of 24/24
Pro Meteor Arunoda Susiripala Introduction to Pro Meteor Pro Meteor is a guide that has been created as a reference for building a production-quality Meteor apps. Main focus of this guide is to show you on how to scale Meteor apps and maintain them with existing web proven technologies & services. The guide assumes that its reader has a basic understanding of Meteor, but for readers that need a better introduction, Discover Meteor comes highly recommended. Good Luck & Happy Reading! Arunoda Susiripala Hacker at MeteorHacks Understanding Meteor Internals This section is an introduction to Meteor’s internals, and serves as the foundation for the Pro Meteor guide. Meteor Internals: Meteor as a Server and a Client A Meteor application is seen by browsers, proxy servers, routers and other network components as a typical web application. Yet Meteor is comprised of two main components: a part that runs inside the browser and another part that runs inside the server. These two parts are configured to communicate with each other in a way that’s similar to modern web applications e.g. Gmail and Trello Meteor allows developers to build applications without worrying about the complexities of client-server connectivity. 1

Pro Meteor Book

  • View
    673

  • Download
    30

Embed Size (px)

DESCRIPTION

Meteor Reaction

Text of Pro Meteor Book

  • Pro Meteor

    Arunoda Susiripala

    Introduction to Pro Meteor

    Pro Meteor is a guide that has been created as a reference for building aproduction-quality Meteor apps. Main focus of this guide is to show you on howto scale Meteor apps and maintain them with existing web proven technologies& services.

    The guide assumes that its reader has a basic understanding of Meteor, butfor readers that need a better introduction, Discover Meteor comes highlyrecommended.

    Good Luck & Happy Reading!

    Arunoda Susiripala

    Hacker at MeteorHacks

    Understanding Meteor Internals

    This section is an introduction to Meteors internals, and serves as the foundationfor the Pro Meteor guide.

    Meteor Internals: Meteor as a Server and a Client

    A Meteor application is seen by browsers, proxy servers, routers and othernetwork components as a typical web application. Yet Meteor is comprised oftwo main components: a part that runs inside the browser and another partthat runs inside the server. These two parts are configured to communicatewith each other in a way thats similar to modern web applications

    e.g. Gmail and Trello

    Meteor allows developers to build applications without worrying about thecomplexities of client-server connectivity.

    1

  • Figure 1: Meteor has 2 parts, which run on the browser and the server

    Meteor Handles Three Different Types of Requests

    Underneath its surface, Meteor handles 3 types of requests. They are:

    Static Files DDP Messages HTTP Requests

    Static Files

    Static files are images and other resources inside the /public folder. Meteorserves these files automatically when the app starts.

    Additionally, Meteor minifies and concatenates all JavaScript (including tem-plates, which are pre-compiled as JavaScript) and CSS files, and serves them asstatic files.

    DDP Messages

    DDP is the protocol Meteor uses to communicate between client and server.All client-side subscription data, method calls and MongoDB operations arecommunicated as DDP messages. This is a very lightweight protocol. Thesemessages can be inspected with a handy tool called ddp-analyzer.

    2

  • HTTP Requests

    While there is no official documentation, Meteor can handle HTTP Requestssimilar to other traditional applications. For example, file uploads to a Meteorapp are sent as HTTP Requests. See this StackOverflow question for details onhow to manually handle HTTP requests.

    Meteor has Two Types of Servers

    Although Meteor runs on a single port, internally it works as two separateservers:

    HTTP Server DDP Server

    Figure 2: Meteor Server is a combination of a HTTP Server and a DDP Server

    HTTP Server

    The HTTP server is used to serve static files and HTTP requests. Meteor usesthe connect Node.js module for this purpose.

    DDP Server

    The DDP server handles all publications, MongoDB operations and Meteormethods. Meteor uses SockJS as the transport protocol. In actuality, the DDPserver is a SockJS server customized for Meteor.

    3

  • Future guides will detail how to scale these two servers separately.

    MongoDB and Meteor

    Its possible to scale Meteors HTTP and DDP servers by running multipleinstances of Meteor connected to the same database, but the result isnt ideal.Because of the way Meteor polls MongoDB for changes, if one Meteor instanceupdates MongoDB, it may take several seconds for other instances to detect thechange and propagate it to connected users.

    To illustrate this further, think of two Meteor instances (A and B, with theirrespective HTTP and DDP servers) serving the same chat app. In front ofthese, a reverse proxy randomly connects users to one of these instances. Whensomeone connected to server A posts a chat, users connected to server B wontsee the chat in real-time, as they would have to wait a few seconds before serverB recognizes the change and pushes the chat to its users browsers.

    In later sections, Ill show you how to configure both Meteor and MongoDB toget rid of this issue.

    This polling logic is very expensive for production use, and it wouldbe better to use a solution based around the MongoDB Oplog.Meteor 1.0 comes with a such driver, but you can use Smart Collec-tions until 1.0 comes.

