Friday, February 20, 2026

OCI DevOps CI/CD Pipeline with OKE Blue/Green Deployment – Part 2 (Ingress Setup, Traffic Shift & Rollback)

 In Part 1, we built the complete CI/CD foundation using:

  • OCI Vault

  • OCI Container & Artifact Registry

  • OCI DevOps Build Pipeline

  • OKE Cluster

  • Blue/Green Namespaces

If you missed it, read Part 1 here:
https://samappsdba.blogspot.com/2026/02/oci-devops-cicd-pipeline-oke-blue-green-setup-part1.html

Now in Part 2, we will:

  • Set up NGINX Ingress Controller

  • Configure LoadBalancer

  • Execute build pipeline

  • Deploy to Green namespace

  • Shift traffic to Blue namespace

  • Perform rollback

This is where the real power of Blue/Green deployment on Oracle Cloud Infrastructure using Oracle Kubernetes Engine becomes visible


Step 8: Setup NGINX Ingress Controller on OKE

To expose applications externally, we need an Ingress Controller.

From OCI Cloud Shell, run:

kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.3.0/deploy/static/provider/cloud/deploy.yaml

Verify services:

kubectl get svc -n ingress-nginx




Configure Ingress Service as LoadBalancer


yaml file


kind: Service

apiVersion: v1

metadata:

  name: ingress-nginx

  namespace: ingress-nginx

spec:

  type: LoadBalancer

  selector:

    app.kubernetes.io/name: ingress-nginx

  ports:

    - name: http

      port: 80

      targetPort: http

    - name: https

      port: 443

      targetPort: https

Apply it:-

kubectl apply -f cloud-generic.yaml


Now your OKE cluster can route external traffic.


Step 9: Execute Build Pipeline

Go to OCI DevOps → Build Pipeline → Start Manual Run.

The pipeline will:

  • Execute build_spec.yaml

  • Build Docker image

  • Push image to OCI Container Registry

  • Trigger deployment pipeline





Check the deployment pipeline






Verify deployments:

NAME                                                READY   STATUS    RESTARTS   AGE

pod/sample-oke-bg-app-deployment-55db78c699-blz7r   1/1     Running   0          7m13s

pod/sample-oke-bg-app-deployment-55db78c699-d9zwh   1/1     Running   0          6m31s

pod/sample-oke-bg-app-deployment-55db78c699-fpj6h   1/1     Running   0          7m56s

 

NAME                                              CLASS    HOSTS   ADDRESS          PORTS   AGE

ingress.networking.k8s.io/sample-oke-bg-app-ing   <none>   *       129.80.114.230   80      41m

-- NS:ns-blue --

No resources found in ns-blue namespace.


Initially, traffic routes to ns-green.

Open the External IP in browser — application loads from Green namespace.


After it has been validated and passed the QA, approve it









Traffic is shifted to green namespace after successful test



Step 10: Modify Code & Deploy New Version

Commit changes to GitHub.

Within minutes:

  • Code mirrors to OCI DevOps repository

  • Start manual build again

  • New image appears in Container Registry

  • Deployment pipeline deploys to ns-blue

Now the pipeline waits for approval.


Step 11: Traffic Shift to Blue Namespace

After approval in Deployment Pipeline:

Traffic shifts from ns-green → ns-blue

Validate:


-- NS:ns-green --

NAME                                                READY   STATUS    RESTARTS   AGE

pod/sample-oke-bg-app-deployment-55db78c699-blz7r   1/1     Running   0          62m

pod/sample-oke-bg-app-deployment-55db78c699-d9zwh   1/1     Running   0          62m

pod/sample-oke-bg-app-deployment-55db78c699-fpj6h   1/1     Running   0          63m

 

NAME                                              CLASS    HOSTS   ADDRESS          PORTS   AGE

ingress.networking.k8s.io/sample-oke-bg-app-ing   <none>   *       129.80.114.230   80      97m

-- NS:ns-blue --

NAME                                                READY   STATUS    RESTARTS   AGE

pod/sample-oke-bg-app-deployment-57dd5dc988-4cvtv   1/1     Running   0          2m58s

pod/sample-oke-bg-app-deployment-57dd5dc988-hr7rt   1/1     Running   0          2m58s

pod/sample-oke-bg-app-deployment-57dd5dc988-lvp2h   1/1     Running   0          2m58s

 

NAME                                              CLASS    HOSTS   ADDRESS          PORTS   AGE

ingress.networking.k8s.io/sample-oke-bg-app-ing   <none>   *       129.80.114.230   80      51m

samsin16@cloudshell:~ (us-ashburn-1)$

 

we can see that pods are now running under blue


Ingress still uses the same External IP — but backend changes.

This ensures:

  • Zero downtime

  • Controlled release

  • No service interruption

Step 12: Rollback (If Required)

If something goes wrong:

In Deployment Pipeline → Click Revert Traffic Shift

Traffic instantly returns to ns-green.

No rebuild required.
No downtime.
No manual intervention inside Kubernetes.

This is the beauty of OCI DevOps Blue/Green deployment


What We Achieved

By completing Part 2, we now have:

  • Full CI/CD automation

  • Kubernetes ingress routing

  • Blue/Green traffic switching

  • Approval-based production release

  • Instant rollback capability

All running natively on Oracle Cloud Infrastructure.

Conclusion

With OCI DevOps and OKE, implementing enterprise-grade CI/CD with Blue/Green deployment becomes structured, secure, and scalable.

You now have:

Automated build
Automated deployment
Controlled traffic shift
Zero downtime strategy
Rollback mechanism

This architecture is production-ready for modern cloud-native applications



at
Labels: , , , , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)