AWS CodeDeploy requires two target groups obligatory. I work with only one, and I don’t need a second target group. But when I try to use just only target group I receive this message
Target group pair must have distinct target groups.
I don’t understand well (I readed the documentation) why CodeDeploy needs two target groups and not just one.
Because you are doing Blue/Green deployment and you need two TGs (blue and green) so CodeDeploy can create a new ECS Taskset, attach that Taskset to Green TG and then start shifting traffic from Blue TG to Green TG. Without two Target groups there wont be much of Blue/Green, it will be all Blue.
Here is the ECS CodeDeploy Blue/Green behaviour:
Application load balancer (ALB) -> ALB DNS URL
|-- Port 80 (Production Listener) -> website-tg-blue on port 80 at container
|-- Port 8080 (Test Listener) -> website-tg-green on port 80 at container
Currently the target group website-tg-blue is pointing to production traffic through listener port 80, and now let’s assume that you are doing an update on your ECS image by doing a new revision on your task definition and updating your ECS service. At first Code deploy creates an ECS replacement task with new task definition and it gets listening on test listener port 8080 from ALB which will get routed to website-tg-green target group, and then it does executes the code deploy hooks based on your logic by your lambda function if you have associated with relevant hooks. If all the tests are passed by hooks or if you do not have any hooks configured, then code deploy will update the ALB listener rule by switching your listener port 80 listener traffic to replacement target group which is website-tg-green and the production traffic will get served with new changes.
Then code deploy will wait for configured wait time and removes the Original task set. Finally both ALB listener ports 80 and test port 8080 will point to website-tg-green target group.
If you do a further update on same ECS service, then production listener target group website-tg-green will flip over to website-tg-blue and will continue vice versa on further ECS service level updates.
- ECS blue green deployment – https://docs.aws.amazon.com/AmazonECS/latest/userguide/security_iam_id-based-policy-examples.html#IAM_update_service_policies
- A Sample ECS blue green deployment – https://docs.aws.amazon.com/AmazonECS/latest/userguide/security_iam_id-based-policy-examples.html#IAM_update_service_policies