Skip to main content

ECS to GKE Migration POC

AWS to GCP GKE Migration


Current State vs Target State

Component

AWS Current

GCP Target

Container Orchestration

ECS

GKE

Container Registry

ECR

GCR/Artifact Registry

Database

RDS

Cloud SQL

Cache

ElastiCache

Memorystore

Storage

S3

Cloud Storage

CDN

CloudFront

Cloud CDN

Compute

EC2

GCE


Migration Pros

Financial Benefits

  • Immediate: $175k credits available ($75k now + $100k mid-2026)
  • Cost Savings 
  • Predictable Costs: Credits provide budget certainty through 2026

Operational Advantages

  • Team already experienced with GKE (dev/QA environments)
  • Existing IaC scripts enable 2-hour end-to-end deployment
  • All environments on same platform / Can be isolated easily
  • Single cloud provider to manage

Technical Benefits

  • Native Kubernetes: GKE offers superior K8s experience vs ECS
  • Better Autoscaling: More granular scaling options - Already completed POC on how can we manage resource and the limits for individual workloads as needed, this can directly be managed from jenkins itself.
  • Integrated Monitoring: Already setup Signoz with GCP workloads and can be done similarly for prod.

Migration Cons

  • AWS CloudWatch is super clean to monitor when compared to gcp monitoring but is manageable.
  • GCP Resource Quotas sometimes becomes blockers for urgent resource deployments
  • We would be transitioning from ECS to GKE, where when compared from peer to peer pricing of resources, for GKE we need to pay 75$/mo for kubernetes master node maintenance charges which are fixed. 
  • Load Balancer Differences: ALB vs GCP Load Balancer configuration changes (Managable) - Will Cost higher as the setups for k8 would require multiple load balancers. [We can make changes to architecture, still networking with GKE would cost us higher with shared LB with ingress]


Security & Compliance Considerations

SOC 2 Requirements

Maintained Capabilities:

  • VPC network isolation equivalent to AWS VPC
  • IAM roles and policies (Cloud IAM)
  • Encryption at rest and in transit
  • Audit logging (Cloud Audit Logs)
  • Access controls and monitoring

Security Enhancements

  • Workload Identity: Secure pod-to-GCP service authentication (TBD but can be implemented, while ECS do have service mesh) 
  • VPC Service Controls: Additional network security layer
  • Cloud Security Command Center: Centralized security insights

Compliance Considerations

  • GCP maintains SOC 2 Type II certification
  • Cloud SQL automatic encryption and backup
  • Network security groups equivalent functionality
  • Audit trail continuity must be planned


Performance Impact

Expected Improvements

  • GKE rolling updates vs ECS deployment time (More control than ECS)
  • Similar global infrastructure

Potential Concerns

  • Initial Migration Performance: Temporary impact during transition
  • Network Latency: Minimal difference in most regions
  • Database Performance: Cloud SQL vs RDS comparable

Migration Effort Estimate

Low Effort (Existing Assets)

  • GKE cluster deployment ✅
  • Application containerization ✅
  • Database migration scripts ✅
  • IaC automation ✅
  • Quotas and Limits Management

Risk Mitigation

Migration Strategy

  1. Blue-Green Deployment: Parallel environments during transition
  2. Database Replication: Real-time sync before cutover
  3. Rollback Plan: Maintain AWS environment for 3-4 days post-migration


Back to top