Modal Title
Cloud Native Ecosystem Containers Edge Computing Microservices Networking Serverless Storage
5 Tips to Achieve Performance Engineering at Scale
Mar 30th 2023 10:00am, by Mav Turner
Looking for a k3OS Alternative? Choosing a Container OS for Edge K8s
Mar 28th 2023 5:57am, by Nicolas Vermande
Factor Cost Efficiency into Platform Engineering for Growth, Profitability
Mar 27th 2023 10:00am, by Omer Hamerman
Digital Anarchy: Abolishing State
Mar 23rd 2023 6:32am, by Tim Banks
A Is for OpenStack Antelope
Mar 22nd 2023 7:41am, by Steven J. Vaughan-Nichols
This Week in Computing: Malware Gone Wild
Mar 25th 2023 7:10am, by Joab Jackson
Inspect Container Images with the docker scan Command
Mar 25th 2023 6:00am, by Jack Wallen
Building and Securing Containers with Slim.ai
Mar 24th 2023 11:59am, by Steven J. Vaughan-Nichols
Catching up with the Founder and CEO of Portainer
Mar 24th 2023 4:00am, by Jack Wallen
Check for Container Image Vulnerabilities with Trivy
Mar 18th 2023 6:00am, by Jack Wallen
Vercel Adds Remix: Integration Supports Larger Apps
Mar 29th 2023 10:22am, by Loraine Lawson
5 Trends to Watch for at KubeCon EU 2023
Mar 28th 2023 10:00am, by Saad Malik
What Wasm Needs to Reach the Edge
Mar 27th 2023 9:00am, by B. Cameron Gain
What Are Time Series Databases, and Why Do You Need Them?
Mar 27th 2023 5:00am, by Robert Kimani
Startup pgEdge Tackles the Distributed Edge with Postgres
Mar 27th 2023 4:00am, by Susan Hall
How to Fix Kubernetes Monitoring
Mar 31st 2023 10:00am, by Dotan Horovits
Saga Without the Headaches
Mar 24th 2023 10:00am, by Dominik Tornow
What Is Microservices Architecture?
Feb 23rd 2023 4:22am, by Eric Schabell
Java's History Could Point the Way for WebAssembly
Jan 12th 2023 3:00am, by B. Cameron Gain
Limiting the Deployment Blast Radius
Nov 15th 2022 8:14am, by Steven Lohrenz
Wireshark Celebrates 25th Anniversary with a New Foundation
Mar 28th 2023 5:00am, by Joab Jackson
This Week in Computing: Malware Gone Wild
Mar 25th 2023 7:10am, by Joab Jackson
JWTs: Connecting the Dots: Why, When and How
Mar 20th 2023 7:10am, by Michal Trojanowski
Palo Alto Networks Adds AI to Automate SASE Admin Operations
Mar 17th 2023 6:00am, by Chris J. Preimesberger
TrueNAS SCALE Network Attached Storage Meets High Demand
Mar 2nd 2023 7:13am, by Jack Wallen
Serverless WebAssembly for Browser Developers
Mar 22nd 2023 12:26pm, by Matt Butcher
ScyllaDB’s Incremental Changes: Just the Tip of the Iceberg
Mar 20th 2023 9:29am, by George Anadiotis
TriggerMesh: Open Sourcing Event-Driven Applications
Mar 13th 2023 12:14pm, by Jessica Wachtel
Ably Touts Real-Time Starter Kits for Vercel and Netlify
Mar 8th 2023 10:56am, by Loraine Lawson
Going Serverless on AWS Lambda? Recognize Potential Risks 
Mar 6th 2023 5:00am, by Sarabjeet Chugh
Why Cloud Data Replication Matters
Mar 31st 2023 9:26am, by Tyler Mitchell
Best Practices to Build IoT Analytics
Mar 27th 2023 9:33am, by Zoe Steinkamp
What Are Time Series Databases, and Why Do You Need Them?
Mar 27th 2023 5:00am, by Robert Kimani
The Economics of Database Operations
Mar 23rd 2023 8:25am, by John Page
Digital Anarchy: Abolishing State
Mar 23rd 2023 6:32am, by Tim Banks
Frontend Development Software Development Typescript WebAssembly Cloud Services Data Machine Learning Security
Dev News: Web Push, Nuxt’s New DevTools and a Boon for Rust
Mar 31st 2023 10:36am, by Loraine Lawson
Making Career Decisions During a Time of Tech Layoffs and AI
Mar 31st 2023 8:00am, by David Eastman
Advice for Developers Wanting to Become Engineering Managers
Mar 31st 2023 7:58am, by Loraine Lawson
Vercel Adds Remix: Integration Supports Larger Apps
Mar 29th 2023 10:22am, by Loraine Lawson
