Node Interactive North America 2016

An account of how one JavaScript developer (that’s me, hi!) figured out what the heck was going on in Node.js core code.

Software development is done differently in China, which is arguably one of the two largest market and audience of the software most people are developing for. Day to day tools, choice of framework, and even user expectations vary widely. Come learn about the reasons behind the disparity between China and the rest of the world, some of the unique challenges China faces, and the work that software companies such as Autodesk do for developer experience in China.

At Netflix, our data access platform is at the heart of nearly every request from our subscribers. It enables our innovative UIs to communicate efficiently with our bevvy of backend services while growing our subscriber base to 75 million members. As a result of this scale, this monolithic platform requires ever increasing resources to run and maintain, both regarding hardware (32 vCPUs per instance) and developer productivity (try running that on your laptop!). As we continue to grow and expand our subscriber base globally (#netflixeverywhere), we need fundamentally to change the monolithic design of our platform.

In this talk, I will discuss the new container-based data access platform that’s replacing the monolith. See how the architecture of this cross-cutting project allows us to build isolated microservices with Node.js and Docker. Examine the tools and infrastructure we’re building across our stack that enable engineers to effortlessly build, debug, test and their code on this platform anywhere -- whether it’s locally on your laptop, or remotely in the cloud -- all made possible thanks to Node and Docker.

Everyone loves a good twitter bot, and node lets you get one up and running very easily. But what if we made bots cuter and more intelligent? Instead of using text as fodder for this bot, I'll show you how to use Twitter's API, ImageMagick, and Microsoft's Face API to
manipulate selfies with cute overlays.

The term 'multimodal interactions' (MMI) on the HCI field refers to the situation where a system offers many ways of interaction.  

This talk combines an academic subject with the daily JS we already know. It is an effort to bring together two, at first, different worlds looking for a win-win situation.  On the one hand, academia could enjoy getting a novel approach to a particular problem thanks to our awesome JS.  On the other, the industry can get new ways of interaction which can be applied on a variety of context and/or products. In short, the talk contains: - A quick introduction to MMI (Multimodal Interactions) - A particular novel approach to add support for MMI on Web Apps. - Short list of related open problems or possible research lines to pursuit.

The microservice architecture is a powerful way to structure large scale Node.js systems. Microservices bring many benefits, enabling rapid development, making continuous delivery easier, and making fine-grained scaling practical. But this architecture is a distributed system, and brings with it all the associated challenges of such systems, not least of which is the need for individual services to find each other. Deciding how to solving the service discovery problem is a key decision point for any architect building microservice systems.

A common approach is to use a service registry. Unfortunately service registries bring their own problems, such as ensuring consistency while scaling, or increasing deployment complexity with the need to run agents. All this could be forgiven, but for a greater sin - registries encourage strong coupling between microservices by providing a concept of serviceidentity. The very purpose of the registry, service discovery, is poisonous to one of the key benefits of microservices - that the system is dynamic and flexible.

There is a better way. Services can find each other dynamically, using gossip protocol algorithms. Highly efficient algorithms such SWIM (Scalable Weakly-consistent Infection-style Process Group Membership Protocol) mean that microservices can do away with service discovery altogether, relying instead on an constantly evolving, dynamic map of their local network. By pushing intelligence to the edges of the network, not only does this approach make failure detection orders of magnitude faster (no more waiting for heartbeats to timeout), but it also makes deployment much easier, as the network configures itself.

This talk will examine the use of the SWIM algorithm to build a Twitter clone in Node.js, one microservice at a time.

As the popularity of Node.js continues to increase, so does the complexity and scale of the applications created. With the increasing number of enterprise deployments, the need for a comprehensive full stack testing strategy becomes even more critical. More than other technologies, this environment has valuable modules to promote test-driven development and integrated testing.  Developers and testers can benefit from these tools and technologies to simplify their testing, speed up their test time, and have a lot of fun at the same time.

The NodeJS community has set a great standard for developing unit tests and measuring code coverage.  Even so, there are many levels of testing that need to be considered from unit, performance, API, to the front-end testing. Learn the best testing practices, process, tools, and modules to develop a continuous, integrated, full stack test solution for your next Node.js application. With organizations like PayPal, Walmart, Netflix, and LinkedIn leveraging Node.js at an enterprise level, it’s clear that a full stack test strategy is a must. This presentation will make sure that you are aware of some of the latest techniques to quickly deliver high quality test results for Node.js.

