Skip to content

Modern Deployment Methods

The two popular modern deployment methods are:

  • blue/green deployment
  • canary rollout

Choices of tools

There're different tools supporting the blue/green and canary rollout:

  • Ingress
  • Istio
  • Knative
  • Argo Rollout
  • Flagger
  • ...

Blue/Green Deployment

For a blue/green deployment, two working deployments are deployed but only one is public.

Pre-launch

The latest version is deployed into the environment, but not receiving any public traffic.

graph TD

traffic(Traffic) --100%--> stable(Stable)
traffic --0%--> latest(Latest)

subgraph stable
    ins1(Instance 1)
    ins2(Instance 2)
end

subgraph latest
    ins3(Instance 1)
    ins4(Instance 2)
end

subgraph Service
  stable
  latest
end

style stable stroke:blue,stroke-width:2px
style latest stroke:green,stroke-width:2px

By seting up specific routing rules (route by header, cookies, etc), the latest deployment can be access secretly for testing.

graph TD

traffic(Traffic) --100%--> stable(Stable)
traffic --secret path--> latest(Latest)
traffic --0%--> latest(Latest)

subgraph stable
    ins1(Instance 1)
    ins2(Instance 2)
end

subgraph latest
    ins3(Instance 1)
    ins4(Instance 2)
end

subgraph Service
  stable
  latest
end

style stable stroke:blue,stroke-width:2px
style latest stroke:green,stroke-width:2px

Launch

If all the testing results are good, the latest version will be rolled out.

graph TD

traffic(Traffic) --0%--> stable(Stable)
traffic --100%--> latest(Latest)

subgraph stable
    ins1(Instance 1)
    ins2(Instance 2)
end

subgraph latest
    ins3(Instance 1)
    ins4(Instance 2)
end

subgraph Service
  stable
  latest
end

style stable stroke:blue,stroke-width:2px
style latest stroke:green,stroke-width:2px

Roll Back

If a defect is found in the latest version, the we can adjust the traffic routing to roll back to the stable version.

The latest version is still up and running and leaves us the environment to do further trouble shoot.

graph TD

traffic(Traffic) --100%--> stable(Stable)
traffic --secret path--> latest(Latest)
traffic --0%--> latest(Latest)

subgraph stable
    ins1(Instance 1)
    ins2(Instance 2)
end

subgraph latest
    ins3(Instance 1)
    ins4(Instance 2)
end

subgraph Service
  stable
  latest
end

style stable stroke:blue,stroke-width:2px
style latest stroke:red,stroke-width:3px

Canary Rollout

For a canary rollout, multiple working deployments are deployed and all can receive public.

Multiple versions

With canary rollout, you can have multiple versions with different features running and receiving public traffic at the same time with a limited impact on overall users.

Pre-launch

The latest version is deployed into the environment, but not receiving any public traffic.

graph TD

traffic(Traffic) --100%--> stable(Stable)
traffic --0%--> latest(Latest)

subgraph stable
    ins1(Instance 1)
    ins2(Instance 2)
end

subgraph latest
    ins3(Instance 1)
    ins4(Instance 2)
end

subgraph Service
  stable
  latest
end

style latest stroke:orange,stroke-width:2px

By setup specific routing rules (by header, cookies, etc), the latest deployment can be access secretly for testing.

graph TD

traffic(Traffic) --100%--> stable(Stable)
traffic --secret path--> latest(Latest)
traffic --0%--> latest(Latest)

subgraph stable
    ins1(Instance 1)
    ins2(Instance 2)
end

subgraph latest
    ins3(Instance 1)
    ins4(Instance 2)
end

subgraph Service
  stable
  latest
end

style latest stroke:orange,stroke-width:2px

Launch

If all the testing results are good, the latest version will be gradually rolled out.

80-20

graph TD

traffic(Traffic) --80%--> stable(Stable)
traffic --20%--> latest(Latest)

subgraph stable
    ins1(Instance 1)
    ins2(Instance 2)
end

subgraph latest
    ins3(Instance 1)
    ins4(Instance 2)
end

subgraph Service
  stable
  latest
end

style latest stroke:orange,stroke-width:2px

50-50

graph TD

traffic(Traffic) --50%--> stable(Stable)
traffic --50%--> latest(Latest)

subgraph stable
    ins1(Instance 1)
    ins2(Instance 2)
end

subgraph latest
    ins3(Instance 1)
    ins4(Instance 2)
end

subgraph Service
  stable
  latest
end

style latest stroke:orange,stroke-width:2px

20-80

graph TD

traffic(Traffic) --20%--> stable(Stable)
traffic --80%--> latest(Latest)

subgraph stable
    ins1(Instance 1)
    ins2(Instance 2)
end

subgraph latest
    ins3(Instance 1)
    ins4(Instance 2)
end

subgraph Service
  stable
  latest
end

style latest stroke:orange,stroke-width:2px

100-0

graph TD

traffic(Traffic) --100%--> stable(Stable)
traffic --0%--> latest(Latest)

subgraph stable
    ins1(Instance 1)
    ins2(Instance 2)
end

subgraph latest
    ins3(Instance 1)
    ins4(Instance 2)
end

subgraph Service
  stable
  latest
end

style latest stroke:orange,stroke-width:2px

Roll Back

If a defect is found in the latest version, the we can adjust the traffic routing to roll back to the stable version.

The latest version is still up and running and leaves us the environment to do further trouble shoot.

graph TD

traffic(Traffic) --100%--> stable(Stable)
traffic --secret path--> latest(Latest)
traffic --0%--> latest(Latest)

subgraph stable
    ins1(Instance 1)
    ins2(Instance 2)
end

subgraph latest
    ins3(Instance 1)
    ins4(Instance 2)
end

subgraph Service
  stable
  latest
end

style latest stroke:orange,stroke-width:2px

Comparison

Featue Blue Green Canary
Traffic Only one service facing public Can have more than one service facing public
Rollback Switch traffic to stable version Reduce the traffic of version with defect to 0%, keep other version(s) keep receiving traffic
Requirement Applicable to most services Backward compatible is required
Limitation The potential defect will impact all public traffic Not suitable for new feature, new endpoints including frontend packed css and js chunks