Amazon ECS
User Guide for AWS Fargate (API Version 2014-11-13)

Tutorial: Creating a Service Using a Blue/Green Deployment

Amazon ECS has integrated blue/green deployments into the Create Service wizard on the Amazon ECS console. For more information, see Creating a Service.

The following tutorial shows how to create an Amazon ECS service containing a Fargate task that uses the blue/green deployment type with the AWS CLI.

Prerequisites

This tutorial assumes that you have completed the following prerequisites:

Step 1: Create an Application Load Balancer

Amazon ECS services using the blue/green deployment type require the use of either an Application Load Balancer or a Network Load Balancer. This tutorial uses an Application Load Balancer.

To create an Application Load Balancer

  1. Use the create-load-balancer command to create an Application Load Balancer. Specify two subnets that aren't from the same Availability Zone as well as a security group.

    aws elbv2 create-load-balancer --name bluegreen-alb \ --subnets subnet-abcd1234 subnet-abcd5678 --security-groups sg-abcd1234 --region us-east-1

    The output includes the Amazon Resource Name (ARN) of the load balancer, with the following format:

    arn:aws:elasticloadbalancing:region:aws_account_id:loadbalancer/app/bluegreen-alb/e5ba62739c16e642
  2. Use the create-target-group command to create a target group. This target group will route traffic to the original task set in your service.

    aws elbv2 create-target-group --name bluegreentarget1 --protocol HTTP --port 80 \ --target-type ip --vpc-id vpc-abcd1234 --region us-east-1

    The output includes the ARN of the target group, with the following format:

    arn:aws:elasticloadbalancing:region:aws_account_id:targetgroup/bluegreentarget1/209a844cd01825a4
  3. Use the create-listener command to create a load balancer listener with a default rule that forwards requests to the target group.

    aws elbv2 create-listener --load-balancer-arn arn:aws:elasticloadbalancing:region:aws_account_id:loadbalancer/app/bluegreen-alb/e5ba62739c16e642 \ --protocol HTTP --port 80 \ --default-actions Type=forward,TargetGroupArn=arn:aws:elasticloadbalancing:region:aws_account_id:targetgroup/bluegreentarget1/209a844cd01825a4 --region us-east-1

    The output includes the ARN of the listener, with the following format:

    arn:aws:elasticloadbalancing:region:aws_account_id:listener/app/bluegreen-alb/e5ba62739c16e642/665750bec1b03bd4

Step 2: Create an Amazon ECS Cluster

Use the create-cluster command to create a cluster named tutorial-bluegreen to use.

aws ecs create-cluster --cluster-name tutorial-bluegreen --region us-east-1

The output includes the ARN of the cluster, with the following format:

arn:aws:ecs:region:aws_account_id:cluster/tutorial-bluegreen

Step 3: Register a Task Definition

Use the register-task-definition command to register a task definition that is compatible with Fargate. It requires the use of the awsvpc network mode. The following is the example task definition used for this tutorial.

First, create a file named fargate-task.json with the following contents. Ensure that you use the ARN for your task execution role. For more information, see Amazon ECS Task Execution IAM Role.

{ "family": "tutorial-task-def", "networkMode": "awsvpc", "containerDefinitions": [ { "name": "sample-app", "image": "httpd:2.4", "portMappings": [ { "containerPort": 80, "hostPort": 80, "protocol": "tcp" } ], "essential": true, "entryPoint": [ "sh", "-c" ], "command": [ "/bin/sh -c \"echo '<html> <head> <title>Amazon ECS Sample App</title> <style>body {margin-top: 40px; background-color: #333;} </style> </head><body> <div style=color:white;text-align:center> <h1>Amazon ECS Sample App</h1> <h2>Congratulations!</h2> <p>Your application is now running on a container in Amazon ECS.</p> </div></body></html>' > /usr/local/apache2/htdocs/index.html && httpd-foreground\"" ] } ], "requiresCompatibilities": [ "FARGATE" ], "cpu": "256", "memory": "512", "executionRoleArn": "arn:aws:iam::aws_account_id:role/ecsTaskExecutionRole" }

Then register the task definition using the fargate-task.json file that you created.

aws ecs register-task-definition --cli-input-json file://fargate-task.json --region us-east-1

Step 4: Create an Amazon ECS Service

Use the create-service command to create a service.

First, create a file named service-bluegreen.json with the following contents.

