Save time managing and deploying your node.js app. Code faster with jitsu and npm

Nodejitsu brings the npm registry to the Enterprise with StrongLoop

About the author

nodejitsu nodejitsu

The adoption of node.js by large enterprises has outstripped even our most optimistic expectations. Leaders like Walmart, LinkedIn, and Zappos have led the charge and today, nearly every team we speak to is using node in their production stack. This success presents new challenges for both node core and the npm package ecosystem.

With the acquisition of IrisCouch, Nodejitsu has become the official host of the public npm registry. This puts us in a position to help the people running enterprise node deployments meet these challenges and maximize success on their development team.

With that in mind: Nodejitsu is excited to announce our Enterprise npm registry offering along with our new partnership with StrongLoop!

Bringing npm to the Enterprise

Last week we discussed how important the npm module ecosystem is to the success of node.js. But how can your organization reap the benefits of npm and node.js while meeting the demands of enterprise deployments?

This is easier in theory than in practice. This is because the same qualities that make npm an incredible wealth of developer resources on a small-medium scale can become a hindrance when you’re developing and maintaining an enterprise deployment of node without your own private npm registry. Some of the challenges are:

Everyone shares the same public registry

Put bluntly: you don’t want ‘npm install’ to run at the same speed for your business as it does for a hobbyist developer. By installing your node.js packages from a dedicated private npm registry you can greatly decrease your deployment times.

Geographic challenges

Latency from the public registry can become even more time consuming if you’re far from the datacenter (in Virginia) where the npm registry is hosted. By co-locating your private npm registry with your applications you remove any latency concerns when deploying.

All packages are public

If you’re not running a private npm registry today, that means that anything your developers publish to npm is public. This is fine for Open Source projects, but how do you manage a modular codebase of private packages?

Many companies running node.js in production still rely on other storage backends, such as git, for these private packages which leads to complications managing SSH keys and other parts of the deployment workflow. By switching to a private npm registry you can securely install all of your private node.js packages from a single, easy to manage location.

Unexpected wildcards

All node.js packages use semantic versioning to specify their dependencies. The one downfall of semantic versioning is inconsistent dependencies for a single application deployed at different times. For example, if your application has “*” in your package.json:

  dependencies: { "express": "*" }

and you deploy your application on Monday the dependencies installed could be different from when you deploy your application on Friday. Although this can always be resolved by best practices, in a large enough organization you want to be sure that simple developer error does not cause defects in your applications.

Managing users is painful

Because we run the public npm registry, we are the only company with access to the encrypted authentication information stored in the _users database in CouchDB. This means that the Nodejitsu Enterprise npm registry can automatically replicate your developers authentication information for you. This saves you and your team from the tedious process of managing user accounts.

Enterprise(node.js + npm registry) === require(‘success’)

“Empirical learnings from practice always trump conclusions drawn from theory.”
-- Isaac Schlueter, head of the Node.js project

With this in mind, Nodejitsu is also announcing a strategic partnership with StrongLoop to complement our Enterprise npm offering. Choosing a supported, robust private npm registry combined with a supported node.js distribution like SLnode both backed by a seasoned and experienced team of core contributors is a recipe for success with node.js at any scale.

Interested in getting an Enterprise private npm for your organization? Get a quote from our sales team now!

StrongLoop Node - A certified distribution of Node.js

The StrongLoop Node distribution gives you a path forward to get technical support and bug fix coverage before heading into production. For developers who are new to Node, StrongLoop Node gives you the perfect starting point. Navigating over 33,000 modules and the unique features of Node itself can be an overwhelming experience. StrongLoop Node comes with vetted modules including:

  • Express - web application framework
  • Connect - rich middleware framework
  • Passport - simple, unobtrusive authentication
  • Mongoose - elegant mongodb object modeling
  • Async - higher-order functions and common patterns for asynchronous code
  • Q - a tool for making and composing asynchronous promises in JavaScript
  • Request - a simplified HTTP request client
  • Socket.IO - cross-browser WebSocket for realtime apps
  • Engine.IO - transport layer for real time data exchange
  • SL Task Emitter - perform an unknown number of async tasks recursively
  • SL Config Loader - recursively load config files
  • SL Module Loader - separate your app into modules loaded by config files
  • SL MQ - MQ API with cluster integration, implemented over various message queues

Bottom line: An organization that starts development on StrongLoop Node ensures that by the time they go to production, they will have a company and a feature set that stands behind them.

Enough already. How can I get an Enterprise private npm registry today?!