Your
Trusted
Get Fully AWS Funded
Cloud Migration

Unified Kubernetes Strategy for Multi-Environment Application Stacks and Testing

1. Executive Summary

This document proposes a unified Kubernetes-based strategy for running application stacks across multiple environments: EKS (production and final validation), local development, CI, and on‑prem / isolated (VMware / ESXi) setups.

The core principle is:

Kubernetes is the contract. EKS is the reference implementation.

All application and Helm-level artifacts remain identical across environments. Differences are isolated strictly into a platform layer (base charts, defaults, and cluster configuration).

This approach minimizes environment drift, enables fast integration testing, supports proper autoscaling validation, and avoids coupling application delivery to specific infrastructure implementations.

2. Problem Statement

We need a solution that:

  • Runs the same application stack across:

    • AWS EKS (production)

    • Local developer machines

    • CI pipelines (ephemeral environments)

    • On‑prem / isolated environments (VMware / ESXi, single or few VMs)

  • Supports integration and system tests that provision and tear down full stacks quickly

  • Allows proper autoscaling validation (HPA and cluster autoscaling)

  • Avoids leaking infrastructure or cloud-specific assumptions into application code or Helm charts

  • Keeps the number of supported Kubernetes distributions to a minimum

3. Non‑Goals

This proposal explicitly does not aim to:

  • Perfectly reproduce AWS‑specific behavior outside AWS

  • Make local or on‑prem environments identical to EKS at the infrastructure level

  • Support unlimited Kubernetes distributions

  • Hide all behavioral differences between cloud and non‑cloud environments

Behavioral parity is achieved only on EKS. Other environments provide functional validation.

4. Core Architectural Principle
4.1 Kubernetes as the Contract

  • Kubernetes APIs (not VMs, not cloud providers) define the system boundary

  • Application charts depend only on:

    • Core Kubernetes APIs

    • A small, explicit set of platform capabilities

4.2 Platform vs Application Responsibility

Layer

Responsibility

Application

Workloads, services, HPAs, configs, business logic

Platform

Ingress, storage classes, metrics, autoscaling infra, cloud integrations

Application charts must not embed platform or vendor specifics.

5. Target Environments
5.1 Environments to Support

Environment

Purpose

EKS

Production, final validation, real AWS behavior

Local / CI

Fast feedback, integration tests, developer workflows

On‑prem / Isolated

Customer environments, regulated or air‑gapped setups

6. Kubernetes Substrate Selection
6.1 Minimal Supported Substrates

To minimize complexity while covering all requirements:

  1. Amazon EKS (mandatory)

  2. k3s (non‑EKS environments)

6.2 Rationale

  • EKS provides authoritative behavior for networking, autoscaling, IAM, and storage

  • k3s provides:

    • Upstream‑compatible Kubernetes APIs

    • Multi‑node clusters on VMs

    • Functional autoscaling (HPA + cluster autoscaler)

    • Operation on local machines, CI, and VMware / ESXi

This combination covers all environments with only two Kubernetes substrates.

7. Autoscaling Model
7.1 What Is Validated Where

Aspect

k3s

EKS

HPA logic

Scheduling pressure

Node scaling

✅ (VM‑based)

✅ (AWS‑based)

Cloud constraints (ENI, spot, ASG)

Interpretation rule:

Autoscaling is functionally validated on k3s and behaviorally validated on EKS.

8. Platform Capability Contract

Each Kubernetes cluster must provide the following capabilities:

  • A default StorageClass suitable for standard PVC usage

  • A default IngressClass

  • A working metrics pipeline (metrics‑server / Prometheus)

  • Support for HPA

  • Support for cluster autoscaling (where applicable)

  • Standard DNS and service discovery

Implementation details may differ per environment but must be invisible to applications.

9. Known Technical Limitations (Unavoidable)

The following cannot be made equivalent outside AWS:

  • AWS VPC CNI semantics (ENI limits, IP exhaustion behavior)

  • ALB/NLB controller behavior

  • IRSA and IAM failure modes

  • EBS/EFS performance and attachment semantics

  • Spot interruption and AWS capacity constraints

Tests relying on these behaviors must run on EKS.

10. Role of LocalStack (Optional)

LocalStack may be used as an AWS API emulator in local/CI environments:

  • Emulates AWS services (S3, SQS, SNS, etc.)

  • Runs as a workload inside Kubernetes

  • Reduces AWS cost and dependency for non‑prod tests

LocalStack does not replace Kubernetes or EKS.

11. Operational Model
11.1 Integration Test Flow

  1. Provision Kubernetes cluster (k3s or EKS)

  2. Deploy platform layer

  3. Deploy application stack (same charts/values)

  4. Run tests

  5. Collect results

  6. Tear down cluster

11.2 Promotion Model

Local / CI → k3s multi‑node → EKS

Confidence increases at each stage; artifacts remain identical.

12. Risks and Mitigations

Risk

Mitigation

App charts leak platform details

Enforce platform contract and reviews

False confidence from non‑AWS tests

Explicit EKS validation stage

Platform drift

Version pinning and documented defaults

13. Conclusion

This proposal establishes a clear, minimal, and scalable Kubernetes strategy:

  • Kubernetes is the abstraction boundary

  • EKS is the reference and final validator

  • k3s covers all non‑AWS environments

  • Application artifacts remain identical everywhere

  • Platform differences are explicit, documented, and controlled

This balances speed, correctness, and operational sanity without over‑engineering or false guarantees.

14. Next Steps

  • Approve substrate selection (EKS + k3s)

  • Define platform capability contract as policy

  • Document base chart responsibilities

  • Classify tests by required environment (k3s vs EKS)!