{ "cluster": "tutorial-bluegreen", "serviceName": "service-bluegreen", "taskDefinition": "tutorial-task-def", "loadBalancers": [ { "targetGroupArn": "arn:aws:elasticloadbalancing:region:aws_account_id:targetgroup/bluegreentarget1/209a844cd01825a4", "containerName": "sample-app", "containerPort": 80 } ], "launchType": "FARGATE", "schedulingStrategy": "REPLICA", "deploymentController": { "type": "CODE_DEPLOY" }, "platformVersion": "LATEST", "networkConfiguration": { "awsvpcConfiguration": { "assignPublicIp": "ENABLED", "securityGroups": [ "sg-abcd1234" ], "subnets": [ "subnet-abcd1234", "subnet-abcd5678" ] } }, "desiredCount": 1 }

Then create your service using the service-bluegreen.json file that you created.

aws ecs create-service --cli-input-json file://service-bluegreen.json --region us-east-1

The output includes the ARN of the service, with the following format:

arn:aws:ecs:region:aws_account_id:service/service-bluegreen

Step 5: Create the AWS CodeDeploy Resources

Use the following steps to create your CodeDeploy application, the Application Load Balancer target group for the CodeDeploy deployment group, and the CodeDeploy deployment group.

To create CodeDeploy resources

  1. Use the create-application command to create an CodeDeploy application. Specify the ECS compute platform.

    aws deploy create-application --application-name tutorial-bluegreen \ --compute-platform ECS --region us-east-1

    The output includes the application ID, with the following format:

    {
        "applicationId": "b8e9c1ef-3048-424e-9174-885d7dc9dc11"
    }
  2. Use the create-target-group command to create a second Application Load Balancer target group, which will be used when creating your CodeDeploy deployment group.

    aws elbv2 create-target-group --name bluegreentarget2 --protocol HTTP --port 80 \ --target-type ip --vpc-id "vpc-0b6dd82c67d8012a1" --region us-east-1

    The output includes the ARN for the target group, with the following format:

    arn:aws:elasticloadbalancing:region:aws_account_id:targetgroup/bluegreentarget2/708d384187a3cfdc
  3. Use the create-deployment-group command to create an CodeDeploy deployment group.

    First, create a file named tutorial-deployment-group.json with the following contents. This example uses the resource that you created.

    { "applicationName": "tutorial-bluegreen", "autoRollbackConfiguration": { "enabled": true, "events": [ "DEPLOYMENT_FAILURE" ] }, "blueGreenDeploymentConfiguration": { "deploymentReadyOption": { "actionOnTimeout": "CONTINUE_DEPLOYMENT", "waitTimeInMinutes": 0 }, "terminateBlueInstancesOnDeploymentSuccess": { "action": "TERMINATE", "terminationWaitTimeInMinutes": 5 } }, "deploymentGroupName": "tutorial-bluegreen-dg", "deploymentStyle": { "deploymentOption": "WITH_TRAFFIC_CONTROL", "deploymentType": "BLUE_GREEN" }, "loadBalancerInfo": { "targetGroupPairInfoList": [ { "targetGroups": [ { "name": "bluegreentarget1" }, { "name": "bluegreentarget2" } ], "prodTrafficRoute": { "listenerArns": [ "arn:aws:elasticloadbalancing:region:aws_account_id:listener/app/bluegreen-alb/e5ba62739c16e642/665750bec1b03bd4" ] } } ] }, "serviceRoleArn": "arn:aws:iam::aws_account_id:role/ecsCodeDeployRole", "ecsServices": [ { "serviceName": "service-bluegreen", "clusterName": "tutorial-bluegreen" } ] }

    Then create the CodeDeploy deployment group.

    aws deploy create-deployment-group --cli-input-json file://tutorial-deployment-group.json --region us-east-1

    The output includes the deployment group ID, with the following format:

    {
        "deploymentGroupId": "6fd9bdc6-dc51-4af5-ba5a-0a4a72431c88"
    }

Step 5: Create and Monitor an CodeDeploy Deployment

Use the following steps to create and upload an application specification file (AppSpec file) and an CodeDeploy deployment.

To create and monitor an CodeDeploy deployment

  1. Create and upload an AppSpec file using the following steps.

    1. Create a file named appspec.yaml with the contents of the CodeDeploy deployment group. This example uses the resources that you created earlier in the tutorial.

      version: 0.0 Resources: - TargetService: Type: AWS::ECS::Service Properties: TaskDefinition: "arn:aws:ecs:region:aws_account_id:task-definition/first-run-task-definition:7" LoadBalancerInfo: ContainerName: "sample-app" ContainerPort: 80 PlatformVersion: "LATEST"
    2. Use the s3 mb command to create an Amazon S3 bucket for the AppSpec file.

      aws s3 mb s3://tutorial-bluegreen
    3. Use the s3 cp command to upload the AppSpec file to the Amazon S3 bucket.

      aws s3 cp ./AppSpec.yaml s3://tutorial-bluegreen/appspec.yaml
  2. Create the CodeDeploy deployment using the following steps.

    1. Create a file named create-deployment.json with the contents of the CodeDeploy deployment. This example uses the resources that you created earlier in the tutorial.

