The Preferred Partner for Intelligent Upgrade

Huawei Cloud Stack Container Migration

Service Introduction

Name : Bensen

Time : 2024-12-13

1
 Contents

1 Background

2 Service Overview

3 Service Content and Processes

4 Service Highlights

5 Success Story

2
 Enterprise Digital Transformation Rapidly Entering the Cloud Native Phase

Phase 1: server Phase 2: cloudification Phase 3: cloud native

• Management of scattered physical servers • Centralized cloud resource pool • Unified cloud native infrastructure
• Software and hardware isolation • Software migration to the cloud • Cloud native software architecture
• Device-centric • Resource-centric • Application-centric

Transition 2: Application automation

Software system Software system

Operations Operations Cloud Agile New Microservice Middleware AI/big data Edge/IoT
support CRM/ERP
Core service
… support CRM/ERP O&M development
Core service
service …
…
system system application application application application
system system system system system

Enterprise
Enterprise service Cloud-based Lightweight service Cloud middleware
Database
bus
middleware
database framework platform
Cloud native platform
platform

Cloud native application enablement center

Hardware system Unified resource management
Multi-cloud/Hybrid cloud/Edge-cloud architecture
Compute pools Network pools Storage pools
PM PM SAN devices NFS devices RAID array
Cloud native infrastructure: application-centric
Block File Object
VM VM VM VPC ELB Application- Application- Application-
storage Storage storage
Switch Router defined compute defined networking defined storage

Transition 1: Resource automation

3
 Features and Values of Containers: Lightweight, Fast, and Flexible
Containers use a lightweight OS virtualization solution, which A new form of software packaging and delivery together with its
virtualizes resources based on the OS to provide resources of finer storage, distribution, and running systems
granularity.
Containers can run on VMs and physical machines.

RPM
package

GB-scale JAR Container

package WAR configuration
System
package configuration
MB-scale

Container
Application images
configuration Application
OS server

Deliverables after
Traditional deliverables
containerization

⚫ Lightweight: Shared kernel and fine-grained resource isolation (lower enterprise costs)
⚫ Fast: Quick start and stop in seconds (applicable to agile scaling scenarios)
⚫ Flexible: Environment-independent standard delivery and deployment specifications
(higher delivery efficiency)

4
Overall Architecture of Huawei Cloud Stack Cloud Native Infrastructure Solution

Application ecosystem
Hybrid innovative applications
Standard, open, and complete cloud native application ecosystem
Industry standard: Cloud native applications are fully compatible with Helm.
Hybrid innovation: Applications can be combined based on service innovation
Stateless Stateful Compute-intensive requirements to develop new applications.

Container services
Multi-cloud management platform
Ubiquitous Cloud Native Service (UCS) Cloud native OS with consistent experience across regions, DCs, edge, and
clouds
Edge-cloud synergy UCS: cross-cloud, cross-region cluster management, global and unified
SoftWare Repository Application Service application management, which address elasticity and scheduling challenges
Intelligent
for Container (SWR) Mesh (ASM) during peak hours.
EdgeFabric (IEF)
ASM: application non-intrusion, multi-language, and enterprise-ready service
Cloud Container Engine governance, 50% higher performance than open-source solutions.
(CCE) | CCE Turbo Volcano: AI and big data batch computing is 50% more cost-effective.

Huawei Cloud Stack infrastructure

(General-purpose servers and Kunpeng + Ascend servers)
Compute Storage Network Application-centric cloud native infrastructure
Cluster scale: 2,000 nodes in a single cluster
Full-stack GCH: hybrid management of x86 and Kunpeng nodes, hardware and
software synergy with 30% higher cost-effectiveness, and NeoKylin OS supported
Huawei Multi-cloud synergy and Huawei hybrid
centralized management cloud and edge
Cloud
CCE: Container Service with Rich Heterogeneous Resources, High
Performance, Comprehensive Security, and Unified Scheduling
Comprehensively enhanced Kubernetes
➢ API: APIs provided by CCE have passed the CNCF certification, which ensures user
Add-ons virtual-kubelet Volcano Prometheus KubeFlow experience consistency.
➢ Scheduling: Huawei Volcano offers scheduling policies based on group, queue, or
fairness, supports topology-aware resource scheduling, and improves job execution
efficiency by over 30% in batch computing scenarios.
Container O&M
Service Service
Image repository ➢ Elasticity: CCE supports a variety of policies, and these policies can be combined
management governance/release together. With these policies, containers can be scaled out in seconds, which ensures
service stability at traffic peaks.
Monitoring Unified management ➢ O&M: CCE is a hosted Kubernetes cluster service. It frees personnel from complex
O&M on the management plane. CCE supports in-place cluster upgrade across
Auto scaling Container/Node
Logs Image retention versions.

