DEV Community: Andrew Kang-G

An Isomorphic Blue-Green Deployment Starting from Your Source Code—Not from Your Prebuilt Docker Image

Andrew Kang-G — Tue, 30 Sep 2025 07:50:18 +0000

https://github.com/patternhelloworld/docker-blue-green-runner

Achieve zero-downtime deployment using just your .env and Dockerfile Docker-Blue-Green-Runner's run.sh script is designed to simplify deployment: "With your .env, project, and a single Dockerfile, simply run 'bash run.sh'." If you prefer not to use sudo, see WITH_SUDO, set it in your .env, and run apply-security.sh first. This script covers the entire process from Dockerfile build to server deployment from scratch. This means you can easily migrate to another server with just the files mentioned above. In contrast, Traefik requires the creation and gradual adjustment of various configuration files, which requires your App's docker binary running.

Production deployment

Andrew Kang-G — Mon, 29 Sep 2025 15:31:44 +0000

https://github.com/patternhelloworld/docker-blue-green-runner?tab=readme-ov-file#features

Some Tips on SQL Usage in Spring

Andrew Kang-G — Tue, 17 Jun 2025 16:29:26 +0000

A Left Join followed by an Inner Join behaves like a regular Inner Join
When pagination is used, avoid using groupBy or associateBy in the app layer – use SQL GROUP BY instead
Understand SQL query execution order
Adding AND conditions in LEFT JOIN ON does not affect row count
For one-to-one relationships, use "@OneToOne" and enforce a UNIQUE KEY in the database
"@Transactional" only guarantees atomicity in specific situations
WHERE vs HAVING

1. A Left Join followed by an Inner Join behaves like a regular Inner Join

If a regular JOIN is mixed after a LEFT JOIN chain, the following JOIN behaves as an INNER JOIN.

Example

SELECT *
FROM user u
LEFT JOIN order o ON u.id = o.user_id
JOIN product p ON o.product_id = p.id

Since product is joined with a regular JOIN, it acts as an INNER JOIN, so the entire query behaves like an INNER JOIN.
Reference: Caution when using LEFT JOIN (Korean)

2. Avoid using groupBy/associateBy in the app layer when pagination is applied

If you paginate using SQL (LIMIT, OFFSET) and then group data in the app layer using groupBy or associateBy, the number of items per page becomes inconsistent, making pagination meaningless.

Example (Kotlin)

val orders = fetchPageFromDB(limit = 10, offset = 0)
val grouped = orders.groupBy { it.userId }
println(grouped.size) // Result: 6 groups

→ Next page:

val orders = fetchPageFromDB(limit = 10, offset = 10)
val grouped = orders.groupBy { it.userId }
println(grouped.size) // Result: 3 groups

Inconsistent item count per page → user confusion → Pagination should be based on SQL results to guarantee consistency

3. Understand SQL Query Execution Order

SQL runs in the following order: FROM → JOIN → WHERE → GROUP BY → HAVING → SELECT → ORDER BY

Understanding this order helps in predicting query results and writing more effective queries.

It’s recommended to practice by creating small test tables (e.g., 5 rows) with various relationships (1:1, 1:N, N:M) and experimenting with different query combinations to predict results instead of just executing and checking.

4. Adding AND conditions in LEFT JOIN ON does not affect row count

If you put conditions in the ON clause with AND in a LEFT JOIN, it doesn't filter rows – it just returns NULL in the joined table if the condition doesn’t match.

To filter rows, you must use the WHERE clause.

Some developers overuse AND thinking it’s more performant than WHERE,

but in LEFT JOIN, AND does not filter base rows.

Example 1: LEFT JOIN with ON ... AND

SELECT u.id AS user_id, u.name AS user_name, o.id AS order_id, o.status
FROM users u
LEFT JOIN orders o ON u.id = o.user_id AND o.status = 'DELIVERED';

Results:

Alice has orders with statuses 'DELIVERED' and 'PENDING'.
- The 'DELIVERED' one is joined.
- The 'PENDING' one shows up as NULL.
Bob and Carol have no matching 'DELIVERED' orders → NULL.

