Recommended approach for zero-downtime deployments


I have a large client on Ghost and currently redesigning the infrastructure with the hopes of having a 0 or near-0 downtime for deployments and infra upgrades. Primarily this is important for infra upgrades more than theme deployments or Ghost version upgrades, since the deployment story here is already good enough for me. The issue comes when we need to replace the EC2 instance, scale up, database upgrades, etc.

I know that Ghost cannot be clustered, which takes ASG cycling out of the equation.

I’m currently thinking about taking a blue/green deployment approach, but I’m wondering if the Ghost devs here can share anything about how you handle this on your infra. Seeing as you host many sites for your users, surely you’ve solved this problem to some extent?

A blue/green deployment approach should work — you just need to restrict access to Ghost admin and the API when switching deployments.

Thanks for the quick reply, for some reason I wasn’t notified.

Does this mean that it is safe for two instances of Ghost to be connected to the same database if the only operations are strictly reads? If so, does restricting access to the API cover the new comments feature as well as membership sign ups?

How can I restrict access to the Ghost admin panel? I’m running Ghost in a docker container and plan to use Kubernetes. I’ve done some tests running Ghost with Kubernetes and have had minor glitches where a post will update on the site. I want high availability and zero downtime during maintenance and updating the docker image.