Event Image trigger

Container Application High-performance cloud native network
Alarm orchestration orchestration Image synchronization ➢ Performance of tunnel networks is 30% higher than that of the networks offered by
Flannel. Under VPC networks, performance loss remains within 5% compared with
passthrough networking. Container CIDR blocks are allocated separately. They do
Node 1 Node N Node 1…N not occupy VPC CIDR blocks.
➢ CCE supports network policies and container-scoped network isolation.
Pod 1 Pod N
Pod 1…N Pod 1…N
… …
K8s Container … Container Container K8s Container
Cluster 1 Cluster N Deeply integrated infrastructure services
➢ Compute: VMs and BMSs can be deployed in one CCE cluster. CCE adapts to
various Huawei Cloud compute instances like Kunpeng instances. CCE supports
GPUs and Ascend compute. CCE provides GPU virtualization, shared scheduling,
and resource-aware scheduling optimization.
Network
Compute

Storage volume
Storage

VM/BMS Container network

snapshot/encryption ➢ Network: CCE can interconnect with high-performance, secure, reliable, and multi-
protocol dedicated load balancers as the service traffic ingress.
GPU/Ascend D
Intel/Kunpeng
series chip
EVS/OBS/SFS VPC/ELB/NAT ➢ Storage: CCE is integrated with multiple storage services like EVS, SFS, and OBS
and provides disk encryption, snapshot, and backup capabilities.
CCE Turbo: Building an Efficient, Secure Cloud Native Foundation

Faster computing
➢ Next-gen compute instance C7e
CCE Turbo
➢ Overall server performance up 30%
Container network Container storage Intelligent scheduling Cloud-edge synergy

Passthrough Lazy loading of Cloud-edge

Hybrid deployment
networking images collaboration Intelligent scheduling
Intensive containers
on a single node
Data cache Fast scheduling
Zone-based
management
➢ Scheduling policies for hybrid deployment
➢ Resource utilization up 20%+
Network isolation Data migration Dynamic scheduling Offline autonomy

Virtual server BMS Flash scaling

➢ Auto scaling in seconds
Common Common Common Secure Secure Secure ➢ Batch creation of 3,000 pods in 1 minute
container container container container container container

Network acceleration
➢ Two network layers flattened into one for passthrough
OS: Euler
networking
Huawei Cloud Stack infrastructure ➢ Zero network loss and 20% decrease in delay

Compute Storage Network

All-scenario coverage
➢ Edge sites management
➢ Released once, deployable network-wide
Application Service Mesh: Industry-leading Enterprise-grade Service Mesh
Products
REST (service API) Service governance
Graphical Protocol • Complex traffic routing rules by configuring
4 gRPC (service calling)
VirtualService
console extension and
integration Spring Boot (development framework) • Circuit breaking, rate limiting, load balancing, and more

Istio control plane 1

Service
Traffic routing Circuit breaking Rate limiting Grayscale release
management
• Forms: canary release and blue-green deployment
Pilot • Policies: percentages of traffic, request content
Service discovery and traffic
management (cookies and OSs), and source IP addresses
Grayscale Blue-green
2 release Canary release
deployment
Citadel
Identity certificate management
Traffic monitoring
Galley Traffic Tracing Exception
Configuration 3 monitoring topology
Traffic analytics
warning
• End-to-end intelligent monitoring, logs, topologies,
verification/management/delivery and tracing

CCE clusters VM clusters BMS clusters

Node 1 Node N Node 1…N Node 1…N Protocol expansion

• gRPC and REST
Pod 1 … Pod 1…N • Extended governance capability for services using the
VM BMS
Container Container VM VM
VM
Dubbo protocol
Container Container VM
Container Container • Solution of integrating with microservice SDKs for Spring
Cloud microservices
UCS: Extending Cloud Native to Wherever You Need It

