DevOps Shack

Handling Deployment Failures in Production

Introduction
Deployment failures in production environments can disrupt services, degrade
user experience, and reduce operational efficiency. In modern DevOps
practices, automating the detection and resolution of such failures is critical to
maintaining system uptime and reliability. This document focuses on handling
deployment failures using Jenkins, Kubernetes, Prometheus, Elasticsearch, SNS
(Amazon Simple Notification Service), and Selenium.
Key Steps in the Process:
1. Automated CI/CD Pipelines for Deployment
2. Monitoring for Deployment Health
3. Log and Metrics Collection for Failure Diagnosis
4. Notification of Failures
5. Root Cause Analysis and Auto-Rollback
6. Post-Rollback and Redeployment Testing
Each of these steps is essential to effectively handling deployment failures and
ensuring rapid recovery. The following sections provide detailed explanations
of each step, along with implementation examples.

1. Automated CI/CD Pipelines for Deployment

In a typical DevOps setup, Continuous Integration and Continuous Deployment
(CI/CD) pipelines are used to automate the build, testing, and deployment of
applications. Jenkins is a widely used tool to create and manage CI/CD
pipelines. Jenkins integrates with Kubernetes to handle the deployment of
services within containers, allowing for easy scaling of applications based on
traffic demands.
In this example, we create a Jenkins pipeline that compiles, tests, and deploys
a Kubernetes application. The deployment is closely monitored, and in case of
failure, alerts are sent via Amazon SNS to the relevant stakeholders.
Jenkins Pipeline Script Example:
pipeline {
agent any

stages {
stage('Build') {
steps {
echo 'Building the application...'
 sh 'mvn clean install'
}
}
stage('Test') {
steps {
echo 'Running tests...'
sh 'mvn test'
}
}
stage('Deploy to Kubernetes') {
steps {
echo 'Deploying the application to Kubernetes...'
sh 'kubectl apply -f deployment.yaml'
}
}
}

post {
failure {
script {
currentBuild.result = 'FAILURE'
echo 'Deployment failed, sending notification...'
snsNotification('Production deployment failed. Immediate attention
required.')
}
}
}
}

def snsNotification(message) {
// Use AWS SNS to send notifications
sh "aws sns publish --topic-arn <SNS_TOPIC_ARN> --message '${message}'"
}
Explanation:
• Build Stage: The application is built using Maven, and the code is
compiled into an executable artifact (e.g., a JAR file).
• Test Stage: Unit tests are run to ensure the code behaves as expected.
• Deploy Stage: The application is deployed to a Kubernetes cluster using
a Kubernetes manifest file (deployment.yaml). This YAML file defines the
configuration for pods, services, and other resources in Kubernetes.
• Post-Failure Step: If the deployment fails, the post block is triggered,
and the failure notification is sent via Amazon SNS.
This pipeline ensures that all stages from build to deployment are automated.
In the event of failure, the system immediately alerts the relevant teams,
allowing them to respond quickly.

2. Monitoring for Deployment Health and Performance

Once an application is deployed, monitoring becomes crucial to ensure it is
running correctly. Monitoring tools like Prometheus and Grafana provide real-
time insights into the application's health and performance. Prometheus is a
time-series database that collects metrics from Kubernetes pods and services,
while Grafana visualizes these metrics, offering dashboards that track various
aspects of the application.
Prometheus Setup for Kubernetes:
Prometheus can be configured to scrape metrics from Kubernetes, such as CPU
usage, memory consumption, pod restarts, and network traffic. This setup
enables the detection of anomalies during deployments.
 • Prometheus Configuration Example:
global:
scrape_interval: 15s
evaluation_interval: 15s

scrape_configs:
- job_name: 'kubernetes-nodes'
kubernetes_sd_configs:
- role: node
relabel_configs:
- action: labelmap
regex: '__meta_kubernetes_node_label_(.+)'
This configuration sets up Prometheus to collect metrics from Kubernetes
nodes at regular intervals of 15 seconds.
Alerting Rules for Deployment Failures:
Prometheus allows the creation of custom alerting rules based on metric
thresholds. For instance, if the number of pod restarts exceeds a defined
threshold, an alert can be triggered.
• Prometheus Alerting Rule Example:
groups:
- name: k8s-deployment-failures
rules:
- alert: PodCrashLooping
expr: rate(kube_pod_container_status_restarts_total[5m]) > 5
for: 10m
labels:
severity: critical
 annotations:
summary: "Pod {{ $labels.namespace }}/{{ $labels.pod }} is restarting
frequently"
Grafana Dashboards:
Once metrics are collected by Prometheus, Grafana is used to create visual
dashboards that track key performance indicators (KPIs) of the deployment.
Grafana can display metrics like:
• CPU and memory usage per pod.
• Number of restarts for each pod.
• Network traffic and response times.
These dashboards help the operations team quickly identify any issues during
the deployment process.

