← All lessons/Production
50
Production

Production Deployment & Mesh Replication

Deploy to production with proper config, enable mesh replication for HA, and apply the full checklist.

Prerequisite: All previous lessons complete

What you'll learn

  • Production docker-compose.yml: restart: always, named volumes, healthcheck
  • Secrets management: Railway shared vars, AWS Secrets Manager, Kubernetes sealed secrets
  • POST /v1/mesh/peers — register a replica node
  • Both nodes share SAPIX_MASTER_SEED — same encryption, same data
  • Full production checklist: 13 items from secrets backup to Codios auth
  • Performance tuning: high_load profile, batch writes, index strategy
Challenge

Deploy a two-node setup with mesh replication. Write to node 1. Verify on node 2. Run chain verification on both.

Interactive Walkthrough

What you'll learn

Deploy SapixDB to production with proper configuration, enable mesh replication for high availability, and apply the full production checklist.

Production docker-compose.yml

services:
  sapixdb:
    image: sapixdb/agent:latest
    container_name: sapixdb
    restart: always
    ports:
      - "7475:7475"
    volumes:
      - /var/lib/sapixdb/strand:/data/strand
      - /var/lib/sapixdb/graph:/data/graph
      - /var/lib/sapixdb/blobs:/data/blobs
    environment:
      SAPIX_AGENT_ID:         production-primary
      SAPIX_MASTER_SEED:      ${SAPIX_MASTER_SEED}
      SAPIX_KEYPAIR_SEED_HEX: ${SAPIX_KEYPAIR_SEED_HEX}
      SAPIX_ROOT_KEY:         ${SAPIX_ROOT_KEY}
      SAPIX_LICENSE_KEY:      ${SAPIX_LICENSE_KEY}
      SAPIX_STRAND_DIR:       /data/strand
      SAPIX_GRAPH_DIR:        /data/graph
      SAPIX_BLOB_DIR:         /data/blobs
      SAPIX_BIND_ADDR:        0.0.0.0:7475
      SAPIX_CODIOS_URL:       ${SAPIX_CODIOS_URL}
      SAPIX_CODIOS_API_KEY:   ${SAPIX_CODIOS_API_KEY}
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:7475/v1/health"]
      interval: 30s
      timeout:  10s
      retries:  3

Production secrets management

Never put secrets in docker-compose.yml directly. Use: - Railway: shared environment variables - AWS: Secrets Manager + ECS task role - Kubernetes: sealed secrets or external secrets operator - Docker Swarm: docker secret

# Pass from environment
SAPIX_MASTER_SEED=<hex> SAPIX_ROOT_KEY=<key> docker compose up -d

Mesh replication (high availability)

Register a peer node:

curl -s -X POST http://localhost:7475/v1/mesh/peers \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer spx_root_YOUR_ROOT_KEY" \
  -d '{
    "peer_id":  "replica-01",
    "endpoint": "http://replica-host:7475",
    "api_key":  "spx_root_REPLICA_ROOT_KEY"
  }' | python3 -m json.tool

SapixDB pushes all writes to registered peers. Both nodes share the same SAPIX_MASTER_SEED (same encryption key, same data). Reads can go to either node.

Production checklist

ItemRequired?
SAPIX_MASTER_SEED set and backed up offlineCritical
SAPIX_ROOT_KEY in secrets managerCritical
SAPIX_KEYPAIR_SEED_HEX backed upCritical
restart: always in docker-composeRequired
Volume mount to named directory (not /tmp)Required
Chain verification in health checkRecommended
Daily snapshot via cronRecommended
Scoped API keys for all services (no root key in app code)Required
SAPIX_LICENSE_KEY set for enterprise featuresIf using enterprise
Peer replica configuredRecommended for HA
SAPIX_CODIOS_URL set for agent authorizationRecommended
HIPAA/SOX mode if applicableCompliance

Performance tuning

ScenarioSetting
High write throughputSwitch to high_load profile
Large analytics queriesSwitch to analytics profile
Mixed OLTPdefault profile
Maintenance windowmaintenance profile

Use batch writes for all bulk ingestion (Lesson 8). Create indexes on frequently filtered fields (Lessons 18–20). Use count and aggregate instead of loading full records for stats.

Final challenge

Deploy a two-node SapixDB setup with mesh replication. Write a record to node 1. Verify it appears on node 2. Run chain verification on both nodes.

---

## Summary — All 50 Lessons

#LessonModule
1The Mental ModelFoundations
2First BootFoundations
3Record AnatomyFoundations
4Organisms and AgentsFoundations
5Writing Records in DepthFoundations
6Reading Records in DepthFoundations
7Soft Delete and TombstonesWorking with Records
8Batch WritesWorking with Records
9Per-Record TTLWorking with Records
10Schema ValidationWorking with Records
11SaQL BasicsQuerying with SaQL
12All 15 WhereOp OperatorsQuerying with SaQL
13Compound Filters (AND/OR/NOT)Querying with SaQL
14Sort Order & Cursor PaginationQuerying with SaQL
15Aggregate FunctionsQuerying with SaQL
16Group ByQuerying with SaQL
17Distinct QueriesQuerying with SaQL
18Single-Field IndexesIndexes & Performance
19Composite IndexesIndexes & Performance
20Full-Text SearchIndexes & Performance
21Query ExplainIndexes & Performance
22Time Travel Deep DiveTime & History
23Time Range QueriesTime & History
24Chain VerificationTime & History
25Graph EdgesGraph & Joins
26Graph TraversalGraph & Joins
27Multi-Agent JoinsGraph & Joins
28Field ProjectionAdvanced Query
29Natural Language QueriesAdvanced Query
30Streaming Queries (SSE)Advanced Query
31BlobStoreBinary Storage
32SAPIX_MASTER_SEED & EncryptionAuth & Security
33Root Key & API AuthenticationAuth & Security
34Scoped API KeysAuth & Security
35Key Delegation & Rate LimitingAuth & Security
36Key RotationAuth & Security
37Cron JobsAutomation
38TriggersAutomation
39Mutants (AI Schema Evolution)Automation
40Per-Agent SSE StreamReal-Time
41Global Broadcast Bus & PublicationsReal-Time
42Epigenetic ProfilesOperations
43Snapshots & BackupsOperations
44WAL & CheckpointsOperations
45HIPAA Compliance ModeEnterprise
46SOX ComplianceEnterprise
47Codios AuthorizationEnterprise
48Python SDKSDKs
49TypeScript SDKSDKs
50Production Deployment & Mesh ReplicationProduction

---

*Lessons 1–6 complete. Proceed from Lesson 7 onward one at a time.*

← Previous
Lesson 49: TypeScript SDK