One Consistent experience One-click deployment

Data Third-party application
Big data Middleware AI/ML Database Pipeline 150+ out-of-the-box Release once, deploy globally, and cross-cloud
analytics apps ecosystem
applications in OSC deployment with in one click

Intelligent 24/7 monitoring Ecosystem

UCS O&M
Insights on containers, Compatible with open-source ecosystems
and intelligent inspection and no vendor lock-in
OSC

Configuration Centralized Global governance Diverse policies

Container migration
management traffic
Container Intelligent Unified governance of cloud-to-cloud
management and cloud-to-app traffic in all regions Traffic splitting, grayscale release, and failover
Analysis
Policy center Traffic management

Fleet management Unified Cross-cloud scaling Global scheduling

compute
scheduling Multiple scaling policies based on CPU, Cross-cloud and multi-cluster scheduling
memory, and traffic

Unified All-scenario coverage Fleets in all regions

Huawei Cloud
K8s resource
access Huawei Cloud, multi-cloud, edge cloud, Connection of 2,000 clusters and
and customer IDC consistent operations

Huawei Cloud clusters On-premises clusters Attached clusters

 Contents

1 Background

2 Service Overview

3 Service Content and Processes

4 Service Highlights

5 Success Story

10
 Service Trends
With the deepening of digital intelligence, the iteration of cloud products is accelerating. Huawei container products are becoming more beneficial,
and customers traditional on-premises containers show more and more disadvantages. Customers impose higher and higher requirements for
container migration.

Product iteration problem

Disadvantages and limitations of traditional
When Huawei Cloud Stack 6.5.1 is upgraded to on-premises containers
Huawei Cloud Stack 8.2.1, the underlying architecture
changes in a way that makes smooth updates of
⚫ On-premises containers are less reliable as they lack
gPaaS and AI DaaS services impossible.
technical support from vendors, so customers are
reluctant to use them for critical services.
⚫ Open-source software is used, so troubleshooting
depends on open-source communities. When there are
faults, it is hard to identify root causes and it takes too
Container long to fix them.
migration ⚫ Using on-premises container clusters on container
management platforms involves many additional
technologies, such as networking, load balancing,
monitoring, logging, and storage. Integrating all these
technologies is complicated.

Advantages of Huawei Cloud containers

Huawei Cloud provides containers that meet enterprise service requirements

for ultra-large scale, extraordinary performance, flash scaling, distributed
architecture, in-cloud and on-premises deployment, and more. These
containers effectively support the development of industry solutions in fields
such as resource management, price tracking, consumer finance, e-
commerce, and livestreaming. They are used widely by tens of thousands of
enterprises in dozens of industries, including Internet, finance, automobiles,
logistics, and energy. According to a report issued by IDC, Huawei Cloud
container services were ranked No. 1 in China's container software market
share for three years running.
11
 Customer Requirements
Huawei Cloud Stack cluster migration path
Target customers: customers who use earlier Target customers: customers currently using
versions of Huawei Cloud Stack container on-premises containers Kubernetes Kubernetes
Source Cluster Target Cluster
products Customer requirements: migrating on- Version of the Version of the
Version Version
Customer requirements: Some functions premises containers to Huawei for convenient Source Cluster Target Cluster
required by services were not supported by services and management Huawei Cloud Huawei Cloud
1.9 1.21 or 1.23
earlier versions. Service requirements: migration of on- Stack 6.5.1 Stack 8.2.1
Service requirements: container version premises containers to Huawei container Huawei Cloud
Huawei Cloud
upgrade and cloud version upgrade platforms Stack 8.0.3 or 1.15, 1.17, or 1.19 1.21 or 1.23
Stack 8.2.1
8.2.0
Huawei Cloud Huawei Cloud
1.21 or 1.23 1.23 or 1.25
Stack 8.2.1 Stack 8.3.0
Huawei Cloud Stack 6.5.1, Huawei Cloud Stack
8.0.3, or 8.2.0 8.2.1 or 8.3.0
Huawei Cloud Stack

Kubernetes cluster migration path

… … … Kubernetes Version of the Kubernetes Version of the Target

Container SWR Container SWR Container SWR Source Cluster Cluster

1.9 1.21 or 1.23

Container migration Container migration 1.15 1.21 or 1.23

Key requirements: Key requirements: 1.17 1.21 or 1.23

• Migrating Huawei containers from • Migrating on-premises containers
an earlier version to a later version to Huawei container platforms
1.19 1.21 or 1.23

1.21 1.21, 1.23, 1.25, or 1.27

1.23 1.23, 1.25, or 1.27

Scenario 1 Scenario 2

12
 Challenges Created by Customer Requirements

Impacts on services

• Can the migration be performed without service interruptions? What are the
resulting impacts and risks? What is the minimum downtime window?
Impacts on
services Migration costs

Migration • How can we calculate how much migration will cost and how long it will take?
Is it necessary to invest extra devices for environment verification and
costs testing?

