aws cloudformation 使用模板配置 ecs 蓝绿部署
参考资料
- Perform ECS blue/green deployments through CodeDeploy using AWS CloudFormation
- AWS::CodeDeployBlueGreen
在之前的文章中,使用codepipeline中通过控制台的方式创建了ecs蓝绿部署的demo。实际上可以单独通过codedeploy完成ecs服务的蓝绿部署
参考官方文档对cfn模板的描述,堆栈会创建以下资源
| Requirement | Resource | Required/Optional | Triggers blue/green deployment if replaced |
|---|---|---|---|
| Amazon ECS cluster | AWS::ECS::Cluster | Optional. The default cluster can be used. | No |
| Amazon ECS service | AWS::ECS::Service | Required. | No |
| Application or Network Load Balancer | AWS::ECS::Service LoadBalancer | Required. | No |
| Production listener | AWS::ElasticLoadBalancingV2::Listener | Required. | No |
| Test listener | AWS::ElasticLoadBalancingV2::Listener | Optional. | No |
| Two target groups | AWS::ElasticLoadBalancingV2::TargetGroup | Required. | No |
| Amazon ECS task definition | AWS::ECS::TaskDefinition | Required. | Yes |
| Container for your Amazon ECS application | AWS::ECS::TaskDefinition ContainerDefinition Name | Required. | No |
| Port for your replacement task set | AWS::ECS::TaskDefinition PortMapping ContainerPort | Required. | No |
模板中最重要的部分如下,完整配置需要参考 Template reference
添加hook部分并定义部署的具体配置,配置中所有资源都引用堆栈中资源的逻辑id
Transform:
- 'AWS::CodeDeployBlueGreen'
Hooks:
CodeDeployBlueGreenHook:
Type: 'AWS::CodeDeploy::BlueGreen'
Properties:
TrafficRoutingConfig:
Type: TimeBasedCanary
TimeBasedCanary:
StepPercentage: 15
BakeTimeMins: 5
Applications:
- Target:
Type: 'AWS::ECS::Service'
LogicalID: ECSDemoService
ECSAttributes:
TaskDefinitions:
- BlueTaskDefinition
- GreenTaskDefinition
TaskSets:
- BlueTaskSet
- GreenTaskSet
TrafficRouting:
ProdTrafficRoute:
Type: 'AWS::ElasticLoadBalancingV2::Listener'
LogicalID: ALBListenerProdTraffic
TargetGroups:
- ALBTargetGroupBlue
- ALBTargetGroupGreen
当对以下资源进行更新时,CloudFormation 将启动绿色部署:
AWS::ECS::TaskDefinitionAWS::ECS::TaskSet
更新不需要进行资源替换的资源中的属性不会触发绿色部署
原则上就是对任务相关的资源和基础设施资源的堆栈更新要分开进行,建议创建更改集进行操作
要取消仍在进行的绿色部署,需要取消 CloudFormation 中的堆栈更新
嵌套堆栈中不能用
AWS::CodeDeploy::BlueGreen钩子
使用cloudfromation进行ecs蓝绿部署不需要对codedeploy的应用和部署组进行配置
- Your template does not need to model resources for a CodeDeploy application or deployment group.
- Your template must include resources for a VPC using Amazon VPC that contains at least two subnets.
- Your template must include resources for a Classic Load Balancer, Application Load Balancer, or Network Load Balancer in Elastic Load Balancing that is used to direct traffic to your target groups.
为了使cfn成功执行蓝绿部署,必须具有以下权限:
codedeploy:Get*codedeploy:CreateCloudFormationDeployment
修改堆栈中的任务定义中image并更新堆栈,触发堆栈的宏'AWS::CodeDeployBlueGreen'
BlueTaskDefinition:
Type: 'AWS::ECS::TaskDefinition'
Properties:
ExecutionRoleArn: !GetAtt
- ECSTaskExecutionRole
- Arn
ContainerDefinitions:
- Name: DemoApp
Image: 'nginxdemos/hello:latest' # 修改之后更新堆栈
Essential: true
PortMappings:
- HostPort: 80
Protocol: tcp
ContainerPort: 80
RequiresCompatibilities:
- FARGATE
NetworkMode: awsvpc
Cpu: '256'
Memory: '512'
Family: ecs-demo
堆栈的具体更新事件
可以看到,虽然没有创建codedeploy部署组但是触发了部署行为
观察到流量切换
熟悉的套路,通过alb监听权重切换流量
具体的逻辑和pipeline的蓝绿部署类似,只是配置和触发都要通过cfn来进行了
浙公网安备 33010602011771号