Production Operations

Running an n8n workflow in production is fundamentally different from local testing. Reliability, scaling, security, and maintainability become the most important factors.

Monitoring and Observability

Execution Monitoring

n8n stores all workflow executions with status, duration, and data. Configure:

Setting	Recommendation	Reason
Execution storage	Failed + manual only	Reduces database size
Pruning	Delete after 7 days	Prevents uncontrolled growth
Error workflow	Set up centrally	Immediate notification on failures

External Monitoring

Complement n8n's internal monitoring with:

Uptime check: Regular HTTP check on /healthz
Prometheus metrics: n8n exports metrics (execution count, duration, error rate)
Log aggregation: Collect container logs in ELK Stack or Grafana Loki
Alerting: PagerDuty or OpsGenie for critical errors

Scaling

Horizontal Scaling with Queue Mode

For high load, enable queue mode:

# Main instance (controls workflows)
N8N_EXECUTIONS_MODE=queue
QUEUE_BULL_REDIS_HOST=redis

# Worker instances (execute workflows)
n8n worker --concurrency=10

Architecture:

Trigger → Main Instance → Redis Queue → Worker 1
                                       → Worker 2
                                       → Worker 3

Resource Planning

Scenario	CPU	RAM	Workers
Small teams (< 50 workflows)	2 cores	4 GB	1 (no queue)
Mid-market (50–200 workflows)	4 cores	8 GB	2–3
Enterprise (200+ workflows)	8+ cores	16+ GB	5+

Backup Strategies

Database Backup

# Daily PostgreSQL backup
pg_dump -U n8n -d n8n | gzip > /backups/n8n_$(date +%Y%m%d).sql.gz

# Retention: Keep for 30 days
find /backups -name "n8n_*.sql.gz" -mtime +30 -delete

Workflow Export

Export workflows regularly as JSON:

# Export all workflows
n8n export:workflow --all --output=/backups/workflows/

# Export credentials (encrypted)
n8n export:credentials --all --output=/backups/credentials/

Version Control for Workflows

Git Integration

Store workflow JSON files in a Git repository:

Export: Export workflows as JSON
Commit: Changes with meaningful commit messages
Review: Pull requests for workflow changes
Deploy: CI/CD pipeline imports workflows automatically

Environments

Git Repository
├── workflows/
│   ├── production/
│   ├── staging/
│   └── development/
├── credentials/ (encrypted references only)
└── README.md

Webhook Security

Webhooks are publicly accessible — without protection, they're a security risk.

Authentication

Header auth: Expect a secret token in the header

X-Webhook-Secret: {{ $env.WEBHOOK_SECRET }}

HMAC validation: Verify request body signature
IP whitelisting: Only allow known source IPs

Rate Limiting

Limit incoming requests at the infrastructure level (Nginx, Cloudflare):

limit_req_zone $binary_remote_addr zone=webhooks:10m rate=10r/s;
location /webhook/ {
    limit_req zone=webhooks burst=20 nodelay;
    proxy_pass http://localhost:5678;
}

Practical tip: Treat n8n workflows like code. Version control with Git, use environments (dev/staging/prod), and deploy via CI/CD. This prevents "it works on my laptop" problems and enables rollbacks on errors.