Migration efficiency
Migration
efficiency • How efficient is the migration? What factors affect efficiency? Is batch
migration feasible? Does the migration need to be planned?

Data security
Data security
• How is the data consistency after resources inside and outside a cluster
are migrated? How can we avoid data loss? How can we verify and roll
back upgrades, if needed?

13
 Service Scope
Huawei Cloud Stack Container Migration Service Service design
⚫ Huawei Cloud Stack Container
Service survey Solution Migration Testing and Migration Service: supports end-to-end
design implementation verification enterprise service container migration
from requirement survey, solution design,
and migration implementation, to testing
and verification.

Migrate Huawei Cloud Stack containers from Target scenarios

an earlier version to a later version, for Migrate customers' on-premises
example, from Huawei Cloud Stack 6.5.1 to container clusters to Huawei
8.2.1, from Huawei Cloud Stack 8.0.3 to 8.2.1, container products.
or from Huawei Cloud Stack 8.2.1 to 8.3.0.

Huawei Cloud Stack

⚫ Migrating Huawei Cloud Stack containers
Huawei Cloud Stack Huawei Cloud Stack from an earlier version to a later version
… … … ⚫ Migrating on-premises container clusters
Container SWR
to Huawei container products
Container SWR Container SWR

Scenario 1 Scenario 2

Note: On-premises clusters can be migrated regardless of if they are on cloud or not, as
long as the migration conditions are met.

14
 Service Benefits/Customer Benefits
For Customers:
• Standard service processes ensure a full migration can be completed.
Verification • Optional simulations to test if verification requirements can be met in
Acceptance
special migration scenarios.
• Standard services ensure secure and reliable migration operations.
Implementation
• Migration tools greatly increase migration efficiency and reduce migration
costs.

Maintenance • Evaluation effectively identifies risks and helps keep service impacts under
control when there are emergencies.
• The validity of a migration is reviewed during verification, with rollbacks
(Optional) supported at any time.
Simulation Tools

Evaluation

For services:
Solution
design • Service impacts are reduced and continuity improved.
• The migration is more efficient and less expensive.
• Customers get a solid foundation, a major step forward, for cloud native
transformation.

15
 Contents

1 Background

2 Service Overview

3 Service Content and Processes

4 Service Highlights

5 Success Story

16
 Migration to Huawei Cloud Stack

High data risk Capex is a large one-off investment Only for infrastructure Limited expert resource
Pain Points of Cannot scale down services Difficulty in using new Low reliability and risk of load shading
Failure to meet regulatory requirements
Hosting
High cost and low utilization of DR High maintenance costs technologies Unstable SLA

Evaluation and Survey Planning and Design Migration Implementation Migration Acceptance

5 On cloud 10 Implementation 14
1 Service information 2 Monitoring
solution design discussion
Resource list review
collection

6 Migration solution 11 Cloud 15

Optimization
3 Cloud migration risk design resource provisioning
assessment

7 12 Data 16
4 Function and Handover
Cloud migration performance verification synchronization
Policy evaluation

8 Operation manual 9 Implementation 13 17

Service cutover Acceptance
preparation plan making

Successful
Target Customers Key Enterprises NA Government Big Banks OP or Hosting to Cloud Cases

