CODEWITHSUNDEEP
amazon-web-servicesamazon-ec2buildaws-cloudformationdevops
pimir
pimir

Reputation: 21

AWS CloudFormation blue/green deployments for EC2

Does AWS CloudFormation support blue/green deployments for EC2? I was able to create blue/green deployment using CodeDeploy for EC2; however, I couldn't figure out how to create one using CloudFormation. It appears that CloudFormation supports blue/green deployment for ECS (https://aws.amazon.com/about-aws/whats-new/2020/05/aws-cloudformation-now-supports-blue-green-deployments-for-amazon-ecs/) and Lambda functions.

The CodeDeploy section of the template looks like this:

Type: AWS::CodeDeploy::DeploymentGroup
Properties:
    DeploymentGroupName: 'SampleGroupName'
    ServiceRoleArn: !Sub 'arn:aws:iam::${AWS::AccountId}:role/AzureDevOps/CodeDeployOperations'
    ApplicationName: !Ref CodeDeployApplication
    AutoScalingGroups:
    - !Ref SampleASG
    DeploymentStyle:
    DeploymentType: BLUE_GREEN
    DeploymentOption: WITH_TRAFFIC_CONTROL
    BlueGreenDeploymentConfiguration:
    TerminateBlueInstancesOnDeploymentSuccess:
        Action: TERMINATE
        TerminationWaitTimeInMinutes: 5
    DeploymentReadyOption:
        ActionOnTimeout: CONTINUE_DEPLOYMENT
    GreenFleetProvisioningOption:
        Action: COPY_AUTO_SCALING_GROUP  
    DeploymentConfigName: !If [IsProdStaging, CodeDeployDefault.HalfAtATime, CodeDeployDefault.AllAtOnce]
    LoadBalancerInfo:
    TargetGroupInfoList:
        - Name: !GetAtt SampleTargetGroup.TargetGroupName
    AutoRollbackConfiguration:
    Enabled: true
    Events:
        - DEPLOYMENT_FAILURE

Upvotes: 2

Views: 2933

Answers (2)

Sven Anton
Sven Anton

Reputation: 71

Actually there is a workaround that should be rather easy if you use CloudFormation to set up your EC2s with necessary infra. With CloudFormation you can create a second stack with new release on it, that is so-called green stack. For gradual release, you can:

  1. create extra DNS layer, which enables to route traffic to both: blue and green, is some proportion, OR
  2. additional load balancer in front of blue and green stacks.

Example case

E.g. let's say that you have a stack with Auto Scaling Group (ASG) and load balancer. Your service DNS name myservice.com routes to Elastic IP (EIP) that was attached to your load balancer. To deploy a new release, you will just have to change the AMI id for your ASG.

OPTION 1

  1. Create DNS record blue.myservice.com and set the EIP of the current stack (so called blue) as a target route to it.
  2. Create second stack (green stack) with DNS record green.myservice.com and target it to the EIP that was created with this new stack.
  3. Deploy new release to the newly created green stack by changing the AMI Id.
  4. Now change routing for myservice.com and target both blue.myservice.com and green.myservice.com in proportions you see fit.
  5. For testing purposes, you can now target green.myservice.com directly.
  6. If validation or testing of green is ok, you can scale new instances with ASG and route more traffic to the green stack, and descale the blue one.
  7. Do this till all traffic is on green one.
  8. Now, you can update the "blue" one fully and change the traffic back to that one, or use it as a future "green" stack by deploying new release on that.

Of course, this solution might cause a lot of problems and is not blue green in a sense that DNS cache will cause disruptions for cache validation period even if the new broken release has been taken down. Thus, I think using load balancer is a better solution.

OPTION 2

  1. Create second "green stack";
  2. create a load balancer as an additional layer that distributes the load between blue and green, routing traffic to corresponding load balancers;
  3. Point myservice.com to that new load balancer;
  4. Scale/ descale instances as you change the traffic.
  5. You are finished, when all traffic goes to green one.

GENERAL In each case, you most likely want to parametrise some values to make it easy to change the load gradually and to automate the whole process. To automate the whole deployment process, you would most likely use some CloudWatch or EventBridge rules and Lambdas if necessary, depending mostly on your needs and practices. This should not be very difficult

Upvotes: 1

Tom Anthony
Tom Anthony

Reputation: 931

As of now (Oct 2021), AWS still doesn't support Blue/Green deployments via CloudFormation if you are using EC2. There is a blue note in the DeploymentStyle section of the docs, reading:

For blue/green deployments, AWS CloudFormation supports deployments on Lambda compute platforms only. You can perform Amazon ECS blue/green deployments using AWS::CodeDeploy::BlueGreen hook.

It is super frustrating that this is not available, as there are no good workarounds.

Upvotes: 3

Related Questions