本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。
使用藍/綠部署來部署 Amazon ECS服務
了解如何建立 Amazon ECS服務,其中包含搭配 使用藍/綠部署類型的 Fargate 任務 AWS CLI。
注意
已為 AWS CloudFormation新增對於執行藍/綠部署的支援。如需詳細資訊,請參閱 AWS CloudFormation 使用者指南 中的 CodeDeploy 使用 執行 Amazon ECS 藍/綠部署 AWS CloudFormation。
必要條件
本教學課程假設已完成下列先決條件:
-
AWS CLI 已安裝並設定最新版本的 。如需安裝或升級 的詳細資訊 AWS CLI,請參閱安裝 AWS Command Line Interface。
-
已完成「設定 以使用 Amazon ECS」中的步驟。
-
您的 AWS 使用者具有Amazon ECS_FullAccessIAM政策範例中指定的必要許可。
-
您已建立要使用的 VPC和 安全群組。如需詳細資訊,請參閱建立 Virtual Private Cloud。
-
Amazon ECS CodeDeploy IAM角色已建立。如需詳細資訊,請參閱Amazon ECS CodeDeploy IAM角色。
步驟 1:建立 Application Load Balancer
使用藍/綠部署類型的 Amazon ECS服務需要使用 Application Load Balancer 或 Network Load Balancer 。本教學課程會使用 Application Load Balancer。
建立 Application Load Balancer
-
使用 create-load-balancer命令來建立 Application Load Balancer 。指定並非來自與安全群組相同可用區域的兩個子網路。
aws elbv2 create-load-balancer \ --namebluegreen-alb\ --subnetssubnet-abcd1234subnet-abcd5678\ --security-groupssg-abcd1234\ --regionus-east-1輸出包含負載平衡器的 Amazon Resource Name (ARN),格式如下:
arn:aws:elasticloadbalancing:
region:aws_account_id:loadbalancer/app/bluegreen-alb/e5ba62739c16e642 -
使用 create-target-group命令來建立目標群組。此目標群組會將流量路由到服務中的原始任務集。
aws elbv2 create-target-group \ --namebluegreentarget1\ --protocolHTTP\ --port80\ --target-type ip \ --vpc-idvpc-abcd1234\ --regionus-east-1輸出包含目標群組ARN的 ,格式如下:
arn:aws:elasticloadbalancing:
region:aws_account_id:targetgroup/bluegreentarget1/209a844cd01825a4 -
使用 create-listener 命令建立具有預設規則以將請求轉送至目標群組的負載平衡接聽程式。
aws elbv2 create-listener \ --load-balancer-arn arn:aws:elasticloadbalancing:region:aws_account_id:loadbalancer/app/bluegreen-alb/e5ba62739c16e642\ --protocol HTTP \ --port 80 \ --default-actions Type=forward,TargetGroupArn=arn:aws:elasticloadbalancing:region:aws_account_id:targetgroup/bluegreentarget1/209a844cd01825a4\ --regionus-east-1輸出包含接聽程式ARN的 ,格式如下:
arn:aws:elasticloadbalancing:
region:aws_account_id:listener/app/bluegreen-alb/e5ba62739c16e642/665750bec1b03bd4
步驟 2:建立 Amazon ECS叢集
使用 create-cluster 命令來建立要使用之名為 tutorial-bluegreen-cluster 的叢集。
aws ecs create-cluster \ --cluster-nametutorial-bluegreen-cluster\ --regionus-east-1
輸出包含 叢集ARN的 ,格式如下:
arn:aws:ecs:region:aws_account_id:cluster/tutorial-bluegreen-cluster
步驟 3:註冊任務定義
使用 register-task-definition命令來註冊與 Fargate 相容的任務定義。這需要使用 awsvpc 網路模式。以下是用於此教學課程的任務定義範例。
首先,建立名為 fargate-task.json 且具有下列內容的檔案。請確定您使用 ARN 做為任務執行角色。如需詳細資訊,請參閱Amazon ECS任務執行IAM角色。
