Tag: Reliability

N|Solid v4.9.2 is now available

Posted on by

NodeSource is excited to announce N|Solid v4.9.2 which contains the following changes:

General stability improvements and bug fixes
Node.js v14.21.3 (LTS): Includes a Node.js security release captured in Node.js v14.21.3 (LTS).
Node.js v16.19.1 (LTS): Includes a Node.js security release captured in Node.js v16.19.1 (LTS).
Node.js v18.14.1 (LTS): Includes a Node.js security release captured in Node.js v18.14.1 (LTS).
Support for a new action in N|Solid saved views to capture traces automatically.

IMPORTANT: N|Solid v4.9.1 contains a Node.js security release!

For detailed information on installing and using N|Solid, please refer to the N|Solid User Guide.

Changes

N|Solid v4.9.2 contains the following changes:

General stability improvements and bug fixes
Node.js v14.21.3 (LTS): Includes a Rebase of N|Solid on Node.js v14.21.3 (LTS).
Node.js v16.19.1 (LTS): Includes a Rebase of N|Solid on Node.js v16.19.1 (LTS).
Node.js v18.14.2 (LTS): Includes a Rebase of N|Solid on Node.js v18.14.2 (LTS).

IMPORTANT: N|Solid v4.9.1 contains a Node.js security release. This release includes patches for these vulnerabilities:

CVE-2023-23918: Node.js Permissions policies can be bypassed via process.mainModule (High)
CVE-2023-23919: Node.js OpenSSL error handling issues in nodejs crypto library (Medium)
CVE-2023-23936: Fetch API in Node.js did not protect against CRLF injection in host headers (Medium)
CVE-2023-24807: Regular Expression Denial of Service in Headers in Node.js fetch API (Low)
CVE-2023-23920: Node.js insecure loading of ICU data through ICU_DATA environment variable (Low).
With the new action in N|Solid saved views, you can activate the tracing automatically when one or more processes cross over performance thresholds or match query parameters that you set.

N|Solid

N|Solid v4.9.2 Fermium ships with Node.js v14.21.3.

N|Solid v4.9.2 Gallium ships with Node.js v16.19.1.

N|Solid v4.9.2 Hydrogen ships with Node.js v18.14.1.

Node.js

The Node.js 14 Fermium LTS release line will continue to be supported until April 30, 2023.
The Node.js 16 Gallium LTS release line will continue to be supported until September 11, 2023.
The Node.js 18 Hydrogen LTS release line will continue to be supported until April 30, 2025.

Supported Operating Systems for N|Solid Runtime and N|Solid Console

Please note that The N|Solid Runtime is supported on the following operating systems:

Windows:

Windows 10
Microsoft Windows Server 1909 Core
Microsoft Windows Server 2012
Microsoft Windows Server 2008

macOS:
macOS 10.11 and newer

RPM based 64-bit Linux distributions (x86_64):

Amazon Linux AMI release 2015.09 and newer
RHEL7 / CentOS 7 and newer
Fedora 32 and newer

DEB based 64-bit Linux distributions (x86_64, arm64 and armhf):

Ubuntu 16.04 and newer
Debian 9 (stretch) and newer

Alpine
Alpine 3.3 and newer

Download the latest version of N|Solid

You can download the latest version of N|Solid via http://accounts.nodesource.com or visit https://downloads.nodesource.com/ directly.

New to N|Solid?

If you’ve never tried N|Solid, this is a great time to do so. N|Solid is a fully compatible Node.js runtime that has been enhanced to address the needs of the Enterprise. N|Solid provides meaningful insights into the runtime process and the underlying systems. Click ???? [HERE]

NODE.JS Retro 2022

Posted on by Simon Helberg

Node.js was the top technology used by professional developers in 2022

Stack Overflow’s annual Developer Survey confirmed our experience; Node.js continues to grow its use across the globe due to its scalability and performance as well as its ability to integrate seamlessly with a wide range of technologies and databases make it an ideal technology for businesses of all sizes.

