Scaling Node.js

nornagon picture nornagon · Jan 17, 2011 · Viewed 27.4k times · Source

I'm fairly new to large-scale server-side development. I want to write a server using Node.js, but before I forge ahead I'd like to know what the general principles are for scaling node up to, say, 20 queries per second.

The service I'm writing will largely be an interface to a database, plus authentication and validation of input data.

Answer

Alfred picture Alfred · Jan 17, 2011

Load balancing

Most probably for the most simple sites you don't need any scaling at all. Just one single box will get you covered. After that you should do load balancing like you are mentioning which is almost the same for every architecture(like you are saying you could start multiple node processes first. But when you get really big you need more boxes).

Nginx load balancing example:

http {
  upstream myproject {
    server 127.0.0.1:8000 weight=3;
    server 127.0.0.1:8001;
    server 127.0.0.1:8002;    
    server 127.0.0.1:8003;
  }

  server {
    listen 80;
    server_name www.domain.com;
    location / {
      proxy_pass http://myproject;
    }
  }
}

Redis

20 queries per second

No sweat for node.js. You should use redis as your datastore because it is insane fast :). There is even a c library for node when you use node_redis.

npm install hiredis redis

Hiredis is what gives you kickass performance because it compiles to C code inside node. Here are some benchmarks from redis when used with hiredis.

PING: 20000 ops 46189.38 ops/sec 1/4/1.082
SET: 20000 ops 41237.11 ops/sec 0/6/1.210
GET: 20000 ops 39682.54 ops/sec 1/7/1.257
INCR: 20000 ops 40080.16 ops/sec 0/8/1.242
LPUSH: 20000 ops 41152.26 ops/sec 0/3/1.212
LRANGE (10 elements): 20000 ops 36563.07 ops/sec 1/8/1.363
LRANGE (100 elements): 20000 ops 21834.06 ops/sec 0/9/2.287

When you look at those numbers then 20/s is NOTHING :).

Authentication


Update:


I am telling this a lot but for the love of god please don't try to implement your own authentication-system. It is probably going to be unsafe(a lot can go wrong), a lot of work. For authentication you should use facebook-connect, twitter single sign-in, etc using the excellent connect-auth library. Then you are covered safe because they have experts testing there login-systems for holes and the also don't transmit passwords via plain-text but thank for god use https. I also have answered a topic for a user who wanted to use facebook-connect.

validation of input data

To validate input you could use node-validator.

var check = require('validator').check,
    sanitize = require('validator').sanitize

//Validate
check('[email protected]').len(6, 64).isEmail();       //Methods are chainable
check('abc').isInt();                               //Throws 'Invalid integer'
check('abc', 'Please enter a number').isInt();      //Throws 'Please enter a number'
check('abcdefghijklmnopzrtsuvqxyz').is(/^[a-z]+$/);

//Sanitize / Filter
var int = sanitize('0123').toInt();                  //123
var bool = sanitize('true').toBoolean();             //true
var str = sanitize(' \s\t\r hello \n').trim();      //'hello'
var str = sanitize('aaaaaaaaab').ltrim('a');        //'b'
var str = sanitize(large_input_str).xss();
var str = sanitize('&lt;a&gt;').entityDecode();     //'<a>'

There also is this forms library to help you create forms.