0
0
Terraformcloud~10 mins

Zero-downtime deployment pattern in Terraform - Step-by-Step Execution

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Process Flow - Zero-downtime deployment pattern
Start with current version live
Deploy new version alongside
Run health checks on new version
Switch traffic
Old version off
End
Deploy new version alongside old, test it, then switch traffic if healthy, ensuring no downtime.
Execution Sample
Terraform
resource "aws_lb_target_group" "blue" {}
resource "aws_lb_target_group" "green" {}
resource "aws_lb_listener_rule" "switch" {}

# Deploy green, test, then switch listener to green
Terraform code to create blue and green target groups and switch traffic for zero downtime.
Process Table
StepActionResource StateTraffic RoutingResult
1Deploy blue target groupBlue TG createdTraffic to BlueBlue version live
2Deploy green target groupGreen TG createdTraffic still to BlueGreen version ready but idle
3Run health check on greenGreen TG healthyTraffic still to BlueGreen version healthy
4Switch listener to greenListener updatedTraffic to GreenUsers served by green version
5Deregister blue target groupBlue TG deregisteredTraffic to GreenOld version off
6Cleanup blue resourcesBlue TG deletedTraffic to GreenDeployment complete
7If green health check failsGreen TG unhealthyTraffic remains to BlueRollback green, keep blue live
💡 Deployment ends when traffic fully switches to healthy green version and blue is removed.
Status Tracker
VariableStartAfter Step 2After Step 4After Step 6
blue_target_groupnot createdcreatedactivedeleted
green_target_groupnot createdcreatedactiveactive
traffic_targetbluebluegreengreen
Key Moments - 3 Insights
Why do we deploy the green version before switching traffic?
Deploying green first ensures it is ready and healthy before users start using it, as shown in step 3 of execution_table.
What happens if the green version fails health checks?
Traffic stays on blue version and green is rolled back, preventing downtime, as shown in step 7.
Why do we deregister and delete the blue target group after switching?
To free resources and avoid serving old version, ensuring only the new version handles traffic, as in steps 5 and 6.
Visual Quiz - 3 Questions
Test your understanding
Look at the execution_table, at which step does traffic switch from blue to green?
AStep 2
BStep 4
CStep 5
DStep 7
💡 Hint
Check the 'Traffic Routing' column in execution_table rows.
According to variable_tracker, what is the state of blue_target_group after step 6?
Adeleted
Bactive
Ccreated
Dderegistered
💡 Hint
Look at the last column for blue_target_group in variable_tracker.
If green target group fails health check, what happens to traffic routing?
ATraffic switches to green anyway
BTraffic is split evenly
CTraffic remains on blue
DTraffic stops completely
💡 Hint
Refer to step 7 in execution_table for traffic routing on failure.
Concept Snapshot
Zero-downtime deployment:
- Deploy new version alongside old
- Run health checks on new
- Switch traffic only if healthy
- Deregister old version after switch
- Rollback if new fails health checks
Ensures users never see downtime during updates.
Full Transcript
Zero-downtime deployment means updating your service without stopping it for users. First, you deploy the new version alongside the current one. Then you check if the new version is healthy. If it is, you switch user traffic to it. After switching, you remove the old version. If the new version is not healthy, you keep using the old one. This way, users always have a working service without interruption.