Deploy a Linux workload to a target cluster

After you have migrated a workload from your source platform, you can use the deployment artifacts generated by that process to deploy the migrated workload container to another cluster.

Skaffold cab handle the workflow for building, pushing and deploying your application. For more information, see Build and deploy multiple images using Skaffold.

Before you begin

Before deploying your workload, you should have first:

Migrated the workload using Migrate to Containers tools.
Reviewed the generate deployment files.

Deploy on a target cluster

The following sections describe the available options to deploy your workload on a cluster.

Deploy on a target cluster using GCR as the Docker registry

To ensure that a target cluster has access to the Container Registry (GCR), create a Kubernetes secret that contains the credentials required to access GCR:

Create a service account for deploying a migration as described in Creating a service account for accessing Container Registry and Cloud Storage.

This process has you download a JSON key file named m4a-install.json.
Create a Kubernetes secret that contains the credentials required to access GCR:
```
kubectl create secret docker-registry gcr-json-key \
 --docker-server=gcr.io --docker-username=_json_key --docker-password="$(cat ~/m4a-install.json)" \
 --docker-email=account@project.iam.gserviceaccount.com
```
where:
- docker-registry specifies the name of the Kubernetes secret, gcr-json-key in this example.
- docker-server=gcr.io specifies GCR as the server.
- docker-username=_json_key specifies that the username is contained in the JSON key file.
- docker-password specifies to use a password from the JSON key file.
- docker-email specifies the email address of the service account.

Set the Kubernetes secret by either:

Changing the default imagePullSecrets value:

kubectl patch serviceaccount default -p '{"imagePullSecrets": [{"name": "gcr-json-key"}]}'

Editing the deployment_spec.yaml file to add the imagePullSecrets value to the spec.template.spec definition:

spec:
  containers:
  - image: gcr.io/PROJECT_ID/mycontainer-instance:v1.0.0
    name: mycontainer-instance
    ...
  volumes:
  - hostPath:
      path: /sys/fs/cgroup
      type: Directory
    name: cgroups
  imagePullSecrets:
  - name: gcr-json-key

Deploy on a target cluster using a Docker registry with basic authentication

If you use a Docker registry to store for migration images, then the registry must support basic authentication using a username and password. Because there are many ways to configure a read-only connection to a Docker registry, you should use the method appropriate for your cluster platform and Docker registry.

Apply generated deployment YAML file

Use kubectl to apply the deployment spec to your target cluster, such as a production cluster.

kubectl

Ensure that the target cluster has read access to the Docker image registry.
Deploy the container:
```
kubectl apply -f deployment_spec.yaml
```

What's next

Learn how to complete post-migration image updates.