Kubernetes Practice (English) - Automating Blue/Green Deployment with Argo Rollouts
In this article, we will learn how to automate Blue/Green Deployment on Kubernetes with Argo Rollouts.
Argo Rollouts
Argo Rollouts is a Kubernetes Controller and set of Custom Resource Definitions (CRDs) that provide advanced features for application deployment on Kubernetes compared to the native Kubernetes Deployment Object.
Argo Rollouts provide deployment capabilities such as blue-green, canary, canary analysis, experimentation, and progressive delivery features to Kubernetes.
Because Argo Rollouts are a set of CRDs, we need to install them into the Kubernetes Cluster. Run the following commands to install Argo Rollouts.
kubectl create namespace argo-rollouts
namespace/argo-rollouts created
kubectl apply -n argo-rollouts -f https://github.com/argoproj/argo-rollouts/releases/latest/download/install.yaml
customresourcedefinition.apiextensions.k8s.io/analysisruns.argoproj.io created
customresourcedefinition.apiextensions.k8s.io/analysistemplates.argoproj.io created
customresourcedefinition.apiextensions.k8s.io/clusteranalysistemplates.argoproj.io created
customresourcedefinition.apiextensions.k8s.io/experiments.argoproj.io created
customresourcedefinition.apiextensions.k8s.io/rollouts.argoproj.io created
serviceaccount/argo-rollouts created
clusterrole.rbac.authorization.k8s.io/argo-rollouts created
clusterrole.rbac.authorization.k8s.io/argo-rollouts-aggregate-to-admin created
clusterrole.rbac.authorization.k8s.io/argo-rollouts-aggregate-to-edit created
clusterrole.rbac.authorization.k8s.io/argo-rollouts-aggregate-to-view created
clusterrolebinding.rbac.authorization.k8s.io/argo-rollouts created
secret/argo-rollouts-notification-secret created
service/argo-rollouts-metrics created
deployment.apps/argo-rollouts created
Check if we installed it successfully.
kubectl get pod -n argo-rollouts
NAME READY STATUS RESTARTS AGE
argo-rollouts-76fcfc8d7f-k6mth 1/1 Running 0 58s
Argo Rollouts Deployment Strategy
To use Argo Rollouts, we declare a resource with the apiVersion attribute as argoproj.io/v1alpha1 and the kind as Rollout, like below:
apiVersion: argoproj.io/v1alpha1
kind: Rollout
The configuration of Argo Rollouts has a strategy property for us to choose the deployment strategy we want, with two values of blueGreenand canary.
See detail here Rollout Specification. Don’t try to understand all properties for now.
In this article, we will learn about blue/green.
Practice
I use Minikube to run Kubernetes Cluster for the demo. Create a file named bluegreen-rollout.yaml.
apiVersion: argoproj.io/v1alpha1
kind: Rollout
metadata:
name: bluegreen-demo
labels:
app: bluegreen-demo
spec:
replicas: 2
revisionHistoryLimit: 1
selector:
matchLabels:
app: bluegreen-demo
template:
metadata:
labels:
app: bluegreen-demo
spec:
containers:
- name: bluegreen-demo
image: argoproj/rollouts-demo:green
imagePullPolicy: Always
ports:
- name: http
containerPort: 8080
protocol: TCP
strategy:
blueGreen:
autoPromotionEnabled: false
activeService: bluegreen-demo
previewService: bluegreen-demo-preview
All properties of Rollout are the same as a native Deployment Object, only the strategy attribute is different. In the file above, we declare 3 properties:
autoPromotionEnabled: false- Indicates if the rollout should automatically promote the new ReplicaSet to the active service or enter a paused state. If not specified, the default value is true.activeService: bluegreen-demo- Reference to service that the rollout modifies as the active service.previewService: bluegreen-demo-preview- Name of the service that the rollout modifies as the preview service.
Next, we create a file named service.yaml.
apiVersion: v1
kind: Service
metadata:
name: bluegreen-demo
labels:
app: bluegreen-demo
spec:
type: NodePort
selector:
app: bluegreen-demo
ports:
- port: 80
targetPort: http
protocol: TCP
name: http
---
apiVersion: v1
kind: Service
metadata:
name: bluegreen-demo-preview
labels:
app: bluegreen-demo
spec:
type: NodePort
selector:
app: bluegreen-demo
ports:
- port: 80
targetPort: http
protocol: TCP
name: http
The two Services properties are the same except for the name property. Next, we create a Rollout Object.
