Bird
Raised Fist0
Terraformcloud~5 mins

Blue-green infrastructure pattern in Terraform - Cheat Sheet & Quick Revision

Choose your learning style10 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime

Start learning this pattern below

Jump into concepts and practice - no test required

or
Recommended
Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong
Recall & Review
beginner
What is the Blue-Green infrastructure pattern?
It is a method to deploy new versions of software by running two identical environments called 'blue' and 'green'. One serves live traffic while the other is updated. After testing, traffic switches to the updated environment, reducing downtime and risk.
Click to reveal answer
beginner
Why use Blue-Green deployment in cloud infrastructure?
It helps avoid downtime during updates, allows quick rollback if problems occur, and improves reliability by testing new versions in a live-like environment before switching traffic.
Click to reveal answer
intermediate
In Terraform, how can you manage Blue-Green environments?
You create two sets of infrastructure resources (blue and green) with separate names or tags. You update one environment while the other serves traffic, then switch the load balancer or DNS to point to the updated environment.
Click to reveal answer
beginner
What is a common way to switch traffic between blue and green environments?
Using a load balancer or DNS update to redirect user requests from the current environment to the new one after deployment and testing.
Click to reveal answer
beginner
What is a key risk if Blue-Green deployment is not used?
Deploying directly to a live environment can cause downtime or failures affecting users, with no easy rollback option.
Click to reveal answer
What does the 'green' environment represent in Blue-Green deployment?
AThe current live environment serving users
BAn unrelated backup environment
CThe environment being updated and tested
DA development environment only
How does Blue-Green deployment reduce downtime?
ABy running two environments and switching traffic instantly
BBy deploying only small changes
CBy stopping all traffic during deployment
DBy updating the live environment directly
In Terraform, what is essential to differentiate blue and green environments?
ADeploying in different regions only
BUsing different cloud providers
CUsing the same resource names
DUsing separate resource names or tags
What is a common tool to switch user traffic between environments?
ALoad balancer or DNS update
BManual user redirection
CRestarting servers
DChanging application code
What is a main advantage of Blue-Green deployment over direct deployment?
AFaster coding
BEasy rollback and less risk
CNo need for testing
DLower cloud costs
Explain how the Blue-Green infrastructure pattern works and why it is useful.
Think about how you can update a website without making it unavailable.
You got /4 concepts.
    Describe how you would implement Blue-Green deployment using Terraform.
    Consider how Terraform manages resources and how traffic routing works.
    You got /5 concepts.

      Practice

      (1/5)
      1. What is the main purpose of the blue-green infrastructure pattern in Terraform deployments?
      easy
      A. To reduce infrastructure costs by using a single environment
      B. To automate database backups during deployment
      C. To increase the number of servers in a single environment
      D. To avoid downtime by switching traffic between two identical environments

      Solution

      1. Step 1: Understand the blue-green pattern concept

        The blue-green pattern uses two identical environments to ensure zero downtime during updates.

      2. Step 2: Identify the main goal in Terraform deployments

        Terraform manages these environments and switches traffic between them to avoid downtime.

      3. Final Answer:

        To avoid downtime by switching traffic between two identical environments -> Option D

      4. Quick Check:

        Blue-green pattern = avoid downtime [OK]
      Hint: Remember: blue-green means two environments for zero downtime [OK]
      Common Mistakes:
      • Thinking it reduces costs by using one environment
      • Confusing it with scaling servers in one environment
      • Assuming it automates backups
      2. Which Terraform resource is commonly used to switch traffic between blue and green environments in a blue-green deployment?
      easy
      A. aws_lb_listener_rule
      B. aws_instance
      C. aws_s3_bucket
      D. aws_security_group

      Solution

      1. Step 1: Identify Terraform resources related to traffic routing

        Load balancer listener rules control how traffic is routed to target groups.

      2. Step 2: Match resource to blue-green traffic switch

        The aws_lb_listener_rule resource allows switching traffic between blue and green target groups.

