Overview
This guide covers production deployment strategies for VulnTrack, including database configuration, scaling, monitoring, and performance optimization.Pre-Deployment Checklist
Environment Configuration
- Set
NODE_ENV=production - Configure secure
NEXTAUTH_SECRET(32+ characters) - Use production database with SSL
- Enable HTTPS/TLS
- Configure proper CORS settings
- Set up error monitoring
Database Setup
- Use managed PostgreSQL service or dedicated server
- Enable connection pooling
- Configure automated backups
- Set up replica for read scaling (optional)
- Enable SSL/TLS for connections
Security Hardening
- Review Security Guide
- Configure firewall rules
- Set up rate limiting
- Enable audit logging
- Configure RBAC policies
Database Configuration
Managed PostgreSQL (Recommended)
Use a managed database service for production:Connection Pooling
For optimal performance, use connection pooling:prisma/schema.prisma
.env
Database Migrations
For production, use Prisma migrations instead ofdb push:
Backup Strategy
Automated Backups
Automated Backups
Configure automated backups with your database provider:
- Frequency: Daily full backups + continuous WAL archiving
- Retention: 30 days for daily, 7 days for point-in-time
- Testing: Regularly test restore procedures
Point-in-Time Recovery
Point-in-Time Recovery
Enable PITR for critical deployments:
- Configure WAL archiving
- Store archives in S3/GCS
- Test recovery procedures monthly
Backup Verification
Backup Verification
Application Deployment
Build Configuration
Updatepackage.json build script for production:
package.json
Next.js Configuration
The application includes production-ready security headers:next.config.mjs
Deployment Platforms
Vercel
vercel.json:Docker
See Docker Deployment guide.For production:
- Use docker-compose with restart policies
- Configure health checks
- Set resource limits
- Use secrets management
Kubernetes
deployment.yaml
AWS ECS
Deploy using ECS Fargate:
- Use task definitions with secrets from AWS Secrets Manager
- Configure ALB for load balancing
- Enable CloudWatch logs
- Set up auto-scaling policies
Scaling Strategies
Horizontal Scaling
VulnTrack is stateless and can be horizontally scaled:Load Balancer
Deploy multiple instances behind a load balancer:
- Use health check endpoint:
/api/health - Enable sticky sessions for WebSocket support (if added)
- Configure SSL/TLS termination at load balancer
Performance Optimization
Database Query Optimization
Database Query Optimization
Next.js Optimizations
Next.js Optimizations
- Enable output: ‘standalone’ in next.config.js
- Use Image optimization for logos/avatars
- Implement route-level code splitting
- Enable compression (gzip/brotli)
Monitoring Slow Queries
Monitoring Slow Queries
Enable Prisma query logging:
Monitoring & Observability
Application Monitoring
Health Checks
Implement comprehensive health checks:app/api/health/route.ts
Metrics to Monitor
| Metric | Description | Alert Threshold |
|---|---|---|
| Response Time | API endpoint latency | > 1000ms |
| Error Rate | 5xx responses | > 1% |
| Database Connections | Active connections | > 80% of limit |
| CPU Usage | Container CPU | > 80% |
| Memory Usage | Container memory | > 85% |
| Disk Space | Database storage | > 80% |
Environment Variables
Production Environment
.env.production
Deployment Workflow
Zero-Downtime Deployments
For production environments, implement rolling updates:kubernetes-deployment.yaml
Disaster Recovery
Document Recovery Procedures
Maintain runbooks for:
- Database restoration
- Application rollback
- DNS failover
- Data center migration
Regular DR Drills
Test recovery procedures quarterly:
- Restore from backup to test environment
- Verify data integrity
- Measure recovery time objective (RTO)
Troubleshooting
Common Production Issues
High Database Connection Count
High Database Connection Count
Symptoms: “Too many connections” errorsSolutions:
- Reduce
connection_limitin DATABASE_URL - Implement connection pooling (PgBouncer)
- Scale database instance
Memory Leaks
Memory Leaks
Symptoms: Increasing memory usage over timeSolutions:
- Use Node.js heap snapshots
- Check for unclosed Prisma clients
- Implement memory limits and auto-restart policies
Slow Query Performance
Slow Query Performance
Symptoms: High response times, database CPU spikesSolutions:
- Enable query logging
- Add indexes to frequently queried fields
- Use database query analyzer
Next Steps
Security Hardening
Implement security best practices
Docker Deployment
Container deployment guide