      { "applicationName": "tutorial-bluegreen", "deploymentGroupName": "tutorial-bluegreen-dg", "revision": { "revisionType": "S3", "s3Location": { "bucket": "tutorial-bluegreen", "key": "appspec.yaml", "bundleType": "YAML" } } }
    2. Use the create-deployment command to create the deployment.

      aws deploy create-deployment --cli-input-json file://create-deployment.json --region us-east-1

      The output includes the deployment ID, with the following format:

      {
          "deploymentId": "d-RPCR1U3TW"
      }
    3. Use the get-deployment-target command to get the details of the deployment, specifying the deploymentId from the previous output.

      aws deploy get-deployment-target --deployment-id "d-IMJU3A8TW" --target-id tutorial-bluegreen:service-bluegreen --region us-east-1

      Continue to retrieve the deployment details until the status is Succeeded, as shown in the following output.

      {
          "deploymentTarget": {
              "deploymentTargetType": "ECSTarget",
              "ecsTarget": {
                  "deploymentId": "d-RPCR1U3TW",
                  "targetId": "tutorial-bluegreen:service-bluegreen",
                  "targetArn": "arn:aws:ecs:region:aws_account_id:service/service-bluegreen",
                  "lastUpdatedAt": 1543431490.226,
                  "lifecycleEvents": [
                      {
                          "lifecycleEventName": "BeforeInstall",
                          "startTime": 1543431361.022,
                          "endTime": 1543431361.433,
                          "status": "Succeeded"
                      },
                      {
                          "lifecycleEventName": "Install",
                          "startTime": 1543431361.678,
                          "endTime": 1543431485.275,
                          "status": "Succeeded"
                      },
                      {
                          "lifecycleEventName": "AfterInstall",
                          "startTime": 1543431485.52,
                          "endTime": 1543431486.033,
                          "status": "Succeeded"
                      },
                      {
                          "lifecycleEventName": "BeforeAllowTraffic",
                          "startTime": 1543431486.838,
                          "endTime": 1543431487.483,
                          "status": "Succeeded"
                      },
                      {
                          "lifecycleEventName": "AllowTraffic",
                          "startTime": 1543431487.748,
                          "endTime": 1543431488.488,
                          "status": "Succeeded"
                      },
                      {
                          "lifecycleEventName": "AfterAllowTraffic",
                          "startTime": 1543431489.152,
                          "endTime": 1543431489.885,
                          "status": "Succeeded"
                      }
                  ],
                  "status": "Succeeded",
                  "taskSetsInfo": [
                      {
                          "identifer": "ecs-svc/9223370493425779968",
                          "desiredCount": 1,
                          "pendingCount": 0,
                          "runningCount": 1,
                          "status": "ACTIVE",
                          "trafficWeight": 0.0,
                          "targetGroup": {
                              "name": "bluegreentarget1"
                          }
                      },
                      {
                          "identifer": "ecs-svc/9223370493423413672",
                          "desiredCount": 1,
                          "pendingCount": 0,
                          "runningCount": 1,
                          "status": "PRIMARY",
                          "trafficWeight": 100.0,
                          "targetGroup": {
                              "name": "bluegreentarget2"
                          }
                      }
                  ]
              }
          }
      }

Step 6: Clean Up

When you have finished this tutorial, clean up the resources associated with it to avoid incurring charges for resources that you aren't using.

Cleaning up the tutorial resources

  1. Use the delete-deployment-group command to delete the CodeDeploy deployment group.

    aws deploy delete-deployment-group --application-name tutorial-bluegreen --deployment-group-name tutorial-bluegreen-dg --region us-east-1
  2. Use the delete-application command to delete the CodeDeploy application.

    aws deploy delete-application --application-name tutorial-bluegreen --region us-east-1
  3. Use the delete-service command to delete the Amazon ECS service. Using the --force flag allows you to delete a service even if it has not been scaled down to zero tasks.

    aws ecs delete-service --service arn:aws:ecs:region:aws_account_id:service/service-bluegreen --force --region us-east-1
  4. Use the delete-cluster command to delete the Amazon ECS cluster.

    aws ecs delete-cluster --cluster tutorial-bluegreen --region us-east-1
  5. Use the s3 rm command to delete the AppSpec file from the Amazon S3 bucket.

    aws s3 rm s3://tutorial-bluegreen/appspec.yaml
  6. Use the s3 rb command to delete the Amazon S3 bucket.

    aws s3 rb s3://tutorial-bluegreen
  7. Use the delete-load-balancer command to delete the Application Load Balancer.

    aws elbv2 delete-load-balancer --load-balancer-arn arn:aws:elasticloadbalancing:region:aws_account_id:loadbalancer/app/bluegreen-alb/e5ba62739c16e642 --region us-east-1
  8. Use the delete-target-group command to delete the two Application Load Balancer target groups.

    aws elbv2 delete-target-group --target-group-arn arn:aws:elasticloadbalancing:region:aws_account_id:targetgroup/bluegreentarget1/209a844cd01825a4 --region us-east-1
    aws elbv2 delete-target-group --target-group-arn arn:aws:elasticloadbalancing:region:aws_account_id:targetgroup/bluegreentarget2/708d384187a3cfdc --region us-east-1