Wolfram ChatGPT Plugin Blends Symbolic AI with Generative AI
Mar 29th 2023 6:42am, by Richard MacManus
How PaymentWorks Modernized Its Developer Platform with Slim.AI
Mar 31st 2023 11:46am, by Pieter van Noordennen
Dev News: Web Push, Nuxt’s New DevTools and a Boon for Rust
Mar 31st 2023 10:36am, by Loraine Lawson
Making Career Decisions During a Time of Tech Layoffs and AI
Mar 31st 2023 8:00am, by David Eastman
Advice for Developers Wanting to Become Engineering Managers
Mar 31st 2023 7:58am, by Loraine Lawson
What Is Lightweight Software? Revisiting the Definition
Mar 31st 2023 6:06am, by Liam Crilly
This Week in Computing: Malware Gone Wild
Mar 25th 2023 7:10am, by Joab Jackson
TypeScript 5.0: New Decorators Standard, Smaller npm
Mar 24th 2023 11:25am, by Loraine Lawson
JavaScript or WebAssembly: Which Is More Energy Efficient and Faster?
Jan 30th 2023 9:51am, by Loraine Lawson
What TypeScript Brings to Node.js
Dec 26th 2022 3:00am, by Paul Ferrill
Improve your TypeScript Skills with Type Challenges
Nov 11th 2022 3:00am, by Danni White
Python in the Browser: Free PyScript SaaS Launches
Mar 28th 2023 7:12am, by Loraine Lawson
What Wasm Needs to Reach the Edge
Mar 27th 2023 9:00am, by B. Cameron Gain
No More JavaScript: How Microsoft Blazor Uses WebAssembly
Mar 27th 2023 7:22am, by David Eastman
WebAssembly Providers Speed Ahead to Fill Serverless Gaps
Mar 24th 2023 2:00am, by B. Cameron Gain
VMware and Other Wasm Players Want WebAssembly 
Mar 23rd 2023 8:52am, by B. Cameron Gain
Surprising Results in the 2023 Third-Party App Access Report
Mar 27th 2023 11:26am, by Maor Bin
Unlock the Next Wave of Machine Learning with the Hybrid Cloud
Mar 22nd 2023 10:00am, by Kjell Carlsson
Getting the Most from Kubernetes Autoscaling
Mar 21st 2023 7:06am, by Brian Likosar
ScyllaDB Challenges DynamoDB on Latency and Pricing
Mar 20th 2023 9:00am, by Jessica Wachtel
Multiple Vendors Make Data and Analytics Ubiquitous
Mar 20th 2023 5:00am, by Andrew Brust
Why Cloud Data Replication Matters
Mar 31st 2023 9:26am, by Tyler Mitchell
Real-Time Materialized Views — Oxymoron or Killer Feature? 
Mar 30th 2023 8:18am, by Hari Subhash
Why Fast JSON Analytics Is Foundational for Modern Web Apps
Mar 30th 2023 6:53am, by Arnaud Comet
3 Important AI/ML Tools You Can Deploy on Kubernetes 
Mar 29th 2023 6:16am, by Patrick McFadin
Data Unleashed: Unlocking Powerful Business Insights
Mar 28th 2023 9:47am, by Irfan Khan
GPT-4 AI-Powered Microsoft Security Copilot Arrives
Mar 31st 2023 9:12am, by Steven J. Vaughan-Nichols
At QCon: Why Generative AI Is Harmful to Earth and Society
Mar 30th 2023 6:00am, by Jennifer Riggins
Wolfram ChatGPT Plugin Blends Symbolic AI with Generative AI
Mar 29th 2023 6:42am, by Richard MacManus
3 Important AI/ML Tools You Can Deploy on Kubernetes 
Mar 29th 2023 6:16am, by Patrick McFadin
The Next Wave of Big Data Companies in the Age of ChatGPT
Mar 24th 2023 7:40am, by Richard MacManus
GPT-4 AI-Powered Microsoft Security Copilot Arrives
Mar 31st 2023 9:12am, by Steven J. Vaughan-Nichols
Ubuntu Pro Tackles the Challenge of Enterprise Open Source Adoption
Mar 29th 2023 10:00am, by Lech Sandecki
Wireshark Celebrates 25th Anniversary with a New Foundation
Mar 28th 2023 5:00am, by Joab Jackson
Twitter's Source Code Leak Adds to Elon Musk's Social Media Mess
Mar 27th 2023 1:42pm, by Steven J. Vaughan-Nichols
Surprising Results in the 2023 Third-Party App Access Report
Mar 27th 2023 11:26am, by Maor Bin
Platform Engineering Operations CI/CD Tech Life DevOps Kubernetes Observability Service Mesh
How PaymentWorks Modernized Its Developer Platform with Slim.AI
Mar 31st 2023 11:46am, by Pieter van Noordennen
