Scaling

Horizontal and Vertical Scaling Recommendations

Document Version: 1.0.0
Last Updated: 2026-02-10

---

1. Scaling Matrix

Component	Horizontal	Vertical	Notes
Web Interface	✅ 1–10+ replicas	✅	Stateless; HPA recommended
API Server	⚠️ 1 replica*	✅	*Single replica per license; contact support for multi-replica
OCSP Responder	✅ 1–5+ replicas	✅	Read-only DB access, stateless
PostgreSQL	✅ Read replicas	✅	Primary + replicas for read scaling
Redis	✅ Sentinel/Cluster	✅	Optional HA deployment

2. Capacity Planning

Secrets Volume

Secrets Count	API Server	PostgreSQL	Redis
< 10,000	2 CPU / 4 GB	2 CPU / 4 GB / 50 GB	1 CPU / 1 GB
10,000–50,000	4 CPU / 8 GB	4 CPU / 8 GB / 100 GB	2 CPU / 2 GB
50,000–200,000	4 CPU / 16 GB	8 CPU / 16 GB / 200 GB	2 CPU / 4 GB
200,000+	8 CPU / 32 GB	16 CPU / 32 GB / 500 GB+	4 CPU / 8 GB

Concurrent Users

Users	Web Interface Replicas	API Server Resources
< 50	1–2	2 CPU / 4 GB
50–200	2–3	4 CPU / 8 GB
200–500	3–5	4 CPU / 16 GB
500+	5+ (HPA)	8 CPU / 32 GB

Agent Connections

Agents	API Server Resources	Notes
< 50	Base resources	Standard heartbeat interval
50–200	+2 GB RAM	Increase heartbeat interval to 120s
200–500	+4 GB RAM	Consider connection pooling
500+	+8 GB RAM	Contact support for tuning

3. Kubernetes HPA Configuration

Web Interface

apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
  name: mazevault-frontend-hpa
  namespace: mazevault
spec:
  scaleTargetRef:
    apiVersion: apps/v1
    kind: Deployment
    name: mazevault-frontend
  minReplicas: 2
  maxReplicas: 10
  metrics:
    - type: Resource
      resource:
        name: cpu
        target:
          type: Utilization
          averageUtilization: 70
    - type: Resource
      resource:
        name: memory
        target:
          type: Utilization
          averageUtilization: 80

OCSP Responder

apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
  name: mazevault-ocsp-hpa
  namespace: mazevault
spec:
  scaleTargetRef:
    apiVersion: apps/v1
    kind: Deployment
    name: mazevault-ocsp
  minReplicas: 1
  maxReplicas: 5
  metrics:
    - type: Resource
      resource:
        name: cpu
        target:
          type: Utilization
          averageUtilization: 70

4. Database Scaling

Read Replicas (Azure)

az postgres flexible-server replica create \
  --resource-group rg-mazevault-prod \
  --replica-name psql-mazevault-replica-1 \
  --source-server psql-mazevault-prod

Connection Pooling

For high-concurrency deployments, consider PgBouncer:

# pgbouncer.ini equivalent settings
pool_mode = transaction
max_client_conn = 400
default_pool_size = 25

5. Performance Tuning

PostgreSQL

Parameter	Small (<10K secrets)	Medium (10K–100K)	Large (100K+)
shared_buffers	1 GB	4 GB	8 GB
effective_cache_size	3 GB	12 GB	24 GB
work_mem	16 MB	64 MB	128 MB
max_connections	100	200	400

Redis

Parameter	Value	Description
maxmemory	50-75% of available RAM	Memory limit
maxmemory-policy	allkeys-lru	Eviction policy

Related

• System Requirements — Base resource requirements
• Monitoring — Performance monitoring
• Helm Charts — K8s resource configuration