The Node.js open-source project, a cross-platform JavaScript run-time environment built on Chrome’s V8 JavaScript engine, allows developers to use JavaScript to create web applications and serve data quickly, securely, and reliably. That’s why professional developers have adopted it broadly; it helps them in many web-development tasks like API development, streaming, and web and mobile applications as it is fully compatible with existing JavaScript libraries (the Top Language according to Github’s Octoverse Report, it can be used to create highly scalable and dynamic web or mobile applications.

Img 1: Stackoverflow 2022 survey

NodeJS on an Enterprise Level

Node.js excels at simplifying the development process for enterprises. It requires less code to execute tasks, allowing developers to focus on creating high-quality code rather than endless lines of coding. By utilizing asynchronous I/O and non-blocking event-driven input/output makes it lightweight and efficient for building real-time applications.

Img: Node.js Org Use Survey

Node.js is designed to handle high amounts of requests quickly and efficiently. Its architecture is based on a single-threaded, event-driven model that makes it very efficient at handling concurrent requests. This event-driven design allows Node to handle requests without the need for multiple threads. This makes Node.js applications highly scalable, as multiple requests can be served without additional resources or server hardware.

Additionally, Node.js supports streaming and event-based programming, which allows developers to build asynchronous applications. Asynchronous programming will enable applications to respond quickly to multiple requests without waiting for each request to finish before responding.

Therefore the performance of Node.js applications depends mainly on how well they are coded and optimized. Careful planning and optimizing the application code are essential to achieve high performance. Additionally, Node.js applications benefit from caching, clustering, and other optimization techniques. These techniques can help improve the performance and scalability of Node.js applications.

The number one request we get at NodeSource is to help developers and organizations improve the performance of their Node.js applications. It’s a key reason we built our product N|Solid, to provide the visibility and insights to help identify and resolve issues fast without adding overhead like other APMs (NodeSource Benchmark Tool). And why we offer Professional Services from our Node Experts to go a step further with Performance Audits and Training and Node.js Support.

Optimization techniques in Node.js

In our experience, the most common optimization techniques in Node.js are caching, minification, bundling, optimizing database queries, code splitting, using async functions, and using the Node.js cluster module. Here is a quick overview of each.:

Caching

Caching in Node.js helps improve performance by storing data in memory to be accessed quickly when needed. This helps reduce the time it takes to retrieve data from the server and helps reduce the number of requests needed to be made to the server. Caching also allows data to be stored more efficiently, which is helpful for applications with large amounts of data.

Minification

In Node.js reduces the size of code files and other resources by removing unnecessary characters, such as spaces, new lines, and comments, without altering the code’s functionality. Minifying code can help to enhance the performance of your Node.js applications by reducing download time and improving browser rendering speed.

Bundling

Is the process of combining multiple files or resources into one bundle, which typically has a smaller file size than when all files are separate. Bundling can reduce network latency as fewer requests are needed to retrieve data. It also helps improve application performance as the browser can cache a single large file instead of multiple small ones.

Optimizing database queries

In Node.js involves utilizing techniques such as indexing, query optimization, and caching to ensure that database queries are more efficient and run more quickly. Proper indexing can contribute to faster query times. In contrast, query optimization can reduce the time needed to process a query by ensuring that only the data required is requested from the database.

Code splitting

Is a technique to reduce the amount of code sent to the client when a web page is requested. Code splitting efficiently divides code into smaller bundles and only sends the necessary code to the user when needed. This helps improve web application performance, as the user only needs to download the relevant code for the requested page.

Async functions

In Node.js allow code to be run asynchronously, meaning that the code is not executed sequentially. Instead, asynchronous operations can be executed in parallel and execute operations concurrently. This allows the code to execute faster and in a more efficient way. Additionally, asynchronous functions provide better error-handling capabilities and allow greater control over the flow.

Use of the Node.js Cluster Module

The Node.js cluster module allows you to create a group of child processes (workers) that all share the same server port, making it easy to scale your application across multiple CPU cores. It also provides a powerful way to handle requests in a distributed manner and makes it easier to manage and monitor the performance of your application. The cluster also provides an API for sending messages between workers, allowing them to coordinate their activities.

In addition to these optimization techniques in Node.js, it is important to consider the best development practices in Node.js.