What Is Platform Engineering and When Should You Invest in It?
Mar 30th 2023 8:57am, by Amit Gupta
Why Successful Platform Engineering Teams Need a Product Manager 
Mar 29th 2023 8:25am, by David Sandilands
Self-Service Infrastructure as Code in a Dev Portal with GitOps
Mar 29th 2023 6:54am, by Zohar Einy
High-Performing DevOps Teams Build Self-Service Platforms
Mar 29th 2023 4:00am, by Heather Joslyn and Lawrence E Hecht
How PaymentWorks Modernized Its Developer Platform with Slim.AI
Mar 31st 2023 11:46am, by Pieter van Noordennen
How to Fix Kubernetes Monitoring
Mar 31st 2023 10:00am, by Dotan Horovits
Why Cloud Data Replication Matters
Mar 31st 2023 9:26am, by Tyler Mitchell
5 Tips to Achieve Performance Engineering at Scale
Mar 30th 2023 10:00am, by Mav Turner
The End of Programming Is Nigh
Mar 29th 2023 11:31am, by Alex Williams
5 Tips to Achieve Performance Engineering at Scale
Mar 30th 2023 10:00am, by Mav Turner
How 2 Founders Sold Their Startup to Aqua Security in a Year
Mar 22nd 2023 1:42pm, by Heather Joslyn
Simplify CI/CD with a General-Purpose Software Catalog
Mar 14th 2023 6:24am, by Zohar Einy
IBM Donates SBOM Code to OWASP
Mar 7th 2023 7:51am, by Steven J. Vaughan-Nichols
Slim.AI: Automating Vulnerability Remediation for a Shift-Left World
Feb 21st 2023 10:00am, by John Amaral
Making Career Decisions During a Time of Tech Layoffs and AI
Mar 31st 2023 8:00am, by David Eastman
Advice for Developers Wanting to Become Engineering Managers
Mar 31st 2023 7:58am, by Loraine Lawson
Entrepreneurship for Engineers: Is Your Startup in Trouble?
Mar 31st 2023 6:00am, by Emily Omier
At QCon: Why Generative AI Is Harmful to Earth and Society
Mar 30th 2023 6:00am, by Jennifer Riggins
Why Successful Platform Engineering Teams Need a Product Manager 
Mar 29th 2023 8:25am, by David Sandilands
How PaymentWorks Modernized Its Developer Platform with Slim.AI
Mar 31st 2023 11:46am, by Pieter van Noordennen
What Is Lightweight Software? Revisiting the Definition
Mar 31st 2023 6:06am, by Liam Crilly
What Is Platform Engineering and When Should You Invest in It?
Mar 30th 2023 8:57am, by Amit Gupta
Why Successful Platform Engineering Teams Need a Product Manager 
Mar 29th 2023 8:25am, by David Sandilands
Self-Service Infrastructure as Code in a Dev Portal with GitOps
Mar 29th 2023 6:54am, by Zohar Einy
How to Fix Kubernetes Monitoring
Mar 31st 2023 10:00am, by Dotan Horovits
5 Trends to Watch for at KubeCon EU 2023
Mar 28th 2023 10:00am, by Saad Malik
Looking for a k3OS Alternative? Choosing a Container OS for Edge K8s
Mar 28th 2023 5:57am, by Nicolas Vermande
A Is for OpenStack Antelope
Mar 22nd 2023 7:41am, by Steven J. Vaughan-Nichols
Getting the Most from Kubernetes Autoscaling
Mar 21st 2023 7:06am, by Brian Likosar
How to Fix Kubernetes Monitoring
Mar 31st 2023 10:00am, by Dotan Horovits
Boost SRE Productivity with Observability-Driven Automation
Mar 28th 2023 8:00am, by Rob Jahn
This Week in Computing: Malware Gone Wild
Mar 25th 2023 7:10am, by Joab Jackson
Reducing the Cognitive Load Associated with Observability
Mar 22nd 2023 6:44am, by Alex Gervais
Vercel Brings Logging, Monitoring to Its Observability Suite
Mar 22nd 2023 3:00am, by Jessica Wachtel
How to Create Zero Trust Architecture for Service Mesh
Mar 27th 2023 7:00am, by Joe Fay
Ambient Mesh: Sidestepping the Sidecar
Mar 1st 2023 8:44am, by Jeff Goldman
Service Mesh Demand for Kubernetes Shifts to Security
Oct 27th 2022 11:04am, by B. Cameron Gain
AmeriSave Moved Its Microservices to the Cloud with Traefik's Dynamic Reverse Proxy
Sep 8th 2022 2:02pm, by Ann R. Thryft
Can You Now Safely Remove the Service Mesh Sidecar?
Sep 8th 2022 9:19am, by B. Cameron Gain

