rembrembdocs
flyiooriginal source ↗

Use this checklist to help you set up a production environment on Fly.io.

Illustration by Annie Ruygt of Frankie the hot air balloon waving to a bird sitting on a hour roof

Overview

Moving an app from staging to production can expose unexpected failure modes: security holes, performance and scaling issues, or data loss. This checklist is meant to catch common pitfalls for apps on Fly.io, but it’s not a guarantee of production readiness. Not every item here will apply to your app, and you may have additional requirements that aren’t listed. Use this as a foundation and adapt it to your needs. Think of this list as a scaffold, not a silver bullet.

Important: The checklist is not exhaustive and does not guarantee production-readiness for your app. Apps can have unique requirements for production depending on the framework and type of app. Some items won’t be applicable and there may be other considerations not listed here; you’ll need to decide which checklist items work for your app.

Security

Use access tokens to allow only the minimum access level required by team members to your organization, apps, and Machines. Understand access tokens.

Set secrets to store sensitive data and make them available as environment variables to your app. Read about Secrets and Fly Apps.

Check that your private apps with services don’t have public IP addresses. Run fly ips list and use fly ips release to release unnecessary public IPs. More detail is available in this flyctl reference: fly ips commands. Assign private apps a Flycast address instead.

Secure your app with rate limiting, bot protection, email validation, and defense against common attacks through our extension partner Arcjet. Read more about Application Security by Arcjet.

Databases

We recommend using Fly.io’s Managed Postgres, our fully-managed database service that handles all aspects of running production PostgreSQL.

Practice restoring your managed Postgres database from a backup before you actually need to. You can do this anytime from the Managed Postgres dashboard.

App performance

Availability, resiliency, and costs

Autostop/autostart lets you stop or suspend Machines when there’s low traffic, saving on resource usage and costs. You get autostop/autostart by default with a new app, but you can configure it to optimize for your use case. Find out more: Autostop/autostart Machines.

For apps that aren’t running web services, use the autoscaler app to scale your app’s Machines based on any metric, saving on resource usage and costs. Learn how to Autoscale based on metrics.

Networking

Configure a certificate for your domain. Learn how to use a custom domain.

Completely eliminate the chance of blacklisted spammers causing problems for your app. There is a small added cost for dedicated IPv4 addresses. Read more about Dedicated IPv4.

If you haven’t already done so, give your private apps a Flycast address to communicate with them entirely on your private network. Find out about Flycast - Private Fly Proxy services.

Monitoring

Use managed Prometheus and managed Grafana dashboards to monitor your app. Read about Metrics on Fly.io.

Our extension partner Sentry provides an application monitoring platform that helps you identify and fix software problems before they impact your users. Fly.io organizations get a year’s worth of Sentry Team Plan credits. Read how to configure Application Monitoring by Sentry.

Set up the Fly Log Shipper to aggregate your app’s logs to a service of your choice. Read more about Exporting logs.

CI/CD

Get support

Standard, Premium, or Enterprise support packages are available to purchase. Learn more about Support plans.