Enhancing Application Reliability with Blue-Green Deployment in Kubernetes on AKS

In today’s fast-paced software delivery world, ensuring application reliability is a critical priority. Downtime during deployments can frustrate users, harm business operations, and damage trust. This is where blue-green deployment comes to the rescue. By creating two separate environments, blue-green deployment enables seamless transitions and ensures zero downtime for applications.

When it comes to Kubernetes, Azure Kubernetes Service (AKS) stands out as a managed Kubernetes offering that simplifies the deployment and management of containerised applications. AKS provides built-in capabilities such as scalability, security, and seamless integration with Azure services, making it an excellent choice for blue-green deployment strategies. Whether you’re deploying mission-critical applications or experimenting with new features, AKS offers the reliability and flexibility needed for modern cloud-native applications.

In this article, we’ll explore what blue-green deployment is, why it’s valuable, and how to implement it in Kubernetes using Ingress.

Understanding Blue-Green Deployment

What is Blue-Green Deployment?

Blue-green deployment is a release management strategy where two identical environments—blue and green—are maintained. While one (blue) serves live production traffic, the other (green) is prepared for the new version of the application.

Once the green environment is ready and tested, the traffic is switched from blue to green. If issues arise, traffic can be quickly reverted to the blue environment, ensuring minimal disruption.

Key Components:

• Blue Environment: The current live version of the application.

• Green Environment: The new version of the application is ready for deployment.

Why Choose Blue-Green Deployment?

Deploying applications is often fraught with challenges such as downtime, failed rollbacks, and user dissatisfaction. Blue-green deployment solves these issues by:

• Ensuring Zero Downtime: Traffic is shifted seamlessly from one environment to another.

• Simplifying Rollbacks: In case of failure, reverting to the previous version is instantaneous.

• Improving Testing: The new version can be thoroughly tested in the green environment before release.

• Enhancing Reliability: Critical updates can be deployed without disrupting services.

This approach is especially beneficial for critical applications where downtime is not an option.

Here is the basic flow of Blue-Green Deployment

Kubernetes as the Foundation for Blue-Green Deployment

Kubernetes is a powerful container orchestration platform that provides the perfect foundation for blue-green deployments. With its ability to manage Pods, Deployments, and Services, Kubernetes simplifies the process of creating and managing multiple environments.

Why Kubernetes?

• Scalability: Easily scale resources as needed.

• Resilience: Self-healing capabilities ensure consistent application availability.

• Traffic Management: Kubernetes Ingress makes it easy to manage traffic between environments.

By leveraging Kubernetes, you can achieve highly reliable blue-green deployments with minimal manual intervention.

Setting Up Blue-Green Deployment in Kubernetes

Prerequisites:

• A Kubernetes cluster up and running.

• An Ingress controller (e.g., NGINX, Traefik) installed and configured.

Steps:

1. Deploy the Blue Environment: Deploy the current live version of your application, labeling it as the "blue" version.

    apiVersion: apps/v1
    kind: Deployment
    metadata:
      name: node-app
    spec:
      replicas: 5
      selector:
        matchLabels:
          app: node-app
          version: blue
      template:
        metadata:
          labels:
            app: node-app
            version: blue
        spec:
          containers:
          - name: node-app
            image: ghcr.io/tauqeerahmad5201/nodeapp-rollup:v1
            ports:
            - containerPort: 3000
   

   2. Prepare the Green Environment: Deploy the new version of your application, labeling it as "green."

    apiVersion: apps/v1
    kind: Deployment
    metadata:
      name: node-app-green
    spec:
      replicas: 5
      selector:
        matchLabels:
          app: node-app
          version: green
      template:
        metadata:
          labels:
            app: node-app
            version: green
        spec:
          containers:
          - name: node-app
            image: ghcr.io/tauqeerahmad5201/nodeapp-rollup:v2
            ports:
            - containerPort: 3000

3. Since I’m using AKS, then I can plan a service for type LoadBalancer to get an external IP of the services. If you are on Minikube, then try using ClusterIP with a port-forward from ingress (80/443).