The best development practices in Node.js.for 2023

Img: https://xkcd.com/292/

The list includes, but is not less:

Utilizing the latest version of Node.js and ensuring it is regularly updated. For your production binaries, we recommend using our distribution packages (best maintained, documented, and most used production binaries -NodeSource Node.js Binary Distributions

Implementing modern patterns and techniques such as asynchronous programming and proper error handling.

Leveraging dependency management to reduce code complexity and ensure packages are up-to-date.

Adopting modular development practices to create easily reused and scaled components across projects.

Investing in automated testing to ensure quality and stability in the codebase.

Use security libraries to prevent common vulnerabilities and protect against data breaches.

Optimizing memory and resource usage to keep operating costs low.

And to comply with one or several of these good practices, it is essential to use an APM.

Using an Application Performance Monitoring (APM)

Using an Application Performance Monitoring (APM) tool to monitor your Node.js application lets you gain insights into application performance and identify issues quickly. Some popular APM tools for Node.js include New Relic, AppDynamics, Datadog and N|Solid. Each tool offers performance monitoring, error tracking, and real-time analytics features.

Note: Last year, we released for the community an open-source tool to compare the main APMs in Node.js; we invite you to contribute or use it in your work.

Selecting the right APM for Node.js will depend on the specific needs of your project. However (yes, we are biased 🙂), we believe N|Solid is the best APM for Node.js is the best APM for Node.js; because it provides developers with deeper insights and key integrations and adds security features no other APM can.

Conclusion:

Node.js is quickly becoming a popular choice for enterprise-level applications. With its lightweight architecture, scalability, and flexibility,
Node.js is an ideal language for businesses that need applications that can handle high traffic and complex data.
Node.js allows organizations to develop highly-customizable web applications that are secure, reliable, and perform well at scale.
Node.js also has a vibrant open-source community, allowing developers to easily find and use existing libraries and frameworks.

Are you creating a Node.js application?

Follow these simple steps:

Start by selecting a framework. Node.js has many available frameworks, such as Fastify, Hapi, or Koa. Choose the one that best fits the needs of your application.

Set up a package.json file to better manage your project’s dependencies.
Create a folder structure to organize the components of your application.
Structure your code into separate files as your application grows.
Write automated tests for your application.
Implement error handling for any unexpected issues.
Validate user input before handing it off to your application.
Utilize caching to improve performance.
Consider deploying
Use an APM and follow our diagnostic blog-post series (Remember that for Node.js, N|Solid is the recommended option 😉 ).

Good programming could help create a project exactly how you want. In NodeJS, there are so many open-source projects to take inspiration from.

— Wait for our list of projects and technologies in Node.js to keep an eye on in 2023 —

With services from a NodeJS expert company such as NodeSource, you could make the most of the technology’s robust features to achieve your web development goals. We will be happy to support you in your node.js journey!

Here are our channels to follow us and continue the conversation:
Twitter
LinkedIn
Github.
As always, the best place to contact us is via our website or [email protected].

About N|Solid

N|Solid is an augmented version of Node.js that includes additional features such as security, performance monitoring, and enhanced debugging tools. It’s an excellent option for projects that require robust debugging and performance capabilities.

Top 10 N|Solid —APM for Node— features you needed to use

Posted on by Simon Helberg

Nearly a year ago, we launched N|Solid SaaS, and although there are still a few months to go before our anniversary, we wanted to share the top 10 features ofN|Solid that make us proud every day of what we have built.

N|Solid is the best way to monitor and secure your Node.js applications (including in production) that are trusted by developers, software teams, and global enterprise companies. It has an array of features like other APMs, but we go deeper with our insights and are more performant than all others. We created N|Solid to help companies build the best software with Node and save time resolving issues. Because there is significant risk in deploying open-source applications without knowing the security gaps, we provide features to prevent security issues and insights for resolving them.

We are confident we’re the best APM solution for Node. js-based applications; if you are using Node, you should be using our runtime. We’re a complete product/solution, not just an APM focused on Node.

About N|Solid

N|Solid is a toolset built on Node.js that provides a number of enhancements to improve troubleshooting, debugging, managing, monitoring, and securing your Node.js applications. It is 100% compatible with the open-source project and requires no instrumentation of your code.

