Cloud Technology

Kubernetes Deployment Strategies: A Beginner’s Guide to Rolling, Blue/Green, Canary & More

Updated on
13 min read

In today’s fast-paced software development world, understanding Kubernetes deployment strategies is crucial for developers, DevOps professionals, and system admins. This beginner-friendly guide will explore various strategies such as rolling updates, blue/green deployments, canary releases, and more. By the end of this article, you’ll gain insights into effective deployment methods, core Kubernetes concepts, practical examples, and essential tools to ensure smooth application rollouts.

Table of contents

Introduction — What you’ll learn

In this guide, you will discover critical deployment strategies necessary for managing changes in production. Deployments are how you move changes (new code, configurations, or images) into production, and the strategy you choose greatly impacts user experience, including potential downtime, regression detection speed, and rollback ease.

In this article, you’ll learn about:

  • Common Kubernetes deployment strategies and their optimal use cases.
  • Core Kubernetes concepts and commands essential for executing safe rollouts.
  • Practical YAML examples for rolling updates, recreates, blue/green deployments, and canaries.
  • Tools like Argo Rollouts and Flagger to facilitate automated progressive delivery.
  • Best practices, troubleshooting tips, and a hands-on canary tutorial.

Expect detailed explanations, command examples, and links to authoritative documentation on Kubernetes, Argo Rollouts, and Flagger, as well as internal resources for CI/CD, caching, and observability.

Kubernetes Basics You Need to Know

  • Pod: The smallest deployable unit, which includes one or more containers that share networking and storage.
  • ReplicaSet: Ensures that a specified number of Pod replicas are running at all times.
  • Deployment: A higher-level controller managing ReplicaSets and providing declarative updates (creates a new ReplicaSet when the Pod template is updated).
  • Service: A stable network endpoint (ClusterIP, NodePort, LoadBalancer) that routes traffic to Pods based on labels.
  • Labels & Selectors: Use labels to mark versions (e.g., app=myapp, version=v1). Services utilize selectors to target specific Pods, with label swapping being a common blue/green pattern.

Understanding how Deployments manage ReplicaSets and Pods is essential, as a Deployment never manipulates Pods directly; it manages ReplicaSets, which then create Pods. Refer to the Kubernetes documentation for detailed insights on Deployments.

kubectl Rollout and Deployment Spec Basics

The Deployment specification controls the default rolling behavior with key fields, including:

  • strategy.type: Can be set to RollingUpdate (default) or Recreate.
  • rollingUpdate.maxSurge: The maximum number of extra Pods that can be created during an update (e.g., 25% or 1).
  • rollingUpdate.maxUnavailable: The number of Pods that can be unavailable during an update.

These settings help you balance rollout speed and service availability. Higher values for maxSurge can speed up the rollout while higher maxUnavailable values reduce capacity protection.

Useful kubectl commands for managing rollouts include:

kubectl apply -f deployment.yaml
kubectl rollout status deployment/myapp
kubectl rollout history deployment/myapp
kubectl rollout undo deployment/myapp # Revert to previous revision
kubectl describe deployment/myapp
kubectl get rs # List ReplicaSets

For more details, refer to the official kubectl rollout documentation.

Overview of Common Deployment Strategies

Below is a comparison table to help you choose the right deployment strategy based on factors such as risk, resource availability, and rollback complexity.

StrategyWhat it DoesProsConsTypical Use Case
RecreateStops the old version and starts a new oneSimple and predictableDowntime during the switchMaintenance windows, internal tools
Rolling UpdateReplaces Pods gradually while keeping the service availableNo downtime, default behaviorBad readiness probes can lead to issuesMost web services
Blue/Green (BG)Runs old (blue) and new (green) versions concurrentlyQuick rollback, complete testingRequires extra resources; DB migrations trickyMajor releases, campaigns
CanarySends a small percentage of traffic to the new versionControlled risk, real traffic testingNeeds routing support and metricsRisky feature changes; new algorithms
A/B Testing & ShadowRuns multiple variants or mirrors trafficGreat for experiments, testingComplex metrics and routing neededFeature experiments, ML model testing

Recreate

What it is: Kubernetes terminates all old Pods before creating new ones. This is the simplest strategy.

Pros:

  • Easy to implement and understand.

Cons:

  • Downtime during the switch (not ideal for customer-facing services unless done during maintenance windows).

Rolling Update

What it is: Pods are replaced gradually while keeping the service available. This is Kubernetes’ default deployment behavior.

How it works: A new ReplicaSet is created from the updated Pod template, adjusting Pods according to maxSurge and maxUnavailable settings.

Key Configurations:

  • maxSurge controls how many extra Pods can be created during the update.
  • maxUnavailable determines how many Pods can be unavailable.

Employ readiness probes to ensure new Pods do not receive traffic until they are fully ready.

