Legacy frontend-backend deployments fail in layers. A React build can be correct while the proxy serves last week's files. Django can be healthy while /api routes to the wrong upstream. The database can be reachable from a shell and blocked from the application container.
Do not start by upgrading everything. Trace one revision and one request.
Stamp the build
Inject a revision into the frontend artifact and backend health response:
GET /version
{
"frontend_revision": "abc123",
"backend_revision": "abc123",
"built_at": "2026-07-13T02:00:00Z"
}
At deployment time, record artifact digest, source revision, dependency lockfile digest, runtime version, and configuration version. A filename such as latest.zip is not provenance.
Follow one request
Generate a request ID at the edge or accept a valid one from a trusted internal caller. Pass it through proxy and application logs and return it in the response.
proxy_set_header X-Request-ID $request_id;
add_header X-Request-ID $request_id always;
For one failing request, build a table:
| Layer | Evidence | Failure to distinguish |
|---|---|---|
| DNS/TLS | resolved address, certificate | wrong host vs expired TLS |
| CDN/proxy | request ID, cache status, upstream | stale asset vs bad route |
| frontend | revision, requested API URL | old bundle vs runtime config |
| backend | revision, route, status, duration | application error vs timeout |
| database | query class, pool wait, error code | saturation vs invalid query |
Use curl -v for transport evidence, browser network tools for asset and CORS behavior, and structured server logs for the same request ID. Redact cookies and authorization headers.
Roll back one layer at a time
Keep independently addressable frontend and backend artifacts. Verify database migrations are backward compatible before rolling application code back. After recovery, reproduce the failure in staging and add the missing invariant to the pipeline: revision endpoint, digest pin, route smoke test, or migration gate.
The public MonkeyCode repository describes managed development environments and private deployment. Such environments can help reproduce deployment problems, but this runbook is independent and does not report a MonkeyCode deployment test.
Disclosure: I contribute to the MonkeyCode project. The operational method is tool-independent; product context is public.
One trace ID will not modernize a legacy stack. It will tell you which layer deserves the first change—and which ones to leave alone during the incident.
Top comments (0)