Blue/Green Deployment


I want to implement blue/green deployment using terraform for my application deployment,
here is my use case

application architecture like this ALB–Listener–TargetGroup–LaunchConfiguration–ASG–EC2
I’m looking for a solution for every deployment i have to create new LaunchConfiguration–ASG–TargetGroup and update existing listener then remove old TargetGroup, LC & ASG.

If you have any idea please help me in that.


Rosemary Wang has a really good blog post about this:

Unless Im misunderstanding (I hope I am), this relies on deleting the blue config from the terraform configuration to force it to be deleted and then renaming the green application to be blue?

You could tweak it to delete only the application you are deploying instance(s), with a persistent PaaS Layer for things like Database(s), FileSystem(s) (likely S3 or EBS / attached volume), messaging queue, etc.

What might work better than spinning these up per-app deploy might be using prefixes to avoid resource conflicts (although those will need to be changed when promoting blue to green).

I personally try to remove migrations and other BS from code deploys. This means that changes to core business objects result in a need to migrate to new tables, but also always enables a path backwards if a deploy is catastrophically wrong. Just don’t drop the old tables for a while (make that a separate migration).

It is so easy to do with Kubernetes and Istio that I wouldn’t do it with Terraform.


I sometimes wonder if people are joking, or trying to be helpful. Never sure which.

Q: How do automotive experts ensure when improving a car they don’t break it?

A: Why don’t you take a helicopter?

Made as much sense as why don’t we use Kubernetes. For clarity I’m making a joke of this, but it really is off-topic.

Hi @Lewiscowles1986 didn’t want to make a joke. :grinning:

I am new at the Terraform forum but have been using Terraform in production for a long time and have had the same question on how to do Blue / Green deployments at my company. Terraform is great for some operations but not for others.

In my opinion Blue / Green deployment is something that is presumably done frequently, and I certainly wouldn’t do it with Terraform, actually I wouldn’t trust not only Terraform but the cloud provider for such a critical operation that should be done in different steps.

I find that many new users of Terraform believe it can do many things and although it could be twisted and used in very creative ways, I prefer not to push my luck.

If you read my original answer, it was that the platform would indeed be more persistent than the apps.

You could tweak it to delete only the application you are deploying instance(s), with a persistent PaaS Layer for things like Database(s), FileSystem(s) (likely S3 or EBS / attached volume), messaging queue, etc.

That brings with it it’s own challenges for always-up, zero-downtime deployments. Simply using Kubernetes is not a fix or helpful and does not solve that when iterating on the platform layer.

In some cases using tooling such as AWS auto-scaling groups, you may still need to update to reflect a new golden AMI (similar benefits to kubernetes / docker).

What particularly irked me was the simplicity of the response. Simply installing Kubernetes won’t fix any of these things.

Hi all,

It seems like things are getting a bit heated in here. I can definitely understand the frustration of asking how to do something and someone suggesting to do something entirely different instead, but I’d ask that we take that advice in the way it seems to have been intended: a suggestion of an alternative approach to consider as part of broader design of a system. I’d also ask that we, conversely, take care to make such suggestions with the mindset that there are many different ways to solve a problem, and talk about the pros and cons of each rather than implying (perhaps inadvertently) that particular answers are universally wrong.

I think we as engineers know that there is very rarely exactly one way to solve a problem, and our job is to make technical tradeoffs. Blue/green deployments are not a first-class capability in Terraform, indeed because we (the Terraform team) often recommend using long-running scheduler-like solutions (Kubernetes, Nomad, etc) to address application deployment, but as we’ve seen in the shared article from the HashiCorp blog there are situations where following a similar strategy for the infrastructure/platform itself can be helpful, and there are some Terraform design patterns for doing so.

I’d ask that we keep this discussion focused on a constructive discussion of the pros and cons of different strategies for rolling out changes to infrastructure, Terraform or otherwise. Thanks!

1 Like