N|Solid Console

N|Solid provides a web-based console, ‘N|Solid Console’ to monitor your applications but also allows you to introspect your Node.js applications, in the same way, directly in the CLI if you run the __N|Solid Runtime__.

N|Solid Runtime

If you want to introspect your Node.js applications and have the most control from your command line, you’ll run them with the N|Solid Runtime, which is shaped similarly to a typical Node.js runtime but provides some additional executables.

To install N|Solid Runtime, download and unpack an N|Solid Runtime from the N|Solid download site.

Why N|Solid is an APM

Traditionally, the acronym APM has been used to refer to application performance management. However, in recent years it also refers, perhaps more correctly, to Application Performance Monitoring, and that is exactly what N|Solid does, which is why its categorization in this spectrum of applications is correct. Something important to highlight is that it is not a polyglot APM; it is clearly an APM specialized in Node.js, which has always been our focus.

While other APMs support Node.js, none provide the level of insights N|Solid can. In many cases, the APMs can become a part of the problem by consuming significant resources due to how they are designed. But don’t take our word for it. You can check it with real data through this OS Project — The APM’s Benchmark tool —.

APM’s Benchmark Tool – Overview Screen

N|Solid APM (Self-hosted or SaaS) is the best observability and insights tool to manage Node performance and security, and the full platform access enables you to really #KnowyourNode

In this blog post, we want to wrap it up our product series, briefly telling you about the 10 main features of N|Solid. We hope you like it and it helps you get the most out of our product.

[1] Project & Applications Monitoring in N|Solid

Visually view application behavior and identify performance and security issues.

With Project & Application Monitoring, you can track a website or any application based on Node.js. This feature allows you to collect your log data to help developers detect bugs and process use, track downtime, and improve performance to be consistent and focused on the end-user experience.

N|Solid APM – Projects & Applications View

This area is mainly made up of 3 main views that use the Projects and Applications and Process Monitoring:
– Applications view
– Application summary view
– Processes view

Read more about this feature here: https://nsrc.io/ProjectApplicationsMonitoringNS

[2] Process Monitoring in N|Solid

Access deep performance insights.

The applications and associated processes are displayed in this feature of our N|Solid Console. You can visualize Event Loop Estimated Lag, Heap Used, or CPU Used, for example, and you can correlate these metrics in a planimetry. You can also select a specific process to know its general status and vulnerabilities and choose a specific graphic to visually represent the selected information.

N|Solid APM – Process Monitoring

Read more here: https://nsrc.io/ProcessMonitoringNS

[3] CPU Profiling in N|Solid

Shows what functions consume CPU% and how resources are allocated.

CPU Profiling allows you to understand where opportunities exist to improve your Node processes’ speed and load capacity. This feature shows what functions consume CPU% and how resources are allocated.

N|Solid APM – Flamegraph-CPU Profile

Read more here: https://nsrc.io/CPUProfilingNS

[4] Worker Threads in N|Solid

View In-depth metrics of each worker thread.

Worker threads are treated first class and have the same access to CPU profiles, snapshots, etc. as the main process. We are the only solution that has full support worker threads.

View In-depth metrics of each worker thread. With this feature, identify opportunities to improve the performance of CPU-intensive work.

Read more here: https://nsrc.io/WorkerThreadsNS

[5] Capture Heap Snapshots in N|Solid

Understand where and how memory is being used

Taking heap snapshots is a great way to help identify the underlying problem when faced with a memory leak or performance issue. In this way, you will be able to understand where and how memory is being used, and you will be able to quickly resolve memory leaks and performance issues.

N|Solid APM – Capture Heap Snapshots

Read more here: https://nsrc.io/HeapSnapshotsNS

[6] Memory Anomaly Detection in N|Solid

View In-depth metrics of each worker thread.

Identify Memory anomalies taken with a more accurate detection method.
– Insights and metrics are historical, before and after the incident happened.
– Get anomalies at different heap usage levels.
– Detect correlation between sets of memory-specific metrics.
– Filter results by specific processes inside your application.

N|Solid APM – Memory Anomaly Detection

Read more here: https://nsrc.io/MemoryAnomalyNS

[7] Vulnerability Scanning – NCM – in N|Solid

Know all of the potential vulnerabilities within your application.

