How we built, architected and scaled Defensio, from our prototype to the version currently in production.
Presented at ConFoo in Montreal on March 12, 2010.
One user's experience as Lead Developer on Nebul.us upgrading a symfony application for deployment to Amazon's cloud-based infrastructure. We will discuss the obstacles met along the way, including juggling master and slave database connections and writing uploaded files to S3. Additionally, integration with the symfony configuration and environments system will be demonstrated, allowing one application to be developed locally and seamlessly deployed to the cloud.
Wordnik's technical co-founder Tony Tam describes the reason for going NoSQL. During his talk Tony will discuss the selection criteria, testing + evaluation and successful, zero-downtime migration to MongoDB. Additionally details on Wordnik's speed and stability will be covered as well as how NoSQL technologies have changed the way Wordnik scales.
One user's experience as Lead Developer on Nebul.us upgrading a symfony application for deployment to Amazon's cloud-based infrastructure. We will discuss the obstacles met along the way, including juggling master and slave database connections and writing uploaded files to S3. Additionally, integration with the symfony configuration and environments system will be demonstrated, allowing one application to be developed locally and seamlessly deployed to the cloud.
Wordnik's technical co-founder Tony Tam describes the reason for going NoSQL. During his talk Tony will discuss the selection criteria, testing + evaluation and successful, zero-downtime migration to MongoDB. Additionally details on Wordnik's speed and stability will be covered as well as how NoSQL technologies have changed the way Wordnik scales.
A high level overview of MeteorJS, Amazon Web Services, and how to scale MeteorJS on Amazon's cloud to handle tends of thousands of concurrent websocket connections.
Why Node, Express and Postgres - presented 23 Feb 15, Talkjs, Microsoft Audit...Calvin Tan
How Node, Express and Postgres and help meet the challenges of building a scalable Web Service.
Node is event-oriented and able to take high load.
Express makes your code very simple and maintainable. Supports API-styled web service.
Postgres supports your data needs with a very flexible data structure.
Given at QCon London 2012
Your systems are going to fail, it might not be today, it might not be tomorrow, but sometime soon, probably at 2am, your systems are going to fail in new and exciting ways. We've shared at QCon before about the core architecture of guardian.co.uk, and how we built the site. Now we are going to tell you what we've learnt since we built it, in what ways it went wrong, and how we are learning to architect for failure at the very beginning of each project.
Core Data doesn't have to be hard. Step by step, learn how to use Core Data in code, creating models and relationships. Loading data and efficiently displaying that data.
Disqus talks about how they scale their Python web application to over 500 million visitors a month.
Video is available here: http://pycon.blip.tv/file/4880330/
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
More Related Content
Similar to Building Scalable Web Applications For The Cloud
A high level overview of MeteorJS, Amazon Web Services, and how to scale MeteorJS on Amazon's cloud to handle tends of thousands of concurrent websocket connections.
Why Node, Express and Postgres - presented 23 Feb 15, Talkjs, Microsoft Audit...Calvin Tan
How Node, Express and Postgres and help meet the challenges of building a scalable Web Service.
Node is event-oriented and able to take high load.
Express makes your code very simple and maintainable. Supports API-styled web service.
Postgres supports your data needs with a very flexible data structure.
Given at QCon London 2012
Your systems are going to fail, it might not be today, it might not be tomorrow, but sometime soon, probably at 2am, your systems are going to fail in new and exciting ways. We've shared at QCon before about the core architecture of guardian.co.uk, and how we built the site. Now we are going to tell you what we've learnt since we built it, in what ways it went wrong, and how we are learning to architect for failure at the very beginning of each project.
Core Data doesn't have to be hard. Step by step, learn how to use Core Data in code, creating models and relationships. Loading data and efficiently displaying that data.
Disqus talks about how they scale their Python web application to over 500 million visitors a month.
Video is available here: http://pycon.blip.tv/file/4880330/
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
Building Scalable Web Applications For The Cloud
1. Building Scalable Web
Applications for the
Cloud
Carl Mercier (@cmercier)
Director of software development, Websense Inc.
Founder, Defensio.com
cmercier@websense.com
O U T S M A R T I N G E V I L S PA M
Friday, March 12, 2010
2. Security
for
the
Social
Web
We protect your website from spam,
malicious content,
unwanted URLs and profanity.
Friday, March 12, 2010
3. The Cloud is
different
O U T S M A R T I N G E V I L S PA M
Friday, March 12, 2010
4. Architecture challenges
• We’re an API, not a website
• Many million requests per day, non stop
• Each requests can be fast or slow
• Very little caching possible
O U T S M A R T I N G E V I L S PA M
Friday, March 12, 2010
5. Architecture challenges
• Write intensive
• Traffic comes in spikes
• Any downtime is catastrophic
• 2 different versions of our APIs
• Bootstrapped startup. We’re broke!