Blue/Green (BG)

What it is: Both versions (blue and green) run concurrently, allowing for full testing of the new version in a live environment. Once satisfied, traffic is switched to the new version by updating the Service selector, Ingress, or load balancer rules.

Traffic-Switch Approaches:

  • Update the Service selector labels.
  • Modify Ingress or load balancer settings.
  • DNS change, although slower due to caching.

Pros:

  • Quick rollbacks (just switch back to the old version).
  • Entire traffic can be validated before the cutover.

Cons:

  • Requires roughly double the resources during the switch.
  • Database migrations can complicate rollbacks.

Canary

What it is: Initially, only a small percentage of traffic reaches the new version, which is then increased gradually while monitoring key metrics.

When to Use: Ideal for validating behaviors under real traffic conditions with minimal risk.

Requirements: Traffic-splitting capabilities are needed, which can come from a service mesh like Istio, Linkerd, ingress controllers that support weights, or tools like Argo Rollouts and Flagger.

A/B Testing & Shadow (Mirroring)

A/B Testing: Run multiple variants and route subsets of users to evaluate feature performance with metrics.

Shadow/Mirroring: replicate live traffic to a candidate service for passive testing, useful in performance scenarios but without impacting users. Learn more in the ML model deployment guide.

How to Implement Each Strategy in Kubernetes (Practical Examples)

Rolling Update — YAML + kubectl

Here’s an example of a minimal Deployment YAML file that shows rolling update parameters:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: myapp
spec:
  replicas: 3
  strategy:
    type: RollingUpdate
    rollingUpdate:
      maxSurge: 1        # Allow 1 extra pod during updates
      maxUnavailable: 0  # Ensure all existing pods are available
  selector:
    matchLabels:
      app: myapp
  template:
    metadata:
      labels:
        app: myapp
    spec:
      containers:
      - name: myapp
        image: myrepo/myapp:v2
        readinessProbe:
          httpGet:
            path: /health
            port: 8080
          initialDelaySeconds: 5
          periodSeconds: 5

To apply the configuration and monitor the rollout, use the following commands:

kubectl apply -f deployment.yaml
kubectl rollout status deployment/myapp
# To revert if necessary
kubectl rollout undo deployment/myapp

Tips:

  • Always set readiness probes to prevent traffic from being routed to Pods that are not yet ready.
  • Use resource requests and limits to avoid scheduling issues.

Recreate — Quick Example

Simply set the strategy.type to Recreate in the Deployment spec:

strategy:
  type: Recreate

Blue/Green — Switching Traffic

Pattern:

  1. Deploy the green version alongside the blue version (use labels: version: v1 / v2).
  2. Test the green version internally or with a subset of traffic.
  3. Update the Service selector from blue to green.

Example showing a simplified Service selector update:

apiVersion: v1
kind: Service
metadata:
  name: myapp-svc
spec:
  selector:
    app: myapp
    version: v2   # Change from v1 to v2 for switch
  ports:
  - port: 80
    targetPort: 8080

Canary — Simple Approach vs Advanced Tools

Simple (Manual) Canary:

  • Deploy a small number of replicas of version v2 (e.g., 1 replica) with that label.
  • Use an ingress or service mesh supporting weight-based routing to direct 5–10% of traffic to this new version.
  • Monitor the metrics and adjust the traffic split as needed.

Advanced (Recommended) Approach:

  • Use Argo Rollouts or Flagger to automate the process with defined progressive steps, performance analysis, and automatic promotion or rollback.
  • These tools integrate with metrics backends (like Prometheus, Datadog) to halt rollouts if service level objectives (SLOs) are violated.

Check the Argo Rollouts documentation and Flagger for more examples and installation instructions.

Tools & Ecosystem to Support Advanced Rollouts

  • Argo Rollouts: A Kubernetes controller providing custom resource definitions (CRDs) for progressive delivery (canary and blue/green), featuring hooks and metrics-based analysis. Read more at Argo Rollouts.
  • Flagger: Automates canary deployments and analysis using services like Prometheus and Datadog. Flagger allows automatic traffic shifting and rollback based on metric thresholds. Visit Flagger for further information.
  • Service Meshes & Ingress Controllers: Solutions like Istio, Linkerd, Consul, Traefik, and NGINX deliver traffic-splitting, mirroring, and header-based routing functionalities vital for canary deployments and A/B tests.

When to Use These Tools

If there’s a need for percentage-based traffic splits, automated promotions, metric-based rollbacks, or traffic mirroring, consider employing a service mesh or a progressive delivery controller. Basic services may suffice for rolling updates and straightforward blue/green switches.

Best Practices and Checklist Before You Rollout

Observability and Metrics

  • Implement monitoring for health, latency, error rates, and business metrics.
  • Use dashboards, traces, and alerts tied to SLOs to drive promotion or rollback decisions. Learn more about observability here.

