参考资料

• Perform ECS blue/green deployments through CodeDeploy using AWS CloudFormation
• AWS::CodeDeployBlueGreen

在之前的文章中，使用codepipeline中通过控制台的方式创建了ecs蓝绿部署的demo。实际上可以单独通过codedeploy完成ecs服务的蓝绿部署

参考官方文档对cfn模板的描述，堆栈会创建以下资源

Requirement	Resource	Required/Optional	Triggers blue/green deployment if replaced
Amazon ECS cluster	AWS::ECS::Cluster	Optional. The default cluster can be used.	No
Amazon ECS service	AWS::ECS::Service	Required.	No
Application or Network Load Balancer	AWS::ECS::Service LoadBalancer	Required.	No
Production listener	AWS::ElasticLoadBalancingV2::Listener	Required.	No
Test listener	AWS::ElasticLoadBalancingV2::Listener	Optional.	No
Two target groups	AWS::ElasticLoadBalancingV2::TargetGroup	Required.	No
Amazon ECS task definition	AWS::ECS::TaskDefinition	Required.	Yes
Container for your Amazon ECS application	AWS::ECS::TaskDefinition ContainerDefinition Name	Required.	No
Port for your replacement task set	AWS::ECS::TaskDefinition PortMapping ContainerPort	Required.	No

模板中最重要的部分如下，完整配置需要参考 Template reference

添加hook部分并定义部署的具体配置，配置中所有资源都引用堆栈中资源的逻辑id

Transform:
  - 'AWS::CodeDeployBlueGreen'
Hooks:
  CodeDeployBlueGreenHook:
  	Type: 'AWS::CodeDeploy::BlueGreen'
    Properties:
      TrafficRoutingConfig:
        Type: TimeBasedCanary
        TimeBasedCanary:
          StepPercentage: 15
          BakeTimeMins: 5
      Applications:
        - Target:
            Type: 'AWS::ECS::Service'
            LogicalID: ECSDemoService
          ECSAttributes:
            TaskDefinitions:
              - BlueTaskDefinition
              - GreenTaskDefinition
            TaskSets:
              - BlueTaskSet
              - GreenTaskSet
            TrafficRouting:
              ProdTrafficRoute:
                Type: 'AWS::ElasticLoadBalancingV2::Listener'
                LogicalID: ALBListenerProdTraffic
              TargetGroups:
                - ALBTargetGroupBlue
                - ALBTargetGroupGreen

当对以下资源进行更新时，CloudFormation 将启动绿色部署：

• AWS::ECS::TaskDefinition
• AWS::ECS::TaskSet

更新不需要进行资源替换的资源中的属性不会触发绿色部署

原则上就是对任务相关的资源和基础设施资源的堆栈更新要分开进行，建议创建更改集进行操作

要取消仍在进行的绿色部署，需要取消 CloudFormation 中的堆栈更新

嵌套堆栈中不能用 AWS::CodeDeploy::BlueGreen 钩子

使用cloudfromation进行ecs蓝绿部署不需要对codedeploy的应用和部署组进行配置

• Your template does not need to model resources for a CodeDeploy application or deployment group.
• Your template must include resources for a VPC using Amazon VPC that contains at least two subnets.
• Your template must include resources for a Classic Load Balancer, Application Load Balancer, or Network Load Balancer in Elastic Load Balancing that is used to direct traffic to your target groups.

为了使cfn成功执行蓝绿部署，必须具有以下权限：

• codedeploy:Get*
• codedeploy:CreateCloudFormationDeployment

修改堆栈中的任务定义中image并更新堆栈，触发堆栈的宏'AWS::CodeDeployBlueGreen'

BlueTaskDefinition:
    Type: 'AWS::ECS::TaskDefinition'
    Properties:
      ExecutionRoleArn: !GetAtt 
        - ECSTaskExecutionRole
        - Arn
      ContainerDefinitions:
        - Name: DemoApp
          Image: 'nginxdemos/hello:latest' # 修改之后更新堆栈
          Essential: true
          PortMappings:
            - HostPort: 80
              Protocol: tcp
              ContainerPort: 80
      RequiresCompatibilities:
        - FARGATE
      NetworkMode: awsvpc
      Cpu: '256'
      Memory: '512'
      Family: ecs-demo

堆栈的具体更新事件

可以看到，虽然没有创建codedeploy部署组但是触发了部署行为

观察到流量切换

熟悉的套路，通过alb监听权重切换流量

具体的逻辑和pipeline的蓝绿部署类似，只是配置和触发都要通过cfn来进行了