Integrating Container Deployment Strategies with Flagger

The fast pace of modern society often leads us to face a multitude of questions that either must be answered instantly or within a decide time frame that procreates feel. Depending on the answer, then the average person will be able to make the liberty decision and come along with their day.

Should my coffee be frosted or hot? Shall I listen to music on my acces to work or an audiobook? Chicken or fish for lunch? Do I need to invest in the digital tools that will help my corporation progressing well in the cloud and deliver the required purposes for success? OK, the first few were just what most people think about, but the final question is arguably the one that keeps them up at night.

The simple answer is yes, but there are many reasons why. Digital tools are ubiquitous across all relevant sectors, but it is vital that companies not only integrate the right tools into their business optimization policies but likewise “understand what i m saying” these amalgamations are important.

With that in thought, this blog berth is going to look at both why receptacles and microservices should be deployed in your building and insert you to Flagger.

What are Containers and Microservices?

The term “Container” has been in common software parlance for at least a decade and is often seen as a solution to the problem of moving code from one compute environment to another. On a very simple level, receptacles are packs of your software that include everything they need to run in a dedicated environment- this includes code, dependencies, libraries, binaries and more.

Microservices, on the other hand, are an architecture that splits an work into numerou works, each of which acts fine-grained parts that are part of said application. In most cases, each of these microservices will have a different logical run for the application.

The question that many companies end up asking is how best to box these microservices and then run in an isolated environment, such as cloud.

This is where the receptacle comes in. Docker, for example is a container runtime that specifies rich and network isolation to the application running inside a docker receptacle. As a cause, frameworks like Kubernetes and Swarm orchestrate multiple containers in enterprise environments.

It is worth noting that Kubernetes is an open-source container orchestration platform that lets you deploy, flake, and succeed all containers. Originally designed by Google and released in 2014, it allows you to automate the deployment of your containerized microservices.

With that in memory, let’s take a few minutes to consider application deployment, bringing blueprints and progressive delivery.

Progressive Delivery

Progressive delivery is an umbrella term for advanced deployment patterns that include canaries, feature flags and A/ B testing. These established proficiencies are used to reduce the risk of introducing a brand-new software edition in make by present app developers and SRE teams fine-grained control over what can be considered the blast radius.

For those new to these techniques, the expression “canary” is a throwback to old-fashioned mining skills where a bird would be released into a physical pit environment to research for poison gases. Basically, if the canary died, the pit was unsafe, and another location or passage would be utilized.

With progressive transmission, new copies are deployed to a subset of users and evaluated in terms of correctness and rendition, before being reeled out to the totality of the users and wheeled back if not matching some key metrics. Unlike incessant bringing, this causes the developer some statu of sovereignty over what comes deployed as an initial test and is an invaluable part of understanding what works and, importantly, what doesn’t.

The inherent cruelty of sending an unsuspecting bird into a dangerous work zone aside, a implement such as Flagger can help the DevOps team quickly implement progressive delivery standards and application-specific deployment strategies.

What is Flagger?

Flagger is an Apache 2.0 licensed open-source tool. Initially developed in 2018 at Weaveworks by a make called Stefan Prodan, the progressive delivery operator became a Cloud Native Computing Foundation assignment in 2020.

The underlyjng intent for Flagger was to give makes confidence in automating application freeings with progressive transmission skills. As a make, Flagger can run automated lotion analysis, testing, promotion and rollback for the deployment strategies.

From a configuration perspective, the tool can send notifications to Slack, Microsoft Teams, Discord, or Rocket. Flagger will announce letters when a deployment has been initialized, a brand-new revision has been detected and if the canary analysis miscarried or succeeded.

Flagger is an operator for Kubernetes and can be configured to automate the freeing process for Kubernetes-based workloads with the aforementioned canary.

As part of its automated application analysis, appropriate tools can authenticate work statu objectives( SLOs) like availability, error rate percentage, average response times and any other objective based on app-specific metrics. For instance, if a drop in performance is noticed during the SLOs analysis, the liberate will be automatically wheeled back with minimum impact to end-users.

