before_release
commands or Ephemeral SSH Sessions.
📘 Each one of your App’s Services gets a new Release when you deploy, etc. In other words, Releases are Scoped to Services, not Apps. This isn’t very important, but it’ll help you better understand how certain Aptible Metadata variables work.
📘 In any cases, new Containers are always launched after before_release
commands have completed.
❗️ An important implication of zero-downtime deployments is that you’ll have Containers from two different releases accepting traffic at the same time, so make sure you design your apps accordingly!
For example, if you are running database migrations as part of your deploy, you need to design your migrations so that your existing Containers will be able to continue working with the database structure that results from running migrations.
Often, this means you might need to apply complex migrations in multiple steps.
SIGTERM
is initially sent to the main process within your container. After a certain grace period (by default 10 seconds), a SIGKILL
is then sent to terminate the process regardless of if it is still running. You can customize this stop timeout grace period before the SIGKILL
is sent by editing the stop timeout associated with the service, either in the UI (in the service Settings tab), in the CLI, or with terraform.
For example, your worker application may want to capture SIGTERM
signals and put work back onto a queue before exiting cleanly to ensure jobs in process get picked back up by the new release containers. For services without endpoints that are not configured to use zero downtime deployment, we do wait for all containers to exit before starting up new containers, so for the duration of the time it takes to stop, there would be no containers processing work. Therefore it is recommended to keep this timeout as short as possible, or use zero downtime if possible.
However, note that your operations will wait on the containers to stop, so increasing the timeouts and having containers fail to exit quickly will increase the time taken for deploy, restart, configure, scale, etc. Operations are run sequentially against a given resource, so increasing the time of an operation could delay execution of further operations run against that same application or service.
The maximum time allowed for configurable stop timeout is 15 minutes.