O U T S M A R T I N G E V I L S PA M
Friday, March 12, 2010
6. Getting technical
• Built in Ruby (Rails, Merb and pure Ruby)
• External services written in Perl and C
• 100% hosted on Amazon EC2
• Mix of 32 and 64 bit machines
• mostly m1.small (the cheapest ones)
O U T S M A R T I N G E V I L S PA M
Friday, March 12, 2010
7. Prototyping/1.0 beta
aka The Spaghetti Release
• Single Ruby on Rails application
• No direction whatsoever
• A few small EC2 instances
• A single MySQL
O U T S M A R T I N G E V I L S PA M
Friday, March 12, 2010
8. Prototyping/1.0 beta
aka The Spaghetti Release
• Horizontal scaling:
Start more instances
DNS Round Robin • This also scaled the website
NGINX + API + WEB NGINX + API + WEB
• Eventually moved MySQL to m1.large
MySQL
O U T S M A R T I N G E V I L S PA M
Friday, March 12, 2010
9. What was wrong?
• Unmaintainable code
• Why did it even work?
• but it REALLY did work, and well! :)
• DNS Round Robin
• Very database intensive
O U T S M A R T I N G E V I L S PA M
Friday, March 12, 2010
10. The Big Rewrite
• Complete code rewrite
• Proper code separation
• Completely tested
• Ruby + MERB + Datamapper
• Replaced DNS RR with HAProxy
• Added Memcached to the mix
O U T S M A R T I N G E V I L S PA M
Friday, March 12, 2010
11. The Big Rewrite
architecture
HAProxy
NGINX + API (Merb) NGINX + API (Merb) NGINX + API (Merb)
MySQL + Memcached
O U T S M A R T I N G E V I L S PA M
Friday, March 12, 2010
12. Later Improvements
• Dumped HAProxy (single point of failure)
• replaced with Amazon ELB
• Move Memcached to its own machine
• Decoupled resource-intensive parts
• turned them into web services
O U T S M A R T I N G E V I L S PA M
Friday, March 12, 2010
13. The Big Rewrite
architecture, revisited
Amazon ELB
NGINX + API (Merb)
many EC2 instances
MySQL
Memcached
Web Service 1 Web Service n
O U T S M A R T I N G E V I L S PA M
Friday, March 12, 2010
14. Advantages of this architecture
• Easy to scale horizontally OR vertically
• Each unit can be scaled & tweaked independently
• Easy to maintain
• Increased redundancy
O U T S M A R T I N G E V I L S PA M
Friday, March 12, 2010
15. MySQL Pain
• Traffic keeps growing
• Adding millions of records per day
• Database size growing exponentially
• Most of this data was non-critical
• Stuck with our schemas and indexes
O U T S M A R T I N G E V I L S PA M
Friday, March 12, 2010
16. Scaling MySQL on EC2
• If your DB fits in memory, don’t worry, be happy!
• It’s painful.
• You should be on EBS or equivalent
• permanent and robust storage
• EBS snapshots
O U T S M A R T I N G E V I L S PA M
Friday, March 12, 2010
17. Scaling MySQL on EC2
• Scale up (move to a bigger machine)
• More RAM
• Database often IO bound
• RAID 0 (stripe)
• Inconsistent EBS snapshots
O U T S M A R T I N G E V I L S PA M
Friday, March 12, 2010
18. Scaling MySQL on EC2
• Replication
• headache
• all writes go to master
• Split database
O U T S M A R T I N G E V I L S PA M
Friday, March 12, 2010
19. MongoDB
• Document-oriented database
• Schema-less
• Fast
• Replication, fail-over, auto-sharding
O U T S M A R T I N G E V I L S PA M
Friday, March 12, 2010
20. Three Data Stores
• MySQL (critical data)
• accounts, keys, account settings, statistics
• MongoDB (semi non-critical)
• documents, reputations
• Memcached (non-critical data)
• short term, very fast updates
O U T S M A R T I N G E V I L S PA M
Friday, March 12, 2010
21. Three Data Stores
Amazon ELB
NGINX + API (Merb)
many EC2 instances
MySQL
m1.small
MongoDB
64-bit
Memcached
Web Service 1 Web Service n
O U T S M A R T I N G E V I L S PA M
Friday, March 12, 2010
22. API 2.0 Challenges
• Completely new API to the user
• Keep support for 1.x
• Asynchronous
• New features, can’t just wrap API 1.x
O U T S M A R T I N G E V I L S PA M
Friday, March 12, 2010
23. Frontend
• Ruby on Rails
• Accepts HTTP connections
• Knows the API definition for both 1.x and 2.0
• Converts API calls into “jobs”
O U T S M A R T I N G E V I L S PA M
Friday, March 12, 2010
24. Frontend
• Jobs are put in a queue
• Backend responds with generic response
• Frontend converts response and renders
O U T S M A R T I N G E V I L S PA M
Friday, March 12, 2010
25. Queue/Messaging: RabbitMQ
• Messaging (AMQP)
• Ultra-fast
• Feature-rich
• Complex (too complex for our needs)
O U T S M A R T I N G E V I L S PA M
Friday, March 12, 2010
26. Queue/Messaging: Beanstalkd
• Ultra-simple simple queue
• Not a messaging server (hack it to make it behave like one!)