Why Huawei Cloud Stack Migration Toolkits Migration Service

SMS | DCS | DRS | OMS | CDM | DES Plan | Implementation | Acceptance

17
 Service SOW (Responsibility Matrix)
R stands for Responsibility and S for Support.

Custom
No. Service Process Service Content Huawei/Telecom
er
Survey the customer's live network environment, service resource usage, migration environment,
1 Service/Resource survey S R
compute resources, storage resources, network resources, and more.
Evaluate feasibility based on the existing environment, service classification, and destination end
2 Technical feasibility evaluation R S
compatibility.
3 Risk evaluation Evaluate any post-migration risks, such as data loss or system startup failures. R S
Evaluate the source end environment, destination end environment, and migration network
4 Migration duration evaluation R S
environment, and perform tests if conditions permit.
Resource planning for the target
5 Plan cloud resources for the target environment to maximize resource utilization. R S
cluster
6 Migration restrictions Clarify some restrictions, such as ports used by the migration tools. R S
7 Migration solution design Formulate an executable migration solution based on the customer's live network environment. R S
8 Solution review The solution is reviewed by second-line and third-line experts to identify problems. R S
9 Solution verification Set up an environment to verify the feasibility of the solution. R S
Cloud Container Engine (CCE)
10 Create a migration environment. R S
cluster creation
11 Migration tool installation Deploy required migration tools. R S
12 Data/Application migration Migrate data and applications. R S
13 Resource updates and adaptation After data and applications are migrated, reallocate resources in the target environment. R S
Use various services to access the system and check the data integrity after the migration is
14 Service testing S R
complete.
15 Traffic switchover Perform a service cutover from the source end to the destination end. S R
Once the traffic has been switched, customer services should be able to access the target end. After
16 Taking source resources offline S R
a period of time, take the source end offline.
17 Project acceptance The source resources are completely migrated to the target end, and services are accessible. S R

18
 Migration Objects
The Container Migration Service migrates container cluster resources, including data, services, and configurations. All the
resources inside and outside clusters are included. This service focuses on resource migration within clusters. Migration of
resources outside a cluster needs other migration service products and capabilities. For example, when migrating non-
containerized databases or object storage, database migration and storage migration services are required, respectively.

Resource
Migration Object Remarks
Category

Resources in the velero and kube-system namespaces should not be migrated.

All objects in a cluster, such as pods, jobs, • Resources in velero are created by migration tools and do not need to be migrated.
Services, Deployments, and ConfigMaps. • Resources in kube-system are system resources. If this namespace of the source cluster contains
resources created by users, only migrate those resources on demand.
Resources inside
a cluster

Both hostPath and Local volumes are local storage volumes. However, Restic, which is integrated into
PersistentVolumes (PVs) mounted to a container Velero, cannot back up hostPath PVs. It only supports the Local type. So, you need to replace the storage
volumes of the hostPath type with the Local type in the source cluster.

Image repositories They can be migrated to SWR.

Resources Non-containerized databases (other migration They can be migrated to Relational Database Service (RDS). After the migration is complete, you need to
outside a cluster services needed) reconfigure the databases for applications in the target cluster.

The data can be migrated to Object Storage Service (OBS). After the migration is complete, you need to
Object storage (other migration services needed)
reconfigure the object storage for applications in the target cluster.

19
 Migration Procedure
There are six steps in container migration, including creating a target cluster, migrating data, migrating applications, verifying
services, switching traffic, and taking the source cluster offline.

Start
Target container cluster creation
⚫ Target cluster creation and resource configuration on Huawei Cloud containers.
Create a target ⚫ It is recommended that the performance configurations on the target cluster are
container cluster. the same as that on the source cluster.
Data migration
Migrate data. ⚫ Database, storage, and image migration

Application migration
Migrate applications. ⚫ Kubernetes resource objects and persistent data are migrated using
Migration4CCE and resource updates.

Verify services. Service verification

⚫ Testing personnel verify the functions of the new cluster.

Switch over traffic. Traffic switchover

⚫ O&M personnel switch DNS to direct traffic to the new cluster.
Take the source
cluster offline. Taking the source cluster offline
⚫ The source cluster is taken offline and backups are deleted after
confirming that the services on the target cluster are running
End properly.