In addition, Flagger buoys metrics analysis providers with built-in HTTP request metrics, such as Prometheus, Datadog, AWS CloudWatch, and NewRelic.

Taking the above into account, we can now turn our attention to the recognized deployment policies that Flagger supports.

Blue/ Green

In this deployment policy, two versions are running alongside one another, off-color( current explanation) and green( Canary new copy ). Flagger can orchestrate off-color/ green mode deployments with Kubernetes L4 networking, and by incorporating something like Istio( a passing service mesh extension) you have the option to mirror traffic between blue and light-green versions.

The visual below shows the workflow 😛 TAGEND

Traffic Switching and Mirroring

Flagger’s canary aid allows us to configure analysis with the specified iterations and delay time frame. For example, if the like interval is one minute and there are 10 iterations, then the analysis runs for 10 minutes.

With this configuration, Flagger will flow conformance and load research on the canary cod for ten minutes. If the metrics analysis supplants, live congestion are likely to be swopped from the age-old version to the new one when the canary is promoted.

After the analysis finishes, the traffic is routed to the canary( green) before provoking the primary( blue-blooded) flattening revise. This action then ensures a smooth transition to the brand-new account, forestalling sink in-flight seeks during the Kubernetes deployment rollout.

Supported mesh providers: Kubernetes CNI, Istio, Linkerd, App Mesh, Contour, Gloo, NGINX, Skipper, Traefik


Flagger implements a self-control loop-the-loop that gradually shifts traffic to the canary while measuring key performance indicators like HTTP petitions success rate, requests average duration, and husk state. Located on analysis of the KPIs, a canary-yellow is promoted or aborted.

The canary analysis runs periodically and, if it supersedes, will run for specified instants while corroborating the HTTP metrics and webhooks every minute.

This can be seen in the visual below 😛 TAGEND

In this configuration, stepWeights( utilize percentage points of zero to 100) judge the said regalium of weights to be used during canary promotion.

When stepWeightPromotion( 0-100 %) is specified, the advertising time happens in stages. Traffic is routed back to the primary husks in a progressive nature and the primary heavines is increased until it contacts 100%.

Supported mesh providers: Istio, Linkerd, App Mesh, Contour, Gloo, NGINX, Skipper, Traefik

A/ B Testing

For this iteration, two versions of the application code are simultaneously deployed. In this case, frontend lotions that require session affinity should use HTTP headers or cookies with match plights. This will ensure that a place of users will stay on the same version for the whole duration of the canary analysis.

You can see this workflow below 😛 TAGEND

HTTP Headers and Cookies Traffic Routing

As you can see, traffic are likely to be routed to explanation A or explanation B based on HTTP headers or cookies( OSI Layer 7 ). In this mode, the routing provides full command over traffic distribution.

By using Flagger, we can enable A/ B testing by specifying the HTTP match status and the number of iterations in the analysis. Specified configuration will feed an analysis for defined hours targeting the headers and cookies.

Sample headers include 😛 TAGEND

headers 😛 TAGEND

x-canary: regex: “ .* insider .* ”

headers 😛 TAGEND

cookie: regex: “ ^(.*?;)?( canary-yellow= always )(;.*)?$ ”

Supported mesh providers: Istio, App Mesh, Contour, NGINX

Alerting and Monitoring

As we referred to above, Flagger can be configured to send alerts to various converse stages. You can characterize a world-wide alert provider at position meter or configure notifies on a per canary basis- incorporations include Slack, Microsoft Teams, Prometheus Alert Manager.

Additionally, the tool comes with a Grafana dashboard cleared for canary analysis. Canary mistakes and latency spikes have been recorded as Kubernetes occasions and entered by Flagger in JSON format.

Finally, Flagger exposes Prometheus metrics that can be used to determine the canary analysis status and the destination heavines values.


As more fellowships ramp up their investment in receptacles and microservices, there is a characterized need to utilize the very best an instrument for the job.

Flagger would certainly fall into that list and the open-source nature of this progressive delivery operator can help developers understand different receptacle deployment patterns and the scenarios in which they are best exploited. In that path, decision makers can then implement the specific actions which are suited best to the application and business strategy.

Read more: feedproxy.google.com