TalksAWS re:Invent 2025 - Build safe and resilient deployment pipelines for Amazon ECS (CNS353)

AWS re:Invent 2025 - Build safe and resilient deployment pipelines for Amazon ECS (CNS353)

Building Safe and Resilient Deployment Pipelines for Amazon ECS

Overview of ECS Deployments

  • ECS services are defined through a combination of a task definition and service configurations
  • Task definitions capture details about the container image, networking, environment variables, etc.
  • When deploying a new version, a new task definition is created and combined with service configurations to form a new service revision
  • The progression from one service revision to the next is tracked in a service deployment object

Rolling Update Deployment Strategy

  • Allows gradual replacement of tasks running the old version with tasks running the new version
  • Key parameters:
    • Minimum health percent: Lower bound on number of tasks during deployment to maintain service availability
    • Maximum percent: Upper bound on number of tasks during deployment to balance availability, speed, and cost
  • Process:
    1. Start with all tasks running the old version
    2. Gradually add new tasks running the new version
    3. Terminate old tasks as new tasks are added
  • Allows deploying new versions without downtime, but rollback may take longer

Blue-Green Deployment Strategy

  • Maintains two parallel environments: "Blue" (old version) and "Green" (new version)
  • Deployment process:
    1. Scale up the "Green" environment with new version tasks
    2. Shift test traffic to the "Green" environment for verification
    3. Shift production traffic to the "Green" environment
    4. "Bake" the new version for a defined period
    5. Clean up the "Blue" environment
  • Provides quick rollback capability by switching back to the "Blue" environment
  • Requires more infrastructure (two environments) but reduces deployment risk

Customizing Deployment Workflows

  • Use lifecycle hooks (Lambda functions) to add custom logic at different stages of the deployment
  • Example: Implement a manual approval workflow
    1. At post-test traffic shift stage, Lambda function sets deployment state to "pending" and notifies a reviewer
    2. Reviewer tests the new version on the test listener and approves or rejects
    3. Lambda function checks the approval state and returns success or failure to progress the deployment

Key Takeaways

  • ECS provides multiple deployment strategies (rolling update, blue-green, linear, canary) with different trade-offs
  • Blue-green deployments offer reduced risk and quick rollback, but require more infrastructure
  • Lifecycle hooks allow customizing the deployment workflow, e.g., adding manual approval steps
  • Additional resources and hands-on workshops available to learn more about blue-green deployments

Your Digital Journey deserves a great story.

Build one with us.

Cookies Icon

This website stores cookies on your computer.

These cookies are used to collect information about how you interact with this website and allow us to remember you. We use this information to improve and customize your browsing experience, as well as for analytics.

If you decline, your information won’t be tracked when you visit this website. A single cookie will be used in your browser to remember your preference.