20
 Migration Precautions

DNS
6. Perform additional tasks:
Precautions
• Verify services
• Switch over traffic
• Take the source cluster offline
• The Migration4CCE, a tool from Huawei based on Velero, is recommended.
Load balancer Elastic Load Balance (ELB) • The resources in the velero and kube-system namespaces should not be
migrated. The resources in kube-system are related to system services, so
they do not need to be backed up. Those in velero are related to the deployed
Container cluster
IDC on-premises cluster A 1. Plan resources for velero service, so no backup is required for them either.
3. Install the target cluster. • Restic integration of the Migration4CCE requires Kubernetes (the
Service Migration4CCE. Service MountPropagation function). This function is enabled by default in Kubernetes
5. Update resources 1.10.0 and later versions.
accordingly.
• When there are same resources in the source and target clusters,
Deployment Deployment
StatefulSet Application Application Migration4CCE does not restore resources by default. Ensure the target cluster
StatefulSet
… backup Backup files restoration does not have the same resources as the source cluster.
…
• About resource updates and adaptation:
➢ Access service: When migrating containers developed by different
4. Migrate resources
Pod Pod Pod within a cluster. Pod Pod Pod vendors, the ways these containers' load balancing services are made
available need to be updated accordingly because the load balancing
services vary.
➢ StorageClass: The backend storage infrastructure before and after the
Resources outside a cluster Huawei Cloud Stack cloud services migration is different, so the StorageClass needs to be updated
accordingly.
2. Migrate resources
outside a cluster.
➢ Database: After databases are migrated to the cloud, applications need to
Data
MySQL file Image RDS OBS SWR be adapted.

Database Object Image Database Object Image

storage repository storage repository

21
 Emergency Plan
After the migration testing is complete and traffic is switched to the target cluster, if a fault occurs during service verification and a rollback
is required, adjust the DNS configuration for a quick traffic switch to the source cluster.

Migration Rollback
DNS DNS DNS

100% 0% 100% 0% 100% 0%

Load balancer
ELB Load balancer ELB

Success
Source cluster A Container cluster A
Fault
Container cluster A Source cluster A

etcd etcd etcd etcd

Service Service Service Service

StatefulSet Deployment StatefulSet Deployment StatefulSet Deployment StatefulSet Deployment

Pod ConfigMap Pod ConfigMap Pod ConfigMap Pod ConfigMap

PV Secret PV Secret PV Secret PV Secret

22
 Migration Principle: Image Migration

⚫ Migration4CCE enables batch image migration.

⚫ A Docker image consists of an image list, image configurations, and a series of container image layers. The list can be thought of as an
image directory, which includes the locating information of image configurations and file system layers. Layers contain serialized file systems
and their changes. Image configurations record the applicable OS, execution parameters required by the runtime, and historical changes.
⚫ Image data can be migrated by migrating image manifest or blobs, depending on the image format.

Image format diagram Execution process of an image migration task

23
 Migration Principle: Cluster Resource Migration

⚫ Migration4CCE can migrate resources within a cluster and uses object storage as the backup storage.
⚫ Backup: The Kubernetes API server is invoked to create a backup object using kubectl, so that the resource objects and persistent volume data of the source
cluster can be packaged and uploaded to Huawei Cloud Stack OBS. All cluster resources are stored in JSON files.
⚫ Restoration: The Kubernetes API server is invoked to create a restore object using kubectl, so that resources can be downloaded from the cloud object
storage and then restored based on the JSON files.

24
 Migration Principle: Migration4CCE vs. Velero

Velero Migration4CCE

Deployment mode CLI-based deployment One-click deployment

Operation mode Command-line Visualized operation interfaces

Image migration Not supported Full/incremental image migration

Migration mode
Organization synchronization
• Application migration
• Application and data volume
migration
Not supported
• Application migration
• Application and data volume migration
• Separated migration of data
volumes
Supported

Automatic node creation Not supported Supported

Node IP address mapping Not supported Supported

• Load balancer migration
Ingress updates and adaptation Not supported • Ingress and Service updates and
adaptation
Storage class mapping Supported Supported
Automatic image IP address replacement
Image updates and adaptation Not supported
supported in the target cluster

25
 Key Steps Description

High data risk Capex is a large one-off investment Only for infrastructure Limited expert resource
Pain Points of Cannot scale down services Difficulty in using new Low reliability and risk of load shading
Failure to meet regulatory requirements
Hosting
High cost and low utilization of DR High maintenance costs technologies Unstable SLA

Evaluation and Survey Planning and Design Migration Implementation Migration Acceptance

5 On cloud 10 Implementation 14
1 Service information 2 Monitoring
solution design discussion
Resource list review
collection

6 Migration solution 11 Cloud 15

Optimization
3 Cloud migration risk design resource provisioning
assessment

7 12 Data 16
4 Function and Handover
Cloud migration performance verification synchronization
Policy evaluation

8 Operation manual 9 Implementation 13 17

Service cutover Acceptance
preparation plan making

Successful
Target Customers Key Enterprises NA Government Big Banks OP or Hosting to Cloud Cases

Why Huawei Cloud Stack Migration Toolkits Migration Service

SMS | DCS | DRS | OMS | CDM | DES Plan | Implementation | Acceptance

26
 Key Steps: Service Survey and Resource Survey Huawei Cloud Stack Container Migration Service Information Survey Form.xlsx
Information about the application system deployment architecture is collected, including how it
Service survey: connects with other systems or services and when users primarily use it. This will help with
evaluating migration and designing migration solutions.

