Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Stabilizing the npm registry

Avatar for C J Silverio C J Silverio
February 11, 2015
Programming
400
2

Stabilizing the npm registry

How npm went from a car fire to a very boring service with a very boring uptime.

Avatar for C J Silverio

C J Silverio

February 11, 2015

More Decks by C J Silverio

See All by C J Silverio
The economics of package management
Avatar for C J Silverio ceejbot
4
1.6k
The future of (javascript) modules (in node)
Avatar for C J Silverio ceejbot
1
310
Keeping JavaScript safe
Avatar for C J Silverio ceejbot
3
480
ceej's how to solve it
Avatar for C J Silverio ceejbot
6
780
work-life balance at npm
Avatar for C J Silverio ceejbot
5
800
hash functions and you!
Avatar for C J Silverio ceejbot
2
370
The accidental noder
Avatar for C J Silverio ceejbot
2
170
Design Patterns & Modularity in the npm Registry
Avatar for C J Silverio ceejbot
3
200
Monitoring on a budget
Avatar for C J Silverio ceejbot
2
300

Other Decks in Programming

See All in Programming
書き換えて学ぶTemporal #fukts
Avatar for Hiroyuki ANAI pirosikick
2
360
実践ハーネスエンジニアリング:ステアリングループを実例から読み解く / Practical Harness Engineering: Understanding Steering Loops Through Real-World Examples
Avatar for nrs nrslib
5
4.8k
AI時代になぜ書くのか
Avatar for Mutz mutsumix
0
330
Back to the roots of date
Avatar for jinroq jinroq
0
770
AIを導入する前にやるべきこと
Avatar for Negima negima
2
340
2026-04-15 Spring IO - I Can See Clearly Now
Avatar for Jonatan Ivanov jonatan_ivanov
1
190
Road to RubyKaigi: Play Hard(ware)
Avatar for makicamel makicamel
1
560
実用!Hono RPC2026
Avatar for yodaka yodaka
2
300
UaaL×Androidアプリのメモリ計測 — Memory Profilerの先へ
Avatar for Ryosuke Shimizu (RIO) rio432
0
140
Symfony AI in Action - SymfonyLive Berlin 2026
Avatar for Christopher Hertel chr_hertel
1
130
サプライチェーン攻撃対策「層を重ねて落ちない壁」を10日間で組み上げた話 #TechLeadConf2026
Avatar for Kashun Yoshida kashewnuts
1
230
Agentic UI in the Frontend: Architectures with Open Standards @JAX 2026 in Mainz
Avatar for Manfred Steyer manfredsteyer
PRO
0
110

Featured

See All Featured
Keith and Marios Guide to Fast Websites
Avatar for Keith Pitt keithpitt
413
23k
Why You Should Never Use an ORM
Avatar for John Nunemaker jnunemaker
PRO
61
9.8k
Ten Tips & Tricks for a 🌱 transition
Avatar for Manu Carrasco Molina stuffmc
0
110
Evolving SEO for Evolving Search Engines
Avatar for Ryan Jones ryanjones
0
190
What’s in a name? Adding method to the madness
Avatar for The Alliance productmarketing
PRO
24
4k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
Avatar for Marc Duiker marcduiker
35
2.4k
The Curious Case for Waylosing
Avatar for Cassini Nazir cassininazir
0
340
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
Avatar for Kevin Liebholz kevinliebholz
37
6.4k
Context Engineering - Making Every Token Count
Avatar for Addy Osmani addyosmani
9
870
Kristin Tynski - Automating Marketing Tasks With AI
Avatar for Tech SEO Connect techseoconnect
PRO
0
240
Bootstrapping a Software Product
Avatar for Garrett Dimon garrettdimon
PRO
307
120k
Lightning talk: Run Django tests with GitHub Actions
Avatar for Sarah Abderemane sabderemane
0
180

Transcript

  1. stabilizing the registry

  2. C J Silverio director of engineering, npm @ceejbot

  3. This is the story of a plucky package registry named

    npm

  4. scaling problem manifesting itself as a stability problem

  5. "scaling" capacity to meet growing demands

  6. "At scale" huge demand & lots of data

  7. "stability" not falling over under normal demand

  8. What's normal demand?

  9. 129K packages 239 GB package tarballs 40 million pkg dls/day

    1500 req/sec, peak 3200

  10. "Legacy" Anything you've put into production

  11. this is the story of a legacy system becoming more

    flexible
  12. None

  13. January 2013 20K packages .5 million dls/day

  14. Oct 2013 44K packages 108 million dls/month 3.6 million dls/day

  15. None

  16. our plucky little registry had to change

  17. step 1: CDN Put Fastly.com in front of the registry

  18. cache rules everything around me

  19. step 2: tarballs get them out of couchdb

  20. tarballs are huge! couch runs better without them base64 decoding

    is work.
  21. None

  22. January 2014 60K packages 6+ million dls/day

  23. step 3: visibility are things going wrong? what's going wrong?

  24. reactive monitoring monitor deeply fix things quickly

  25. proactive monitoring self-healing (also things don't break)

  26. monitoring is unit testing Add monitoring after every outage

  27. visibility is a prerequisite but not a solution

  28. act on what monitoring and metrics reveal

  29. step 4: redundancy several CouchDBs! reads, writes, & replication

  30. fewer responsibilities for each piece isolates errors

  31. step 5: automation ansible no server is special

  32. June 2014 Superficially similar.

  33. June 2014 80K packages 10 million dls/day

  34. step 6: simplification now that it's not on fire we

    can modify at leisure
  35. None

  36. Nov 2014 105K packages 28 million dls/day peak

  37. 50/50 AWS region split no AWS-specific magic Ubuntu 14.04 Trusty

  38. Fastly: geoloc + varnish haproxy + CouchDB nginx + a

    filesystem

  39. where's the node?

  40. registry 2 electric boogaloo with 500% more node

  41. None

  42. haproxy + node services couchdb ➜ postgres redis for caching

    nginx + filesystem

  43. more complicated more flexible & redundant more scaling dials to

    turn

  44. excited about postgres ad-hoc queries are fun

  45. scaling node is exactly like scaling everything else

  46. Understand system get visibility cool down hot spots add redundancy

  47. npm client <3 npm install -g npm@latest

  48. npm loves you