3.2.6 Deployment Strategies & Testing

Deployment Strategies Overview

Well-Architected Deployment

Designing deployment solution là part của building well-architected application. Consider:

  • Provision - Tạo resources
  • Configure - Cấu hình
  • Deploy - Triển khai
  • Scale - Mở rộng
  • Monitor - Giám sát

AWS Deployment Services

ServiceUse Case
CodeDeployAutomate deployments to EC2, on-premises, Lambda, ECS
CloudFormationInfrastructure as Code
Elastic BeanstalkPaaS deployment
ECS/EKSContainer deployments
OpsWorksChef/Puppet configuration management
S3 + CloudFrontStatic website deployment

Deployment Strategies

All-at-Once

  • Fastest deployment
  • Deploy to all targets immediately
  • ❌ Downtime during deployment
  • ✅ Simplest method

Rolling

  • Deploy in batches
  • Maintain partial capacity
  • ⚠️ Reduced capacity during deployment
  • ✅ No additional resources needed

Rolling with Additional Batch

  • Add extra batch before rolling
  • Maintain full capacity during deployment
  • ✅ No downtime
  • ⚠️ Additional resources temporarily

Immutable

  • Deploy to fresh instances
  • Swap when healthy
  • ✅ Zero downtime
  • ✅ Quick rollback
  • ⚠️ Double resources temporarily

Blue/Green

  • Two identical environments
  • Switch traffic when ready
  • ✅ Zero downtime
  • ✅ Easy rollback
  • ⚠️ Double resources
  • Use when: Different runtime, server version, major platform version

In-Place

  • Application stopped
  • Latest version installed
  • New version started and validated
  • ⚠️ Downtime during deployment

Deployment Strategy Selection

Scenario: Single Docker container trong Elastic Beanstalk. Ensure no downtime, no degradation, full capacity during deployment.

Answer: Rolling with Additional Batch + Immutable

EC2 Optimization

  • Bootstrapping - Configure instances at launch
  • Prebaking AMIs - Pre-configure AMIs

Lambda Deployment Configurations

CodeDeploy for Lambda

ConfigurationDescription
LinearShift traffic in equal increments with equal minutes between
CanaryShift in two increments
All-at-onceShift all traffic immediately

Scenario thi: Lambda functions, SAM, CodeDeploy, shift traffic every 15 minutes.

Answer: Linear deployment

Why: Linear shifts traffic in equal increments with equal number of minutes between each increment.

Linear Configurations

  • Linear10PercentEvery1Minute - 10% every minute
  • Linear10PercentEvery2Minutes - 10% every 2 minutes
  • Linear10PercentEvery3Minutes - 10% every 3 minutes
  • Linear10PercentEvery10Minutes - 10% every 10 minutes

Canary Configurations

  • Canary10Percent5Minutes - 10% first, wait 5 min, then 90%
  • Canary10Percent10Minutes - 10% first, wait 10 min, then 90%
  • Canary10Percent15Minutes - 10% first, wait 15 min, then 90%
  • Canary10Percent30Minutes - 10% first, wait 30 min, then 90%

Lambda Versions & Aliases

Versions

  • Immutable snapshots of function code + configuration
  • Each version has unique ARN
  • $LATEST = mutable, latest code
  • Published versions = immutable

Aliases

  • Pointers to specific versions
  • Can be updated to point to different versions
  • Enable traffic shifting between versions
  • Simplify deployment process

Workflow:

1. Develop in $LATEST
2. Test in dev environment
3. Publish version (e.g., v4)
4. Test in beta environment
5. Update prod alias to point to v4
6. Prod now uses v4 (no config changes needed)

Key benefit: Event sources (S3, API Gateway) reference alias ARN, not version ARN. Change alias → change prod version without touching event source config.

Version Promotion Example

$LATEST (development)
  ↓ publish
v3 (current prod) ← prod alias
v4 (new version) ← beta alias
  ↓ test & validate
Update prod alias to v4
v4 becomes prod (prod alias → v4)

Testing Deployed Code

CloudFormation Helper Scripts

ScriptPurpose
cfn-initRetrieve metadata, install packages, start services, create files
cfn-signalSignal CloudFormation when resource ready
cfn-get-metadataRetrieve metadata
cfn-hupDetect changes, run hooks

Scenario thi: Retrieve metadata, install packages, start services, create files?

Answer: cfn-init

SAM Template Deployment

# Deploy to specific environment
sam deploy --template template.yaml --stack-name my-app-dev

# Override default template
sam deploy --template custom-template.yaml

Option: --template to specify specific template

API Gateway Testing

Mock Integrations

  • Test API responses without backend
  • Support conditional status codes based on request headers
  • Complex mocks for APIs

Use case: Services behind API Gateway not set up same as consumers. Test all API responses to ensure no issues.

Development Endpoints & Stages

After initial deployment, add more stages:

  • Enable caching
  • Customize request throttling
  • Configure logging
  • Define stage variables
  • Attach canary release for testing

Stage variables = configuration attributes associated with deployment stage

API Gateway Components

API
 ├── Stages (dev, staging, prod)
 ├── Resources (/orders, /users)
 ├── Methods (GET, POST, PUT, DELETE)
 └── Integrations (Lambda, HTTP, Mock)

Deployment = snapshot of API associated with stage

Proxy Resource & ANY Method

  • Proxy resource ({proxy+}) - Catches all paths beneath resource
  • ANY method - Catches all HTTP methods

Integration Types

Scenario thi: API Gateway passes client requests to backend without intervention after API method set.

Options: HTTP_PROXY, AWS_PROXY, HTTP

Answer: HTTP_PROXY (or AWS_PROXY for AWS services)

Two ways to integrate:

  1. HTTP proxy integration - Pass-through to HTTP endpoint
  2. HTTP custom integration - Transform request/response

Step Functions Local Testing

Mock service integrations without calling actual services:

  1. Create mock configuration file
  2. Define desired output as mocked responses
  3. Provide to Step Functions Local
  4. Test execution paths using mocked responses

Benefit: Test service integration calls without actual API calls

Exam Tips:

  • Fastest deployment = All-at-once
  • No downtime + full capacity = Rolling with Additional Batch + Immutable
  • Different runtime/major version = Blue/Green
  • Lambda every X minutes = Linear
  • Lambda two increments = Canary
  • cfn-init = retrieve metadata, install packages, start services
  • Lambda versions = immutable, aliases = pointers (can change)
  • Aliases abstract deployment - event sources reference alias ARN
  • API Gateway mock = test without backend
  • HTTP_PROXY = pass-through without intervention