NCM is security, compliance, and curation tool around the 3rd-Party Node.js & JavaScript package ecosystem. It provides protection against security vulnerabilities and licensing compliance issues and provides risk assessment when working with a 3rd-party ecosystem.

The N|Solid Console can be configured to perform periodic verification of all packages loaded by all N|Solid processes.

N|Solid APM – Vulnerability Scanning from N|Solid Runtime

NCM provides

Actionable insights.
Offline vulnerability scanning.
Prevent processes in an application from launching if they have vulnerabilities with “strict mode.”
NCM-CI (Service Tokens and CI Processes) customization.

__Note__: NCM can be viewed from 3 locations: full overview, per application, and per process.

Read more here: https://nsrc.io/VulnerabilityScanningNS

[8] HTTP Tracing support in N|Solid

Enables the ability to debug application latency and other issues.

HTTP tracing gathers throughput and the lifecycle of any HTTP, DNS, or other types of request.
– Debug latency issues, monitor your services, and more with the collected information.
– See in a timeline graph the density of the number of tracked spans.
– Inspect each span for more detail on the collected trace.
– Filter the results by the attributes of a span and delimit them to the time range.

N|Solid APM – HTTP Tracing Support

Read more here: https://nsrc.io/HTTPTracingNS

[9] Global Alerts & Integrations in N|Solid

Be aware of issues and vulnerabilities. Pre-configured API integrations with key 3rd party services.

You can use automation to trigger alerts over integrations, CPU profiles, or heap snapshots. Be aware of issues and vulnerabilities, Pre-configured API integrations with key 3rd party services.

So when creating the heap snapshot, for example, I will have the notification directly in Slack of my N|Solid Console’s behavior; from there, I can check it by opening the Console.

N|Solid APM – Global Alerts & Integrations – Slack Example

Read more here: https://nsrc.io/GlobalAlertsIntegrationsNS

[10] Distributed Tracing in N|Solid

Better understand the factors that affect an application’s latency.

Distributed tracing is a core component of Observability mainly used by site reliability engineers (SREs) but also by developers and is recommended in that way to obtain the greatest benefits as a team in charge of modern distributed software.

As your system scales, you’ll need to add a tracing and refine sampling capabilities, which means getting the context to understand the complexity of distributed architectures.

N|Solid APM – Distributed Tracing

Distributed Tracing provides several solutions, which include:

Monitoring system health
Latency trend and outliers
Control flow graph
Asynchronous process visualization
Debugging microservices

Read more here: https://nsrc.io/DistributedTracingNS

Still, on our roadmap, we are planning and executing features that will shake up the ecosystem in the coming months. Stay tuned! 😎

Top Ten Features In N|Solid

🧭Projects & Applications Monitoring in N|Solid – https://nsrc.io/ProjectApplicationsMonitoringNS

🌌 Process Monitoring in N|Solid – https://nsrc.io/ProcessMonitoringNS

🔍 CPU Profiling in N|Solid – https://nsrc.io/CPUProfilingNS

🕵️‍♂️ Worker Threads Monitoring in N|Solid – https://nsrc.io/WorkerThreadsNS

📸 Capture Heap Snapshots in N|Solid – https://nsrc.io/HeapSnapshotsNS

🚨 Memory Anomaly Detection in N|Solid – https://nsrc.io/MemoryAnomalyNS

🚩 Vulnerability Scanning & 3rd party Modules Certification in N|Solid – https://nsrc.io/VulnerabilityScanningNS

👣 HTTP Tracing Support in N|Solid – https://nsrc.io/HTTPTracingNS

⏰ Global Alerts & Integrations in N|Solid – https://nsrc.io/GlobalAlertsIntegrationsNS

🪄 Distributed Tracing in N|Solid – https://nsrc.io/DistributedTracingNS
…and more

Want to try N|Solid?

To check out the top 10 features and more in N|Solid, create your account in sign up or sign in, in the top right corner of our main page. More information is available here.

As always, we’re happy to hear your thoughts – feel free to get in touch with our team or reach out to us on Twitter at @nodesource.