0 %
Project Page

Ship2Production

End-to-end production-ready AWS pipeline orchestrating blue-green deployments with canary traffic shifting, automated rollback, and private networking.

Project

Open Source

Type

DevOps

Technology

AWS, Terraform

microservices Infrastructure as Code Cloud DevOps

Features

zero downtime, every release, by design

A GitHub push sets the entire pipeline in motion. No manual approvals. No SSH. No drift. The architecture is designed for reliability, with automated rollbacks and canary traffic shifting to ensure smooth deployments. Private networking keeps everything secure, while Terraform manages the infrastructure as code.

Private
Networking

Micro
Services

Serverless

Blue
Green

Traffic
Management

Cloudwatch
Observability

ALB Traffic · Canary Ramp T+0 · Starting…
Blue (v1)
100%
Green (v2)
0%
Canary Steps · TimeBasedCanary
0%
T+0
5%
+30s
10%
+1m
20%
+1:30
30%
+2m
50% ⚑
+2:45
100%
+5m
Canary shifts. Alarms watch. Rollback arms.

Traffic shifts to Green in small increments over a 5-minute canary window, then completes full cutover only if alarms stay healthy throughout. Each step gives real-traffic signal while keeping blast radius small. If any step fails, it triggers a rollback, returning 100% of traffic to Blue.

Serverless containers. Production topology

The ECS Fargate cluster is the runtime core of this architecture. Every configuration value below is sourced directly from the Terraform module, no hand-waving and approximations. Three task replicas, spread across two availability zones, behind an ALB, managed entirely by CodeDeploy.

Engineering
Decisions

Good infrastructure is the sum of deliberate choices. Each decision below reflects an explicit evaluation of cost, security, and operational complexity.

Decision Rationale
Fargate over EC2 launch type No node provisioning, patching, or capacity planning. Operational overhead is eliminated.

CostOps overheadScale
VPC Endpoints over NAT Gateway Interface Endpoints eliminate data-transfer costs and remove all external routing for internal AWS traffic.

SecurityCost savingsPrivate routing
TimeBasedCanary vs. Linear or AllAtOnce Shifts traffic in small increments so any regression is caught early at minimal exposure. Linear shifts would apply fixed equal steps and AllAtOnce provides no gradual validation signal before full exposure.

Risk mitigationDeploy velocity

Technology
stack

Tech Stack Icon

Terraform

Tech Stack Icon

AWS

Tech Stack Icon

Docker

Tech Stack Icon

GitHub

GitHub
Eye Icon
deppy