Zero-Downtime Blue-Green Deployment Using Terraform with ALB & Lambda

This project will implement a zero-downtime Blue-Green Deployment strategy using Terraform, AWS ALB, Auto Scaling Groups (ASG), and AWS Lambda for traffic shifting. The goal is to deploy applications with zero downtime while ensuring a smooth rollback mechanism.

Project Overview

Architecture

• AWS ALB (Application Load Balancer) - Manages traffic routing between Blue and Green environments.
• Auto Scaling Groups (ASG) - Manages EC2 instances dynamically for Blue and Green environments.
• Route53 DNS - Provides domain-based access to applications.
• AWS Lambda - Automates traffic shifting between environments.
• Terraform - Infrastructure as Code (IaC) tool for managing AWS resources.

Workflow

1. Provision Infrastructure:
   • Deploy two identical environments (Blue & Green) using Terraform.
   • Each environment is associated with an Auto Scaling Group (ASG).
   • The ALB has two target groups, one for each environment.
2. Deploy Application:
   • The initial deployment will set Blue as active.
   • Application code is deployed in both environments.
3. Traffic Shifting via AWS Lambda:
   • A Lambda function updates ALB target groups to shift traffic.
   • This ensures zero-downtime switching between environments.
4. Automated Rollback:
   • If the new deployment (Green) is unsuccessful, traffic is reverted back to Blue.
5. CI/CD Integration:
   • Terraform and Jenkins/GitHub Actions automate deployments.
   • When a new version is deployed, Lambda updates traffic to the Green environment.

Technology Stack

• Terraform - Infrastructure provisioning
• AWS ALB - Load balancing and traffic shifting
• AWS ASG - Auto-scaling and redundancy
• AWS EC2 - Application hosting
• AWS Lambda - Automating ALB traffic switching
• Route53 - DNS management
• Jenkins/GitHub Actions - CI/CD pipeline

Terraform Code Structure

1. ALB Configuration

• Creates an Application Load Balancer.
• Defines two target groups (Blue & Green).
• Configures listeners and forwarding rules.

2. Auto Scaling Groups (ASG)

• Provisions two separate ASGs for Blue & Green.
• Associating them with respective target groups.

3. Lambda Function for Traffic Shifting

• Reads ALB's current target group.
• Shifts traffic to Green when a new deployment is triggered.

4. CI/CD Pipeline (Jenkins/GitHub Actions)

• Detects new code changes.
• Deploys to the inactive environment (Green).
• Triggers Lambda to switch traffic once deployment is successful.

Terraform Implementation

Here's a high-level Terraform script for implementing the Blue-Green Deployment:

provider "aws" {
  region = "us-east-1"
}

# Create ALB
resource "aws_lb" "main" {
  name               = "blue-green-alb"
  internal           = false
  load_balancer_type = "application"
  security_groups    = [aws_security_group.alb_sg.id]
  subnets            = aws_subnet.public[*].id
}

# Blue Target Group
resource "aws_lb_target_group" "blue" {
  name     = "blue-target-group"
  port     = 80
  protocol = "HTTP"
  vpc_id   = aws_vpc.main.id
}

# Green Target Group
resource "aws_lb_target_group" "green" {
  name     = "green-target-group"
  port     = 80
  protocol = "HTTP"
  vpc_id   = aws_vpc.main.id
}

# ALB Listener
resource "aws_lb_listener" "http" {
  load_balancer_arn = aws_lb.main.arn
  port              = 80
  protocol          = "HTTP"

  default_action {
    type             = "forward"
    target_group_arn = aws_lb_target_group.blue.arn
  }
}

# Auto Scaling Group - Blue
resource "aws_autoscaling_group" "blue" {
  name                      = "blue-asg"
  min_size                  = 1
  max_size                  = 3
  desired_capacity          = 1
  vpc_zone_identifier       = aws_subnet.public[*].id
  target_group_arns         = [aws_lb_target_group.blue.arn]
  launch_configuration      = aws_launch_configuration.blue.id
}

# Auto Scaling Group - Green
resource "aws_autoscaling_group" "green" {
  name                      = "green-asg"
  min_size                  = 1
  max_size                  = 3
  desired_capacity          = 1
  vpc_zone_identifier       = aws_subnet.public[*].id
  target_group_arns         = [aws_lb_target_group.green.arn]
  launch_configuration      = aws_launch_configuration.green.id
}

# Lambda Function to Switch Traffic
resource "aws_lambda_function" "traffic_shifter" {
  filename      = "lambda.zip"
  function_name = "TrafficShifter"
  role          = aws_iam_role.lambda_role.arn
  handler       = "index.lambda_handler"
  runtime       = "python3.8"
}

Lambda Function for Traffic Switching

This AWS Lambda function dynamically updates ALB listener rules to switch traffic.

import boto3

def lambda_handler(event, context):
    elbv2 = boto3.client('elbv2')

    listener_arn = "arn:aws:elasticloadbalancing:us-east-1:123456789012:listener/app/blue-green-alb/1234567890abcdef"

    # Fetch current rules
    rules = elbv2.describe_rules(ListenerArn=listener_arn)
    
    for rule in rules['Rules']:
        if 'Conditions' in rule and 'TargetGroupArn' in rule:
            new_target_group_arn = "arn:aws:elasticloadbalancing:us-east-1:123456789012:targetgroup/green-target-group/abcdef123456"

            elbv2.modify_listener(
                ListenerArn=listener_arn,
                DefaultActions=[
                    {
                        'Type': 'forward',
                        'TargetGroupArn': new_target_group_arn
                    }
                ]
            )
    
    return {
        'statusCode': 200,
        'body': "Traffic shifted to Green environment."
    }

CI/CD Pipeline Integration

Jenkins Pipeline

pipeline {
    agent any
    stages {
        stage('Checkout') {
            steps {
                git 'https://github.com/example/repo.git'
            }
        }
        stage('Deploy to Green') {
            steps {
                sh 'terraform apply -var environment=green -auto-approve'
            }
        }
        stage('Test') {
            steps {
                sh 'curl -f http://your-alb-endpoint'
            }
        }
        stage('Switch Traffic') {
            steps {
                sh 'aws lambda invoke --function-name TrafficShifter /dev/null'
            }
        }
    }
}

Monitoring & Rollback

• CloudWatch Alarms to monitor application health.
• Automatic Rollback by triggering Lambda to switch traffic back if deployment fails.

Final Outcome

• ✅ Zero-downtime deployment using Blue-Green strategy
• ✅ Automated traffic switching with AWS Lambda
• ✅ Rollback mechanism for failed deployments
• ✅ Scalable & resilient application infrastructure

Next Steps

• Implement containerized deployment using ECS/EKS.
• Use GitHub Actions instead of Jenkins for cloud-native CI/CD.
• Optimize Lambda with Step Functions for complex traffic shifting logic.