Deployment

QECNet is deployed as a containerized application with standalone build output. This section covers environment configuration, container orchestration, and operational deployment parameters.

CONTENTS

--System Requirements --Container Build --Environment Configuration --Standalone Deployment --Scaling Parameters --Monitoring & Health Checks --Current Deployment Phase

System Requirements

MINIMUM

CPU2 vCPU

Memory512 MB

Storage1 GB

Node.js20.x (Alpine)

NetworkTLS 1.3 capable

RECOMMENDED

CPU4 vCPU

Memory2 GB

Storage10 GB (with audit logs)

Node.js20.x LTS

NetworkDedicated VLAN

Container Build

The application uses a multi-stage Docker build for minimal production images. The build process compiles the Next.js application in standalone mode, producing a self-contained deployment artifact.

BUILD STAGES

# Stage 1: Dependencies
FROM node:20-alpine AS deps
WORKDIR /app
COPY package*.json ./
RUN npm ci --only=production

# Stage 2: Build
FROM node:20-alpine AS builder
WORKDIR /app
COPY --from=deps /app/node_modules ./node_modules
COPY . .
RUN npm run build

# Stage 3: Production
FROM node:20-alpine AS runner
WORKDIR /app
ENV NODE_ENV=production
COPY --from=builder /app/.next/standalone ./
COPY --from=builder /app/.next/static ./.next/static
COPY --from=builder /app/public ./public
EXPOSE 3000
CMD ["node", "server.js"]

BUILD COMMANDS

# Build image
docker build -t qecnet-command:latest .

# Run container
docker run -d \
  --name qecnet-command \
  -p 3000:3000 \
  --restart unless-stopped \
  qecnet-command:latest

# Verify
curl -s http://localhost:3000/api/events | jq .

Environment Configuration

VARIABLE

DEFAULT

REQUIRED

DESCRIPTION

NODE_ENV

production

Yes

Runtime environment

PORT

3000

HTTP listener port

QECNET_AUTH_CODE

—

Yes

Authorization code for session access

SENTINEL_API_URL

—

Backend sentinel API endpoint

SESSION_SECRET

—

Yes

Cookie signing secret (min 32 chars)

SESSION_TTL

86400

Session duration in seconds

LOG_LEVEL

info

Logging verbosity (debug|info|warn|error)

SECURITY NOTE

Never commit environment variables containing secrets to version control. Use a secrets manager (AWS Secrets Manager, HashiCorp Vault, or equivalent) for production deployments. The .env.example file provides a template without sensitive values.

Standalone Deployment

The application is compiled with Next.js standalone output mode. This produces a minimal deployment artifact that includes only the files necessary for production operation, without development dependencies.

STANDALONE OUTPUT STRUCTURE

.next/standalone/
├── server.js          # Entry point
├── node_modules/      # Production dependencies only
├── package.json
└── .next/
    ├── server/        # Server-side rendering artifacts
    └── static/        # Client-side bundles and assets

# Copy static assets alongside standalone output:
cp -r .next/static .next/standalone/.next/static
cp -r public .next/standalone/public

# Start:
cd .next/standalone && node server.js

Scaling Parameters

Horizontal scalingSupported via load balancer. Session affinity required (cookie-based).

Max concurrent sessionsLimited by available memory. ~500 sessions per GB.

Event throughput~10,000 events/second per instance (ingestion pipeline).

Canvas renderingClient-side. 30 FPS cap. No server impact.

API latency targetp99 < 50ms for command endpoints.

Cold start< 3s (standalone mode, no JIT warmup needed).

Monitoring & Health Checks

The application exposes a health check endpoint and includes client-side performance monitoring. Production deployments should configure external monitoring for availability and performance tracking.

HEALTH CHECK

GET /api/events

# Expected response:
{
  "status": "operational",
  "mode": "live",
  "message": "QECNet Sentinel operational"
}

# Recommended probe configuration:
# Interval: 30s
# Timeout: 5s
# Failure threshold: 3 consecutive failures

Current Deployment Phase

ACTIVE DEPLOYMENT

PHASE

Operational Hardening

ENVIRONMENT

Restricted Demonstration

TARGET

Enterprise Readiness

Phase 1Core InfrastructureCOMPLETE

Phase 2Security HardeningCOMPLETE

Phase 3Enterprise IntegrationACTIVE

Phase 4Production CertificationPLANNED