Example 2: INNER JOIN with ON ... AND

SELECT u.id AS user_id, u.name AS user_name, o.id AS order_id, o.status
FROM users u
INNER JOIN orders o ON u.id = o.user_id AND o.status = 'DELIVERED';

Only Alice’s 'DELIVERED' order is shown.

Example 3: LEFT JOIN with WHERE

SELECT u.id AS user_id, u.name AS user_name, o.id AS order_id, o.status
FROM users u
LEFT JOIN orders o ON u.id = o.user_id
WHERE o.status = 'DELIVERED';

Even though it's a LEFT JOIN, the WHERE condition filters rows like an INNER JOIN.

Summary Table

Type	Affects Row Count	When Condition Fails	Usage Purpose
`LEFT JOIN ON ... AND`	No	NULL in joined table only	Keep base table rows
`INNER JOIN ON ... AND`	Yes	Row excluded	Only matched rows
`LEFT JOINWHERE` + filter	Yes	Row excluded	Works like INNER JOIN

5. For one-to-one relationships, use OneToOne and enforce UNIQUE KEY in DB

Don’t use ManyToOne for one-to-one mappings.

Kotlin Example

@OneToOne
(name = "profile_id", unique = true)
val profile: UserProfile

6. "@Transactional" only guarantees atomicity in specific situations

(1) Rollback only occurs for RuntimeException by default

To rollback on all exceptions, specify explicitly:

kotlin@Transactional(rollbackFor = [Exception::class])

(2) While "@Transactional" is running, other requests are not blocked

Even inside the same application, transactional behavior depends on the isolation level set in application.properties and the DB.
In a load-balanced environment, requests may go to multiple instances and concurrently hit the DB.

Example:

1. Transaction A starts

BEGIN;
SELECT MAX(id) FROM user; -- Result: 100
-- Prepares to insert id = 101

2. Transaction B interjects before A commits

BEGIN;
SELECT MAX(id) FROM user; -- Result: 100
INSERT INTO user(id, name) VALUES (101, 'UserB');
COMMIT;

3. Transaction A tries to insert

INSERT INTO user(id, name) VALUES (101, 'UserA');
--  Primary Key conflict!

Table locks may seem like a solution, but they can lead to deadlocks.

That’s why AUTO_INCREMENT or SEQUENCE exists.

The important takeaway is that when multiple users are reading/writing concurrently,

you must understand "transaction isolation level" behavior.

Usually, REPEATABLE READ is used (must align application.properties with DB setting).
Personally prefer READ COMMITTED.
Great reference article (in Korean): https://mangkyu.tistory.com/299

(3) Thus, ensure data integrity with DB constraints + exception handling

try {

    userRepository.save(User(email = "test@example.com"))

} catch (e: DataIntegrityViolationException) {

    // Handle duplicate email

}

(4) Why use "@Transactional"(readOnly = true) for SELECT?

It improves JPA performance, not DB-level performance.
See: https://hungseong.tistory.com/74

7. WHERE vs HAVING

Based on SQL execution order: FROM → JOIN → WHERE → GROUP BY → HAVING → SELECT → ORDER BY

Clause	Stage	Filters On
WHERE	`GROUP BY`Before	Individual rows
HAVING	`GROUP BY`After	Aggregated groups

When using GROUP BY, you must include columns in SELECT or wrap them in aggregation functions.
WHERE filters rows before grouping, while HAVING filters after grouping.

Example 1: Using WHERE

SELECT *

FROM order

WHERE status = 'PAID'

Example 2: Using HAVING

SELECT user_id, COUNT() as order_count

FROM order

GROUP BY user_id

HAVING COUNT() > 3

Final Tip

Even when using JPA, copy the generated SQL with ? values from the console, paste them into ChatGPT to fill the parameters,

run the SQL manually, and observe the actual result.

If possible, try checking execution plans later to assess performance.

Best Docker Deployment Starategy

Andrew Kang-G — Sat, 31 May 2025 14:49:30 +0000

https://github.com/patternhelloworld/docker-blue-green-runner

Achieve zero-downtime deployment using just your .env and Dockerfile

This means you can easily migrate to another server with just the files mentioned above.

In contrast, Traefik requires the creation and gradual adjustment of various configuration files, which requires your App's docker binary running.

No unpredictable errors in reverse proxy and deployment : Implement safety measures to handle errors caused by your app or Nginx

If any error occurs in the app or router, deployment is halted to prevent any impact on the existing deployment

Internal Integrity Check:

Nginx Router Test Container

External Integrity Check

Rollback Procedures

Additional Know-hows on Docker: Tips and best practices for optimizing your Docker workflow and deployment processes

For example, Traefik offers powerful dynamic configuration and service discovery; however, certain errors, such as a failure to detect containers (due to issues like unrecognized certificates), can lead to frustrating 404 errors that are hard to trace through logs alone.

https://stackoverflow.com/questions/76660749/traefik-404-page-not-found-when-use-https

https://community.traefik.io/t/getting-bad-gateway-404-page-when-supposed-to-route-to-container-port-8443/20398

Manipulates NGINX configuration files directly to ensure container accessibility.

Track Blue-Green status and the Git SHA of your running container for easy monitoring.

Blue-Green deployment decision algorithm: scoring-based approach

Run the command bash check-current-status.sh (similar to git status) to view all relevant details

Security

Refer to the Security section

Production Deployment

Refer to the Production Deployment section

Zero downtime docker for PHP

Andrew Kang-G — Tue, 28 Jan 2025 16:36:03 +0000

https://github.com/patternhelloworld/docker-blue-green-runner

Parse & Decompose Url efficiently and accurately

Andrew Kang-G — Sat, 25 Jan 2025 07:50:08 +0000

Maybe the best solution except for AIs that comsume a lot of memory...
https://github.com/patternhelloworld/url-knife

Support for App-Token based multiple verification approaches, including API calls to the authorization server, direct database validation, and local JWT decoding.

Andrew Kang-G — Sun, 12 Jan 2025 16:49:29 +0000

Spring Oauth2 - App-Token based Hybrid Token Verification Methods

Andrew Kang-G ・ Jan 12

#springsecurity #springboot #java #oauth

Spring Oauth2 - App-Token based Hybrid Token Verification Methods

Andrew Kang-G — Sun, 12 Jan 2025 16:46:55 +0000

If you’re struggling to set up a persistence-based OAuth2 module, consider trying

https://github.com/patternhelloworld/spring-oauth2-easyplus

App-Token based easy OAuth2 implementation built to grow with Spring Boot
Complete separation of the library and the client (Library : API, Client : DOC, Integration tester)
Extensible: Supports multiple authorization servers and resource servers with this library.
Hybrid Resource Servers Token Verification Methods: Support for multiple verification approaches, including API calls to the authorization server, direct database validation, and local JWT decoding.
Immediate Permission (Authority) Check: Not limited to verifying the token itself, but also ensuring real-time validation of any updates to permissions in the database.
Authentication management based on a combination of username, client ID, and App-Token : What is an App-Token? An App-Token is a new access token generated each time the same account logs in. If the token values are the same, the same access token is shared.
Separated UserDetails implementation for Admin and Customer roles as an example. (This can be extended such as Admin, Customer, Seller and Buyer… by implementing UserDetailsServiceFactory)
Authorization Code Flow with Optional PKCE, Authorization Consent and Single Page Application (XMLHttpRequest)
ROPC for scenarios where accessing a browser screen on the server is either unavailable or impractical
Application of Spring Rest Docs, Postman payloads provided

App-Token based easy OAuth2 implementation built to grow with Spring Boot

Andrew Kang-G — Wed, 08 Jan 2025 06:36:53 +0000

Spring Oauth2 EasyPlus

Andrew Kang-G ・ Jan 8

#springsecurity #oauth #jwt #springboot

Why would I use this instead of Traefik for zero-downtime deployment?

Andrew Kang-G — Sat, 16 Nov 2024 00:50:51 +0000

First you need to look into a process summary of Docker-Blue-Green-Runner at this link,

https://github.com/patternhelloworld/docker-blue-green-runner

The following explains why I use Docker-Blue-Green-Runner…

No Unpredictable Errors in Reverse Proxy and Deployment

If any error occurs in the app or router, deployment is halted to prevent any impact on the existing deployment
For example, Traefik offers powerful dynamic configuration and service discovery; however, certain errors, such as a failure to detect containers (due to issues like unrecognized certificates), can lead to frustrating 404 errors that are hard to trace through logs alone.
- https://stackoverflow.com/questions/76660749/traefik-404-page-not-found-when-use-https
- https://community.traefik.io/t/getting-bad-gateway-404-page-when-supposed-to-route-to-container-port-8443/20398
Manipulates NGINX configuration files directly to ensure container accessibility. It also tests configuration files by launching a test NGINX Docker instance, and if an NGINX config update via Consul-Template fails, Contingency Plan provided is activated to ensure connectivity to your containers.

From Scratch

Docker-Blue-Green-Runner’s run.sh script is designed to simplify deployment: "With your .env, project, and a single Dockerfile, simply run 'bash run.sh'." This script covers the entire process from Dockerfile build to server deployment from scratch.
This means you can easily migrate to another server with just the files mentioned above.
In contrast, Traefik requires the creation and gradual adjustment of various configuration files, which can introduce the types of errors mentioned above.

Focus on zero-downtime deployment on a single machine.

While Kubernetes excels in multi-machine environments with the support of Layer 7 (L7) technologies (I would definitely use Kubernetes in that case), this approach is ideal for scenarios where only one or two machines are available.
However, for deployments involving more machines, traditional Layer 4 (L4) load-balancer using servers could be utilized.

Now, let’s dive into how to use it…
First, clone the project

git clone https://github.com/patternhelloworld/docker-blue-green-runner

Step 1: Create an .env file at the root of the project.

  # Leave as it is
  HOST_IP=host.docker.internal

  # It is recommended to enter your formal URL or IP, such as https://test.com, for the 'check_availability_out_of_container' test in the 'run.sh' script.
  # Both https://your-app.com:443 and https://localhost:443 are valid
  # Docker-Blue-Runner recognizes if your App requires SSL in the Nginx router if this starts with 'https'.
  # This URL is used for the "External Integrity Check" process.
  APP_URL=https://localhost:443

  # APP_URL=http://localhost:<--!host-port-number!-->
  # PROJECT_PORT=<--!common-port-number!--> OR 
  # PROJECT_PORT=[<--!host-port-number!-->,<--!internal-project-port-number!-->]
  PROJECT_PORT=[443,8360]
  # In case USE_COMMERCIAL_SSL is 'false', the Runner generates self-signed SSL certificates. However, you should set any name for ``COMMERCIAL_SSL_NAME``.
  # In case it is 'true', locate your commercial SSLs in the folder docker-blue-green-runner/.docker/ssl. See the comments in the .env above.
  USE_COMMERCIAL_SSL=true
  # Your domain name is recommended. The files 'your-app.com.key', 'your-app.com.crt', and 'your-app.com.chained.crt' should be in place.
  COMMERCIAL_SSL_NAME=your-app.com

  DOCKER_LAYER_CORRUPTION_RECOVERY=false

  NGINX_RESTART=false
  CONSUL_RESTART=false

  # The method of acquiring Docker images:
  # build (Used in developer's local environment or during Jenkins builds when a new image needs to be built, so this module is typically used)
  # registry (Used on deployment servers where images are fetched from a repository, so this module is used)
  # If you choose the "build" method, you don't need to input the values below since Dockerfile is used (no image is fetched from the Docker registry).
  GIT_IMAGE_LOAD_FROM=build
  GIT_IMAGE_LOAD_FROM_HOST=xxx
  GIT_IMAGE_LOAD_FROM_PATHNAME=xxx
  GIT_TOKEN_IMAGE_LOAD_FROM_USERNAME=xxx
  GIT_TOKEN_IMAGE_LOAD_FROM_PASSWORD=xxx
  GIT_IMAGE_VERSION=1.0.0

  PROJECT_NAME=your-app
  ## [IMPORTANT] Ensure it matches 'PROJECT_ROOT_IN_CONTAINER' below.
  PROJECT_LOCATION=/app
  PROJECT_PORT=[443,8360]
  # Example (8093,8094,11000...)
  ADDITIONAL_PORTS=

  CONSUL_KEY_VALUE_STORE=http://consul:8500/v1/kv/deploy/your-app

  # If you locate your project on ../ (upper folder)
  HOST_ROOT_LOCATION=/var/projects/your-app
  # If you locate your project's Dockerfile ../ (upper folder)
  DOCKER_FILE_LOCATION=/var/projects/your-app

  # This is for integrating health checkers such as "https://www.baeldung.com/spring-boot-actuators"
  # This path is used for both internal and external health checks.
  # Note: Do not include a leading slash ("/") at the start of the path.
  # Example: "api/v1/health" (correct), "/api/v1/health" (incorrect)
  APP_HEALTH_CHECK_PATH=api/v1/health

  # The BAD & GOOD conditions are checked using an "AND" condition.
  # To ignore the "BAD_APP_HEALTH_CHECK_PATTERN", set it to a non-existing value (e.g., "###lsdladc").
  BAD_APP_HEALTH_CHECK_PATTERN=DOWN

  # Pattern required for a successful health check.
  GOOD_APP_HEALTH_CHECK_PATTERN=UP

  # The following trick is just for skipping the check.
  # APP_HEALTH_CHECK_PATH=login
  # BAD_APP_HEALTH_CHECK_PATTERN=xxxxxxx
  # GOOD_APP_HEALTH_CHECK_PATTERN=Head


  # This is for environment variables for docker-compose-app-${app_env}.
  DOCKER_COMPOSE_ENVIRONMENT={"TZ":"Asia/Seoul"}
  # [IMPORTANT] You can pass any variable to Step 2 of your Dockerfile using DOCKER_BUILD_ARGS, e.g., DOCKER_BUILD_ARGS={"PROJECT_ROOT_IN_CONTAINER":"/app"}."
  DOCKER_BUILD_ARGS={"PROJECT_ROOT_IN_CONTAINER":"/app"}
  # For SSL, the host folder is recommended to be './.docker/ssl' to be synchronized with 'docker-compose-nginx-original.yml'.
  # [IMPORTANT] Run mkdir -p /var/projects/files/your-app/logs on your host machine
  DOCKER_COMPOSE_SELECTIVE_VOLUMES=["/var/projects/your-app/.docker/nginx/app.conf.ctmpl:/etc/nginx-template/app.conf.ctmpl","/var/projects/files/your-app/logs:/var/log/nginx"]
  # [IMPORTANT] Run mkdir -p /var/projects/files/nginx/logs on your host machine
  DOCKER_COMPOSE_NGINX_SELECTIVE_VOLUMES=["/var/projects/files/nginx/logs:/var/log/nginx"]
  DOCKER_COMPOSE_HOST_VOLUME_CHECK=false

  NGINX_CLIENT_MAX_BODY_SIZE=50M

  USE_MY_OWN_APP_YML=false

  SKIP_BUILDING_APP_IMAGE=false

  # Docker-Swarm(stack) is currently a beta version. Use 'compose'.
  ORCHESTRATION_TYPE=compose

  ONLY_BUILDING_APP_IMAGE=false

  DOCKER_BUILD_MEMORY_USAGE=1G

  USE_NGINX_RESTRICTED_LOCATION=false
  # ex. /docs/api-app.html
  NGINX_RESTRICTED_LOCATION=xxx

  # If you set this to 'true', you won't need to configure SSL for your app. For instance, in a Spring Boot project, you won't have to create a ".jks" file. However, in rare situations, such as when it's crucial to secure all communication lines with SSL or when converting HTTPS to HTTP causes 'curl' errors, you might need to set it to 'false'.If you set this to 'true', you don't need to set SSL on your App like for example, for a Spring Boot project, you won't need to create the ".jks" file. However, in rare cases, such as ensuring all communication lines are SSL-protected, or when HTTPS to HTTP causes 'curl' errors, you might need to set it to 'false'.
  # 1) true : [Request]--> https (external network) -->Nginx--> http (internal network) --> App
  # 2) false :[Request]--> https (external network) -->Nginx--> httpS (internal network) --> App
  # !!! [IMPORTANT] As your App container below is Http, this should be set to 'true'.
  REDIRECT_HTTPS_TO_HTTP=true

  NGINX_LOGROTATE_FILE_NUMBER=7
  NGINX_LOGROTATE_FILE_SIZE=1M

  # You can change the values below. These settings for security related to ``set-safe-permissions.sh`` at the root of Docker-Blue-Green-Runner. 
  SHARED_VOLUME_GROUP_ID=1559
  SHARED_VOLUME_GROUP_NAME=mba-shared-volume-group
  UIDS_BELONGING_TO_SHARED_VOLUME_GROUP_ID=1000,1001

  USE_MY_OWN_NGINX_ORIGIN=false

Step 2. Write your Dockerfile at the root of your project

React sample (SPA)

The ARG below is passed from Step 1. In SPA case, since Next.js isn’t being used, you may need to set up an additional Nginx server in your app. Spring Boot, Next.js, and NestJS each have their own servers, so no additional setup is needed for them.

FROM node:18.20.4-slim AS build

ARG PROJECT_ROOT_IN_CONTAINER

RUN mkdir -p $PROJECT_ROOT_IN_CONTAINER
COPY .. $PROJECT_ROOT_IN_CONTAINER
WORKDIR $PROJECT_ROOT_IN_CONTAINER
RUN export NODE_OPTIONS="--max-old-space-size=2048"
RUN whereis npm && alias npm='node --max_old_space_size=2048 /usr/local/bin/npm'
RUN export NODE_OPTIONS="--max-old-space-size=2048"
RUN if [ -d $PROJECT_ROOT_IN_CONTAINER/node_modules ]; then echo "[NOTICE] The node_modules folder exists. Skipping 'npm install'... "; else npm install --legacy-peer-deps; fi
RUN npm cache clean --force
RUN npm run build:prod

FROM nginx:stable

RUN apt-get update -qqy && apt-get -qqy --force-yes install curl runit wget unzip vim && \
    rm -rf /var/lib/apt/lists/* /var/cache/apt/*

ARG PROJECT_ROOT_IN_CONTAINER

COPY --chown=nginx --from=build $PROJECT_ROOT_IN_CONTAINER/dist/ $PROJECT_ROOT_IN_CONTAINER

USER root
WORKDIR $PROJECT_ROOT_IN_CONTAINER


COPY ./.docker/entrypoint.sh /entrypoint.sh
RUN chmod a+x /entrypoint.sh

ENTRYPOINT bash /entrypoint.sh

entrypoint.sh & app.conf.ctmpl… these are not not necessary this is just my App’s setting.

entrypoint.sh, app.conf.ctmpl.. these are just for my App settings.

#!/bin/bash
cat /etc/nginx-template/app.conf.ctmpl > /etc/nginx/conf.d/default.conf
/usr/sbin/nginx -t && exec /usr/sbin/nginx -g "daemon off;"

server {
    listen 8360; # [IMPORTANT] PROJECT_PORT in .env Step1.
    server_name localhost;

    # Root directory
    root /app; 
    index index.html
    # Access and Error logs
    access_log /var/log/nginx/access.log;
    error_log /var/log/nginx/error.log;

    # Gzip compression for performance improvement
    gzip on;
    gzip_comp_level 5;
    gzip_min_length 256;
    gzip_proxied any;
    gzip_vary on;

    gzip_types
        application/javascript
        application/json
        application/xml
        text/css
        text/plain;

    # Cache settings for static files for better performance
    location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
        expires 30d;
        add_header Cache-Control "public, no-transform";
    }

    location / {
      try_files $uri $uri/ /index.html?$query_string;
    }
}

Step 3: Deploy daily with a simple git pull && bash run.sh command

For more details, please refer to https://github.com/patternhelloworld/docker-blue-green-runner?tab=readme-ov-file#security.

Thank you for taking the time to read this!

Zero-Downtime Blue-Green Deployment with a Simple 'git pull & bash run.sh' Command

Andrew Kang-G — Tue, 05 Nov 2024 16:35:00 +0000

https://github.com/patternhelloworld/docker-blue-green-runner

No Unpredictable Errors in Reverse Proxy and Deployment

If any error occurs in the app or router, deployment is halted to prevent any impact on the existing deployment

https://stackoverflow.com/questions/76660749/traefik-404-page-not-found-when-use-https

https://community.traefik.io/t/getting-bad-gateway-404-page-when-supposed-to-route-to-container-port-8443/20398

Manipulates NGINX configuration files directly to ensure container accessibility. It also tests configuration files by launching a test NGINX Docker instance, and if an NGINX config update via Consul-Template fails, Contingency Plan provided is activated to ensure connectivity to your containers.

