In Part 1, we built the complete CI/CD foundation using:
OCI Vault
OCI Container & Artifact Registry
OCI DevOps Build Pipeline
OKE Cluster
Blue/Green Namespaces
If you missed it, read Part 1 here:
https://samappsdba.blogspot.com/2026/02/oci-devops-cicd-pipeline-oke-blue-green-setup-part1.html
Now in Part 2, we will:
Set up NGINX Ingress Controller
Configure LoadBalancer
Execute build pipeline
Deploy to Green namespace
Shift traffic to Blue namespace
Perform rollback
This is where the real power of Blue/Green deployment on Oracle Cloud Infrastructure using Oracle Kubernetes Engine becomes visible
Step 8: Setup NGINX Ingress Controller on OKE
To expose applications externally, we need an Ingress Controller.
From OCI Cloud Shell, run:
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.3.0/deploy/static/provider/cloud/deploy.yaml
Verify services:
Configure Ingress Service as LoadBalancer
yaml file
kind: Service
apiVersion: v1
metadata:
name: ingress-nginx
namespace: ingress-nginx
spec:
type: LoadBalancer
selector:
app.kubernetes.io/name: ingress-nginx
ports:
- name: http
port: 80
targetPort: http
- name: https
port: 443
targetPort: https
Apply it:-
kubectl apply -f cloud-generic.yaml
Now your OKE cluster can route external traffic.
Step 9: Execute Build Pipeline
Go to OCI DevOps → Build Pipeline → Start Manual Run.
The pipeline will:
-
Execute
build_spec.yaml -
Build Docker image
-
Push image to OCI Container Registry
-
Trigger deployment pipeline
NAME
READY STATUS RESTARTS
AGE
pod/sample-oke-bg-app-deployment-55db78c699-blz7r 1/1
Running 0 7m13s
pod/sample-oke-bg-app-deployment-55db78c699-d9zwh 1/1
Running 0 6m31s
pod/sample-oke-bg-app-deployment-55db78c699-fpj6h 1/1
Running 0 7m56s
NAME
CLASS HOSTS ADDRESS PORTS AGE
ingress.networking.k8s.io/sample-oke-bg-app-ing <none> *
129.80.114.230 80
41m
-- NS:ns-blue --
No resources found in ns-blue namespace.
Initially, traffic routes to ns-green.
Open the External IP in browser — application loads from Green namespace.
After it has been validated and passed the QA, approve it
Traffic is shifted to green namespace after successful test
Commit changes to GitHub.
Within minutes:
-
Code mirrors to OCI DevOps repository
-
Start manual build again
-
New image appears in Container Registry
-
Deployment pipeline deploys to ns-blue
Now the pipeline waits for approval.
Step 11: Traffic Shift to Blue Namespace
After approval in Deployment Pipeline:
Traffic shifts from ns-green → ns-blue
Validate:
-- NS:ns-green --
NAME
READY STATUS RESTARTS
AGE
pod/sample-oke-bg-app-deployment-55db78c699-blz7r 1/1
Running 0 62m
pod/sample-oke-bg-app-deployment-55db78c699-d9zwh 1/1
Running 0 62m
pod/sample-oke-bg-app-deployment-55db78c699-fpj6h 1/1
Running 0 63m
NAME
CLASS HOSTS ADDRESS PORTS AGE
ingress.networking.k8s.io/sample-oke-bg-app-ing <none> *
129.80.114.230 80 97m
-- NS:ns-blue --
NAME
READY STATUS RESTARTS
AGE
pod/sample-oke-bg-app-deployment-57dd5dc988-4cvtv 1/1
Running 0 2m58s
pod/sample-oke-bg-app-deployment-57dd5dc988-hr7rt 1/1
Running 0 2m58s
pod/sample-oke-bg-app-deployment-57dd5dc988-lvp2h 1/1
Running 0 2m58s
NAME
CLASS HOSTS ADDRESS PORTS AGE
ingress.networking.k8s.io/sample-oke-bg-app-ing <none> *
129.80.114.230 80 51m
samsin16@cloudshell:~ (us-ashburn-1)$
we can see that pods are now running under blue
Ingress still uses the same External IP — but backend changes.
This ensures:
-
Zero downtime
-
Controlled release
-
No service interruption
Step 12: Rollback (If Required)
If something goes wrong:
In Deployment Pipeline → Click Revert Traffic Shift
Traffic instantly returns to ns-green.
No rebuild required.
No downtime.
No manual intervention inside Kubernetes.
This is the beauty of OCI DevOps Blue/Green deployment
What We Achieved
By completing Part 2, we now have:
-
Full CI/CD automation
-
Kubernetes ingress routing
-
Blue/Green traffic switching
-
Approval-based production release
-
Instant rollback capability
All running natively on Oracle Cloud Infrastructure.
Conclusion
With OCI DevOps and OKE, implementing enterprise-grade CI/CD with Blue/Green deployment becomes structured, secure, and scalable.
You now have:
Automated build
Automated deployment
Controlled traffic shift
Zero downtime strategy
Rollback mechanism
This architecture is production-ready for modern cloud-native applications
No comments:
Post a Comment