Skip to main content
HashnodeRajdeep Pal

Command Palette

Search for a command to run...

Migrating to Kubernetes

Updated
2 min read
Migrating to Kubernetes
R
Rajdeep Pal

Passionate about DevOps, Kubernetes, Cloud-Native technologies, and Open Source, I specialize in building scalable, automated, and secure infrastructure solutions. With hands-on experience in CI/CD, Kubernetes, HashiCorp Vault, Terraform, Airflow, and cloud platforms, I aim to bridge the gap between development and operations.

  • Docker image in AWS ECR

  • Kubernetes-native observability (Prometheus, Grafana, Jaeger, Kiali)

  • Istio service mesh (with Envoy proxy)

TL;DR: Migration Steps Overview

  1. Push Image to ECR (already done)

  2. Set up a Kubernetes Cluster

  3. Install Istio (with observability tools)

  4. Deploy FastAPI App to K8s

  5. Expose via Istio Gateway (Envoy)

  6. Access Observability Dashboards (Kiali, Grafana, etc.)

  7. (Optional) Add mTLS, Tracing, Metrics Customization

Step-by-Step Guide

Prerequisites

  • A running K8s cluster (e.g., Minikube, EKS, GKE, etc.)

  • kubectl, istioctl, and aws CLI set up

  • Docker image of FastAPI app pushed to ECR

  • AWS credentials configured (aws configure)

Create a Secret for AWS ECR Pull

kubectl create secret docker-registry aws-ecr-creds \
  --docker-server=<aws_account_id>.dkr.ecr.<region>.amazonaws.com \
  --docker-username=AWS \
  --docker-password=$(aws ecr get-login-password --region <region>) \
  --docker-email=you@example.com

Replace:

  • <aws_account_id>

  • <region>

Install Istio with Observability Add-ons

istioctl install --set profile=demo -y

Then label your namespace:

kubectl label namespace default istio-injection=enabled

Deploy FastAPI App

Here’s a minimal fastapi-deployment.yaml:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: fastapi-app
spec:
  replicas: 2
  selector:
    matchLabels:
      app: fastapi
  template:
    metadata:
      labels:
        app: fastapi
    spec:
      imagePullSecrets:
      - name: aws-ecr-creds
      containers:
      - name: fastapi-container
        image: <your_ecr_image_uri>
        ports:
        - containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
  name: fastapi-service
spec:
  selector:
    app: fastapi
  ports:
  - port: 80
    targetPort: 80

Apply it:

kubectl apply -f fastapi-deployment.yaml

Expose with Istio Gateway & VirtualService

# fastapi-istio-gateway.yaml
apiVersion: networking.istio.io/v1beta1
kind: Gateway
metadata:
  name: fastapi-gateway
spec:
  selector:
    istio: ingressgateway
  servers:
  - port:
      number: 80
      name: http
      protocol: HTTP
    hosts:
    - "*"
---
apiVersion: networking.istio.io/v1beta1
kind: VirtualService
metadata:
  name: fastapi-virtualservice
spec:
  hosts:
  - "*"
  gateways:
  - fastapi-gateway
  http:
  - match:
    - uri:
        prefix: /
    route:
    - destination:
        host: fastapi-service
        port:
          number: 80

Apply it:

kubectl apply -f fastapi-istio-gateway.yaml

Access the App

kubectl get svc istio-ingressgateway -n istio-system

Then go to:

http://<EXTERNAL-IP>/

Observability Dashboards

You can now run:

istioctl dashboard kiali     # live service mesh graph

These open local browser tabs with full metrics and tracing views.

Optional Capabilities

  • Enable mTLS for security (PeerAuthentication, DestinationRule)

  • Add HPA (HorizontalPodAutoscaler) based on custom metrics

https://istio.io/latest/docs/ops/integrations/kiali/

https://istio.io/latest/docs/setup/install/istioctl/

8 views

Comments

Join the discussion

No comments yet. Be the first to comment.

More from this blog

Rajdeep Pal

50 posts

DevOps ♾️ || Open-Source || Learning In Public ☁️