Sign up for our newsletter! →


Low-Risk Migration from App Engine to GKE on Google Cloud

HanaByte Performs Secure Microservices Migration


Executive Summary

During this engagement, HanaByte acted on behalf of WALTLabs, who is a Google Cloud Partner providing professional services around application modernization and cloud strategy. The end customer is a cloud software company in the insurance industry that runs a cloud-based data processing solution in Google Cloud. Through the efforts of this engagement, the client was able to perform a successful migration of their microservices from Google App Engine (GAE) to Google Kubernetes Engine (GKE) with minimal friction, resulting in a more secure and scalable solution. 

About WaltLabs

WALTLabs is a Google Cloud partner who delivers innovation through emerging technologies. They have served over 30,000 customers across the globe, with over 10,000 servers migrated, 500+ applications automated, and 100+ Kubernetes clusters deployed. 

The Challenge

HanaByte was engaged to provide hands-on keyboard expertise for a migration from App Engine to Kubernetes running on GKE Autopilot. The primary focus of this migration was the customer’s microservices infrastructure, which was located in App Engine. The ultimate goal was to leverage Kubernetes’ container orchestration capabilities, allowing the customer to scale their application beyond the limits of their current infrastructure. Furthermore, the customer was also keen on utilizing Spot Pods for their fault-tolerant workloads.

In addition, the customer was not taking advantage of using security policies provided by Google Cloud Armor and needed rules to be configured to mitigate against the OWASP Top 10 web application security risks.

Services Provided

Google Cloud Services

Google App Engine (GAE)
Google Kubernetes Engine (GKE) Autopilot
Cloud SQL for MySQL
Cloud Load Balancing
Cloud DNS
Cloud Armor
Cloud Memorystore (Redis)
Cloud Storage

Third-Party Integrations

GitHub / GitHub Actions

Why HanaByte

WALTLabs enlisted the services of HanaByte based on their extensive knowledge and experience with Google Cloud, particularly with regards to GKE and GAE services. HanaByte has a well-established history of creating, implementing, and maintaining Kubernetes services while prioritizing security at every stage of the process.

Strategy & Solution

The customer’s migration process was executed in phases, beginning with a “pilot” application that was moved from GAE to GKE. This involved creating a detailed set of documentation and configuration as code after a series of discovery sessions with the customer. The infrastructure was implemented using Terraform infrastructure as code (IaC), incorporating modules to establish multi-region load balancers and GKE clusters. The existing containerized microservice was transformed into a Helm chart, which was utilized to deploy the solution in GKE.

To balance traffic between GAE and GKE simultaneously, a routing mechanism was established using externally facing HTTPS load balancers. This mechanism enabled the customer to create a Domain Name Server (DNS) switch when they were ready to conduct tests. Every step of the process was carefully planned and executed in close collaboration with the customer to ensure a smooth and successful migration.

Results & Benefits

As a result of the migration efforts, the customer was able to successfully migrate their application from App Engine to Kubernetes. The system underwent load testing, which indicated no noticeable differences in application responsiveness. Moreover, the Helm charts were integrated into their primary GitHub repository, while a new repository was established to house the Terraform infrastructure as code. This ensured strong configuration management for their GKE clusters, and a more secure solution deployed to host the customer’s workloads. 

Next Steps

WALTLabs and HanaByte continue to work together to support the customer and ensure that all of their needs are met as their adoption of GKE increases. 

About the Partner

HanaByte is a cloud security consultancy focused on compliance automation based out of Atlanta, Georgia. We are a remote-first consulting firm, working with cloud-native technologies and processes on Amazon Web Services and Google Cloud.