metal server use cases. Each scenario benefits from ACK’s best‑practice templates and the migration toolchain.

Reference Links

ACK console: https://cs.console.aliyun.com/

Derrick: https://github.com/alibaba/derrick

ack-image-builder: https://github.com/AliyunContainerService/ack-image-builder

sync-repo: https://github.com/AliyunContainerService/sync-repo

ACR: https://cr.console.aliyun.com/

Backup Center docs: https://help.aliyun.com/document_detail/311759.html

Rancher installation: https://rancher.com/docs/rancher/v2.5/en/installation/

Register cluster guide: https://help.aliyun.com/document_detail/121053.htm

Create backup task: https://help.aliyun.com/document_detail/188780.htm

Cross‑cluster recovery: https://help.aliyun.com/document_detail/188871.html