Achieving Zero-downtime deployments with Amazon CloudFront using blue/green continuous deployments

Blue/green deployment is a widely used deployment technique in software development aimed at minimizing downtime and risks associated with introducing new code. The strategy involves concurrently running two identical environments, namely blue and green, and directing traffic between them as necessary. This allows you to have uninterrupted delivery of new features and updates, with no adverse effects on end-users, and enables the easy rollback of changes if required. For teams that prioritize agility, continuous delivery, and dependable software delivery, blue/green deployment is a vital practice.

In this post, we discuss the different use-cases where you can leverage the continuous deployment feature of Amazon CloudFront. This feature provides a managed approach to deploying live Content Delivery Network (CDN) distribution using blue/green and canary techniques. In turn, this significantly reduces the risk involved in making changes across an entire domain. Using this feature, customers can validate changes by directing a portion of production traffic to the updated configuration before rolling out the changes to all edge locations.

Common use cases

The continuous deployment feature in CloudFront is an effective method for releasing new features, bug fixes, and other changes to applications without interrupting the user experience. In this post, we discuss some of the common use-cases:

1. Updating critical systems:
   For business-critical applications, it is essential to minimize any downtime or disruption in user experience. With CloudFront continuous deployment, you can deploy a new version of your CDN code alongside the existing version, test it, and then switch over to the new version without any downtime. This feature enables zero-downtime deployments and easy rollbacks, allowing for seamless transitions from your old CloudFront distribution to your new one.
2. A/B testing:
   The CloudFront continuous deployment feature can be used for experimentation in software development. This allows CloudFront customers to increase the number of experiments that can run on their user base, capture the business metrics to make informed decisions, and iterate, thereby shortening the product development lifecycle.
3. Fast rollback:
   With traditional deployment methods, rolling back changes can be a difficult and time-consuming process. However, with CloudFront continuous deployment, you can simply switch back to the code in your primary distribution if something goes wrong with the new code in the other distribution. This makes sure that your users are not impacted by any issues or bugs that may arise during deployment.
4. Rolling out new features:
   With new feature launches, the CloudFront continuous deployment feature can help minimize the risk of an erroneous CDN code deployment. By releasing updates to a small group of users, developers can make sure that the updates are functioning properly before releasing them to the entire user base. This can help prevent widespread issues and minimize any negative impact on the user experience.
5. Test on the staging environment:
   Any changes made to the codebase are first deployed to the staging distribution. This allows the testing team to perform comprehensive testing of the new changes. Once testing is complete, the changes can be copied from the staging distribution to the production distribution, or you can redirect the traffic from the active environment to the idle environment, making it the new production environment. This approach makes sure that the new codebase has been thoroughly tested and validated before it is rolled out to production. Any issues that arise during testing can be addressed and resolved in the idle environment, minimizing the impact on production.

Getting started

To set up CloudFront continuous deployment, customers can begin by creating a new staging distribution of an existing distribution using the CloudFront Management Console, AWS CloudFormation, AWS SDK, or AWS Command Line Interface (AWS CLI). Once the new staging distribution has been created, customers can apply the desired changes and configure the staging policy, such as weight-based or header-based, to gradually increase traffic to the new distribution.

After verifying that the staging distribution is performing as expected, customers can copy the changes to the main distribution or promote this distribution to now be the primary distribution. This process enables seamless and controlled deployment of changes, making sure of minimal disruption to end-users.

Solution overview

The sample solution deploys a CloudFront distribution with a single Amazon Simple Storage Service (Amazon S3) origin and can be configured to promote changes using a staging distribution to safely test and release changes to the primary distribution. With the recommended solution, you implement an AWS Cloud Development Kit (AWS CDK) Pipeline that enables continuous deployment for CloudFront distribution configuration changes.

The solution comprises two distinct components:

1. AWS CDK Pipeline, which facilitates the creation of a primary distribution, staging distribution, Amazon S3 origin, and deployment policy.
2. AWS Step Functions workflow, which is responsible for orchestrating CloudFront API calls to execute the following actions:

a. Enable the continuous deployment policy and link it to the primary distribution.
b. Update the primary distribution with the latest staging configuration.

As a part of this solution, deploy a CloudFront distribution with an Amazon S3 origin and configure a staging distribution to test and promote changes to the primary distribution.

Reference solution

Here is the GitHub repository for the reference solution.

Implementation details

Outlined here are the step-by-step implementation details:

1.      Create the pipeline stack by running ‘cdk deploy’
2.     Release changes to the primary distribution

a.    Change distribution configuration by updating the primary distribution stack and commit changes to the code repository.
b.    Code commit to the repository triggers the pipeline.
c.    Pipeline runs through stages to deploy changes to the primary distribution.

3.     Continuous deployment workflow using CloudFront continuous deployment.

a.    Once the primary distribution is deployed and live, any changes to distribution can be released using blue/green or canary deployment by updating the pipeline to continuous deployment mode.
b.    Continuous deployment can be enabled by updating a flag in pipeline code to promote changes using staging distribution.
c.    The pipeline uses ‘Single Header’ traffic configuration or Blue/Green deployment and can be updated to use ‘Single Weight’ traffic configuration by updating a configuration flag in the pipeline code.
d.    When you select ‘SingleWeight’, you can choose to set session stickiness to make sure that the users remain sticky to the same experience, while getting their requests served from the same CloudFront distribution.
e.    Make changes to distribution configuration and commit to repository.
f.     Committing the changes to repository triggers the pipeline and creates a staging distribution with changes and deployment policy with the send portion of traffic based on header or weightage.
g.    Continuous deployment policy is attached or linked to primary distribution by invoking Step Function as a Pipeline Step. Step Function enables the deployment policy and updates the primary distribution to attach the deployment policy to distribution.
h.   Pipeline waits for manual approval before promoting changes in staged distribution to primary distribution.
i.    After validation, pipeline should be approved to updated primary distribution with staged changes. This results in the release of changes. To release the change, the pipeline invokes the Step Function, which calls the CloudFront API to update primary distribution with staging configuration.

Conclusion

CloudFront continuous deployment is a powerful tool for releasing software updates with minimal risk and maximum efficiency. With the CloudFront continuous deployment feature now available, you can further improve the speed and reliability of software releases. By leveraging CloudFront’s global network of edge servers, deployments can be quickly and easily rolled out to users worldwide, making sure of a consistent user experience and minimizing downtime.