Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Stabilizing the npm registry

Avatar for C J Silverio C J Silverio
February 11, 2015
Programming
2
380

Stabilizing the npm registry

How npm went from a car fire to a very boring service with a very boring uptime.

Avatar for C J Silverio

C J Silverio

February 11, 2015
Tweet

More Decks by C J Silverio

See All by C J Silverio
The economics of package management
Avatar for C J Silverio ceejbot
4
1.6k
The future of (javascript) modules (in node)
Avatar for C J Silverio ceejbot
1
290
Keeping JavaScript safe
Avatar for C J Silverio ceejbot
3
450
ceej's how to solve it
Avatar for C J Silverio ceejbot
6
760
work-life balance at npm
Avatar for C J Silverio ceejbot
5
790
hash functions and you!
Avatar for C J Silverio ceejbot
2
350
The accidental noder
Avatar for C J Silverio ceejbot
2
150
Design Patterns & Modularity in the npm Registry
Avatar for C J Silverio ceejbot
3
190
Monitoring on a budget
Avatar for C J Silverio ceejbot
2
290

Other Decks in Programming

See All in Programming
可変性を制する設計: 構造と振る舞いから考える概念モデリングとその実装
Avatar for Akira Suenami a_suenami
3
660
おやつのお供はお決まりですか?@WWDC25 Recap -Japan-\(region).swift
Avatar for gangan shingangan
0
150
中級グラフィックス入門~効率的なメッシュレット描画~
Avatar for Pocol projectasura
3
1.3k
TypeScriptでDXを上げろ! Hono編
Avatar for Yusuke Wada yusukebe
3
870
Quality Gates in the Age of Agentic Coding
Avatar for Hélio Medeiros helmedeiros
PRO
1
100
Workers を定期実行する方法は一つじゃない
Avatar for rokuosan rokuosan
0
130
The Niche of CDK Grant オブジェクトって何者?/the-niche-of-cdk-what-isgrant-object
Avatar for hassaku63 hassaku63
1
700
AIのメモリー
Avatar for watany watany
11
970
AI時代の『改訂新版 良いコード/悪いコードで学ぶ設計入門』 / ai-good-code-bad-code
Avatar for MinoDriven minodriven
24
10k
AWS Summit Japan 2024と2025の比較/はじめてのKiro、今あなたは岐路に立つ
Avatar for Satoshi Kaneyasu satoshi256kbyte
1
250
副作用と戦う PHP リファクタリング ─ ドメインイベントでビジネスロジックを解きほぐす
Avatar for Takuma Kajikawa kajitack
3
450
Streamlitで実現できるようになったこと、実現してくれたこと
Avatar for Ayumu Yamaguchi ayumu_yamaguchi
2
220

Featured

See All Featured
The Illustrated Children's Guide to Kubernetes
Avatar for Chris Short chrisshort
48
50k
Automating Front-end Workflow
Avatar for Addy Osmani addyosmani
1370
200k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
Avatar for Kevin Liebholz kevinliebholz
34
5.9k
Fireside Chat
Avatar for paigeccino paigeccino
37
3.5k
Site-Speed That Sticks
Avatar for Harry Roberts csswizardry
10
720
Building Better People: How to give real-time feedback that sticks.
Avatar for Will Jessup wjessup
367
19k
Git: the NoSQL Database
Avatar for Brandon Keepers bkeepers
PRO
431
65k
Large-scale JavaScript Application Architecture
Avatar for Addy Osmani addyosmani
512
110k
Java REST API Framework Comparison - PWX 2021
Avatar for Matt Raible mraible
31
8.7k
Bash Introduction
Avatar for André Augusto Costa Santos 62gerente
613
210k
10 Git Anti Patterns You Should be Aware of
Avatar for Lemi Orhan Ergin lemiorhan
PRO
656
60k
Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]
Avatar for Tammy Everts tammyeverts
8
370

Transcript

  1. stabilizing the registry

  2. C J Silverio director of engineering, npm @ceejbot

  3. This is the story of a plucky package registry named

    npm

  4. scaling problem manifesting itself as a stability problem

  5. "scaling" capacity to meet growing demands

  6. "At scale" huge demand & lots of data

  7. "stability" not falling over under normal demand

  8. What's normal demand?

  9. 129K packages 239 GB package tarballs 40 million pkg dls/day

    1500 req/sec, peak 3200

  10. "Legacy" Anything you've put into production

  11. this is the story of a legacy system becoming more

    flexible
  12. None

  13. January 2013 20K packages .5 million dls/day

  14. Oct 2013 44K packages 108 million dls/month 3.6 million dls/day

  15. None

  16. our plucky little registry had to change

  17. step 1: CDN Put Fastly.com in front of the registry

  18. cache rules everything around me

  19. step 2: tarballs get them out of couchdb

  20. tarballs are huge! couch runs better without them base64 decoding

    is work.
  21. None

  22. January 2014 60K packages 6+ million dls/day

  23. step 3: visibility are things going wrong? what's going wrong?

  24. reactive monitoring monitor deeply fix things quickly

  25. proactive monitoring self-healing (also things don't break)

  26. monitoring is unit testing Add monitoring after every outage

  27. visibility is a prerequisite but not a solution

  28. act on what monitoring and metrics reveal

  29. step 4: redundancy several CouchDBs! reads, writes, & replication

  30. fewer responsibilities for each piece isolates errors

  31. step 5: automation ansible no server is special

  32. June 2014 Superficially similar.

  33. June 2014 80K packages 10 million dls/day

  34. step 6: simplification now that it's not on fire we

    can modify at leisure
  35. None

  36. Nov 2014 105K packages 28 million dls/day peak

  37. 50/50 AWS region split no AWS-specific magic Ubuntu 14.04 Trusty

  38. Fastly: geoloc + varnish haproxy + CouchDB nginx + a

    filesystem

  39. where's the node?

  40. registry 2 electric boogaloo with 500% more node

  41. None

  42. haproxy + node services couchdb ➜ postgres redis for caching

    nginx + filesystem

  43. more complicated more flexible & redundant more scaling dials to

    turn

  44. excited about postgres ad-hoc queries are fun

  45. scaling node is exactly like scaling everything else

  46. Understand system get visibility cool down hot spots add redundancy

  47. npm client <3 npm install -g npm@latest

  48. npm loves you