|
|
While containers revolutionized how development teams pack and deploy applications, these teams had to carefully monitor relaxation and create their own tools to relieve the risks of deployment, slowing the speed of transport. In the range of development teams, they spend valuable cycles by building and maintaining undifferentiated tools for deploying an innovation for their business.
From today you can use the built -in blue/green ability to deploy in the Amazon Elastic Container Service (Amazon EC) to make your application deployment more secure and consistent. This new capacity eliminates the need to create your own deployment tools and at the same time gives you confidence when sending software updates more often with the possibility of returning.
Here’s how to enable the built -in ability to deploy blue/green in the Amazon ECS.
You create a new “green” application environment while your existing “blue” environment still serves live traffic. After thoroughly monitoring and testing the green environment, you will be able to live from blue to green. With this ability, AMAZON ECS now provides built -in features that make the deployment of container applications more safer and reliable.
Below is the scheme illustrating how blue/green deployment works by moving the operation of applications from the blue environment to the green environment. You can learn more about the Amazon ECS Blue/Green Service deployments.
Amazon ECS organizes the whole workflow and provides hooks of events to verify new versions by synthetic operation before the direction of production traffic. You can verify the new software versions in production environments before exposing them to end users and almost upcoming in case of problems. Since this feature is built directly into the AMAZON ECS, you can add these warranties simply by updating the configuration without creating your own tools.
We are starting
Let me go through demonstrations that represent how to configure and use blue/green deployment for ECS. Previously, there are a few steps of settings that I have to finish, including AWS Identity and Access Management (IAM), which can be found on the required sources for the AMAZON ECS Blue/Green Deployments.
For this demonstration I want to deploy a new version of my application using a blue/green strategy to minimize risk. First, I have to configure my ECS service to use blue/green deployment. I can do this via the ECS console, AWS (AWS Cli) command line interfaces, or using infrastructure as a code.
Using the Amazon ECS console I create a new service and configure it as usual:
In the Options deployment option I will choose ECS as Type of controller deploymentthen Blue/green as Deployment. Bake time It is time after production traffic has moved to the green light when an immediate return on Blue is available. When the baking time expires, the blue tasks are removed.
Introducing the deployment hooks. These are mechanisms controlled by events that you can use to extend the workflow. I can choose which AWS Lambda feature I would like to use as a hook based on a life cycle of deployment. Lambda function can perform the required business logic, but must return the condition of the hook.
Amazon ECS supports the following life cycle hooks during blue/green deployment. You can learn more about each phase on the StagesCycle page for deployment.
- Preliminary enlargement
- Post scale up
- Shift
- Trial shift
- Shift in operation after production
- Post Test Traffic Shift
I want to test for my application when the change of test operation is completed and the green service processes all test operations. Because there is no operation of end users, this stage will have no impact on the user. That makes Post Test Traffic Shift Suitable for my use, because I can first try it with Lambda.
Switching the context for a moment Let’s focus on the Lambda function I use to verify the deployment before it allows it to continue. In my Lambda function as a hook of deployment by deployment, I can do any business logic, such as synthetic testing, calling another API or interrogative metrics.
Within the Lambda function I have to return and hookStatus. AND hookStatus can be SUCCEEDEDthat moves the process to the next step. If the state is FAILEDThis goes back to the blue deployment. If it is IN_PROGRESSThen the Amazon ECS rects the Lambda function in 30 seconds.
In the following example, I set my authentication with the Lambda function that performs files as part of the test kit for my application.
import json
import urllib3
import logging
import base64
import os
# Configure logging
logger = logging.getLogger()
logger.setLevel(logging.DEBUG)
# Initialize HTTP client
http = urllib3.PoolManager()
def lambda_handler(event, context):
"""
Validation hook that tests the green environment with file upload
"""
logger.info(f"Event: {json.dumps(event)}")
logger.info(f"Context: {context}")
try:
# In a real scenario, you would construct the test endpoint URL
test_endpoint = os.getenv("APP_URL")
# Create a test file for upload
test_file_content = "This is a test file for deployment validation"
test_file_data = test_file_content.encode('utf-8')
# Prepare multipart form data for file upload
fields = {
'file': ('test.txt', test_file_data, 'text/plain'),
'description': 'Deployment validation test file'
}
# Send POST request with file upload to /process endpoint
response = http.request(
'POST',
test_endpoint,
fields=fields,
timeout=30
)
logger.info(f"POST /process response status: {response.status}")
# Check if response has OK status code (200-299 range)
if 200 <= response.status < 300:
logger.info("File upload test passed - received OK status code")
return {
"hookStatus": "SUCCEEDED"
}
else:
logger.error(f"File upload test failed - status code: {response.status}")
return {
"hookStatus": "FAILED"
}
except Exception as error:
logger.error(f"File upload test failed: {str(error)}")
return {
"hookStatus": "FAILED"
}When the deployment reaches the life cycle phase that is associated with the hook, the Amazon ECS automatically induces my Lambda function with the context of the deployment. My verification features can perform comprehensive tests against green revision – check the health of applications, integration tests, or verify the metrics of power. The function then signals back to the ECS to continue or interrupt the deployment.
