Switching a blue/green deployment - Amazon Relational Database Service
Switchover timeoutSwitchover guardrailsSwitchover actionsSwitchover best practicesVerifying CloudWatch metrics before switchoverSwitching over a blue/green deploymentAfter switchover
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Switching a blue/green deployment

A switchover promotes the green environment to be the new production environment. When the green DB instance has read replicas, they are also promoted. Before you switch over, production traffic is routed to the DB instance and read replicas in the blue environment. After you switch over, production traffic is routed to the DB instance and read replicas in the green environment.

Switchover timeout

You can specify a switchover timeout period between 30 seconds and 3,600 seconds (one hour). If the switchover takes longer than the specified duration, then any changes are rolled back and no changes are made to either environment. The default timeout period is 300 seconds (five minutes).

Switchover guardrails

When you start a switchover, Amazon RDS runs some basic checks to test the readiness of the blue and green environments for switchover. These checks are known as switchover guardrails. These switchover guardrails prevent a switchover if the environments aren't ready for it. Therefore, they avoid longer than expected downtime and prevent the loss of data between the blue and green environments that might result if the switchover started.

Amazon RDS runs the following guardrail checks on the green environment:

  • Replication health – Check if green primary DB instance replication status is healthy. The green primary DB instance is a replica of the blue primary DB instance.

  • Replication lag – Check if the replica lag of the green primary DB instance is within allowable limits for switchover. The allowable limits are based on the specified timeout period. Replica lag indicates how far the green primary DB instance is lagging behind its blue primary DB instance. Replica lag indicates how much time the green replica might require before it catches up with its blue source. For more information, see Diagnosing and resolving lag between read replicas.

  • Active writes – Make sure there are no active writes on the green primary DB instance.

Amazon RDS runs the following guardrail checks on the blue environment:

  • External replication – Make sure the blue primary DB instance isn't the target of external replication to prevent writes on the blue primary DB instance during switchover.

  • Long-running active writes – Make sure there are no long-running active writes on the blue primary DB instance because they can increase replica lag.

  • Long-running DDL statements – Make sure there are no long-running DDL statements on the blue primary DB instance because they can increase replica lag.

Switchover actions

When you switch over a blue/green deployment, RDS performs the following actions:

  1. Runs guardrail checks to verify if the blue and green environments are ready for switchover.

  2. Stops new write operations on the primary DB instance in both environments.

  3. Drops connections to the DB instances in both environments and doesn't allow new connections.

  4. Waits for replication to catch up in the green environment so that the green environment is in sync with the blue environment.

  5. Renames the DB instances in the both environments.

    RDS renames the DB instances in the green environment to match the corresponding DB instances in the blue environment. For example, assume the name of a DB instance in the blue environment is mydb. Also assume the name of the corresponding DB instance in the green environment is mydb-green-abc123. During switchover, the name of the DB instance in the green environment is changed to mydb.

    RDS renames the DB instances in the blue environment by appending -oldn to the current name, where n is a number. For example, assume the name of a DB instance in the blue environment is mydb. After switchover, the DB instance name might be mydb-old1.

    RDS also renames the endpoints in the green environment to match the corresponding endpoints in the blue environment so that application changes aren't required.

  6. Allows connections to databases in both environments.

  7. Allows write operations on the primary DB instance in the new production environment.

    After switchover, the previous production primary DB instance only allows read operations until it is rebooted.

If you have tags configured in the blue environment, these tags are moved to the new production environment during switchover. The previous production environment also retains these tags. For more information about tags, see Tagging Amazon RDS resources.

If the switchover starts and then stops before finishing for any reason, then any changes are rolled back, and no changes are made to either environment.

Switchover best practices

Before you switchover, we strongly recommend that you adhere to best practices by completing the following tasks:

  • Thoroughly test the resources in the green environment. Make sure they function properly and efficiently.

  • Monitor relevant Amazon CloudWatch metrics. For more information, see Verifying CloudWatch metrics before switchover.

  • Identify a time when traffic is lowest on your production environment. During the switchover, writes are cut off from the databases in both environments. Long-running transactions, such as active DDLs can, increase your switchover time, resulting in longer downtime for your production workloads.

  • Make sure the DB instances in both environments are in Available state.

  • Make sure the primary DB instance in the green environment is healthy and replicating.

  • Make sure data loading is complete before switching over. For more information, see Handling lazy loading when you create a blue/green deployment.

Note

During a switchover, you can't modify any DB instances included in the switchover.

Verifying CloudWatch metrics before switchover

Before you switch over a blue/green deployment, we recommend that you check the values of the following metrics within Amazon CloudWatch.

  • ReplicaLag – Use this metric to identify the current replication lag on the green environment. To reduce downtime, make sure that this value is close to zero before you switch over

  • DatabaseConnections – Use this metric to estimate the level of activity on the blue/green deployment, and make sure that the value is at an acceptable level for your deployment before you switch over. If Performance Insights is turned on, DBLoad is a more accurate metric.

For more information about these metrics, see Amazon CloudWatch metrics for Amazon RDS.

Switching over a blue/green deployment

You can switch over a blue/green deployment using the Amazon Web Services Management Console, the Amazon CLI, or the RDS API.

To switch over a blue/green deployment

  1. Sign in to the Amazon Web Services Management Console and open the Amazon RDS console at https://console.amazonaws.cn/rds/.

  2. In the navigation pane, choose Databases, and then choose the blue/green deployment that you want to switch over.

  3. For Actions, choose Switch over.

    The Switch over page appears.

    Switch over blue/green deployment

  4. On the Switch over page, review the switchover summary. Make sure the resources in both environments match what you expect. If they don't, choose Cancel.

  5. For Timeout, enter the time limit for switchover.

  6. Choose Switch over.

To switch over a blue/green deployment by using the Amazon CLI, use the switchover-blue-green-deployment command with the following options:

  • --blue-green-deployment-identifier – Specify the identifier of the blue/green deployment.

  • --switchover-timeout – Specify the time limit for the switchover, in seconds. The default is 300.

Example Switch over a blue/green deployment

For Linux, macOS, or Unix:

aws rds switchover-blue-green-deployment \
    --blue-green-deployment-identifier bgd-1234567890abcdef \
    --switchover-timeout 600

For Windows:

aws rds switchover-blue-green-deployment ^
    --blue-green-deployment-identifier bgd-1234567890abcdef ^
    --switchover-timeout 600

To switch over a blue/green deployment by using the Amazon RDS API, use the SwitchoverBlueGreenDeployment operation with the following parameters:

  • BlueGreenDeploymentIdentifier – Specify the identifier of the blue/green deployment.

  • SwitchoverTimeout – Specify the time limit for the switchover, in seconds. The default is 300.

After switchover

After a switchover, the DB instances in the previous blue environment are retained. Standard costs apply to these resources.

RDS renames the DB instances in the blue environment by appending -oldn to the current resource name, where n is a number. The DB instances are read-only until they are rebooted.