Win-Win Deployment Strategies for Modern Apps

Sep 12th, 2018 11:00am by and
Featued image for: Win-Win Deployment Strategies for Modern Apps

Jason Skowronski
Jason writes on behalf of Rollbar, where he serves as the lead editor for technical content. He started as a software developer at Amazon and now enjoys being a developer advocate for the latest technologies.

Rollbar sponsored this post.

Today, modern applications need frequent updates to deliver on business objectives with fast turnaround time. The days of months- or years-long release cycles are gone. Modern applications may be deployed on short notice multiple times per day. This gives the enterprise more agility to make changes that deliver business value faster. Now product teams can iterate on new versions of the product quickly, testing the impact on key metrics and fixing problems immediately.

Faster, incremental deployments also decouple development teams so they can work in parallel. This can increase the efficiency of your development teams. With the advent of service-oriented architecture and microservices, we can deploy changes to multiple services in parallel with no downtime or service interruption.

However, this also creates new challenges for the operations team. With more frequent deployments, it’s more likely that the deployed code could negatively affect site reliability or customer experience.

It’s important to develop strategies for deploying code that minimize the risk to the product and customers. In this article, we will talk about a few deployment strategies, best practices and tools that will allow your team to work faster and more reliably.

Challenges of Modern Applications

Modern applications are often distributed and cloud-based. They can elastically scale to meet the needed demand, and are more resilient to failure thanks to highly-available architectures. They may even use fully managed services like AWS Lambda or Elastic Container Service (ECS) where the platform takes on some of the operational responsibility. These applications almost always have frequent releases. For example, a mobile application or a public-facing website may undergo several changes within a month.

Sadequl Hussain
Sadequl works with databases, big data and analytics technologies in the cloud. He lives in Sydney, Australia and is a professional blogger and trainer on modern tech topics.

These applications frequently use microservice architectures in which several components work together to deliver the full functionality. There can be different release cycles for different components, but they all have to work together seamlessly. With multiple development teams making changes in parallel throughout the code base, it can be difficult to determine the root cause of a problem.

Another complexity arises from the abstraction of the infrastructure layer, which is now considered code. Deployment of a new application thus may mean deployment of new infrastructure code with it.

