What You’ll Learn
Deploying updates in Kubernetes without downtime can be tricky. Blue/Green strategies let you:
Provision a new version ("Green") without disrupting the current live version ("Blue")
Test the Green stack in production-like conditions
Switch all traffic instantly—or rollback—just by adjusting routing
This guide walks you through everything: service definitions, deployment patterns, manual and automated tooling options, community wisdom, and best practices.
Basic Blue/Green Setup (Service Swap Strategy)
Blue deployment manifest (v1)
Service pointing at Blue
Deploy Green alongside
Change version: v2
and image: myapp:v2
, then apply. Service still routes to Blue.
Switch traffic
✅ Instant switch. Instant rollback by reverting the selector.
Manual Deployment Flow (Step-by-Step)
Apply blue manifests; service points at
version=v1
.Deploy green manifests with
version=v2
.Smoke-test green pods manually (via temporary URLs or ingress) ([turn0search2]📘).
Patch Service selector to green.
Monitor. If issues, patch back to blue.
Once stable, delete blue pods and optionally scale down to zero.
Reddit had this to say:
“Blue/Green is more meant as a release method… traffic can gradually be moved… ability to quickly switch back.” reddit.com
But also cautioned:
“Don’t do blue-green. The vast majority are better served by Kubernetes built-in rolling update. Blue-green is itself a code smell.” reddit.comreddit.com
That’s true—choose this only for high criticality apps where instant rollback is key.
Tooling to Automate Blue/Green
Consider these projects to streamline traffic routing:
Argo Rollouts
This Kubernetes controller automates blue/green (and canary) rollout strategies with CRD support:
The plugin handles progressive promotion, cutover, and rollback ([turn0search2]📘).
Flagger (via Flux or Istio)
Another automation layer for traffic shifting, built on mesh controllers (Envoy, Istio) ([turn0search2]📘).
Reddit recommends both:
“For blue green check out Flagger or argo rollout” learn.microsoft.com
When Blue/Green Makes Sense
High-risk apps: systems needing full-stack validation pre-release.
Instant rollback requirement: no partial deployment allowed.
Zero-downtime upgrades with stateful jobs: database migrations, etc.
Traffic shadowing/testing: real-time testing under full load before go-live ([turn0search8]📘).
Caveats & Trade-offs
Costs double temporarily—two live environments
Complexity in config versioning (ConfigMaps, Secrets)
Sticky session headaches—use shared session stores (Redis) ([turn0search8]📘)
Rolling or canary releases often suffice for many apps, with simpler strategies
Production Best Practices
Immutable infrastructure—recreate full environments per version ([turn0search8]📘).
Traffic shadowing—direct a small traffic percentage to the green stack before full cutover ([turn0search8]📘).
Config and secret separation—ensure your green pods use distinct ConfigMaps and secrets.
Session unification—use external state management.
Health checks—ensure readiness probes pass before switch.
Monitor metrics aggressively during cutover.
Automate rollback via Rollout or Flagger when thresholds aren’t met.
Quick-Start: YAML Recap
Apply this minimal manual blue/green flow:
kubectl apply -f deployment-blue.yaml
kubectl apply -f deployment-green.yaml
Smoke-test
<cluster-ip>-green
via temporary Route or IngressSwitch Service:
Rollback if needed
Clean up blue Deployments after confirmation
Final Verdict
Blue/Green deployments offer real value—but only for high-stakes systems needing full isolation and rollback safety. For most apps, a fast rolling update or Canary release provides sufficient resilience. If you decide on Blue/Green:
Automate with Argo Rollouts or Flagger
Build ephemeral environments with distinct configs
Add shadow traffic for production-grade validation
Ensure you can instantly rollback or promote
Used thoughtfully, Blue/Green can be a powerful addition to your Kubernetes deployment strategies.
NEVER MISS A THING!
Subscribe and get freshly baked articles. Join the community!
Join the newsletter to receive the latest updates in your inbox.