{ "family": "tutorial-task-def", "networkMode": "awsvpc", "containerDefinitions": [ { "name": "sample-app", "image": "httpd:2.4", "portMappings": [ { "containerPort": 80, "hostPort": 80, "protocol": "tcp" } ], "essential": true, "entryPoint": [ "sh", "-c" ], "command": [ "/bin/sh -c \"echo '<html> <head> <title>Amazon ECS Sample App</title> <style>body {margin-top: 40px; background-color: #00FFFF;} </style> </head><body> <div style=color:white;text-align:center> <h1>Amazon ECS Sample App</h1> <h2>Congratulations!</h2> <p>Your application is now running on a container in Amazon ECS.</p> </div></body></html>' > /usr/local/apache2/htdocs/index.html && httpd-foreground\"" ] } ], "requiresCompatibilities": [ "FARGATE" ], "cpu": "256", "memory": "512", "executionRoleArn": "arn:aws:iam::aws_account_id:role/ecsTaskExecutionRole" }
接下來,使用您建立的 fargate-task.json 檔案註冊任務定義。
aws ecs register-task-definition \ --cli-input-json file://fargate-task.json\ --regionus-east-1
步驟 4:建立 Amazon ECS服務
使用 create-service 命令來建立服務。
首先,建立名為 service-bluegreen.json 且具有下列內容的檔案。
{ "cluster": "tutorial-bluegreen-cluster", "serviceName": "service-bluegreen", "taskDefinition": "tutorial-task-def", "loadBalancers": [ { "targetGroupArn": "arn:aws:elasticloadbalancing:region:aws_account_id:targetgroup/bluegreentarget1/209a844cd01825a4", "containerName": "sample-app", "containerPort": 80 } ], "launchType": "FARGATE", "schedulingStrategy": "REPLICA", "deploymentController": { "type": "CODE_DEPLOY" }, "platformVersion": "LATEST", "networkConfiguration": { "awsvpcConfiguration": { "assignPublicIp": "ENABLED", "securityGroups": [ "sg-abcd1234" ], "subnets": [ "subnet-abcd1234", "subnet-abcd5678" ] } }, "desiredCount": 1 }
接下來,使用您建立的 service-bluegreen.json 檔案建立服務。
aws ecs create-service \ --cli-input-json file://service-bluegreen.json\ --regionus-east-1
輸出包含 ARN 服務的 ,格式如下:
arn:aws:ecs:region:aws_account_id:service/service-bluegreen
使用下列命令取得負載平衡器DNS的名稱。
aws elbv2 describe-load-balancers --name bluegreen-alb --query 'LoadBalancers[*].DNSName'
在 Web 瀏覽器中輸入DNS名稱,您應該會看到顯示藍色背景的範例應用程式的網頁。
步驟 5:建立 AWS CodeDeploy 資源
使用下列步驟建立您的 CodeDeploy 應用程式、 CodeDeploy 部署群組的 Application Load Balancer 目標群組,以及 CodeDeploy 部署群組。
建立 CodeDeploy 資源
-
使用 create-application 命令來建立 CodeDeploy 應用程式。指定
ECS運算平台。aws deploy create-application \ --application-nametutorial-bluegreen-app\ --compute-platformECS\ --regionus-east-1其輸出將包含應用程式 ID,格式如下:
{ "applicationId": "b8e9c1ef-3048-424e-9174-885d7dc9dc11" } -
使用 create-target-group命令來建立第二個 Application Load Balancer 目標群組,這將在建立 CodeDeploy 部署群組時使用。
aws elbv2 create-target-group \ --namebluegreentarget2\ --protocolHTTP\ --port80\ --target-type ip \ --vpc-id "vpc-0b6dd82c67d8012a1" \ --regionus-east-1輸出包含目標群組ARN的 ,格式如下:
arn:aws:elasticloadbalancing:
region:aws_account_id:targetgroup/bluegreentarget2/708d384187a3cfdc -
使用 create-deployment-group命令來建立 CodeDeploy 部署群組。
首先,建立名為