Why Use a Deployment Strategy

As mentioned above, since there are so many moving parts and so many changes happening in modern apps, there are more opportunities for something to go wrong. To meet this challenge, application and infrastructure teams need to devise and adopt a deployment strategy suitable for their use case.

However, one particular deployment strategy may not fit all use cases. A deployment method for a new microservice may not be the ideal solution for a cloud-based office productivity suite rollout.

That’s why it’s best to be familiar with different deployment techniques. We will review several and discuss the pros and cons of each that you can choose the best for your organization.

“Big Bang” Deployment

As the name suggests, “big bang” deployments updates whole or large parts of an application in one operation. It has been the default approach dating back to the days when software was released on physical media and installed by the customer. Big bang deployments required the business to conduct extensive development and testing before release, often associated with the “waterfall model” of large sequential releases. Modern applications have the advantage of updating regularly and automatically on the client side or the server side. Therefore, this big bang approach is slower and less agile for modern teams.

Characteristics of big bang deployment are:

  • All major pieces are packaged in one deployment;
  • It largely or completely replaces an existing software version with a new one;
  • The deployment is usually the result of long development and testing cycles;
  • It assumes a minimal chance of failure as rollbacks may be impossible or impractical;
  • The completion time is usually long and can take multiple teams’ efforts;
  • It may require action from clients to update the client-side installation.

Big bang deployments aren’t suitable for modern applications because the risks are unacceptable for public-facing or business-critical applications where outages mean huge financial loss. Rollbacks are often costly, time-consuming or even impossible.

The big bang approach can be suitable for non-production systems (e.g., re-creating a development environment) or vendor-packaged solutions like desktop applications.

Rolling Deployment

Rolling, phased or step deployments are better than big bang ones because they minimize many of the associated risks like user-facing downtime without easy rollbacks. In a rolling deployment the old version of an application is gradually replaced with a new version. The new and old versions will coexist without affecting functionality or user experience. The actual deployment happens over a period of time. Also, it’s easy to roll back any new component incompatible with the old components.

The following diagram shows the pattern where the old version is shown in blue and the new version is shown in green across each server in the cluster.

An example of rolling deployment can be the upgrade of an application suite. If the original applications were deployed in containers, the upgrade can tackle one container at a time: Each container is modified to download the latest image from the app vendor’s site, and the container is re-created. If there is a compatibility issue for one of the apps, the older image can be used to recreate the container. In this case, the new and old versions of the suite’s applications coexist until all the apps are upgraded.

Blue-Green, Red-Black or A/B Deployment

This is another fail-safe process. In this method, two identical production environments are used in parallel. One is the currently running production environment receiving all user traffic (depicted as Blue, Red or A), the other is a clone of it, but idle (Green, Black or B). Both use the same database back-end and app configuration. The setup is shown below:

The new version of the application is deployed in the green environment and tested for functionality and performance. Once the testing results are all good, application traffic is routed from blue to green. Green then becomes the new production.

If there is an issue after green becomes live, traffic can be routed back to blue.

In a blue-green deployment both systems use the same persistence layer or database back end, so it’s necessary to keep the application data in sync. You can do this with a mirrored database. You can use the primary database by blue for write operations and use the secondary by green for read operations. During switchover from blue to green, the database is failed over from primary to secondary. If green also needs to write data during testing, the databases can be in bidirectional replication.

Once green becomes live, you can shut down or recycle the old blue instances. You might deploy a newer version on those instances and make them the new green for the next release.

Blue-green deployments rely on traffic routing. This can be done by updating DNS CNAMES for hosts. However, changes can be delayed by long TTL values. Alternatively, you can change the load balancer settings and the changes take effect immediately. Features like connection draining in ELB can be used to serve in-flight connections.

Canary Deployment

Canary deployment is like blue-green, except it’s more risk averse. Instead of switching from blue to green in one step, you use a phased approach.

With canary deployment, you deploy a new application code in a small part of the production infrastructure. Once the application is signed off for release, only a few users are routed to it. This minimizes any impact. If there are no errors reported, the new version is gradually rolled out to the rest of the infrastructure. The image below shows this:

The main challenge of canary deployment is to devise a way to route some users to the new application. Also, some applications may always need the same group of users for testing, while others may require a different group every time.

