How to deploy a backend to production without Kubernetes
The short version: Kubernetes is overkill for most teams. To run a backend reliably you need five things: a server you control, a process manager that restarts crashes and survives reboots, a reverse proxy for TLS and routing, health checks, and a safe deploy & rollback path. This guide covers each — and the errors you'll meet along the way.
Do you actually need Kubernetes?
Kubernetes is brilliant for large fleets with many teams and services. For a single backend, a handful of services, or a small team, it adds a mountain of complexity — control planes, YAML, networking, and a new vocabulary — to solve problems you may not have yet. Most products can run reliably on one or a few servers with a far simpler stack. Here's that stack.
The five pieces you actually need
1. A server you control
A VPS or bare-metal box. You own the OS, the network, and the cost — no per-request surprises.
2. A process manager
systemd or PM2: starts your app, restarts it when it crashes, and brings it back after a reboot.
3. A reverse proxy
nginx in front for TLS, routing, and buffering — so your app never faces the raw internet.
4. Health checks
A cheap endpoint that says "I'm ready," so traffic only reaches a healthy instance.
5. Safe deploys & rollback
Start the new version, verify it, shift traffic, keep the old one a moment — and roll back instantly if needed.
Keep it running: a process manager
The single biggest difference between "it runs on my laptop" and "it runs in production" is a process manager. It restarts your app when it crashes and starts it on boot:
# systemd — the built-in option on every Linux box
# /etc/systemd/system/myapp.service
[Service]
ExecStart=/usr/bin/node /srv/app/server.js
Restart=always
Environment=PORT=3000
[Install]
WantedBy=multi-user.target
sudo systemctl enable --now myappPut a reverse proxy in front
Your app listens on a high port (e.g. 3000); nginx handles TLS and forwards traffic to it. This keeps your app off privileged ports and gives you one place for limits and headers:
server {
listen 443 ssl;
server_name example.com;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
location / { proxy_pass http://127.0.0.1:3000; }
}Deploy without downtime
The safe sequence: start the new version on a new port or instance, poll its health endpoint until it passes, point the proxy at it, drain and stop the old one. No window where nothing is serving. See the zero-downtime guide for blue-green, canary, and rolling in depth.
Errors you might hit
Each of these has a dedicated fix if you hit it while setting this up:
This whole stack, managed for you
Infraveil is a backend operations control plane that runs on your own servers — it is essentially this five-piece stack, managed: it supervises your services (restart on crash), fronts them with a built-in gateway, runs health checks, and gates every deploy behind your approval with one-click rollback. You get production reliability without Kubernetes, and without wiring it all together by hand.
Frequently asked questions
Do I really not need Kubernetes?
For a single backend or a small number of services, no. A server, a process manager (systemd/PM2), a reverse proxy, health checks, and a safe deploy script cover the same reliability needs with far less complexity. Reach for Kubernetes when you genuinely have a large multi-team fleet.
How do I keep a Node app running after it crashes?
Use a process manager. systemd with Restart=always or PM2 will restart the process on crash and start it again after a reboot.
Why put nginx in front of my app?
A reverse proxy handles TLS, routing, buffering, and limits, and keeps your app off privileged ports. It's the standard, robust way to expose a backend to the internet.
How do I deploy without downtime on one server?
Start the new version alongside the old, poll its health endpoint, switch the proxy to it once healthy, then drain and stop the old one. See the zero-downtime deployment guide for the full strategies.