• Just as fast as RabbitMQ
• Delayed jobs
O U T S M A R T I N G E V I L S PA M
Friday, March 12, 2010
27. Backend
• Previously our “API” servers
• Doesn’t accept HTTP connections anymore
• Communicates through jobs/response (queue)
• API agnostic. Only knows about jobs/response
• All processing/logic
• Spits a response back in the queue
O U T S M A R T I N G E V I L S PA M
Friday, March 12, 2010
28. Current Architecture API 2.0
Amazon ELB
Cluster n
API Frontend (Unicorn + Rails)
many EC2 instances
Queue/Messaging
(Beanstalkd)
Backend (hacked Merb)
many EC2 instances
MySQL MongoDB
Memcached
m1.small 64-bit
Web Service 1 Web Service n
O U T S M A R T I N G E V I L S PA M
Friday, March 12, 2010
29. Advantages
• Awesome fault-tolerence
•
Amazon ELB
API Frontend (Unicorn + Rails)
many EC2 instances
Cluster n Horizontal scaling is easy
Queue/Messaging
(Beanstalkd)
Backend (hacked Merb)
• Add capacity to a cluster
•
many EC2 instances
Add clusters
MySQL MongoDB
Memcached
•
m1.small 64-bit
No more MySQL scaling worries
•
Web Service 1 Web Service n
Complete schema flexibility w/
MongoDB
O U T S M A R T I N G E V I L S PA M
Friday, March 12, 2010
30. When to scale “out”
(horizontally)
• Each instances are identical clones
• Redundancy
• Fast & easy scaling
• Instance is “irrelevant”
O U T S M A R T I N G E V I L S PA M
Friday, March 12, 2010
31. What we scale “out”
(horizontally)
• Frontend
• Backend
• Internal web services
O U T S M A R T I N G E V I L S PA M
Friday, March 12, 2010
32. When to scale “up”
(vertically)
• Multiple instances are hard to manage (eg: database)
• CPU or memory intensive applications
• Scaling out becomes unpractical
• Scaling out becomes cost-ineffective
O U T S M A R T I N G E V I L S PA M
Friday, March 12, 2010
33. I really like
scaling out
vs. scaling up
O U T S M A R T I N G E V I L S PA M
Friday, March 12, 2010
34. Bulletproof your app
O U T S M A R T I N G E V I L S PA M
Friday, March 12, 2010
35. Scale & shrink fast
even automatically
O U T S M A R T I N G E V I L S PA M
Friday, March 12, 2010
36. Most cost-effective
O U T S M A R T I N G E V I L S PA M
Friday, March 12, 2010
37. Things I learned
• Cloud instances are disposable
• Architect your app accordingly
• Instances should be killed, not fixed
O U T S M A R T I N G E V I L S PA M
Friday, March 12, 2010
38. Things I learned
• Pre-optimizing is useless
• Be aware of your bottlenecks
• Architect your application for flexibility
• Deploy different parts to different servers
• Secure your important data
O U T S M A R T I N G E V I L S PA M
Friday, March 12, 2010
39. Things I learned (about EC2)
• It is pretty reliable, anything else you heard is a myth
• When shit hits the fan, you’re on your own
• Create images
• Automate as much as you can
O U T S M A R T I N G E V I L S PA M
Friday, March 12, 2010
40. Things I learned (about EC2)
• Auto-scaling is easy, but rarely needed
• IO is inconsistent and mostly sucks
• Slowish (Rackspace Cloud is much faster)
• Large(r) instances are too expensive
O U T S M A R T I N G E V I L S PA M
Friday, March 12, 2010
41. Questions?
Twitter: @cmercier and @defensio
Email: cmercier@websense.com
Web: www.defensio.com
O U T S M A R T I N G E V I L S PA M
Friday, March 12, 2010