    # Blue Service
    apiVersion: v1
    kind: Service
    metadata:
      name: blue-service
    spec:
      type: LoadBalancer
      selector:
        app: node-app
        version: blue
      ports:
      - port: 3000
        targetPort: 3000
   

    #Green Service
    apiVersion: v1
    kind: Service
    metadata:
      name: green-service
    spec:
      type: LoadBalancer
      selector:
        app: node-app
        version: green
      ports:
      - port: 3000
        targetPort: 3000
   

4. Configure Ingress: Use an Ingress resource to switch or implement traffic between the blue and green environments.

    apiVersion: networking.k8s.io/v1
    kind: Ingress
    metadata:
      name: node-app-ingress
      annotations:
        kubernetes.io/ingress.class: nginx   # Using Nginx for the ingress
        nginx.ingress.kubernetes.io/rewrite-target: /$2
        nginx.ingress.kubernetes.io/ssl-redirect: "false"
    spec:
      rules:
      - host: "tauqeerahmad.com"   # Specific host rule
        http:
          paths:
          - path: /blue
            pathType: Prefix
            backend:
              service:
                name: blue-service
                port:
                  number: 3000    # This port number should match the targetPort in the blue-service.yaml, and the content from port 80 or 443 from browser forwared to this port.
          - path: /green
            pathType: Prefix
            backend:
              service:
                name: green-service
                port:
                  number: 3000    # This port number should match the targetPort in the green-service.yaml, and the content from port 80 or 443 from browser forwared to this port.
          - path: /           # Default path
            pathType: Exact
            backend:
              service:
                name: blue-service
                port:
                  number: 3000
      - http:
          paths:
          - path: /blue
            pathType: Prefix
            backend:
              service:
                name: blue-service
                port:
                  number: 3000
          - path: /green
            pathType: Prefix
            backend:
              service:
                name: green-service
                port:
                  number: 3000
          - path: /          # Default path
            pathType: Exact
            backend:
              service:
                name: blue-service
                port:
                  number: 3000
   

Traffic Shifting with Ingress

Ingress acts as a traffic controller along with the host, making it easy to direct requests to the desired environment. By modifying Ingress rules, you can:

• Route all traffic to the green environment.

• Instantly revert to the blue environment if issues arise.

Annotations and host-based routing can further refine traffic management, enabling canary releases or gradual rollouts if needed.

Implementing the resources over AKS:

Kindly create a simple AKS cluster to perform any action or deployment over your production. For this blog, we are directly diving into blue and green deployment strategies over the Azure Kubernetes Service.

Kindly connect to the cluster using the following command:

az aks get-credentials --resource-group $MY_RESOURCE_GROUP_NAME --name $MY_AKS_CLUSTER_NAME

Learn to implement more on Azure Kubernetes Service from here.

Kindly install Ingress (if you are using Nginx) for the deployment and routing from here.

Now, we can now get the external IP of both the services AND the ingress. Use the ingress external IP to update with the route to access the application.

Accessing the Applications

Use external IP ingress to access the application with the path:

For Blue Service: http://48.217.216.247/blue

For Green Service: http://48.217.216.247/green

Folder structure of the K8S resources and deployment:

Flow of the things happening while deploying all the resources:

Best Practices for Blue-Green Deployment

• Automate Deployments: Use CI/CD pipelines to automate environment creation, testing, and traffic switching.

• Thorough Testing: Test the green environment in isolation before switching traffic.

• Monitor Performance: Use tools like Prometheus and Grafana to monitor the application and ensure a smooth transition.

• Have a Rollback Plan: Always be prepared to revert traffic in case of issues.

Example Use Case

Imagine a scenario where you need to update a microservice in production. Using blue-green deployment, you:

1. Deploy the new version in the green environment.

2. Test it thoroughly without impacting live users.

3. Switch traffic to the green environment via Ingress.

4. Monitor the application’s performance.

5. Revert to the blue environment if any issues occur.