tutorial-deployment-group.json且具有下列內容的檔案。此範例會使用您建立的資源。針對serviceRoleArn,指定 Amazon ECS CodeDeploy IAM角色ARN的 。如需詳細資訊,請參閱Amazon ECS CodeDeploy IAM角色。{ "applicationName": "tutorial-bluegreen-app", "autoRollbackConfiguration": { "enabled": true, "events": [ "DEPLOYMENT_FAILURE" ] }, "blueGreenDeploymentConfiguration": { "deploymentReadyOption": { "actionOnTimeout": "CONTINUE_DEPLOYMENT", "waitTimeInMinutes": 0 }, "terminateBlueInstancesOnDeploymentSuccess": { "action": "TERMINATE", "terminationWaitTimeInMinutes": 5 } }, "deploymentGroupName": "tutorial-bluegreen-dg", "deploymentStyle": { "deploymentOption": "WITH_TRAFFIC_CONTROL", "deploymentType": "BLUE_GREEN" }, "loadBalancerInfo": { "targetGroupPairInfoList": [ { "targetGroups": [ { "name": "bluegreentarget1" }, { "name": "bluegreentarget2" } ], "prodTrafficRoute": { "listenerArns": [ "arn:aws:elasticloadbalancing:region:aws_account_id:listener/app/bluegreen-alb/e5ba62739c16e642/665750bec1b03bd4" ] } } ] }, "serviceRoleArn": "arn:aws:iam::aws_account_id:role/ecsCodeDeployRole", "ecsServices": [ { "serviceName": "service-bluegreen", "clusterName": "tutorial-bluegreen-cluster" } ] }然後建立 CodeDeploy 部署群組。
aws deploy create-deployment-group \ --cli-input-json file://tutorial-deployment-group.json\ --regionus-east-1其輸出將包含部署群組 ID,格式如下:
{ "deploymentGroupId": "6fd9bdc6-dc51-4af5-ba5a-0a4a72431c88" }
步驟 6:建立和監控 CodeDeploy部署
在建立 CodeDeploy 部署之前,請依照下列fargate-task.json方式更新 command 中的任務定義,將範例應用程式背景顏色變更為綠色。
{ ... "containerDefinitions": [ { ... "command": [ "/bin/sh -c \"echo '<html> <head> <title>Amazon ECS Sample App</title> <style>body {margin-top: 40px; background-color: #097969;} </style> </head><body> <div style=color:white;text-align:center> <h1>Amazon ECS Sample App</h1> <h2>Congratulations!</h2> <p>Your application is now running on a container in Amazon ECS.</p> </div></body></html>' > /usr/local/apache2/htdocs/index.html && httpd-foreground\"" ] } ], ... }
使用以下命令註冊更新的任務定義。
aws ecs register-task-definition \ --cli-input-json file://fargate-task.json\ --regionus-east-1
現在,請使用下列步驟來建立和上傳應用程式規格檔案 (AppSpec 檔案) 和 CodeDeploy 部署。
若要建立和監控 CodeDeploy 部署
-
使用下列步驟建立和上傳 AppSpec 檔案。
-
建立名為 的檔案,
appspec.yaml其中包含 CodeDeploy 部署群組的內容。此範例使用更新的任務定義。version: 0.0 Resources: - TargetService: Type: AWS::ECS::Service Properties: TaskDefinition: "arn:aws:ecs:region:aws_account_id:task-definition/tutorial-task-def:2" LoadBalancerInfo: ContainerName: "sample-app" ContainerPort: 80 PlatformVersion: "LATEST" -
使用 s3 mb 命令為 AppSpec 檔案建立 Amazon S3 儲存貯體。
aws s3 mb s3://tutorial-bluegreen-bucket -
使用 s3 cp 命令將 AppSpec 檔案上傳至 Amazon S3 儲存貯體。
aws s3 cp ./appspec.yaml s3://tutorial-bluegreen-bucket/appspec.yaml
-
-
使用下列步驟建立 CodeDeploy 部署。
-
建立名為 的檔案,
create-deployment.json其中包含 CodeDeploy 部署的內容。此範例會使用您先前在教學課程中建立的資源。{ "applicationName": "tutorial-bluegreen-app", "deploymentGroupName": "tutorial-bluegreen-dg", "revision": { "revisionType": "S3", "s3Location": { "bucket": "tutorial-bluegreen-bucket", "key": "appspec.yaml", "bundleType": "YAML" } } } -
