Surviving AWS Failures with a Node.js and MongoDB Stack

jieforest發表於2012-06-30
Node+Mongo on EC2 is a very popular software stack among web services developers. There are many user guides on how to design such a system with built-in redundancy so that even coordinated failures don’t bring down the service.

The absolute minimum for a resilient service requires a MongoDB replica set behind a load-balanced node farm. However, you are not ready for an EC2 outage until you have deliberately shutdown components in your system and verified the expected behavior.

As you periodically do this, you might discover that there are gaps you did not account for. In this blog I want to share our experiences beyond the initial configuration and add some fine details on creating a Node+Mongo application that is both secure and resilient to common EC2 failures.

What you should worry about upfront:

1. Node.js single event will by default crash on an unhandled exception so you need to worry about restarting the process. Upstart or forever will do the job.

2. You also have an external process on your server making liveness checks and potentially restarting your service. Monit is a good one, it has the added benefit of emailing you when it had to restart. While upstart ensures that your process is up, monit ensures that it is responsive, and those are two different things.

3. Your application instances and your MongoDB instances are each load balanced across multiple Availability Zones. The more the better.

4. Place the node servers and the mongo servers all in a security group, which beyond ssh allows only the Mongo ports internally and your application ports externally. This is trivial to set up and protects your database from external requests.

5. If you are like us, you have the additional protection of the MongoDB authentication. Mongo’s security model has limited robustness, but having authentication in your MongoDB store is still useful even if the application and the database are inside an EC2 security group. For your data to get exposed, you will have to make multiple mistakes at the same time, which happens, but the chances are greatly reduced.

來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/301743/viewspace-734198/,如需轉載,請註明出處,否則將追究法律責任。

相關文章