When I chose the Blue/Green deployment strategy, I also have to configure the load off and/or AMAZON ECS Service Connect. IN Balance section, I choose my Balancer Load of Application.
IN Listener Section, I use existing listener on port 80 and select two Target group.
I am satisfied with this configuration, create a service and wait for the ECS to provide its new service.
Testing blue/green deployment
Now it’s time to try my blue/green deployment. For this AMAZON ECS test, it starts my Lambda function after completing the test operation. My Lambda feature will come back FAILED In this case, when performing the file, it will upload to my application, but my application does not have this ability.
I update my service and check Force a new deploymentKnow the ability of blue/green deployment returns back if it detects failure. I will choose this option because I have not modified the definition of the task, but I still have to start a new deployment.
At this stage I have both blue and green environments, while the green revision handles all test operations. Meanwhile, on the basis of Amazon Cloudwatch protocols my Lambda function, I also see that the hooks of the life cycle of deployment work as expected and emit the following payload:
(INFO) 2025-07-10T13:15:39.018Z 67d9b03e-12da-4fab-920d-9887d264308e Event:
{
"executionDetails": {
"testTrafficWeights": {},
"productionTrafficWeights": {},
"serviceArn": "arn:aws:ecs:us-west-2:123:service/EcsBlueGreenCluster/nginxBGservice",
"targetServiceRevisionArn": "arn:aws:ecs:us-west-2:123:service-revision/EcsBlueGreenCluster/nginxBGservice/9386398427419951854"
},
"executionId": "a635edb5-a66b-4f44-bf3f-fcee4b3641a5",
"lifecycleStage": "POST_TEST_TRAFFIC_SHIFT",
"resourceArn": "arn:aws:ecs:us-west-2:123:service-deployment/EcsBlueGreenCluster/nginxBGservice/TFX5sH9q9XDboDTOv0rIt"
}As expected, my AWS Lambda feature returns FAILED as hookStatus Because failed to test.
(ERROR) 2025-07-10T13:18:43.392Z 67d9b03e-12da-4fab-920d-9887d264308e File upload test failed: HTTPConnectionPool(host="xyz.us-west-2.elb.amazonaws.com", port=80): Max retries exceeded with url: / (Caused by ConnectTimeoutError(, 'Connection to xyz.us-west-2.elb.amazonaws.com timed out. (connect timeout=30)')) Since the verification has not been successfully completed, the Amazon ECS is trying to return to the blue version that is the previous version of the work. I can follow this process through ECS events in Events A section that provides detailed visibility to the advancement of deployment.
Amazon ECS successfully returns deployment to the previous working version. Rollback is almost happening, because blue revision remains running and is ready to receive production traffic. During this process, there is no impact of the end user, as production operation has never moved to the new version of the application-CE simply overturned the test operation to the original stable version. This eliminates the typical downtime of deployment associated with traditional rolling deployment.
I also see a return status Deployment section.
During my testing, I noted that the blue/green deployment strategy provides consistent and predictable behavior. In addition, the deployment hooks provide greater flexibility to control the behavior of deployment. Each service revision maintains an unchanging configuration, including the task definition, the load offset and Service Connect configuration. This means that the return will restore exactly the same environment that was previously launched.
Other things to know
Here are a few things that you can note:
- Prices – The ability of blue/green deployment is part of AMAZON ECS at no extra charge. You only pay for computational sources used during the deployment process.
- Availability – This ability is available in all AWS commercial regions.
Start with the blue/green deployment of AMAZON ECS configuration updates in the Amazon ECS.
Happy commitment!
– Donnie