Joseph-Irving
commented
2 years ago Hey, we recently finished switching everything over to IRSA and shutting down Kiam in our clusters. You can use both at the same time and IRSA will take precedence due to the way the aws credential chain works, so our method was to leave kiam running, then on an app by app basis we would setup all the IRSA stuff for it, roll that out. At this point the app still has the kiam annotations but it will be using the IRSA credentials instead. You can then remove the Kiam annotation for the app and it should continue working with the IRSA creds and you have no downtime. Once this is done for every app you can then delete Kiam!
sushama-kothawale
maanti
Hello! An odd issue - we love KIAM and as such, deployed it all over the place and have a few teams relying on it to work with AWS services.
Alas, we are also on the track of switching to IRSA - we are just at the inflection point and will likely kick off a project to figure out the migration path.
From a super quick cursory look, we weren't sure if there was a "zero downtime" migration method. We were wondering if the uswitch team (or others) had any helpful hints or processes they would be willing to share to help with our smooth transition away from KIAM?
While I'm here - huge thanks to the contributers of KIAM, its been great using as a tool and helped our teams consume AWS services easily for many years now.