Resource survey:
Information about the cluster system, the image repository, container storage, container network, and how they connect to other systems or
services is collected. This will help with evaluating migration and designing migration solutions.

27
 Key Steps: Risk Evaluation
Research and analyse the services in the source cluster to identify migration risks in different scenarios.

Scenario 2 Scenario 3
Scenario 1
Zero risks
Zero risks Controllable
Stateless Stateless Stateless Stateless
Stateless Stateless risks
application A application B application A application B
application A application B

Stateful Stateful Stateful Stateful

Stateless Stateless
application A application B application A application B
application C application D

PV PV PV PV
configuration files log files application data application data

Description of Scenario 1 Description of Scenario 2 Description of Scenario 3

⚫ Workloads in the cluster contain stateful applications.

⚫ All workloads in the cluster are stateless
applications.
⚫ There is no persistent data.
⚫ Smooth migration and switchover are
supported, which have no impacts on
services in the source cluster and cause
no risks.
⚫ Workloads in the cluster contain stateful
applications.
⚫ There is persistent data, mainly configuration files
and logs.
⚫ Smooth migration and switchover are supported.
They can be performed risk free. There are no
impacts on services in the source cluster.
⚫ There is persistent data. If persistent data is
application data, such as containerized database files
and persistent containerized middleware data, to
ensure data consistency before and after migration,
stop applications and apply for a service interruption
time window. After the migration and verification,
allow the traffic to flow to the target cluster.

28
 Key Steps: Migration Duration Evaluation
When estimating how long a migration will take, include the time required for survey and evaluation, solution design,
migration implementation, testing and verification, and emergency recovery.

Migration duration evaluation

02
01 1 Survey and evaluation
Solution design and
Survey and evaluation: Conduct an in-depth survey of the service systems based on the survey table to determine the
implementation plan number of service systems to be migrated, the number of clusters, namespaces, resource objects,
about 1 week modification: about types and volume of persistent data, and service access modes. It should take about a week.
2 to 3 weeks
2 Solution design and implementation plan modification
Develop the solution and modify the implementation plan based on the result of the research and
analysis. The expected duration is about 2 to 3 weeks.

3 Resource migration

04 03 Migration of resources outside a cluster, such as database migration, storage migration, and image
migration, can be done in full in real time using specific migration tools. When migrating resources
Resource migration within a cluster, the storage volume backup and restoration can be done by Restic, which is
Testing and verification: duration: assessed integrated into Migration4CCE. The following assessment model can be used to initially estimate
assessed based on based on services the resource migration duration: (Considering extra overheads such as network and I/O, it is
service characteristics scenarios involving recommended to reserve 50% buffer.)
Rollback duration: persistent data volumes,
within 30 minutes and bandwidth Persistent data volume
Resource migration duration = X (1 + 50%)
Inband rate

4 Verification and rollback

The needed verification depends on service characteristics. The rollback should not take more than
30 minutes.

29
 Key Steps: Migration Restrictions

Container migration is done using Migration4CCE, which has some restrictions. Specifically, it cannot migrate hostPath local storage
volumes, only Local type volumes. Since both hostPath and Local storage volumes are considered local storage, hostPath volumes in
the source cluster must be replaced with Local volumes beforehand. To do this, follow these steps:

1 Create a StorageClass YAML file for creating a local 2 Change the hostPath field to the local field, specify the original local 3 Verify the results.
volume as follows: disk path of the host machine, and add the nodeAffinity field.

apiVersion: storage.k8s.io/v1 apiVersion: v1 kubectl get pv

kind: StorageClass kind: PersistentVolume
metadata: metadata:
name: local name: mysql-pv
provisioner: kubernetes.io/no-provisioner labels:
volumeBindingMode: WaitForFirstConsumer app: mysql
spec:
accessModes:
- ReadWriteOnce
capacity:
storage: 5Gi
storageClassName: local #Specify the StorageClass created in the
previous step.
persistentVolumeReclaimPolicy: Delete
local:
path: "/mnt/data" #Specify the path of the local disk to be mounted with.
nodeAffinity:
required:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/hostname
operator: Exists

