Well-Architected Framework
Implement zero-downtime deployments with blue/green, canary, and rolling strategies
Zero-downtime deployment strategies aim to reduce or eliminate downtime when you update your infrastructure or applications. These strategies involve deploying new versions incrementally rather than all at once to detect and resolve issues. Each strategy lets you test the new version in an environment with real user traffic. This helps validate the new release's performance and reliability.
This document set contains best practices for popular zero-downtime deployment methods, such as blue/green, canary, and rolling deployments. It will help you decide the deployment method best for your organization and provide the resources to implement that method.
Why implement zero-downtime deployments
Implementing zero-downtime deployments addresses the following operational and business challenges:
Eliminate revenue loss from service disruptions: Application downtime during deployments causes direct revenue loss, frustrated users, and damaged brand reputation. Zero-downtime deployments maintain service availability throughout updates, ensuring continuous revenue generation.
Reduce deployment risk and enable faster release cycles: Traditional all-at-once deployments create high risk since if issues occur, all users are affected simultaneously. Zero-downtime strategies enable gradual rollouts that limit blast radius, catch issues early, and allow safe rollback.
Improve user experience and competitive advantage: Users expect highly available services. Service disruptions drive users to competitors and damage trust.
Enable testing with production traffic: Staging environments cannot replicate production load patterns, data characteristics, or edge cases. Zero-downtime strategies like canary deployments allow you to test changes with real production traffic on a small user subset, validating performance and functionality before full rollout.
Deployment methods
Blue/green, canary, and rolling deployments all improve application reliability and reduce risk. While they share similar goals, each approach offers unique advantages that make it more suitable for certain types of applications or organizational needs. By choosing the most appropriate deployment method, companies can ensure smoother updates and reduce the likelihood of service disruptions.
- Blue/green deployments: Maintain two identical production environments concurrently. This method allows you to shift traffic from the current version (blue) to the upgraded version (green).
- Canary deployments: Introduce new versions incrementally to a subset of users. This approach lets you test upgrades with limited exposure, working alongside other deployment systems.
- Rolling deployments: Update applications gradually across multiple servers. This technique ensures only a portion of your infrastructure changes at once, reducing the risk of widespread issues.
The difference between these strategies is how and where the application deploys. This involves the environment the application runs in, cost considerations, deployment methods, and traffic direction.
When to use each deployment strategy
| Blue/Green | Canary | Rolling | |
|---|---|---|---|
| Environment Setup | Requires two nearly identical environments. | Requires two nearly identical environments. Starts with a small subset of users or servers. | Updates subsets of servers in batches. |
| Traffic Switching | Switches all traffic at once. | Gradually increases traffic to the new version. | Sequentially updates and transitions traffic. |
| Rollback Mechanism | Switches back to the blue environment. | Reduces or stop the canary deployment. | Reverts batches; can be more complex. |
Since all three zero-downtime strategies offer similar benefits and aim to achieve zero-downtime deployments, the changes you plan to make will be the most important consideration when determining which deployment to implement. Consider the following change types:
Infrastructure changes: Involve setting up your environments so they are prepared to host your zero-downtime application. With blue/green deployments, you must have two identical environments. An infrastructure environment can range from creating a new green full stack (servers, networking, or databases) to creating a new cluster to run containers or adding a single green VM to an existing infrastructure stack. Running two identical infrastructure environments can increase costs. You can run blue/green environments only in production to save money. You should also have an infrastructure lifecycle strategy, such as using infrastructure-as-code to deploy your green environment only when you plan to deploy your new application version.
Application changes: Involve deploying and directing traffic to your new application version. You can configure your load balancer or reverse proxies to direct traffic to your green stack and perform canary testing or direct traffic in a controlled manner for rolling deployments.
Service mesh deployments: Use service splitters to implement zero-downtime deployments. These components, often used in service mesh architectures, allow traffic to route between different versions of an application dynamically.
Choose your deployment path
Select the document that matches your deployment needs:
Read Deploy blue/green infrastructure when you need to: Update infrastructure components like servers, networking, or databases with zero downtime. Learn how to use Terraform modules to maintain two identical infrastructure environments and switch traffic between them instantly.
Read Deploy applications with zero downtime when you need to: Deploy application code changes to virtual machines or containers with gradual rollouts. Learn how to use load balancers with Terraform, Nomad rolling updates, and Kubernetes deployments to minimize risk and enable instant rollback.
Read Deploy applications with traffic splitting when you need to: Implement fine-grained traffic control with percentage-based splits and deep observability. Learn how to use Consul service mesh for progressive rollouts with automatic health checking and distributed tracing.
Next steps
In this overview of Zero-downtime deployments, you learned the benefits and tradeoffs of zero-downtime deployment techniques. Visit the following documents to learn specifics on infrastructure, application, and service mesh. Zero-downtime deployments is part of the Define and automate processes pillar.