battle ready! - hardening node.js for the enterprise
TRANSCRIPT
Battle Ready! - HardeningNode.js for the Enterprise
Jeff Barczewski
codewinds.com CodeWinds
by Geek & Poke Licensed Yesterday's Regex CC BY 3.0
by Geek & Poke Licensed Good Framework CC BY 3.0
Why build scalable, durableapps?
Who am I?25 yrs professional developer3 yrs full time with Node.jsMasterCard, Elsevier, RGA, USAFCodeWinds Podcast and Training
Elsevier Education PlatformRapid Development AppsNode.jsIsomorphic Javascript
MasterCard CaaSCrypto as a ServiceNode.js plus addon HSMREST APIHighly scalable and availableReporting, Administration
MasterCard / Apple Pay LaunchComplex deployment, many third partiesField testingUS public launch - "It just worked"
Other Enterprise UseWalmartPay Pal, LinkedinYahoo, ebay, Uber, Netflixhttp://nodejs.org/industry/
Legacy Code & Stagnation
"Inspire with your actions"
How to Introduce Node.jsSimple beginnings
CLI toolsBatch processingAdmin applicationsGreen field projects, REST, SPA
Smart API reverse proxy
by API Proxy Yury Baranovsky
SSO, batchingOrchestration, cachingDevice specific contentMigration, AB Testing
Inspired
F15 Eagle
by - Licensed F-15E Strike Eagle Gerry Metzler IMG_214 CC BY-SA 2.0
" by Staff Sgt. Aaron Allmon (USAF) - . Public domainAfghanistan, F-15E 391st Src
F15 Video - I shared an edited
portion of this video in my talkFull F15 video from 67FS
Life happens
F15 Single Wing Landing
by History ChannelF-15 Single wing landing
Traits that inspire mePerformantAdaptabilityDurabilityTrusted
Design and FoundationsWhat frameworks and tools?
Hapi, Express, RestifyIs it battle tested? Quality? Community? License?Prototype with APIJoi, Wreck
Express & Hapi
Licensed Army Car Garage by U.S. Army CC BY-SA 2.0
Stingray by Jeff Barczewski
Express Example p1var express = require('express');
var compression = require('compression')
var logger = require('morgan');
var cookieParser = require('cookie-parser');
var bodyParser = require('body-parser');
var app = express();
app.use(compression())
app.use(logger('dev'));
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: false }));
app.use(cookieParser());
Express Example p2app.get('/', function (req, res) {
res.send({ hello: 'world' });
});
// catch 404 and forward to error handler
app.use(function(req, res, next) {
var err = new Error('Not Found');
err.status = 404;
next(err);
});
app.listen(3000, function(){
console.log('Express server listening on port ' + 3000); });
Hapi Examplevar Hapi = require('hapi');
var server = new Hapi.Server(3000);
server.route({
method: 'GET', path: '/',
handler: function (request, reply) {
reply({ hello: 'world' });
}
});
server.start(function () {
console.log('Server running at:', server.info.uri);
});
Design and FoundationsWhere to store data?
Redis - caching, sessions, queuesREST services - SQL (postgres), noSQL (riak,dynamo, leveldb)async libraries, uses, verifySharding plan
Design and FoundationsReducing risk
RDD, Test API, CIGit pull requests, shrinkwrapjshint, markdown, jsdocNode.js / JS training
How do we scale up?Node.js evented architectureCluster, Child processes, Containers, ZonesLoad balancer, nginx, HA proxy, apache
How do we know it will scale?Load Test, stress test, vary workloadbench-rest, wrk, abload runner, blitz.iobenchmark frequently
bench-rest // unique PUT and then a GET for each iteration
var flow = {
main: [
{ put: 'http://localhost:8000/foo_#{INDEX}',
json: 'mydata_#{INDEX}' },
{ get: 'http://localhost:8000/foo_#{INDEX}' }
]
};
module.exports = flow;
by Geek & Poke Licensed Hope CC BY 3.0
ResilienceHow do we make this durable?
child processes, cluster_master_extDetect process exit, restartDB failures, reconnect generic-pool, backoffMonit, upstart, forever, nscale
cluster_master_extvar clusterMaster = require("cluster-master-ext");
clusterMaster({
exec: "worker.js", // script to run
size: 5, // number of workers
env: { SOME: "environment_vars" },
args: [ "--deep", "doop" ],
silent: true,
signals: true
});
How to make this hotdeployable?
Rolling restartHandle shutdown, exit cleanly, fail safe timeoutSignals: TERM, INT - shutdown, HUP - rollingrestart
How do we monitor?Logging? Events?Bunyan, jeffbski/hapi-bunyan-liteMonit, upstart, forever, nscaleNotifying, dtrace, vasyncCharting - Rickshaw, zag, statsd/graphite,influxdb
Demonstration
True Friend
Resilient Solutions
Licensed Properties of Resilient Systems by DoD CC BY-NC-ND 3.0
StrongReliableTrustedAdaptable
To learn more
CodeWinds - Resilient [email protected]@codewinds @jeffbski
http://codewinds.com/nodevember