Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Stabilizing the npm registry

Avatar for C J Silverio C J Silverio
February 11, 2015
Programming
2
380

Stabilizing the npm registry

How npm went from a car fire to a very boring service with a very boring uptime.

Avatar for C J Silverio

C J Silverio

February 11, 2015
Tweet

More Decks by C J Silverio

See All by C J Silverio
The economics of package management
Avatar for C J Silverio ceejbot
4
1.6k
The future of (javascript) modules (in node)
Avatar for C J Silverio ceejbot
1
300
Keeping JavaScript safe
Avatar for C J Silverio ceejbot
3
470
ceej's how to solve it
Avatar for C J Silverio ceejbot
6
770
work-life balance at npm
Avatar for C J Silverio ceejbot
5
790
hash functions and you!
Avatar for C J Silverio ceejbot
2
360
The accidental noder
Avatar for C J Silverio ceejbot
2
160
Design Patterns & Modularity in the npm Registry
Avatar for C J Silverio ceejbot
3
200
Monitoring on a budget
Avatar for C J Silverio ceejbot
2
300

Other Decks in Programming

See All in Programming
今から始めるClaude Code超入門
Avatar for 448jp | OKI Yoshiya 448jp
8
8.6k
それ、本当に安全? ファイルアップロードで見落としがちなセキュリティリスクと対策
Avatar for ikechi penpeen
7
3.8k
責任感のあるCloudWatchアラームを設計しよう
Avatar for アキキー akihisaikeda
3
170
LLM Observabilityによる 対話型音声AIアプリケーションの安定運用
Avatar for Hiroyuki Moriya gekko0114
2
430
KIKI_MBSD Cybersecurity Challenges 2025
Avatar for ikema ikema
0
1.3k
組織で育むオブザーバビリティ
Avatar for ryotaro kobayashi ryota_hnk
0
170
CSC307 Lecture 09
Avatar for Javier Gonzalez-Sanchez javiergs
PRO
1
830
SourceGeneratorのススメ
Avatar for tkym htkym
0
190
CSC307 Lecture 06
Avatar for Javier Gonzalez-Sanchez javiergs
PRO
0
680
生成AIを使ったコードレビューで定性的に品質カバー
Avatar for Chiaki Okamoto chiilog
1
260
プロダクトオーナーから見たSOC2 _SOC2ゆるミートアップ#2
Avatar for Kenta Suzuki kekekenta
0
200
なるべく楽してバックエンドに型をつけたい!(楽とは言ってない)
Avatar for HIBIKI CUBE hibiki_cube
0
140

Featured

See All Featured
Raft: Consensus for Rubyists
Avatar for Patrick Van Stee vanstee
141
7.3k
Statistics for Hackers
Avatar for Jake VanderPlas jakevdp
799
230k
B2B Lead Gen: Tactics, Traps & Triumph
Avatar for Sophie Logan marketingsoph
0
53
GraphQLとの向き合い方2022年版
Avatar for Yosuke Kurami quramy
50
14k
Why Our Code Smells
Avatar for Brandon Keepers bkeepers
PRO
340
58k
How to make the Groovebox
Avatar for あそなす asonas
2
1.9k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
Avatar for Morgane Peng morganepeng
133
19k
Beyond borders and beyond the search box: How to win the global "messy middle" with AI-driven SEO
Avatar for David Carrasco davidcarrasco
1
49
The State of eCommerce SEO: How to Win in Today's Products SERPs - #SEOweek
Avatar for Aleyda Solis aleyda
2
9.5k
Become a Pro
Avatar for Speaker Deck speakerdeck
PRO
31
5.8k
Max Prin - Stacking Signals: How International SEO Comes Together (And Falls Apart)
Avatar for Tech SEO Connect techseoconnect
PRO
0
84
Digital Ethics as a Driver of Design Innovation
Avatar for Per Axbom axbom
PRO
1
170

Transcript

  1. stabilizing the registry

  2. C J Silverio director of engineering, npm @ceejbot

  3. This is the story of a plucky package registry named

    npm

  4. scaling problem manifesting itself as a stability problem

  5. "scaling" capacity to meet growing demands

  6. "At scale" huge demand & lots of data

  7. "stability" not falling over under normal demand

  8. What's normal demand?

  9. 129K packages 239 GB package tarballs 40 million pkg dls/day

    1500 req/sec, peak 3200

  10. "Legacy" Anything you've put into production

  11. this is the story of a legacy system becoming more

    flexible
  12. None

  13. January 2013 20K packages .5 million dls/day

  14. Oct 2013 44K packages 108 million dls/month 3.6 million dls/day

  15. None

  16. our plucky little registry had to change

  17. step 1: CDN Put Fastly.com in front of the registry

  18. cache rules everything around me

  19. step 2: tarballs get them out of couchdb

  20. tarballs are huge! couch runs better without them base64 decoding

    is work.
  21. None

  22. January 2014 60K packages 6+ million dls/day

  23. step 3: visibility are things going wrong? what's going wrong?

  24. reactive monitoring monitor deeply fix things quickly

  25. proactive monitoring self-healing (also things don't break)

  26. monitoring is unit testing Add monitoring after every outage

  27. visibility is a prerequisite but not a solution

  28. act on what monitoring and metrics reveal

  29. step 4: redundancy several CouchDBs! reads, writes, & replication

  30. fewer responsibilities for each piece isolates errors

  31. step 5: automation ansible no server is special

  32. June 2014 Superficially similar.

  33. June 2014 80K packages 10 million dls/day

  34. step 6: simplification now that it's not on fire we

    can modify at leisure
  35. None

  36. Nov 2014 105K packages 28 million dls/day peak

  37. 50/50 AWS region split no AWS-specific magic Ubuntu 14.04 Trusty

  38. Fastly: geoloc + varnish haproxy + CouchDB nginx + a

    filesystem

  39. where's the node?

  40. registry 2 electric boogaloo with 500% more node

  41. None

  42. haproxy + node services couchdb ➜ postgres redis for caching

    nginx + filesystem

  43. more complicated more flexible & redundant more scaling dials to

    turn

  44. excited about postgres ad-hoc queries are fun

  45. scaling node is exactly like scaling everything else

  46. Understand system get visibility cool down hot spots add redundancy

  47. npm client <3 npm install -g npm@latest

  48. npm loves you