      3. Final Answer:

        aws_lb_listener_rule -> Option A

      4. Quick Check:

        Traffic switch uses listener rules [OK]
      Hint: Traffic routing uses listener rules, not instances or buckets [OK]
      Common Mistakes:
      • Choosing aws_instance which manages servers, not traffic
      • Selecting aws_s3_bucket which is for storage
      • Picking aws_security_group which controls firewall rules
      3. Given this Terraform snippet for blue-green deployment traffic switching: 
      resource "aws_lb_listener_rule" "blue" {
  listener_arn = aws_lb_listener.front_end.arn
  priority     = 10
  action {
    type             = "forward"
    target_group_arn = aws_lb_target_group.blue.arn
  }
  condition {
    path_pattern {
      values = ["/blue/*"]
    }
  }
}

resource "aws_lb_listener_rule" "green" {
  listener_arn = aws_lb_listener.front_end.arn
  priority     = 20
  action {
    type             = "forward"
    target_group_arn = aws_lb_target_group.green.arn
  }
  condition {
    path_pattern {
      values = ["/green/*"]
    }
  }
}
      What happens when a user visits /green/home?
      medium
      A. Traffic is routed to the green target group
      B. Traffic is routed to both blue and green target groups
      C. Traffic is blocked by the load balancer
      D. Traffic is routed to the blue target group

      Solution

      1. Step 1: Analyze path pattern conditions in listener rules

        The green listener rule matches paths starting with /green/* and forwards to the green target group.

      2. Step 2: Match user request path to rules

        The request /green/home matches the green rule condition, so traffic goes to the green target group.

      3. Final Answer:

        Traffic is routed to the green target group -> Option A

      4. Quick Check:

        Path /green/* routes to green group [OK]
      Hint: Match URL path to listener rule path pattern [OK]
      Common Mistakes:
      • Assuming default routing to blue group
      • Thinking traffic is blocked without default rule
      • Believing traffic splits between groups
      4. You wrote this Terraform code to switch traffic in a blue-green setup but the traffic does not switch as expected: 
      resource "aws_lb_listener_rule" "blue" {
  listener_arn = aws_lb_listener.front_end.arn
  priority     = 10
  action {
    type             = "forward"
    target_group_arn = aws_lb_target_group.blue.arn
  }
  condition {
    host_header {
      values = ["blue.example.com"]
    }
  }
}

resource "aws_lb_listener_rule" "green" {
  listener_arn = aws_lb_listener.front_end.arn
  priority     = 10
  action {
    type             = "forward"
    target_group_arn = aws_lb_target_group.green.arn
  }
  condition {
    host_header {
      values = ["green.example.com"]
    }
  }
}
      What is the likely problem?
      medium
      A. Target groups are not defined correctly
      B. Host header condition is invalid for load balancers
      C. Both listener rules have the same priority, causing conflict
      D. Listener ARN is missing in one of the rules

      Solution

      1. Step 1: Check listener rule priorities

        Both rules have priority 10, which causes a conflict because priorities must be unique.

      2. Step 2: Understand effect of priority conflict

        Load balancer cannot decide which rule to apply, so traffic routing fails or is unpredictable.

      3. Final Answer:

        Both listener rules have the same priority, causing conflict -> Option C

      4. Quick Check:

        Unique priorities required for listener rules [OK]
      Hint: Listener rule priorities must be unique numbers [OK]
      Common Mistakes:
      • Ignoring priority uniqueness
      • Assuming host_header condition is invalid
      • Overlooking target group correctness
      5. You want to implement a blue-green deployment in Terraform with minimal downtime. Which approach best achieves this?
      hard
      A. Deploy new version to green environment and keep routing traffic to blue until green is manually deleted
      B. Deploy new version to green environment, test it, then update load balancer to route all traffic to green
      C. Deploy new version directly to blue environment and restart all servers simultaneously
      D. Deploy new version to blue environment and use DNS TTL to switch traffic slowly

      Solution

      1. Step 1: Understand blue-green deployment goals

        The goal is zero downtime by having two identical environments and switching traffic atomically.

      2. Step 2: Evaluate deployment approaches

        Deploying to green, testing, then switching load balancer traffic ensures smooth transition without downtime.

      3. Step 3: Compare other options

        Direct deploy with restart causes downtime; manual deletion delays switch; DNS TTL causes slow switch and possible downtime.

      4. Final Answer:

        Deploy new version to green environment, test it, then update load balancer to route all traffic to green -> Option B

      5. Quick Check:

        Blue-green = test new env, then switch traffic [OK]
      Hint: Test new environment fully before switching traffic [OK]
      Common Mistakes:
      • Restarting servers causing downtime
      • Delaying traffic switch by manual deletion
      • Relying on DNS TTL for instant switch