Hau Truong Cong
DevOps Engineer building fast, scalable, reliable systems
New to Contra
Hau is ready for their next project!
🚀 Upgrading Node.js in Production: A Real Case Study from a Microservices System 🚀
Node.js 20 is reaching its end of maintenance in April 2026.
If your system is still running on it, this is not just a “nice-to-have upgrade” anymore — it’s something you must plan carefully to avoid unexpected risks.
Recently, I was responsible for leading a Node.js upgrade across a large-scale production system — and I want to share how I approached it.
🚧 The Context
The project belongs to a large insurance group in Europe.
We’re running hundreds of microservices, and nearly 20 frontend applications are built with Node.js 20.
The good part?
We already have a solid CI/CD pipeline — fully automated from build → test → deploy.
The challenge?
Even with strong automation, upgrading runtime across distributed systems is never trivial.
🧠 Step 1 — Choosing the Right Target Version
One common mistake I’ve seen:
“Just upgrade to the latest version.”
That’s risky.
At the time:
Node 26 → not GA yet ❌
Node 25 → very short support window ❌
Node 24 → stable and long-term support ✅
So we aligned on Node 24 as the target.
Then comes the next critical question:
Which services are impacted?
Which teams need to be involved?
👉 This step is more about communication and alignment than technical work.
⚙️ Step 2 — Controlled Rollout via CI/CD
Instead of upgrading everything at once, I focused on controlled exposure.
Tested locally using nvm to validate compatibility
Updated CI/CD pipelines to:
Run Node 24 only for specific apps
Apply changes per environment (dev/staging first)
This approach helped:
Reduce cross-environment impact
Isolate issues early
Keep the system stable during transition
🤝 Step 3 — Communication is Everything
At higher environments, technical work becomes teamwork.
Before rollout:
Announced upgrade timeline clearly
Defined who owns testing for each service
Prepared support channels for quick issue handling
During rollout:
Worked closely with service owners
Fixed issues collaboratively in real-time
👉 In large systems, success = coordination, not just code
🚀 Step 4 — Production Deployment (with Safety First)
Even if everything looks perfect in staging…
Production is always different.
So before deploying:
Prepared a rollback strategy
Ensured we could quickly revert to Node 20 if needed
Because at the end of the day:
💯 Stability in production matters more than a successful upgrade.
This wasn’t just a version upgrade.
It was a reminder that in DevOps, how you deploy matters as much as what you deploy.
If you’re dealing with similar upgrades or scaling DevOps systems, I’d love to connect and exchange ideas.
2
66
In 2023, while working as a Senior DevOps Engineer at FPT Corporation, I noticed a growing demand for DevSecOps roles across multiple projects. However, finding professionals with the right combination of DevOps and security expertise was a major challenge for the organization.
Recognizing both the challenge and the opportunity, I decided to take ownership of this gap. I committed myself to learning and mastering DevSecOps practices, and successfully earned the DevSecOps Professional certification later that year — becoming the first person in my unit to achieve this milestone.
But more importantly, I focused on applying what I learned to real-world projects.
By integrating DevSecOps practices into existing workflows, I contributed to:
- Embedding security checks directly into CI/CD pipelines
- Automating vulnerability scanning for container images and dependencies
- Improving overall system security without slowing down delivery speed
- Raising awareness of secure development practices within the team
- Supporting projects that required higher security standards and compliance
This experience allowed me to go beyond traditional DevOps responsibilities — bridging the gap between development, operations, and security.
Today, DevSecOps is a core part of my skill set, enabling me to build systems that are not only scalable and efficient, but also secure by design.
0
50
In 2022, alongside deepening my understanding of Kubernetes infrastructure, I challenged myself to focus on the developer side of Kubernetes — how applications are designed, deployed, and optimized within a cluster.
This led me to successfully earn the Certified Kubernetes Application Developer (CKAD) certification in the same year.
While the certification validated my knowledge, the real value came from applying these concepts in practice — working closely with containerized applications and ensuring they run efficiently in Kubernetes environments.
Through my experience, I’ve worked on:
- Designing and deploying cloud-native applications within Kubernetes
- Writing and optimizing YAML configurations for deployments, services, and scaling
- Managing application lifecycle, including updates and rollbacks
- Debugging application-level issues inside containers and pods
- Ensuring applications are resilient, scalable, and production-ready
This experience helped me bridge the gap between infrastructure and application — understanding not just how Kubernetes works, but how applications should be built to fully leverage it.
Today, CKAD is not just a certification I hold, but a foundation that shapes how I build and deploy modern, containerized applications.
0
42
My journey with Kubernetes started with curiosity — understanding how modern systems scale and operate reliably in production environments.
In 2022, after a period of focused learning and hands-on practice, I successfully earned the Certified Kubernetes Administrator (CKA) certification. This milestone validated not only my theoretical understanding, but also my ability to work with Kubernetes in real-world scenarios.
Since then, Kubernetes has become one of my strongest technical skills, and I’ve continuously applied it across different projects and environments.
In my work, I’ve been involved in:
- Deploying and managing containerized applications in Kubernetes clusters
- Troubleshooting deployment issues related to configuration, networking, and scaling
- Optimizing resource usage to improve system performance and stability
- Working with YAML configurations, services, and ingress to ensure smooth communication between components
- Supporting CI/CD workflows that integrate with Kubernetes for automated deployments
Through these experiences, I’ve developed a practical mindset: not just making systems run, but making them stable, scalable, and maintainable in production.
Kubernetes is not just a tool in my stack — it’s a core part of how I design and operate modern infrastructure.
0
43
I earned my AWS certification back in 2021, marking the starting point of my journey into cloud engineering. What began as a commitment to mastering cloud fundamentals quickly evolved into hands-on experience across multiple real-world projects.
Since then, I’ve had the opportunity to work on a variety of AWS-based systems, where I applied my knowledge to design, deploy, and optimize scalable cloud infrastructures.
In my day-to-day work, I’ve been involved in:
- Building and deploying backend systems using Docker and cloud services
- Designing scalable architectures that can handle production workloads
- Integrating CI/CD pipelines to automate build and deployment processes
- Applying security best practices, including IAM configurations and access control
- Monitoring systems and improving performance to ensure reliability
Through these experiences, I’ve developed a strong understanding of how to move from theory to practical, production-ready solutions.
What makes my approach different is not just knowing AWS services, but understanding how to combine them effectively to solve real business problems — from deployment speed to system stability and cost efficiency.
Today, I continue to refine my cloud expertise, focusing on building efficient, secure, and scalable systems that are ready for real-world demands.
0
47