Readiness & Liveness Probes

  • Readiness probes prevent traffic from going to a Pod until it’s truly ready.
  • Carefully configure liveness probes to avoid unnecessary restarts.

Resource Limits, Health Checks, and Versioning

  • Set resource requests and limits to prevent overcommitting nodes.
  • Avoid using latest for image tags; instead, use immutable tags and semantic versioning.
  • Ensure database migrations are backward-compatible whenever possible; opt for phased migrations.

Rollback Strategy & Disaster Recovery

  • Define rollback steps and validate them within your staging environment.
  • Implement techniques that maintain backward compatibility for DB schema changes or utilize blue/green migrations.
  • Backup critical data and configurations ahead of major releases.

Security Checks

CI/CD and Repository Considerations

  • The structure of your repository can affect your release cadence and tooling choices. Review trade-offs between monorepo and multi-repo strategies here.

Common Pitfalls and Troubleshooting Tips

Problems Likely Encountered

  • Stuck deployments due to failing readiness probes prevent progress in the deployment.
  • Sluggish rollout speeds caused by conservative maxSurge or maxUnavailable settings.
  • Traffic-splitting issues when your application has session stickiness, as cached sessions can direct users to only one backend. Explore caching patterns here.

Quick Fixes & Diagnostic Commands

  • kubectl describe pod <pod> — View events and states for this pod.
  • kubectl logs pod/<pod> -c <container> — Analyze container logs for any issues.
  • kubectl rollout status deployment/myapp — Monitor rollout progress.
  • kubectl rollout undo deployment/myapp — Revert to the previous revision if needed.
  • kubectl get endpoints svc/myapp-svc — Ensure the Service endpoints are correct.

Utilize tracing and metrics to catch regressions during canary updates; logs alone will not reveal user experience issues like latency or error spikes.

Example Mini Tutorial: Canary with Argo Rollouts (Step-by-Step)

What to Showcase (High-Level)

  1. Install the Argo Rollouts controller (consult the official docs for installation): Argo Rollouts Installation.
  2. Create a Rollout Custom Resource (CR) that utilizes a canary strategy with defined percentage/weight-based steps.
  3. Integrate basic metric checks (e.g., a Prometheus alert) to allow the controller to abort deployments if errors rise above acceptable limits.
  4. Test promoting or aborting deployment to showcase automation capabilities.

Here is a minimal Rollout CR snippet:

apiVersion: argoproj.io/v1alpha1
kind: Rollout
metadata:
  name: myapp-rollout
spec:
  replicas: 5
  strategy:
    canary:
      steps:
      - setWeight: 10  # Route 10% traffic to the new replicaSet
      - pause: { duration: 2m }
      - setWeight: 50
      - pause: { duration: 2m }
  selector:
    matchLabels:
      app: myapp
  template:
    metadata:
      labels:
        app: myapp
    spec:
      containers:
      - name: myapp
        image: myrepo/myapp:v2
        ports:
        - containerPort: 8080

Argo Rollouts integrates well with ingress controllers and service meshes for effective traffic shifting. For a complete walk-through and additional examples, refer to the Argo Rollouts documentation.

Conclusion and Further Resources

Recap and Next Steps

Choosing the appropriate Kubernetes deployment strategy involves weighing trade-offs related to risk, resources, and speed. In most cases:

  • Utilize Rolling Update for standard, safe deployments without requiring provider-side routing changes.
  • Choose Blue/Green deployments when needing immediate cutovers and easy rollbacks.
  • Implement Canary for incremental validations using real traffic while pairing it with automated metric analysis for optimal safety.
  • Employ A/B Testing or shadowing methods for experiments and passive validations (this is particularly useful in ML deployments).

For hands-on practice, set up a local cluster (try kind or minikube), execute a rolling update, then follow the Argo Rollouts quickstart guide to implement a simple canary deployment. If you seek preconfigured YAMLs and a step-by-step tutorial, check the sample linked below.

Further Reading & Links

Internal Resources Referenced in This Article

Call to Action

Try this in a sandbox: spin up a local cluster (using kind or minikube) and practice rolling updates along with an Argo Rollouts canary implementation. If you found this guide helpful, don’t forget to download the sample YAMLs and follow along with the tutorial.

Get your sample YAMLs & step-by-step tutorial here: /kubernetes/deployment-samples (sample link placeholder)

Appendix: Useful kubectl Commands

# Apply changes
kubectl apply -f deployment.yaml
# Watch rollout
kubectl rollout status deployment/myapp
# View rollout history
kubectl rollout history deployment/myapp
# Rollback deployment
kubectl rollout undo deployment/myapp
# Describe resources
kubectl describe pod <pod-name>
kubectl describe deployment myapp
kubectl get svc,ep
TBO Editorial

About the Author

TBO Editorial writes about the latest updates about products and services related to Technology, Business, Finance & Lifestyle. Do get in touch if you want to share any useful article with our community.