3. Log and Metrics Collection for Failure Diagnosis

When a deployment failure occurs, logs and metrics play a crucial role in
diagnosing the root cause of the issue. Elasticsearch is commonly used for
collecting and indexing logs from Kubernetes clusters, while Logstash or
Fluentd can be used to ship logs from the application to Elasticsearch.
By analyzing logs, the team can quickly determine whether the issue is related
to code bugs, resource limitations, or external dependencies.
Setting Up Fluentd to Send Logs to Elasticsearch:
apiVersion: v1
kind: ConfigMap
metadata:
name: fluentd-config
data:
fluent.conf: |
<source>
@type tail
 path /var/log/containers/*.log
pos_file /var/log/containers/*.pos
tag kubernetes.*
<parse>
@type json
</parse>
</source>

<match kubernetes.**>
@type elasticsearch
host elasticsearch-cluster
port 9200
logstash_format true
logstash_prefix kubernetes-logs
</match>
This Fluentd configuration collects logs from Kubernetes containers and sends
them to an Elasticsearch cluster for indexing.
Viewing Logs in Kibana:
Once logs are stored in Elasticsearch, they can be visualized using Kibana,
which provides powerful search and filtering capabilities. Teams can search
logs for specific error messages, timestamps, or other details to identify the
cause of the failure.

4. Failure Notifications via Amazon SNS

To ensure that deployment failures are acted upon immediately, notifications
are sent to the relevant team members using Amazon SNS (Simple
Notification Service). SNS can send notifications via multiple channels,
including email, SMS, and integration with services like Slack.
Example of Sending a Notification via SNS:
aws sns publish --topic-arn <SNS_TOPIC_ARN> --message 'Production
deployment failed. Please investigate immediately.'
When a deployment failure occurs, the SNS topic receives the failure message,
which is then forwarded to subscribers such as developers or system
administrators. This ensures that the team is promptly alerted to address the
issue.

5. Root Cause Analysis and Automated Rollback

When a deployment fails, root cause analysis (RCA) is critical for identifying
what went wrong. RCA typically involves analyzing logs, reviewing metrics, and
checking configurations. In the meantime, an automated rollback to the last
stable version can be performed to minimize service disruption.
Automated Rollback in Kubernetes via Jenkins:
stage('Rollback') {
when {
expression { currentBuild.result == 'FAILURE' }
}
steps {
echo 'Rolling back to the last stable version...'
sh 'kubectl rollout undo deployment/my-app'
}
}
This rollback stage is executed if the deployment fails, and it ensures that the
application is reverted to the last stable state.

6. Post-Rollback and Redeployment Testing

Once the rollback is complete, the issue can be fixed in the code or
configuration files. After the fix is applied, the application is redeployed
through the CI/CD pipeline. To ensure the issue is resolved, Selenium can be
used to run automated tests that verify the functionality of the application.
Selenium Test Example:
from selenium import webdriver

driver = webdriver.Chrome()

# Navigate to the application URL

driver.get('http://my-app-url.com')

# Check if the application is running correctly

assert "App Title" in driver.title

# Perform additional UI tests as needed

driver.quit()
Selenium helps in validating that the rollback or redeployment was successful
and that the application is functioning as expected. This ensures that the
application is tested before it is fully reinstated in production.

Conclusion
Handling deployment failures in production environments requires a well-
orchestrated process that involves automation, monitoring, logging, and rapid
recovery. By leveraging tools such as Jenkins, Kubernetes, Prometheus,
Elasticsearch, Amazon SNS, and Selenium, DevOps teams can create a reliable
system that not only deploys applications but also detects failures, sends
alerts, rolls back changes, and tests redeployments.
The combination of automated pipelines, real-time monitoring, log analysis,
and failure notifications ensures that deployment failures are quickly
identified, resolved, and prevented from recurring. This approach helps
maintain the uptime and stability of production systems, improving the overall
resilience of the application infrastructure.