Devising a way to route new users can be achieved with several techniques:

  • Exposing internal users to the canary deployment before allowing external user access; The routing can be based on the source IP range;
  • Releasing the application in only certain geographic regions;
  • Using an application logic to unlock new features to certain users and groups. This logic is removed when the application is made live for the rest of the users.

Deployment Best Practices

Modern application teams can follow a number of best practices to keep deployment risks to a minimum.

  • Use a deployment checklist. For example, one of the items in the checklist can be “backup all databases only after app services have been stopped.” An item like this can prevent data corruption;
  • Use continuous integration (CI). CI ensures code checked into the feature branch of a code repository is merged with its main branch only after it has gone through a series of dependency checks, unit and integration tests, and a successful build. If there are errors along the path, the build fails and the app team is notified. Using CI therefore means every change to the application is tested before it’s made available for deployment;
  • Use continuous delivery (CD). With CD, the CI-built code artifact is packaged and deployed in one or more environments. The incremental deployments thus minimize risk;
  • Use standard operating environments (SOEs) to ensure environment consistency. You can use tools like Vagrant and Packer for development workstations and servers;
  • Use Build Automation tools like CloudFormation to automate environment builds. It should be simple to click a button to tear down an entire infrastructure stack and rebuild from scratch;
  • Use configuration management tools like Puppet, Chef or Ansible in target servers to automatically apply OS settings, apply patches or install software;
  • Use communication channels like Slack for automated notifications of unsuccessful builds and application failures;
  • Have a process for alerting the responsible team on deployments that fail. Ideally you’ll catch these in the CI environment, but if the changes are deployed to prod you’ll need a way to notify the responsible team so they can fix the problem;
  • Consider automated rollbacks for deployments that fail health checks not just for availability but also for error rate.

Post-Deployment Monitoring

Despite best efforts and careful planning, deployments can often go wrong. It’s therefore best to use a tool to monitor application performance and errors after deployment.

An application performance monitoring (APM) solution will provide you a way to monitor critical performance metrics such as server response times after deployments. Changes in application logic or system architecture can dramatically affect application performance. When those changes exceed your service level objectives (SLO) you need your operations team to investigate and potentially roll back.

An error-monitoring solution like Rollbar is equally essential when practicing CI/CD. It will quickly notify your team and give them visibility to new errors that may be negatively impacting customer experience. New or reactivated errors could indicate bugs in the code that require developer attention. Error monitoring allows you to proactively fix those problems before they are reported to the support or sales teams. It will also help your team resolve errors faster by pointing them to the code changes responsible for the error messages.

With the right deployment strategies and tools in place, your team should be able to make releases more frequently with confidence and deliver a great customer experience.

Feature image via Pixabay.

Group Created with Sketch.
Jason writes on behalf of Rollbar, where he serves as the lead editor for technical content. He started as a software developer at Amazon and now enjoys being a developer advocate for the latest technologies.
Read more from Jason Skowronski
Sadequl works with databases, big data and analytics technologies in the cloud. He lives in Sydney, Australia and is a professional blogger and trainer on modern tech topics.
Read more from Sadequl Hussain
SHARE THIS STORY
RELATED STORIES
The Next Wave of Big Data Companies in the Age of ChatGPT At QCon: Why Generative AI Is Harmful to Earth and Society Unix Creator Ken Thompson to Keynote SCALE Conference 13 Reasons Why Enterprises Should Use Apache Pulsar New SmartOS: Ready to Serve as Next VM or Container Host
RELATED STORIES
Entrepreneurship for Engineers: Is Your Startup in Trouble? Vercel Adds Remix: Integration Supports Larger Apps No More Mr. Nice Guy: GitHub Demands Developers Use 2FA AI21 Labs Releases Jurassic-2, its New Large Language Model Twitter's Source Code Leak Adds to Elon Musk's Social Media Mess
THE NEW STACK UPDATE A newsletter digest of the week’s most important stories & analyses.