    Now you have a better understanding of Meteor internals, particularly when itcomes to scaling. Lets start our journey.

    Fibers, Event Loop and Meteor

    Meteors use of Fibers allows it to do many great things. In fact, Meteorspopularity may be a direct result of its use of Fibers, though you wouldnt knowit without a deep understanding of Meteors internals.

    Its a bit hard to understand how Fibers works, and how it relates to Meteor. Butonce you do, youll have a better understanding of how Meteor works internally.

    Event Loop and Node.js

    Meteor is built on top of Node.js, so we cant forget the Event Loop. Node.js runson a single thread, and thanks to the Event Loop and event-driven programming,program execution isnt blocked by I/O activities (network and disk, mainly).

    4

  • Instead, we provide a callback function that is run after the I/O completes, andthe rest of the program continues to run.

    Heres a psuedo-code example showing two different tasks.

    // Call functions.fetchTwitterFollowers('arunoda');createThumbnail('/tmp/files/arunoda.png', '/opt/data/arunoda.thumb.png');

    // Define functions.function fetchTwitterFollowers(username) {TwitterAPI.getProfile(username, function(){Model.setFollowers(profile.username, profile.followers, function() {console.log('profile saved!');

    });});

    }

    function createThumbnail(imageLocation, newLocation) {File.getFile(imageLocation, function(err, fileData) {var newImage = ImageModule.resize(fileData);File.saveFile(newLocation, function() {console.log('image saved');

    });});

    }

    Now lets see how the above two functions get executed over time.

    Tasks in fetchTwitterFollowers are marked in green, and tasksin createThumbnail are marked in orange. Dark colors show CPUtime, and light colors show I/O time.The Blue Bar shows waitTime in the queue and the Red Bar showsidleTime.

    Observations

    The diagram above shows us a few interesting things. First, there is no particularprogram execution order. I/O activities can take any amount of time to complete,and they wont block the program from executing other tasks. For example,ImageModule.resize does not need to wait for Twitter.getProfile to becompleted before it can be run.

    Second, CPU-bound activities do block program execution. In the middle of thediagram you can see a blue bar where Model.setFollowers cannot get started

    5

  • Figure 3: Understanding Event Loop

    6

  • even though TwitterAPI.getProfile has completed. ImageModule.resize isthe reason for that. It is a CPU-bound task, so it blocks the Event Loop. Asmentioned earlier, Node.js runs in a single thread. Thats why Node.js is not thebest choice for CPU-bound activities like image processing and video conversion.

    You can also see there are three red bars indicating idleTime. If our app hadmore functionality, it could use this time to execute it.

    Fibers

    Now you know how the Event Loop works, and how efficient it is. But there isa problem: Callbacks. Callbacks make Node.js code difficult to reason about(some describe it as callback soup). Error handling and nested callbacks areuncomfortable to write, and their existence makes code difficult to maintain andscale. Thats why some say Node.js is hard to learn (and use).

    Luckily, several techniques exist to overcome this issue. Fibers, Promises, andGenerator-based coroutines are some of them.

    Meteor uses Fibers, and implements APIs on top of it. But before going into itany further, lets see how Fibers works. See the diagram below.

    Fibers provides an abstraction layer for the Event Loop that allows us toexecute functions (tasks) in sequence. It allows us to write asynchronous codewithout callbacks. We get the best of both worldsasynchronous efficiency withsynchronous-style coding. Behind the scenes, Fibers takes care of dealing withthe Event Loop.

    Fibers is really good if you use it correctly (Meteor does it well). Also, theoverhead caused by Fibers is negligible.

    How Meteor Uses Fibers

    Meteor abstracts Fibers with its APIs, allowing you to write your app withoutcallbacks. The best part is that you can write your code this way and becompletely oblivious to Fibers. It just works.

    Meteor creates a new Fiber for each and every request (DDP Request) madefrom the client. By default, Meteor executes one request at a time for each client,meaning one Fiber for each client at a time. But you can change that.

    Fibers is the one of the best reasons Meteor is so popular. Since it allows usto write Node.js apps without callbacks, it has attracted many developers whohated Node.js for that reason.

    7

  • Figure 4: Understanding Fibers

    8

  • How To Use Async Functions With Meteor

    We cant satisfy 100% of our needs with Meteors APIsometimes we need touse NPM modules to get things done. But how can we do this if we dont knowhow to use callbacks with Meteor?

    For example, say you need to use the Github NPM module to get your userspublic profile. It needs to be done inside a Meteor method, and we need toreturn the profile from the method. Okay, lets try to implement this.

    var GithubAPI = Meteor.require('github');var ghapi = new GithubAPI({version: "3.0.0"});

    Meteor.methods({getProfile: function(username) {ghapi.user.getFrom({user: username}, function(err, profile) {// How to return?

    });

    // We need to return the profile from here.}

    });

    We cant use callbacks like above. We cant return the profile to the client fromthe callback, because the Meteor method wont wait for the callback beforereturning. Now we need to learn how to deal with Fibers. