[viraptor]

While this is right, I'm not sure why you mentioned pausing requests. If you can run v1 and v2 at the same time, you could switch where the new requests are going without affecting the old ones. There's many ways to do that, but what I do is point nginx upstream at a path which is a symlink to a Unix socket of a specific version. So it's more like: start the new version, check, update symlink, wait until old connections drop, kill old version.

[capableweb]

Yeah, nginx and apache have ways of reloading the configuration without dropping requests (by waiting for existing ones to finish with old workers, and spinning up new workers with the new config in the case of nginx) but doesn't apply in every situation (like when you're not using nginx) so figure I'd write about the general principle instead of specifically for nginx.

[viraptor]

You can do this with (or without) any proxy too. Iptables (due to conntrack) can make decisions about the first packet in a connection, then save the result. That means you can match incoming traffic on --state NEW and route to a specific local port. Changing one iptables entry is atomic, so you can swap the version seamlessly this way.

I think the idea is worth mentioning because people often think it's hard to achieve / something special. But there's a hundred ways to do seamless version swap on a host.

[capableweb]

Wow, that's a good point. Obvious in hindsight, but personally I never considered iptables for that job. Thanks for sharing this!