All Products
Search

This Product

    Container Service for Kubernetes:Overview of Kubernetes migration plans

    Document Center

    Container Service for Kubernetes:Overview of Kubernetes migration plans

    Last Updated:Mar 26, 2026

    Migrate workloads from a self-managed Kubernetes cluster to a Container Service for Kubernetes (ACK) cluster without service interruptions.

    Migration scheme

    image

    Tools used in this migration

    Review these tools before you start to confirm compatibility with your environment.

    Tool Purpose
    Data Transmission Service (DTS) Migrate MySQL data with full, incremental, or two-way synchronization
    ossimport Batch-migrate data from on-premises servers or third-party cloud storage to OSS
    image-syncer Migrate container images to Container Registry

    Prerequisites

    Before you begin, ensure that you have:

    • An Alibaba Cloud account with permissions to create ACK clusters and related resources

    • Access to the self-managed Kubernetes cluster and its application configurations

    • (Optional) A backup of the data and configurations in the self-managed Kubernetes cluster

    Procedure

    Step 1: Create and configure an ACK cluster

    O&M engineers create and configure the ACK cluster before developers begin migrating applications.

    Use an ACK Pro cluster. Its control plane is fully managed by ACK, so you only need to create and manage worker nodes — you are charged only for worker node resources.

    For detailed cluster creation steps, see Create an ACK managed cluster.

    Configure the following settings when creating the cluster:

    Setting Description
    Operating system Select CentOS 7.6 or Alibaba Cloud Linux 2.1903 (default). To use a custom kernel, see Use a custom image to create an ACK cluster.
    VPC Select a virtual private cloud (VPC) and vSwitches for the cluster.
    SNAT Configure SNAT entries for the VPC.
    Public access Expose the API server using an elastic IP address (EIP).
    CloudMonitor agent Install the CloudMonitor agent on Elastic Compute Service (ECS) instances in the cluster.
    Simple Log Service Install and configure the Simple Log Service agent in the cluster.

    Step 2: Migrate data

    Data migration covers three areas: databases, object storage, and container images.

    Migrate databases

    1. Create an ApsaraDB RDS instance.

    2. Configure a whitelist to allow only specified IP addresses to access the instance.

    3. Configure Alibaba Cloud DNS PrivateZone to resolve the database domain name to the ApsaraDB RDS instance IP address. This eliminates the need to update database connection strings in your applications.

    4. Migrate MySQL data using Data Transmission Service (DTS). DTS supports full, incremental, and two-way synchronization. For details, see Migrate data from a self-managed MySQL database to an ApsaraDB RDS for MySQL instance.

    Migrate object storage data

    1. Activate Object Storage Service (OSS).

    2. Create an OSS bucket.

    3. Migrate your data to OSS using the ossimport tool. ossimport supports batch migration from on-premises servers and third-party cloud storage services such as Amazon S3, Microsoft Azure, and Tencent Cloud Object Storage. For details, see Overview.

    Migrate container images

    1. Create a Container Registry repository.

    2. Set the credentials for accessing the repository.

    3. Migrate container images using image-syncer. For details, see Use image-syncer to migrate container images.

    Step 3: Migrate application configurations

    O&M engineers or developers migrate cluster and application configurations to the ACK cluster.

    For details, see Migrate applications from an external Kubernetes cluster to ACK clusters.

    Step 4: Perform regression tests

    Test engineers run regression tests against the ACK cluster without interrupting online traffic.

    1. Configure domain names for regression tests.

    2. Test applications.

    3. Check logged application events.

    4. Check application monitoring metrics.

    Step 5: Switch traffic to ACK

    O&M engineers update the Domain Name System (DNS) configuration to redirect traffic to the ACK cluster.

    1. Modify the DNS configuration to switch traffic.

    2. Update client configurations or code to point to the ACK cluster.

    Step 6: Decommission the self-managed Kubernetes cluster

    After confirming the ACK cluster is handling traffic correctly, O&M engineers decommission the self-managed cluster.

    1. Verify that the ACK cluster can receive and send traffic as expected.

    2. Decommission the self-managed Kubernetes cluster.

    3. Delete the backup files stored in the OSS bucket created during the application migration.