Skip to content

Deployment Strategy

Requirement

Guidance

  • Blue/Green deployment strategy should be considered.
  • Automated system regression testing should occur after green assets are deployed, but before transitioning production traffic to it.
  • Automated final system smoke test should occur after transitioning production traffic to the newly deployed code.

Zero downtime deployments

A zero-downtime deployment strategy must be used to avoid service interruptions. Using a zero-downtime deployment strategy, consumers will not have to experience the burden of maintenance windows while a new version of an API is being deployed and will help avoid the following problems:

  • availability interruptions (service is down)
  • functional interruptions (service is degraded)
  • undesirable behavior (escaped defects)

Availability interruptions can occur when transitioning from a prior release to a new release. For example, terminating a running server, then starting a new server with the updated software.

Functionality based interruptions occur when service behavior is negatively impacted by the deployment of the new software release. For example, attempting to serve traffic during an initialization period, the introduction of a bug, or misconfiguration.

Blue/green deployment strategy

The blue/green deployment technique uses two identical production environments where one environment is called “blue” and the other is called “green”. With both environments up and running simultaneously, availability will not be negatively impacted. One environment has the current API running (blue) while the other has the new release running (green). After the green environment is determined to be working as expected, incoming traffic is directed to the green environment and away from the blue environment and the blue environment will no longer serve traffic. If problems are encountered with the new release, the traffic can quickly revert to the original servers.

Benefits include:

  • decreased risk in delivering new releases
  • elimination of downtime
  • elimination of communicating maintenance windows

In summary, the steps are:

  • Deploying the new code to a private server to perform verification during the pre-promotion.
  • Pre-promotion analysis executes a comprehensive regression test suite with the goal of verifying business logic, authentication behavior, and error responses.
  • Once verified, the private server is swapped to be the current production server and the old production server is no longer servicing requests.
  • Post-promotion analysis executes a smaller, smoke test suite to verify new production traffic is being handled correctly.
  • Immediate hot rollback to the prior server is done if anything is amiss.

Visit the AWS Whitepaper about blue/green deployments for an example vendor implementation.