kubectl apply -f bluegreen-rollout.yaml
rollout.argoproj.io/bluegreen-demo created
kubectl get rollout
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
bluegreen-demo 2 2 2 2 30s
When we create a Rollout, the Argo Rollouts implicit create a ReplicaSet for a current revision. Let’s check:
kubectl get rs
NAME DESIRED CURRENT READY AGE
bluegreen-demo-fbc7b7f55 2 2 2 4m37s
kubectl get pod
NAME READY STATUS RESTARTS AGE
bluegreen-demo-fbc7b7f55-g6fst 1/1 Running 0 37s
bluegreen-demo-fbc7b7f55-vvdth 1/1 Running 0 37s
Ensure that Replica Set and Pod are running, next, we create a Service.
kubectl apply -f service.yaml
service/bluegreen-demo created
service/bluegreen-demo-preview created
At this time, both the bluegreen-demo and bluegreen-demo-preview are pointing to the same ReplicaSet as bluegreen-demo-fbc7b7f55.
Let’s test, we run the following commands to get the URL of both services.
minikube service bluegreen-demo --url
172.26.123.245:30000
minikube service bluegreen-demo-preview --url
172.26.123.245:30001
Open the browser, we will see the UI below.
Now, we change the image property of Rollout Object.
...
spec:
containers:
- name: bluegreen-demo
image: argoproj/rollouts-demo:blue
...
Updating Rollout Object.
kubectl apply -f bluegreen-rollout.yaml
rollout.argoproj.io/bluegreen-demo configured
At this point, Argo Rollouts will create a new ReplicaSet for the new configuration.
kubectl get rs
bluegreen-demo-7d6459646d 2 2 2 2m11s
bluegreen-demo-fbc7b7f55 2 2 2 41m
kubectl get pod
NAME READY STATUS RESTARTS AGE
bluegreen-demo-7d6459646d-2zm56 1/1 Running 0 2m13s
bluegreen-demo-7d6459646d-xz9bj 1/1 Running 0 2m13s
bluegreen-demo-fbc7b7f55-g6fst 1/1 Running 0 41m
bluegreen-demo-fbc7b7f55-vvdth 1/1 Running 0 41m
Then the bluegreen-demo-preview service is modified to point to the new ReplicaSet. Accessing the preview service address will see a different UI.
And the bluegreen-demo service does not change.
After we check the new ReplicaSet and see that all is well, next, we promote the new revision of ReplicaSet by updating the bluegreen-demo service to point to it, we run the following command (don’t follow, we will use another way).
kubectl argo rollouts promote bluegreen-demo
rollout 'bluegreen-demo' promoted
Now, Argo Rollouts update the bluegreen-demo service to point to the new ReplicaSet, after waiting (default 30 seconds), the old ReplicaSet is scaled down.
UI Dashboard
In my opinion, DevOps Engineers should not do the work “promotes” the new ReplicaSet, our task is just to build the CI/CD so that the Rollout can be updated when a new version of the application is available. Leave it to QC Engineer.
But QC can’t run CLI so we need to have a dashboard for QC to do this. Fortunately, Argo Rollout provides us with a dashboard, which we can enable using kubectl or using quay.io/argoproj/kubectl-argo-rollouts container image.
kubectl argo rollouts dashboard
INFO[0000] Argo Rollouts Dashboard is now available at localhost 3100
Go to localhost:3100 we will see the dashboard of Argo Rollouts.
Choose to bluegreen-demo.
You will see the Promote button, the person who clicks this button will be the QC, if anything is wrong, the QC will be responsible =)))), let’s click on the promote button.
Click Sure.
Now you access both the bluegreen-demo and the bluegreen-demo-preview service we will see the same UI.
Ingress
Ingress configuration for public access if you need.
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: bluegreen-demo
annotations:
ingress.kubernetes.io/proxy-body-size: 100M
kubernetes.io/ingress.class: nginx
ingress.kubernetes.io/app-root: /
spec:
rules:
- host: blue-green.example.com
http:
paths:
- path: /
backend:
serviceName: bluegreen-demo
servicePort: 80
---
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: bluegreen-demo-preview
annotations:
ingress.kubernetes.io/proxy-body-size: 100M
kubernetes.io/ingress.class: nginx
ingress.kubernetes.io/app-root: /
spec:
rules:
- host: blue-green-preview.example.com
http:
paths:
- path: /
backend:
serviceName: bluegreen-demo-preview
servicePort: 80
Done 😁.
Conclusion
So we have learned how to automate Blue/Green Deployment with Argo Rollouts, as you can see, it’s also simple 😁. If you have any questions or need further clarification, you can ask in the comment section below.
All rights reserved
