Over the past decade a large number of both private and public organizations have moved their digital infrastructure to the cloud. In most cases, that cloud has been American, owned by either Microsoft, Google or Amazon. Up until recently not many people considered that as an issue; they were getting great products and cloud infrastructure that “just worked”. However, with growing tensions between the EU and the United States more companies are considering their options. In order to be able to provide good advice to our customers a small team at the Norwegian IT consulting company Computas set out to try to move one of our internal applications to the European cloud provider OVHcloud.
Getting Acquainted with OVHcloud
OVHcloud provides many of the same base features that US providers like Google Cloud provides, like a managed Kubernetes cluster, managed databases, artifact registry and blob storage. However, other features like a secret manager or advanced data analytics tools like BigQuery aren’t available as a managed service and therefore require some extra work.
Our application was quite simple, consisting of four microservices running as containers on Kubernetes and one PostgreSQL database. By leveraging the cloud native ecosystem we actually managed to migrate our application in just a few days, despite having no prior experience with OVHcloud. When setting up the Kubernetes cluster we needed to dive a bit more into networking details than what we usually need to do on Google Cloud, like explicitly defining private networks, enabling DHCP, assigning a gateway and configuring a node pool for the cluster.
Deploying and Securing a Kubernetes Cluster
Once the cluster was up and running we got back into familiar territory. Deploying deployments and services was super simple since we had our Kubernetes resources defined in YAML files. Getting the pods to talk to the database was easy too, but we needed to explicitly make sure the database and Kubernetes cluster ran on the same subnetwork. This is not as much of an issue with cloud providers like Google Cloud since most managed resources like databases do not actually run inside your virtual private cloud (VPC) but rather on a Google managed VPC network. This means that Google Cloud provides a more “secure-by-default” approach where the database is isolated and secure access is required using services like IAM and cloud-sql-proxy. With OVHcloud you can to a large extent achieve the same things, but you are on your own to a larger extent.
The final piece of the puzzle was exposing our application securely to users over HTTPS. Thanks to cloud native components like Traefik and Cert-Manager, paired with Let’s Encrypt as the certificate authority, we managed to make our application available as a web application to our users. Again, this was not especially hard to do, but it required a lot more knowledge about the underlying components and more configuration than on GKE (Google Kubernetes Engine), where you just specify some annotations on your ingress resource and you are good to go.
Testing Application Portability
To summarize, the migration process to OVHcloud went quite smoothly. However, that is in large part due to the fact that our application was containerized and used cloud native and open source technologies like Kubernetes and PostgreSQL. We also noticed all of the things platforms like Google Cloud gives you out of the box, while getting an application up and running on OVHcloud requires more in-depth knowledge of infrastructure, networking and Kubernetes. Also worth noting is that where Google Cloud provides a lot of security out of the box, you need to take extra care when configuring your infrastructure on OVHcloud.
While a full migration from major cloud providers like Azure, Google Cloud or AWS may not be relevant in most cases, having a European cloud strategy or a portability plan is beneficial. Doing the exercise of actually migrating an application reveals infrastructure portability, valuable also for potential moves due to cost or simply for awareness. Even if you remain with your current US provider, getting a better understanding of your application’s portability is always a good idea.
Deploying Our First Web Application to OVHcloud was originally published in Compendium on Medium, where people are continuing the conversation by highlighting and responding to this story.
