When I started to research available options for this next release decided to go with NodeJS on the server side over the Microsoft .NET stack and PHP. There are always tradeoffs with any technology choice and while I had some valid concerns about the security and stability of the NodeJS ecosystem in general I felt confident all the known issues were either resolved or easily mitigated.
The NodeJS stack was progressing really nicely when I was introduced to Erlang and Elixir in the early spring of 2023. I was intrigued but had no interest in abandoning all of the work on the backend up to this point and essentially starting over. But I definitely wanted to learn more about both Erlang and Elixir so I set about learning about the language.
It felt like coming home after a very long trip. So many concepts just felt familiar and eventually I figured out why. In the mid-1980s I wrote a configuration tool for my employer’s sales force. I worked for an electronics distributor and we started selling high end systems running unix and unix-like operating systems. I used Prolog to create the PC based application and the sales force loved it. Elixir embraced much of Prolog’s feature set.
After a couple of weeks of learning about and experimenting with Elixir I realized it was a much better option for the RediDraft server. And yet I was still hesitant to take a huge step back to redo all of the work up to that point. After a couple more weeks I knew I had to do it.
The Erlang virtual machine called BEAM is rock solid, secure and extremely performant. Elixir compiles down to byte code to execute on BEAM. One of the biggest benefits of BEAM is when things fail they automatically recover to a known good state and move on. That means all the defensive code needed in environments like NodeJs and PHP are just not needed. You code for the happy path and make sure anything falling outside that path fails … no fuss … no muss. The re-write of the server functionality took less than a month and only required about 1/3 of the code needed in NodeJS.
Beam is unmatched for security too. It comes from the telephony industry where things have to just work, stay secure, be easy to update and maintain, be extremely performant, and easy to scale. BEAM is truly multi-threaded and can run hundreds of thousands of processes … even millions … on modestly sized hardware. For RediDraft 2024 the API application server in production will consist of two small to medium VMs with a load balancer in front of them. This is for redundancy. Either one could easily handle the entire anticipated load with plenty of room to spare.
I’m a firm believer in the idea of things happening as they are supposed to happen when they are supposed to happen. My exposure to BEAM and Elixir happened at the perfect time for this project and for several others too. Honestly, the integration, performance and security testing were not going as well as I had hoped with the backend running NodeJs. It worked. It was secure but it was apparent there was going to be a continual effort to keep the backend performant and secure over time. After making the jump the penetration testing has not identified any vulnerabilities and there has been no successful intrusion. While that is comforting it is not a reason to slack off on continual pentesting and probing.
The same is true for performance. Even after simulating three times the maximum expected load the application barely broke a sweat. This is extremely good news because it means we can confidently offload tasks from the client side to the server side and not adversely impact the user experience.
I am delighted with this technology stack for RediDraft. I am using it for all my new projects on the consulting practice side because it lets me create a better product that’s easier to maintain and extend faster than ever before!
As I’ve made this move others have questioned why I would abandon the hot tech that is NodeJS for something much earlier on the adoption curve. I know BEAM is not for everyone. In my opinion it is best suited to the more advanced developers who understand chasing the latest buzz-worthy tech is not always a good thing.
0 Comments