Choosing backend technology is an important decision that CTO or founders have to make at the beginning of the project. It has a significant impact on time to market, speed of the development, total project costs, scalability limits, and future maintenance overhead.
Remember, making the wrong decision may cost you money, so take your time, choose wisely, and do it carefully.
Your team will code on the same language. Hiring and switching developers become much more comfortable, and technical knowledge sharing between team members becomes a breeze. In this environment, even junior developers will grow in skills quickly.
You can see the raw performance compared to other programming languages in numbers:
Node.js has another trick in its sleeve. Thanks to non-block asynchronous I/O in the design’s core, it can handle multiple requests at the same time on a single thread. Database calls, network operations, and other non-CPU-intensive tasks can run in the background, while the main thread serves other requests. These mechanisms are built on top of low-level asynchronous APIs of the operating system itself and are very efficient. Having only a single thread reduces thread switching overhead by the OS and total memory consumption because every new thread requires its stack memory. Data APIs use streaming, which decreases time to respond and memory usage even more, especially when dealing with sizeable chunks of data. Thanks to all of that, usually, NodeJs can handle more concurrent requests on a single thread with lower latency than equivalent blocking code in different languages using over one core. It’s unmatched for high-load and low-latency applications like game servers, chats, videoconferencing, and even trading software.
Node.js has been here for a long time. It has its package manager called npm (node packet manager), which already become huge and still growing. Npm has over 10 million users who download well over 30 billion packages every month.
from npm blog, December 2018
Nowadays, 97 percent of code in modern web applications comes from open-source npm modules. That proves its undisputable popularity among developers. You can find everything you need in the registry, from essential utilities, collections, database drivers, and API clients to machine learning, CAD, and blockchain libraries.
Despite incredible performance offered by Node.js, many modern applications need to scale past one physical machine to handle the load. Loosely coupled microservice and serverless architectures are the way to go here. This style is best described by Martin Fowler and James Lewis as “an approach to developing a single application as a suite of small services, each running in its own process and communicating with lightweight mechanisms, often an HTTP resource API.” Lightweight runtime like Node.js is an excellent choice for microservices and a first-class citizen of AWS Lambda, Google Cloud Functions, and many more serverless solutions.
Here’s the shortlist of the most important ones for convenience:
- Extract secrets from config files and avoid publishing secrets to the npm registry
- Use ORM/ODM to prevent query injections, especially with SQL databases
- Escape HTML, JS, and CSS output to avoid XSS attacks
- Run Node.js as a non-root user
Large startups are using Node.js in production for a long time and achieved truly astonishing results with it.
Walmart’s switch to a microservices architecture on Node.js followed with overnight 20% conversion growth in general and 98% mobile conversion growth. They’ve had 100 percent uptime on Black Friday while handling over 500 million page views. Operational savings were also significant, as they moved off of its expensive hardware onto cheap virtual x86 servers. New deployment had 40 percent less computing power and resulted in 20 to 50% overall cost savings.
After switching to Node.js from Ruby on Rails, Groupon has reported twice faster page load times. Node.js servers handled 50,000 requests a minute with plenty of headroom to handle growth while utilizing less hardware than the legacy Ruby code.
Yahoo has been using node to handle colossal traffic of approximately 2,000,000 requests per minute. The company has around 200 node developers, 500 internal, and 800 external node modules. “Speed and ease of development” is the most significant advantage of Node.js according to their experience.
When GoDaddy was running the SuperBowl ad campaign, its Node.js microservices were able to handle 10,000 requests per second with 100% uptime, using only 10% of the available hardware resources.
In 2015, IBM, Microsoft, PayPal, Fidelity, and SAP became the founding members of the Node.js Foundation that was created to “enable widespread adoption and help accelerate the development of Node.js.” The list of organizations using Node.js in production is continuously growing, and probably all well-known companies are already using it in some way.
Most drawbacks from the early days got resolved as Node.js became a more robust framework. Yet, there are still a few things to keep in mind when considering it for a new project.
Callback hell used to be a thing in the past days. Asynchronous code worked by passing a callback that gets executed when the operation completes or fails with an error. Chaining those callbacks inline was a nightmare and led to unreadable spaghetti code. The way to avoid it was to extract some callbacks into separate functions and use them, but that had some drawbacks.
Heavy computation was a big no-no on the server before worker threads. It blocked the whole thread from serving other requests, which drastically dropped performance and reliability. It’s no longer an issue as computation can be done asynchronously on a separate thread and pass the results back to the main thread that handles everything else. Leveraging faster programming languages remains available as a more advanced option.
NPM itself can be a problem sometimes because of its insane popularity. Hundreds and even thousands of new packages get pushed there every day. There’s always a temptation to use everything out there to do the job quicker, even if it’s unpopular and poorly maintained. We try to resist that and depend only on packages with some track record, weekly downloads, commit history, unit tests, and star rating in the commercial software we create. With personal pet projects, on the other hand, everyone deserves a chance. It’s impossible to avoid all the issues entirely. For example, in situations like left-pad broke the internet.
The benefits are enormous, that’s why it’s been already adopted not only by small and nimble startups but also by large bureaucratic enterprises. Keep in mind that Node.js is not a silver bullet, and you should always pick the right tool for the job.
If you have some questions, just book a free consultation with our experts using the form below.