Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Stabilizing the npm registry

Sponsored · SiteGround - Reliable hosting with speed, security, and support you can count on.
Avatar for C J Silverio C J Silverio
February 11, 2015
Programming
2
380

Stabilizing the npm registry

How npm went from a car fire to a very boring service with a very boring uptime.

Avatar for C J Silverio

C J Silverio

February 11, 2015
Tweet

More Decks by C J Silverio

See All by C J Silverio
The economics of package management
Avatar for C J Silverio ceejbot
4
1.6k
The future of (javascript) modules (in node)
Avatar for C J Silverio ceejbot
1
300
Keeping JavaScript safe
Avatar for C J Silverio ceejbot
3
470
ceej's how to solve it
Avatar for C J Silverio ceejbot
6
770
work-life balance at npm
Avatar for C J Silverio ceejbot
5
790
hash functions and you!
Avatar for C J Silverio ceejbot
2
360
The accidental noder
Avatar for C J Silverio ceejbot
2
160
Design Patterns & Modularity in the npm Registry
Avatar for C J Silverio ceejbot
3
200
Monitoring on a budget
Avatar for C J Silverio ceejbot
2
300

Other Decks in Programming

See All in Programming
インターン生でもAuth0で 認証基盤刷新が出来るのか
Avatar for takumi taku271
0
190
Implementation Patterns
Avatar for Denys Poltorak denyspoltorak
0
290
Lambda のコードストレージ容量に気をつけましょう
Avatar for tatsuki-yamada tattwan718
0
130
AI Agent の開発と運用を支える Durable Execution #AgentsInProd
Avatar for izumin5210 izumin5210
7
2.3k
QAフローを最適化し、品質水準を満たしながらリリースまでの期間を最短化する #RSGT2026
Avatar for shibayu36 shibayu36
2
4.4k
AIフル活用時代だからこそ学んでおきたい働き方の心得
Avatar for shinoyu shinoyu
0
130
izumin5210のプロポーザルのネタ探し #tskaigi_msup
Avatar for izumin5210 izumin5210
1
110
生成AIを使ったコードレビューで定性的に品質カバー
Avatar for Chiaki Okamoto chiilog
1
270
Vibe Coding - AI 驅動的軟體開發
Avatar for Micky Li mickyp100
0
170
「ブロックテーマでは再現できない」は本当か?
Avatar for Takashi Kitajima inc2734
0
980
それ、本当に安全? ファイルアップロードで見落としがちなセキュリティリスクと対策
Avatar for ikechi penpeen
7
3.9k
AI時代のキャリアプラン「技術の引力」からの脱出と「問い」へのいざない / tech-gravity
Avatar for MinoDriven minodriven
21
7.2k

Featured

See All Featured
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
Avatar for panda_program panda_program
122
21k
Fantastic passwords and where to find them - at NoRuKo
Avatar for Phil Nash philnash
52
3.6k
Design of three-dimensional binary manipulators for pick-and-place task avoiding obstacles (IECON2024)
Avatar for konakalab konakalab
0
350
The Cult of Friendly URLs
Avatar for Andy Hume andyhume
79
6.8k
16th Malabo Montpellier Forum Presentation
Avatar for AKADEMIYA2063 akademiya2063
PRO
0
49
Understanding Cognitive Biases in Performance Measurement
Avatar for Philip Tellis bluesmoon
32
2.8k
Design in an AI World
Avatar for tapps tapps
0
140
How to audit for AI Accessibility on your Front & Back End
Avatar for davetheseo davetheseo
0
180
Building Experiences: Design Systems, User Experience, and Full Site Editing
Avatar for Michelle Schulp Hunt marktimemedia
0
410
Primal Persuasion: How to Engage the Brain for Learning That Lasts
Avatar for Mike Taylor tmiket
0
250
Bootstrapping a Software Product
Avatar for Garrett Dimon garrettdimon
PRO
307
120k
How GitHub (no longer) Works
Avatar for Zach Holman holman
316
140k

Transcript

  1. stabilizing the registry

  2. C J Silverio director of engineering, npm @ceejbot

  3. This is the story of a plucky package registry named

    npm

  4. scaling problem manifesting itself as a stability problem

  5. "scaling" capacity to meet growing demands

  6. "At scale" huge demand & lots of data

  7. "stability" not falling over under normal demand

  8. What's normal demand?

  9. 129K packages 239 GB package tarballs 40 million pkg dls/day

    1500 req/sec, peak 3200

  10. "Legacy" Anything you've put into production

  11. this is the story of a legacy system becoming more

    flexible
  12. None

  13. January 2013 20K packages .5 million dls/day

  14. Oct 2013 44K packages 108 million dls/month 3.6 million dls/day

  15. None

  16. our plucky little registry had to change

  17. step 1: CDN Put Fastly.com in front of the registry

  18. cache rules everything around me

  19. step 2: tarballs get them out of couchdb

  20. tarballs are huge! couch runs better without them base64 decoding

    is work.
  21. None

  22. January 2014 60K packages 6+ million dls/day

  23. step 3: visibility are things going wrong? what's going wrong?

  24. reactive monitoring monitor deeply fix things quickly

  25. proactive monitoring self-healing (also things don't break)

  26. monitoring is unit testing Add monitoring after every outage

  27. visibility is a prerequisite but not a solution

  28. act on what monitoring and metrics reveal

  29. step 4: redundancy several CouchDBs! reads, writes, & replication

  30. fewer responsibilities for each piece isolates errors

  31. step 5: automation ansible no server is special

  32. June 2014 Superficially similar.

  33. June 2014 80K packages 10 million dls/day

  34. step 6: simplification now that it's not on fire we

    can modify at leisure
  35. None

  36. Nov 2014 105K packages 28 million dls/day peak

  37. 50/50 AWS region split no AWS-specific magic Ubuntu 14.04 Trusty

  38. Fastly: geoloc + varnish haproxy + CouchDB nginx + a

    filesystem

  39. where's the node?

  40. registry 2 electric boogaloo with 500% more node

  41. None

  42. haproxy + node services couchdb ➜ postgres redis for caching

    nginx + filesystem

  43. more complicated more flexible & redundant more scaling dials to

    turn

  44. excited about postgres ad-hoc queries are fun

  45. scaling node is exactly like scaling everything else

  46. Understand system get visibility cool down hot spots add redundancy

  47. npm client <3 npm install -g npm@latest

  48. npm loves you