In this talk, Joyee will talk about alinode's experiences in analyzing the V8 garbage collection logs and diagnosing performance problems caused by V8 GC pauses and memory leaks.

A primer on growing the Node.js story in the enterprise. Trevor was a KrakenJS team member and Node.js platform lead at PayPal and speaks from experience on adopting Node.js and growing it to massive scale. This primer is a guide on some initial considerations of such an undertaking.

Crankshaft is the V8 JavaScript engine’s optimizing compiler, a helpful little fellow built into the V8 engine that is designed to improve the performance of our JavaScript applications. But how does it work? In this talk, we’ll deconstruct the internals of the Crankshaft compiler, discuss the process it goes through to optimize our code and the results of these optimizations, and examine how we might leverage our understanding of the internals in our day to day development work.

Cryptography is a complex and confusing subject. There seems to be more disinformation than actual information. Learn how to properly use cryptography to secure user credentials and sensitive data. We will discuss cryptographic methodologies and algorithms available to Node.js. The focus will be on encryption, digital signatures, and hashing. We will discuss methodologies as part of a compare and contrast based on cryptography strength and randomness.

This talk is a head first dive into the next-gen core tracing API’s being developed under the Node.js Diagnostics Working Group. We’ll learn about the upcoming AsyncHooks API and how this can be used to build your own high level instrumentation logic in production.

Node.js is growing up, and with that comes the responsibility of proper legacy support. As of Node.js Argon (v4.2.0) there is an official Long Term Support release cycle that lasts for 30 months! 

How does a project moving at the pace of node maintain multiple release lines? How does a commit get backported? How is a release actually made? You will learn all this and more on this weeks episode of "Node.js Releases, how do they work?".

It's important to be able to figure out what's going on when things go wrong in your Node.js production application. Tools are needed to investigate memory leaks, crashes and other "interesting" events in production. The post-mortem community working group (https://github.com/nodejs/post-mortem) is working on these problems. Come and learn about the key issues being worked, and the progress of the working group so far as illustrated through examples and code.

This talk is about creating node.js interfaces for native libraries written in C. It is not so much about the mechanics of writing the code, or about the structure of a npm package containing a native addon, but about the various situations you are likely to face when writing addons. It starts with the assumption that it is best to create an addon that provides as little abstraction as possible so as to allow you to provide a Javascript API to the consumers of your project that is itself written in Javascript. The portion of the node.js documentation that describes native addons, the V8 reference, and the reference provided by the Native Abstractions for Node project give you an ample toolset for creating native addons. Once you've managed to create your first native addon, and are ready to bring a complete native library into the node.js world, you will be faced with having to translate the artifacts of the C language into Javascript concepts. At that point, it pays to be systematic. It is beneficial to break the library's API into constants, enums, structures, and functions, and bind each onto the node.js module you are creating in as automated a fashion as possible. In my presentation, I will describe some patterns for dealing with data structures, pointers, and callbacks one needs to pass to the native library. Finally, I will show some examples of projects where I've applied these concepts.

When building a large enough set of services using node.js, there will be a point when you find that your application is suffering from performance or memory issues. When this happens, you have to roll up your sleeves, get your tools and start digging. This talk explains how you can use tools such as ab, flame graphs, heap snapshots and Chrome's memory inspector to find the cause of these. We will go over two real life issues, a CPU bottleneck and a memory leak, we found while building our services at Auth0, and also explain how we fixed them.

Discussing the process taken in creating interoperability between ES modules and existing node modules. This covers the history of the interoperability proposal as well as some lessons on what ES modules are. We will be discussing largely the how and why of the proposal, not the exact implementation of proposal. Discussion will take an approach of the process, and walk through how the process worked out in one of the first major EP since the creation of a standard way to discuss disruptive changes to node's core. This is a major ecosystem change and is targeted towards a general audience since discussion of the effects of the change on all involved parties affects almost everyone.

Security - the elephant in the room. Everyone agrees that it is very important but few takes it seriously: in the recent past a huge number of companies leaked massive amounts of user data. Let's take a look how we can survive web security - from an application developer's point of view. In this talk we are going to touch the most common web security issues as well as some advanded attack vectors and learn how to defend our applications against them, like:  
* cross-site scripting, 
* injection attacks, 
* storing passwords, 
* cross-site request forgery, 
* securing dependencies,
* timing attacks