使用 create-deployment 命令來建立部署。
aws deploy create-deployment \ --cli-input-json file://create-deployment.json\ --regionus-east-1其輸出將包含部署 ID,格式如下:
{ "deploymentId": "d-RPCR1U3TW" }
-
-
使用 get-deployment-target命令來取得部署的詳細資訊,
deploymentId從先前的輸出指定 。aws deploy get-deployment-target \ --deployment-id "d-IMJU3A8TW" \ --target-idtutorial-bluegreen-cluster:service-bluegreen\ --regionus-east-1最初,部署狀態為
InProgress。流量會導向至原始任務集,該任務集的taskSetLabel為BLUE,狀態為PRIMARY,且trafficWeight為100.0。取代任務集的taskSetLabel為GREEN,狀態為ACTIVE,且trafficWeight為0.0。您在 中輸入DNS名稱的 Web 瀏覽器仍會以藍色背景顯示範例應用程式。{ "deploymentTarget": { "deploymentTargetType": "ECSTarget", "ecsTarget": { "deploymentId": "d-RPCR1U3TW", "targetId": "tutorial-bluegreen-cluster:service-bluegreen", "targetArn": "arn:aws:ecs:
region:aws_account_id:service/service-bluegreen", "lastUpdatedAt": "2023-08-10T12:07:24.797000-05:00", "lifecycleEvents": [ { "lifecycleEventName": "BeforeInstall", "startTime": "2023-08-10T12:06:22.493000-05:00", "endTime": "2023-08-10T12:06:22.790000-05:00", "status": "Succeeded" }, { "lifecycleEventName": "Install", "startTime": "2023-08-10T12:06:22.936000-05:00", "status": "InProgress" }, { "lifecycleEventName": "AfterInstall", "status": "Pending" }, { "lifecycleEventName": "BeforeAllowTraffic", "status": "Pending" }, { "lifecycleEventName": "AllowTraffic", "status": "Pending" }, { "lifecycleEventName": "AfterAllowTraffic", "status": "Pending" } ], "status": "InProgress", "taskSetsInfo": [ { "identifer": "ecs-svc/9223370493423413672", "desiredCount": 1, "pendingCount": 0, "runningCount": 1, "status": "ACTIVE", "trafficWeight": 0.0, "targetGroup": { "name": "bluegreentarget2" }, "taskSetLabel": "Green" }, { "identifer": "ecs-svc/9223370493425779968", "desiredCount": 1, "pendingCount": 0, "runningCount": 1, "status": "PRIMARY", "trafficWeight": 100.0, "targetGroup": { "name": "bluegreentarget1" }, "taskSetLabel": "Blue" } ] } } }繼續使用命令擷取部署詳細資訊,直到部署狀態為
Succeeded,如下列輸出所示。流量現在會重新導向至取代任務集,該任務集現在的狀態為PRIMARY且trafficWeight為100.0。重新整理您輸入的負載平衡器DNS名稱的 Web 瀏覽器,現在您應該會看到具有綠色背景的範例應用程式。{ "deploymentTarget": { "deploymentTargetType": "ECSTarget", "ecsTarget": { "deploymentId": "d-RPCR1U3TW", "targetId": "tutorial-bluegreen-cluster:service-bluegreen", "targetArn": "arn:aws:ecs:
