Overview
In this self-paced exercise, you will learn how to implement a blue-green upgrade strategy to upgrade your Amazon EKS clusters.
This method allows administrators to create two EKS clusters (blue and green) that are running two different versions of Kubernetes. The "blue" cluster is running an older Kubernetes version and the "green" cluster is running a newer Kubernetes version. The user will use networking techniques, like DNS updates, to switch traffic going from the old (blue) cluster to the new (green) cluster. This simple DNS change allows the user to easily and quickly test the newer versions of Kubernetes on the green cluster and rollback to the blue cluster if needed.
Important
This exercise is applicable for stateless workloads and only a DNS update is needed to redirect networking traffic.
Watch a video showcasing this guide below.
Blue-Green Upgrade Strategy¶
This approach is well suited for scenarios where an extremely low blast radius is required. This upgrade strategy will essentially duplicate infrastructure costs and users need to factor this in at least for the time period the duplication infrastructure is operated. With a blue-green upgrade strategy, users have the advantage of running their applications for an extended time period (Blue/Green type) on two clusters, one with the "older" Kubernetes version and the replacement with the "newer" Kubernetes version. Administrators have the option to switch back and forth between the old and new clusters as required. The visual below describes the high level steps that need to be performed for a "blue-green" upgrade strategy.
What Will You Do by Part¶
| Part | What will you do? |
|---|---|
| 1 | Setup and configure the environment |
| 2 | Provision Amazon EKS Clusters |
| 3 | Create and Test workload |
| 4 | Deprovision clusters |
The sequence diagram below illustrates the steps you will experience at a high level
sequenceDiagram
participant admin as Admin
participant blue as Blue Cluster
participant green as Green Cluster
participant dns as DNS Provider
rect rgb(191, 223, 255)
note right of admin: Step 1: Blue Cluster
admin->>blue: Provision Blue Cluster
admin->>blue: Deploy workload on Blue Cluster
admin->>dns: Point DNS to blue
end
rect rgb(191, 223, 255)
note right of admin: Step 2: Green Cluster
admin->>green: Provision Green Cluster
admin->>green: Deploy workload on Green Cluster
end
rect rgb(191, 223, 255)
note right of admin: Step 3: Blue to Green
admin->>dns: Update DNS from blue to green
endAssumptions¶
- You have access to an Amazon AWS account with privileges to create an IAM Role with the default Full IAM Policy to allow provisioning of resources on your behalf as part of the EKS cluster lifecycle.