Collecting Details of AWS Container Resources

Principle of Collection over the Internet

Figure 1 illustrates how to use MgC to collect details about AWS container resources over the Internet.

Figure 1 Principle of collecting AWS container resource details

1. MgC invokes Amazon EKS APIs to obtain information about resources such as containers and VMs.
2. MgC receives API call responses, which typically contain extensive resource data.
3. MgC parses the returned data and extracts key information, such as the number of nodes and number of VM cores. Then, the key information is saved to the database for subsequent analysis and migration.

Principle of Deep Collection

Figure 2 shows the principle of a deep collection for AWS container resources by MgC.

Figure 2 Principle of deep collection for AWS containers

The process is as follows:

1. MgC sends commands to the MgC Agent (formerly Edge) to collect container resource information.
2. The MgC Agent accesses the container cluster using the credentials you provide.
3. The MgC Agent calls Kubernetes APIs to collect cluster details, including container specifications, node configurations, persistent volume configurations, and network policies.
4. The MgC Agent reports the collected information to MgC.
5. After receiving the reported information, MgC parses the information, extracts useful information, and saves the information to the database.

Preparations

• Preparing a Huawei account

  Before using MgC, you need to prepare a HUAWEI ID or an IAM user that can access MgC. For details about how to register a HUAWEI ID and create an IAM user, see Preparations.

• Creating an application migration project

  Create a migration project (a simple project is recommended) on the MgC console. For details, see Managing Migration Projects.

• Preparing AWS account credentials

  Obtain an AK/SK pair for the AWS account that owns the resources to be collected. For details, see Obtaining AWS Access Keys.

• Providing the source credentials

  Add the AWS authentication information to the MgC console as the collection credential. For details, see Managing Credentials.

• Obtaining the login configuration files of the AWS container clusters

  The configuration files are used for deep collection. The MgC Agent uses them to access the AWS container clusters and invoke the Kubernetes APIs to collect details about the container clusters.

Required Permissions

Before collecting details of Amazon EKS resources, ensure that the AWS account has the following permissions:

• eks:DescribeCluster
• eks:ListClusters
• ec2:DescribeInstances
• ec2:DescribeSubnets
• cloudwatch:GetMetricStatistics

Creating an Internet-based Discovery Task

Create a discovery task on the MgC console. For details, see Discovering Resources over the Internet. During the task creation, set Source Platform to AWS, Credential to the credential provided in preparations, Region as required, and Resource Type to Container.

Figure 3 Creating an Internet-based discovery task

Performing a Deep Collection

After obtaining the list of AWS containers through the Internet-based discovery task, you can perform a deep collection for container resources to obtain their details, including container specifications, node configurations, persistent volume configurations, and network policies. For details, see Performing a Deep Collection for Containers.

Before that, you need to provide the MgC Agent with the login configuration files for accessing the AWS container clusters.

Figure 4 Adding credentials required for deep collection to the MgC Agent