region:aws_account_id:service/service-bluegreen", "lastUpdatedAt": "2023-08-10T12:07:24.797000-05:00", "lifecycleEvents": [ { "lifecycleEventName": "BeforeInstall", "startTime": "2023-08-10T12:06:22.493000-05:00", "endTime": "2023-08-10T12:06:22.790000-05:00", "status": "Succeeded" }, { "lifecycleEventName": "Install", "startTime": "2023-08-10T12:06:22.936000-05:00", "endTime": "2023-08-10T12:08:25.939000-05:00", "status": "Succeeded" }, { "lifecycleEventName": "AfterInstall", "startTime": "2023-08-10T12:08:26.089000-05:00", "endTime": "2023-08-10T12:08:26.403000-05:00", "status": "Succeeded" }, { "lifecycleEventName": "BeforeAllowTraffic", "startTime": "2023-08-10T12:08:26.926000-05:00", "endTime": "2023-08-10T12:08:27.256000-05:00", "status": "Succeeded" }, { "lifecycleEventName": "AllowTraffic", "startTime": "2023-08-10T12:08:27.416000-05:00", "endTime": "2023-08-10T12:08:28.195000-05:00", "status": "Succeeded" }, { "lifecycleEventName": "AfterAllowTraffic", "startTime": "2023-08-10T12:08:28.715000-05:00", "endTime": "2023-08-10T12:08:28.994000-05:00", "status": "Succeeded" } ], "status": "Succeeded", "taskSetsInfo": [ { "identifer": "ecs-svc/9223370493425779968", "desiredCount": 1, "pendingCount": 0, "runningCount": 1, "status": "ACTIVE", "trafficWeight": 0.0, "targetGroup": { "name": "bluegreentarget1" }, "taskSetLabel": "Blue" }, { "identifer": "ecs-svc/9223370493423413672", "desiredCount": 1, "pendingCount": 0, "runningCount": 1, "status": "PRIMARY", "trafficWeight": 100.0, "targetGroup": { "name": "bluegreentarget2" }, "taskSetLabel": "Green" } ] } } }
步驟 7:清除
完成此教學課程時,清除與其相關的資源,以免未使用的資源產生費用。
清除教學課程資源
-
使用 delete-deployment-group命令刪除 CodeDeploy 部署群組。
aws deploy delete-deployment-group \ --application-nametutorial-bluegreen-app\ --deployment-group-nametutorial-bluegreen-dg\ --regionus-east-1 -
使用 delete-application 命令來刪除 CodeDeploy 應用程式。
aws deploy delete-application \ --application-nametutorial-bluegreen-app\ --regionus-east-1 -
使用 delete-service 命令刪除 Amazon ECS服務。使用
--force旗標可讓您即使在服務未縮減為零個任務時仍能將其刪除。aws ecs delete-service \ --service arn:aws:ecs:region:aws_account_id:service/service-bluegreen\ --force \ --regionus-east-1 -
使用 delete-cluster 命令刪除 Amazon ECS叢集。
aws ecs delete-cluster \ --clustertutorial-bluegreen-cluster\ --regionus-east-1 -
使用 s3 rm 命令,從 Amazon S3 儲存貯體中刪除 AppSpec 檔案。
aws s3 rm s3://tutorial-bluegreen-bucket/appspec.yaml -
使用 s3 rb 命令來刪除 Amazon S3 儲存貯體。
aws s3 rb s3://tutorial-bluegreen-bucket -
使用 delete-load-balancer命令來刪除 Application Load Balancer 。
aws elbv2 delete-load-balancer \ --load-balancer-arn arn:aws:elasticloadbalancing:region:aws_account_id:loadbalancer/app/bluegreen-alb/e5ba62739c16e642\ --regionus-east-1 -
使用 delete-target-group命令刪除兩個 Application Load Balancer 目標群組。
aws elbv2 delete-target-group \ --target-group-arn arn:aws:elasticloadbalancing:region:aws_account_id:targetgroup/bluegreentarget1/209a844cd01825a4\ --regionus-east-1aws elbv2 delete-target-group \ --target-group-arn arn:aws:elasticloadbalancing:region:aws_account_id:targetgroup/bluegreentarget2/708d384187a3cfdc\ --regionus-east-1