30
 Contents

1 Background

2 Service Overview

3 Service Content and Processes

4 Service Highlights

5 Success Story

31
 Service Highlights

A professional team and lower costs Accelerated service innovation

• Onsite support from experts with actual • Complete end-to-end technical solutions
reconstruction experience • Development guided by Huawei senior software
• Advanced Huawei Cloud Stack cloud native engineers
transformation methodology • Thoughtful resource planning and deployment for
maximum benefits at minimum costs

Container Migration Service

Best practices Improved business value

• Appropriate use of container technologies to

• The optimal combination of container address pain points
technologies and scenarios • Accelerated agile service innovation to create
• A smooth switchover to the container- more business value
centered cloud native platform

World's top cloud native expert teams, founding member of CNCF, No.1 Kubernetes code
contributor in Asia, and the only Istio steering committee member from Asia

32
 Competitiveness

⚫ Resources in a cluster can be migrated using software tools. The more resources there are in a cluster, the more benefits there are to a tool-
based migration. If the resources in a cluster are limited, manual deployment is recommended for service migration.
⚫ The tools support flexible migration modes, automatic organization synchronization, and node and resource updates, which are more
convenient and efficient than manual migration.

Tool-based migration Manual migration

Automatic batch migration of Resources created in the target

resources within a cluster cluster one by one
86%

Migration of persistent container

Automatic migration of
persistent container data
VS 85% data not supported

Manual updates and adaptation of

Fast migration
84% cluster resources

More efficiency even in large-scale 83% Low migration efficiency

resource migration scenarios

33
 Contents

1 Background

2 Service Overview

3 Service Content and Processes

4 Service Highlights

5 Success Story

34
 Success Story: An E-Commerce Platform
Background: For faster service rollout and iteration during flash sales, an e-commerce platform migrated and integrated its on-premises
Kubernetes container platform to improve the system's ability to handle flash sales during promotions. Services such as payment processing and
risk control were deployed on containers in a unified way. This reduced the network latency and the virtualization overhead.
Customer pain points
⚫ O&M: Containers and VM application environments need
Current Architecture

to be maintained, but excessive staff turnover makes it

Kubernetes hard.
Ingress Ingress Ingress Ingress VM VM ⚫ Service management: The connections between
Payment Risk control different services need to be configured manually, which
Foreground Customer service Central console E-mall
SDK (service SDK (service is dangerous, and the existing architecture is not robust
governance) governance) enough to withstand the impacts of sudden traffic bursts.
⚫ Resource flexibility: During flash sales, VMs need to be
scaled out manually and core service applications such
as payment processing and risk control need to be
Registry center deployed.

Key solution value

Architecture after migration

Container (Kubernetes) Container architecture upgrade ⚫ Enhanced O&M and R&D efficiency: A unified service
deployment environment helps CI/CD automation,
Pod Pod Pod Pod Pod Pod increasing efficiency by 50% and improving online
scenario response capabilities.
Foreground Customer service Central console E-mall Payment Risk control
⚫ More stable services: Containers can be scaled in
seconds. This helps handle traffic bursts. Exception
Sidecar Sidecar Sidecar Sidecar Sidecar Sidecar warning and proactive recovery ensure stable services.
⚫ Non-intrusive service governance: Language-agnostic,
non-intrusive service governance supports management
of applications in non-Java languages, such as PHP, and
ASM (lstio) enables service governance at scale to handle
Service discovery Service governance Certificate management Grayscale release exponential service growth.
Policy delivery Link collection Security verification Access monitoring

35
 Thank you. Bring digital to every person, home, and
organization for a fully connected,
intelligent world.

Copyright © 2024 Huawei Technologies Co., Ltd.

All Rights Reserved.

The information in this document may contain predictive

statements including, without limitation, statements regarding
the future financial and operating results, future product
portfolio, new technology, etc. There are a number of factors that
could cause actual results and developments to differ materially
from those expressed or implied in the predictive statements.
Therefore, such information is provided for reference purpose
only and constitutes neither an offer nor an acceptance. Huawei
may change the information at any time without notice.

36
36