This sample CDK stack creates an implementation of a multi-tenant canary deployment with an application running containers in Amazon ECS. This implementation allows for routing specific users to the stable version by using ALB listener rules.
assets/ -- Contains AppSpec and TaskDefiniton for deployments
docs/ -- Contains project documentation
functions/ -- Contains code for lambda functions
images/ -- Contains docker images to test deployments
cdk/ -- Contains all the cdk stacks
├── ecs-canary-deployment-stack.ts -- Nested stack with CI/CD services for performing the multi-tenant canary deployment
├── ecs-multi-stage-canary-stack.ts -- Root stack utilizing the nested stack
├── ecs-multi-stage-canary.ts -- CDK Application
├── ecs-stack.ts -- Nested stack with ECS related services
└── networking-stack.ts -- Nested stack with networking services
- Amazon ECS
- Amazon ECR
- Amazon CodeCommit
- Amazon CodeBuild
- Amazon CodeDeploy
- Amazon CodePipeline
This project relies on AWS CDK and TypeScript, for installation instructions look here. For further information you can also checkout this Workshop and this Getting Started.
Run the following command to deploy the stacks of the cdk template in your AWS account:
cdk deploy
In order to perform a multi-tenant canary deployment you should follow the following three steps:
- Build image in folder images using docker build
docker build images/race -t race
- Push the image build in step 1 to the ECR repository. The ECR repository has been created within the ECS stack and can be found here. You can find the necessary commands in the AWS console by clicking view push commands after selecting the ECR repository. As a result the deployment pipeline in Amazon CodePipeline will be triggered. Alternatively use the commands below and substitute <REGION>, <ACCOUNT-ID>, and <REPOSITORY NAME> with your own information. More information on the commands can be found here.
aws ecr get-login-password --region <REGION> | docker login --username AWS --password-stdin <ACCOUNT-ID>.dkr.ecr.<REGION>.amazonaws.com
docker tag race <ACCOUNT-ID>.dkr.ecr.<REGION>.amazonaws.com/<REPOSITORY-NAME>:latest
docker push <ACCOUNT-ID>.dkr.ecr.<REGION>.amazonaws.com/<REPOSITORY-NAME>:latest
The canary deployment can be verified by getting URL of the load balancer and enter the URL with /app/123/abc or without any path.
- Step 2 triggered the multi-tenant canary deployment. You can check in Amazon CodePipeline that the first deployment stage has been successful. To deploy the second deployment stage you have to approve the manual approval action within Amazon CodePipeline.
- Basic Overview of CodeDeploy
- Create a pipeline with an Amazon ECR source and ECS-to-CodeDeploy deployment
- How can I perform Blue/Green deployments for services hosted on Amazon ECS?
- AppSpec 'hooks' section for an Amazon ECS deployment
- Best practices for CI/CD using AWS Fargate and Amazon ECS
- CodeDeploy Pricing
- CodePipeline Pricing
This project is licensed under the Apache-2.0 License.
This is a sample solution intended as a starting point and should not be used in a productive setting without thorough analysis and considerations on the user's side.