Deployment Strategies – insights.
There are a variety of techniques to deploy new applications to production so choosing the right strategy is an important decision that needs to be made to leverage the impact of change on the consumer.
In this post, we are going to talk about the following strategies:
- recreate: version A is terminated then version B is rolled out
- ramped (also known as rolling-update or incremental): version B is slowly rolled out and replacing version A
- blue/green: version B is released alongside version A, then the traffic is switched to version B
- canary: version B is released to a subset of users, then proceed to a full rollout
- a/b testing: version B is released to a subset of users under specific condition
- shadow: version B receives real world traffic alongside version A and doesn’t impact the response
Let’s take a look at each strategy and see which strategy would fit best for a particular use case.
The re-create strategy is a dummy deployment which consists of shutting down version A then deploying version B after version A is turned off. This technique implies downtime of the service that depends on both shutdown and boot duration of the application.
- easy to setup
- application state entirely renewed
- high impact on the user, expect downtime that depends on both shutdown and boot duration of the application
Ramped (also known as rolling-update or incremental)
The ramped deployment strategy consists of slowly rolling out a version of an application by replacing instances one after the other until all the instances are rolled out. It usually follows the following process: with a pool of version A behind a load balancer, one instance of version B is deployed. When the service is ready to accept traffic, the instance is added to the pool. Then, one instance of version A is removed from the pool and shutdown.
Depending on the system taking care of the ramped deployment, you can tweak the following parameters to increase the deployment time:
- parallelism, max batch size: number of concurrent instances to rollout
- max surge: how many instances to add in addition of the current amount
- max unavailable: number of unavailable instances during the rolling update procedure
- easy to setup
- version is slowly released across instances
- convenient for stateful applications that can handle re-balancing of the data
- rollout/rollback can take time
- supporting multiple APIs is hard
- no control over traffic
The blue/green deployment strategy differs from a ramped deployment, version B (green) is deployed alongside version A (blue) with exactly the same amount of instances. After testing that the new version meets all the requirements the traffic is switched from version A to version B at the load balancer level.
- instant rollout/rollback
- avoid versioning issue, the entire application state is changed in one go
- expensive as it requires double the resources
- proper test of the entire platform should be done before releasing to production
- handling stateful applications can be hard
A canary deployment consists of gradually shifting production traffic from version A to version B. Usually the traffic is split based on weight. For example, 90% of the requests go to version A, 10% go to version B.
This technique is mostly used when the tests are lacking or not reliable or if there is little confidence about the stability of the new release on the platform.
- version released for a subset of users
- convenient for error rate and performance monitoring
- fast rollback
- slow rollout
A/B testing deployments consists of routing a subset of users to a new functionality under specific conditions. It is usually a technique for making business decisions based on statistics, rather than a deployment strategy. However, it is related and can be implemented by adding extra functionality to a canary deployment so we will briefly discuss it here.
This technique is widely used to test conversion of a given feature and only rollout the version that converts the most.
Below is a list of conditions that can be used to distribute traffic among the versions:
- query parameters
- technology support: browser version, screen size, operating system, etc.
- several versions run in parallel
- full control over the traffic distribution
- requires intelligent load balancer
- hard to troubleshoot errors for a given session, distributed tracing becomes mandatory
A shadow deployment consists of releasing version B alongside version A, fork version A’s incoming requests and send them to version B as well without impacting production traffic. This is particularly useful to test production load on a new feature. A rollout of the application is triggered when stability and performance meet the requirements.
This technique is fairly complex to setup and needs special requirements, especially with egress traffic. For example, given a shopping cart platform, if you want to shadow test the payment service you can end-up having customers paying twice for their order. In this case, you can solve it by creating a mocking service that replicates the response from the provider.
- performance testing of the application with production traffic
- no impact on the user
- no rollout until the stability and performance of the application meet the requirements.
- expensive as it requires double the resources
- not a true user test and can be misleading
- complex to setup
- requires mocking service for certain cases
To sum up
There are multiple ways to deploy a new version of an application and it really depends on the needs and budget. When releasing to development/staging environments, a recreate or ramped deployment is usually a good choice. When it comes to production, a ramped or blue/green deployment is usually a good fit, but proper testing of the new platform is necessary.
Blue/green and shadow strategies have more impact on the budget as it requires double resource capacity. If the application lacks in tests or if there is little confidence about the impact/stability of the software, then a canary, a/ b testing or shadow release can be used. If your business requires testing of a new feature among a specific pool of users that can be filtered depending on some parameters like geolocation, language, operating system or browser features, then you may want to use the a/b testing technique.
Last but not least, a shadow release is complex and requires extra work to mock egress traffic which is mandatory when calling external dependencies with mutable actions (email, bank, etc.). However, this technique can be useful when migrating to a new database technology and use shadow traffic to monitor system performance under load.
Below is a diagram to help you choose the right strategy: