Skip to content

Component Rollout Strategy

A core principle of the Contain Platform is ensuring that updates are delivered in a safe, predictable, and controlled manner. We manage the rollout of all component versions - from minor security patches to major feature releases - through a progressive, automated system designed to mitigate risk and provide stability.

This document explains the core concepts of our rollout strategy: Promotion Paths and Resilience Zones.

What is a Promotion Path?

A Promotion Path is the fundamental mechanism we use to manage updates. It is a pre-defined, ordered sequence of steps through which a new version of a component or a set of components moves.

Promotion PathComponentStep 1(More Risk Willing)Step 2Step N(More Risk Averse) LegendComponentStepBlast Zone
Hold "Alt" / "Option" to enable pan & zoom

  • Updates are introduced at the beginning of the path.
  • Versions progress through each step in a controlled sequence.

This model ensures that a new version is validated in a controlled blast zone (environment) before it is "promoted" to the next step, which contains a more risk averse or more critical set of clusters.

Resilience Zones: The Default Promotion Path

For general platform and component updates, we use a default Promotion Path called Resilience Zones. This path is designed to let you, our customer, place your clusters into a "zone" that matches your organization's tolerance for risk.

Resilience ZonesNew VersionInnovatorsEarly AdoptersEarly MajorityLate MajorityLaggards
Hold "Alt" / "Option" to enable pan & zoom

The zones, or steps, in this default path are:

  • Innovators: The first to receive updates. Ideal for non-critical environments like sandboxes or test clusters.
  • Early Adopters: For clusters with a higher tolerance for change, such as development or staging environments.
  • Early Majority: The first wave of production-grade clusters. This is a common choice for internal applications or less critical production workloads.
  • Late Majority (Recommended for Production): This zone receives updates only after they have been thoroughly validated in the preceding zones.
  • Laggards: The last to receive updates. Best for the most critical, risk-averse workloads where stability is the absolute highest priority. We generally advice against using this Resilience Zone due to the risk of falling too far behind with updates.

By placing your clusters in different Resilience Zones, you effectively create your own canary testing environment, validating platform updates against your own applications before they reach your most critical systems.

A Strategy for Risk Management

The primary purpose of the Promotion Path model is risk mitigation. Clusters in the early steps of a path (like Innovators and Early Adopters) act as an early-warning system.

If an update introduces an issue, it can be identified, paused, and remediated with a very small blast radius, protecting the majority of clusters in the later, more conservative steps. This progressive validation is key to how we maintain high levels of stability across the entire platform.

Priority and Specificity

While the Resilience Zones path governs general rollouts, the system is flexible. We have the ability to create more specific, higher-priority Promotion Paths for a single component or a small set of components.

This allows us, for example, to fast-track a critical security patch for a specific component to all clusters immediately, without affecting the regular, slower-paced rollout schedule of other components. These specific paths always take precedence over the default path.

Managing Exceptions

While the rollout process is highly automated, our operations team has the tools to manually intervene when necessary. During critical incidents, planned maintenance, or sensitive production deployments, we can apply an exception to a cluster or component. For example, a Freeze can be placed on a cluster to prevent it from receiving any updates from its Promotion Path, guaranteeing absolute stability during a critical business period.