I want to move away from all-at-once deployments for our serverless APIs to reduce the risk of downtime. I’m looking into AWS CodeDeploy's 'LambdaDeploymentConfig' to implement a canary strategy where only 10% of traffic hits the new version initially. Can someone explain how to set up the AppSpec file and the CloudWatch alarms needed to trigger an automatic rollback?
3 answers
To set this up, your AppSpec file needs to specify the 'Type: AWS::Lambda::Function' and the 'AfterAllowTraffic' hook to run validation tests. In your CodeDeploy deployment group, select a predefined configuration like 'LambdaCanary10Percent5Minutes'. For the rollback, you must link a CloudWatch Alarm that monitors your Lambda's error rate. If the alarm transitions to the 'ALARM' state during the 5-minute canary period, CodeDeploy will automatically flip the alias back to the old version. It’s a very elegant way to ensure production stability without manual monitoring.
Is it possible to use a custom traffic shifting percentage, or are we stuck with the 10% or 20% intervals provided by AWS? I’d like to start even smaller, maybe at 2%, because our traffic volume is extremely high.
Don't forget to use 'Version' and 'Alias' in your Lambda. CodeDeploy shifts traffic between aliases, so if you aren't using them, the canary logic won't work at all.
Excellent point, Susan. Aliases are the backbone of this strategy. Without a consistent alias pointing to the versions, your API Gateway would just keep hitting the $LATEST version regardless.
Brian, you can actually create a 'Custom Deployment Configuration' using the AWS CLI or SDK. You aren't limited to the defaults! You can define your own 'TrafficRoutingConfig' and set the exact percentage and interval you need. Just keep in mind that very small percentages might not generate enough log data for your CloudWatch alarms to trigger a rollback accurately if something goes wrong.