From Scratch

Docker-Blue-Green-Runner's run.sh script is designed to simplify deployment: "With your .env, project, and a single Dockerfile, simply run 'bash run.sh'." This script covers the entire process from Dockerfile build to server deployment from scratch.
In contrast, Traefik requires the creation and gradual adjustment of various configuration files, which can introduce the types of errors mentioned above.

Zero-Downtime Blue-Green Deployment with a Simple 'git pull & bash run.sh' Command

Andrew Kang-G — Mon, 04 Nov 2024 14:33:16 +0000

https://github.com/patternhelloworld/docker-blue-green-runner

Why would I use this over Traefik?

Unpredictable Errors in Reverse Proxy
Traefik offers powerful dynamic configuration and service discovery; however, certain errors, such as a failure to detect containers (due to issues like unrecognized certificates), can lead to frustrating 404 errors that are hard to trace through logs alone.
https://stackoverflow.com/questions/76660749/traefik-404-page-not-found-when-use-https
https://community.traefik.io/t/getting-bad-gateway-404-page-when-supposed-to-route-to-container-port-8443/20398
Docker-Blue-Green-Runner manipulates NGINX configuration files directly to ensure container accessibility. It also tests configuration files by launching a test NGINX Docker instance, and if an NGINX config update via Consul-Template fails, Contingency Plan provided is activated to ensure connectivity to your containers.
Additionally, the code is written in shell script, making it easier to trace the exact code section where an error occurs (as opposed to working with a binary).
From Scratch
Docker-Blue-Green-Runner's run.sh script is designed to simplify deployment: "With your .env, project, and a single Dockerfile, simply run 'bash run.sh'." This script covers the entire process from Dockerfile build to server deployment from scratch.
In contrast, Traefik requires the creation and gradual adjustment of various configuration files, which can introduce the types of errors mentioned above.
Speed
NGINX generally offers faster performance, though I acknowledge that Traefik's robust features can offset this advantage.

DEV Community: Andrew Kang-G

An Isomorphic Blue-Green Deployment Starting from Your Source Code—Not from Your Prebuilt Docker Image

Production deployment

Some Tips on SQL Usage in Spring

Table of Contents

1. A Left Join followed by an Inner Join behaves like a regular Inner Join

Example

2. Avoid using groupBy/associateBy in the app layer when pagination is applied

Example (Kotlin)

3. Understand SQL Query Execution Order

4. Adding AND conditions in LEFT JOIN ON does not affect row count

Example 1: LEFT JOIN with ON ... AND

Example 2: INNER JOIN with ON ... AND

Example 3: LEFT JOIN with WHERE

Summary Table

5. For one-to-one relationships, use OneToOne and enforce UNIQUE KEY in DB

Kotlin Example

6. "@Transactional" only guarantees atomicity in specific situations

(1) Rollback only occurs for RuntimeException by default

(2) While "@Transactional" is running, other requests are not blocked

Example:

1. Transaction A starts

2. Transaction B interjects before A commits

3. Transaction A tries to insert

(3) Thus, ensure data integrity with DB constraints + exception handling

(4) Why use "@Transactional"(readOnly = true) for SELECT?

7. WHERE vs HAVING

Example 1: Using WHERE

Example 2: Using HAVING

Final Tip

Best Docker Deployment Starategy

Zero downtime docker for PHP

Parse & Decompose Url efficiently and accurately

Support for App-Token based multiple verification approaches, including API calls to the authorization server, direct database validation, and local JWT decoding.

Spring Oauth2 - App-Token based Hybrid Token Verification Methods

Andrew Kang-G ・ Jan 12

Spring Oauth2 - App-Token based Hybrid Token Verification Methods

App-Token based easy OAuth2 implementation built to grow with Spring Boot

Spring Oauth2 EasyPlus

Andrew Kang-G ・ Jan 8

Why would I use this instead of Traefik for zero-downtime deployment?

Zero-Downtime Blue-Green Deployment with a Simple 'git pull & bash run.sh' Command

Zero-Downtime Blue-Green Deployment with a Simple 'git pull & bash run.sh' Command