AWS CodeDeploy Blue-Green Deployment & Rollback Guide

Backend
1

AWS CodeDeploy Blue-Green Deployment & Rollback Guide

Overview

Blue-green deployment shifts traffic gradually from old version (blue) to new version (green). If issues arise, you can rollback to the previous stable version.

How it works:

Old Version (v1) → 100% traffic
Deploy New Version (v2)
Old (v1) → 90% | New (v2) → 10%
Old (v1) → 80% | New (v2) → 20%
...continues until...
Old (v1) → 0% | New (v2) → 100% ✓

codedeploy_1
codedeploy_11658×900 47.8 KB

Setup with Serverless Framework

Install Plugin

npm install --save-dev serverless-plugin-canary-deployments

Configure serverless.yml

service: my-api

provider:
  name: aws
  runtime: nodejs18.x
  region: us-east-1
  
  iamRoleStatements:
    - Effect: Allow
      Action:
        - codedeploy:*
      Resource: "*"

plugins:
  - serverless-plugin-canary-deployments

functions:
  hello:
    handler: handler.hello
    events:
      - http:
          method: GET
          path: /hello
    
    deploymentSettings:
      type: Linear10PercentEvery1Minute  # Shift 10% every minute
      alias: Live
      alarms:
        - HelloFunctionErrorsAlarm

Deploy

serverless deploy

Deployment Types

Linear (Gradual Shift)

  • Linear10PercentEvery1Minute - 10% every minute (10 min total)
  • Linear10PercentEvery2Minutes - 10% every 2 minutes (20 min total)
  • Linear10PercentEvery3Minutes - 10% every 3 minutes (30 min total)
  • Linear10PercentEvery10Minutes - 10% every 10 minutes (100 min total)

Canary (Two-Step)

  • Canary10Percent5Minutes - 10% immediately, wait 5 min, then 90%
  • Canary10Percent10Minutes - 10% immediately, wait 10 min, then 90%
  • Canary10Percent30Minutes - 10% immediately, wait 30 min, then 90%

All At Once

  • AllAtOnce - 100% immediately (not recommended for production)

codedeploy_2
codedeploy_2872×509 42.4 KB

Rollback Methods

Method 1: Using Serverless Framework (Recommended)

For AWS CLI operations, Serverless Framework doesn’t have direct rollback commands. You’ll need to redeploy a previous version.

Rollback by redeploying old code:

# If using git, checkout previous version
git checkout <previous-commit-hash>

# Redeploy
serverless deploy

# This will trigger a new CodeDeploy deployment with the old code

Or use specific Lambda version:

# Update serverless.yml to pin to specific version
functions:
  hello:
    handler: handler.hello
    deploymentSettings:
      type: AllAtOnce  # Fast rollback
      alias: Live

serverless deploy

Method 2: Manual Rollback via AWS CLI

When immediate rollback is needed:

Stop Active Deployment

# List recent deployments
aws deploy list-deployments \
  --application-name serverless-my-api-dev

# Stop deployment with rollback
aws deploy stop-deployment \
  --deployment-id d-XXXXX \
  --auto-rollback-enabled

Direct Alias Update (Fastest)

# List all versions
aws lambda list-versions-by-function \
  --function-name my-api-dev-hello

# Update alias to previous version
aws lambda update-alias \
  --function-name my-api-dev-hello \
  --name Live \
  --function-version 4

Method 3: AWS CodeDeploy Console

  1. Go to CodeDeploy Console
  2. Click Deployments in left sidebar
  3. Find your in-progress deployment
  4. Click Stop deployment
  5. Choose Stop and roll back
  6. Click Stop deployment to confirm

Monitoring Deployment

Check Deployment Status

# Get deployment details
aws deploy get-deployment \
  --deployment-id d-XXXXX

# Watch CloudWatch logs
serverless logs -f hello -t

Check Lambda Version

# See which version the alias points to
aws lambda get-alias \
  --function-name my-api-dev-hello \
  --name Live

Complete Rollback Example

Scenario: Deployed buggy code, need to rollback

Step 1: Identify the Issue

# Check logs for errors
serverless logs -f hello -t

# Or check specific deployment
aws deploy get-deployment --deployment-id d-XXXXX

Step 2: Stop Deployment (If In Progress)

# Stop and rollback
aws deploy stop-deployment \
  --deployment-id d-XXXXX \
  --auto-rollback-enabled

Step 3: Or Instant Rollback to Specific Version

# Find last good version
aws lambda list-versions-by-function \
  --function-name my-api-dev-hello \
  --max-items 5

# Point alias to last good version
aws lambda update-alias \
  --function-name my-api-dev-hello \
  --name Live \
  --function-version 3

Step 4: Verify Rollback

# Confirm alias version
aws lambda get-alias \
  --function-name my-api-dev-hello \
  --name Live

# Check logs
serverless logs -f hello -t

CloudWatch Alarms (Auto Rollback)

Add alarms to automatically rollback on errors:

functions:
  hello:
    handler: handler.hello
    deploymentSettings:
      type: Linear10PercentEvery1Minute
      alias: Live
      alarms:
        - HelloErrorsAlarm

resources:
  Resources:
    HelloErrorsAlarm:
      Type: AWS::CloudWatch::Alarm
      Properties:
        AlarmName: hello-function-errors
        MetricName: Errors
        Namespace: AWS/Lambda
        Statistic: Sum
        Period: 60
        EvaluationPeriods: 1
        Threshold: 1
        ComparisonOperator: GreaterThanOrEqualToThreshold
        Dimensions:
          - Name: FunctionName
            Value: !Ref HelloLambdaFunction

Best Practices

  1. Always use alarms - Automatic rollback on errors
  2. Start with Linear10PercentEvery1Minute - Good balance of safety and speed
  3. Keep multiple versions - Don’t delete recent stable versions
  4. Tag your deployments - Easier to identify rollback targets
  5. Test in dev first - Try rollback procedures in non-prod

Quick Command Reference

# Deploy
serverless deploy

# Check logs
serverless logs -f <function-name> -t

# List deployments
aws deploy list-deployments --application-name <app-name>

# Stop deployment
aws deploy stop-deployment --deployment-id d-XXXXX --auto-rollback-enabled

# List Lambda versions
aws lambda list-versions-by-function --function-name <function-name>

# Update alias (instant rollback)
aws lambda update-alias --function-name <name> --name Live --function-version <version>

# Check deployment status
aws deploy get-deployment --deployment-id d-XXXXX

# Check current alias version
aws lambda get-alias --function-name <name> --name Live

Troubleshooting

“Cannot stop deployment”

Use direct alias update instead:

aws lambda update-alias \
  --function-name my-api-dev-hello \
  --name Live \
  --function-version 3

“Version not found”

List all versions to find the correct one:

aws lambda list-versions-by-function \
  --function-name my-api-dev-hello

“Permission denied”

Ensure your IAM role has these permissions:

  • codedeploy:*
  • lambda:UpdateAlias
  • lambda:GetAlias
  • lambda:ListVersionsByFunction

Summary

Rollback Options:

  1. Serverless redeploy - Clean rollback with full deployment
  2. AWS CLI stop deployment - Stop in-progress deployment
  3. AWS CLI alias update - Fastest emergency rollback
  4. CodeDeploy console - Visual rollback interface

Key Points:

  • Gradual traffic shifting prevents complete outages
  • CloudWatch alarms enable automatic rollback
  • Multiple rollback methods for different scenarios
  • Always monitor deployments closely

References

5 Likes