How can I perform blue/green deployments for services hosted on Amazon ECS?

5 minute read

I want to perform blue/green deployment for services hosted on Amazon Elastic Container Service (Amazon ECS).

Short description

Before you follow the steps to perform a blue/green deployment, make sure that you have the following:

Resolution

Create an AWS Identity and Access Management (IAM) service role

Before deploying the blue/green type for AWS CodeDeploy with Amazon ECS, first grant the CodeDeploy service permissions to update your ECS service on your behalf.

1. Open the IAM console.

2. In the navigation pane, choose Roles.

3. Choose Create role.

4. In the Select type of trusted entity section, choose AWS service, and then choose CodeDeploy.

5. In the Select your use case section, choose CodeDeploy - ECS, and then choose Next:Permissions.

Note: Keep the default AWSCodeDeployforECS policy. This policy includes the permissions that CodeDeploy requires for interacting correctly with Amazon ECS and other services.

6. Choose Next: Tags.

7. (Optional) Enter a tag name, and then choose Next: Review.

8. For Role name, enter ecsCodeDeployRole.

9. Choose Create role.

Create the Application Load Balancer

1. Open the Amazon EC2 console.

2. In the navigation pane, from the Load Balancing section, choose Load Balancers.

3. Choose Create Load Balancer.

4. In the Select load balancer type section, for Application Load Balancer, choose Create.

5. For Name, enter a name for your load balancer.

6. In the Availability Zones section, select the VPC where your Amazon ECS cluster was created. Then, select any two subnets with access to the internet.

7. Choose Next: Configure Security Settings.

8. Select Create a new security group.

9. For Security group name, enter Sample Security-group.

10. Choose Add Rule.

11. For Port Range, enter 8080. For Source, enter 0.0.0.0/0.

12. Choose Next: Configure Routing.

13. For Target group, enter a name for your target group.

14. For Target type, choose IP.

15. Choose Next: Register Targets, and then register your target group and set your IP.

16. Choose Next:Review.

17. Choose Create.

Create a task definition

1. Open the Amazon ECS console.

2. In the navigation pane, choose Task Definitions.

3. Choose Create new Task Definition.

4. Choose Fargate, and then choose Next step.

5. Configure the task definition based on your needs, and then choose Create.

The following example task definition uses the AWS Fargate launch type and an NGINX image from Docker hub:

{<br>  "executionRoleArn": "arn:aws:iam::account_ID:role/ecsTaskExecutionRole",<br>  "containerDefinitions": [{<br>    "name": "sample-website",<br>    "image": "nginx:latest",<br>    "essential": true,<br>    "portMappings": [{<br>      "hostPort": 80,<br>      "protocol": "tcp",<br>      "containerPort": 80<br>    }]<br>  }],<br>  "requiresCompatibilities": [<br>    "FARGATE"<br>  ],<br>  "networkMode": "awsvpc",<br>  "cpu": "256",<br>  "memory": "512",<br>  "family": "sample-website"<br>}

Create an Amazon ECS service

1. Open the Amazon ECS console.

2. In the Amazon ECS section of the navigation pane, choose Clusters, and then choose your cluster.

3. On the Services tab, choose Create to create a service.

4. In the Configure service section, for Launch type, select FARGATE.

5. For Task Definition, select the task definition that you created in the previous section.

6. For Service name, enter a name for your service. For example: Sample-Website

7. For Number of tasks, enter the number of tasks that you want your service to run.

8. In the Deployments section, select Blue/green deployment (powered by AWS CodeDeploy).

9. For Service role for CodeDeploy, choose ecsCodeDeployRole.

Note: You created the ecsCodeDeployRole service role earlier.

10. Choose Next step.

11. In the VPC and security groups section, choose your cluster VPC and subnets.

12. In the Load balancing section, for Load balancer type, choose Application Load Balancer.

13. For Load balancer name, select the load balancer that you created earlier.

14. In the Container to load balancer section, choose Add to load balancer.

15. In the Container to load balance section, for Production listener port, select 80:HTTP.

16. Select the Test listener check box.

17. For Test listener port, choose create new, and then enter 8080 as the listener port.

18. In the Additional configuration section, for Target group 1 name, choose the target group that you created when you created the load balancer.

19. For Target group 2 name, create a new target group in the Amazon ECS console with the name sample-website-tg-2.

20. Skip the Set Auto Scaling (optional) page, and choose Next step.

21. Choose Create Service.

Now, you can see the new service that you created with one task running.

Verify that the Amazon ECS blue/green deployment is working

After you create the blue/green Amazon ECS service, create a new task definition revision with the changes, and then update your Amazon ECS service. This creates a deployment in the CodeDeploy console.

1. Open the Amazon ECS console.

2. From the navigation pane, choose Task Definitions.

3. Select your task definition, choose Create new revision, and then choose Create.

Note: In the following example, the image property is updated to use httpd:2.4:

{<br>  "executionRoleArn": "arn:aws:iam::account_ID:role/ecsTaskExecutionRole",<br>  "containerDefinitions": [{<br>    "name": "sample-website",<br>    "image": "httpd:2.4",<br>    "essential": true,<br>    "portMappings": [{<br>      "hostPort": 80,<br>      "protocol": "tcp",<br>      "containerPort": 80<br>    }]<br>  }],<br>  "requiresCompatibilities": [<br>    "FARGATE"<br>  ],<br>  "networkMode": "awsvpc",<br>  "cpu": "256",<br>  "memory": "512",<br>  "family": "sample-website"<br>}

4. From the navigation pane, choose Clusters, and then choose the cluster where you deployed your Amazon ECS service.

5. On the Services tab, select your Amazon ECS service, and then choose Update.

6. In the Configure service section, for Task Definition, choose the latest revision that you created in step 3.

7. Choose Next step to skip all the remaining pages in the wizard, and then choose Update Service.

8. Choose View Service.

9. On the Deployments tab, in the Deployment Id column, choose the deployment ID to view your CodeDeploy deployment.

Topics

Developer Tools

Relevant content

How do I stop an ECS deployment that does not use CodeDeploy? The ECS deployment is stuck in "In progress".
elbigbadmo
asked 5 months ago
blue green deployment to ECS via another CI server
elmagg
asked 2 years ago
How to perform CodePipeline ECS deployment based on Git tag
Accepted Answer
maik
asked a year ago
Blue/Green deployments in ECS & Service Mesh for services without ELB
Accepted Answer
AWS-User-9902598
asked 3 years ago
Blue Green Deployment
rePost-User-5288036
asked 2 months ago
How can I perform a major version upgrade in my Aurora PostgreSQL-Compatible global database?
AWS OFFICIALUpdated 4 months ago
How do I troubleshoot issues related to blue/green deployments in Amazon ECS?
AWS OFFICIALUpdated a year ago
How can I update my private repository credentials on an Amazon ECS container agent?
AWS OFFICIALUpdated 2 years ago
How can I troubleshoot a failed CodeDeploy deployment on Amazon EC2 instances?
AWS OFFICIALUpdated 3 months ago
Hybrid Cloud Extension (HCX) Install Guide for VMware Cloud on AWS
EXPERT
Greg Vinton
published a month ago

How can I perform blue/green deployments for services hosted on Amazon ECS?

Short description

Resolution

Create an AWS Identity and Access Management (IAM) service role

Create the Application Load Balancer

Create a task definition

Create an Amazon ECS service

Verify that the Amazon ECS blue/green deployment is working

Related videos

Relevant content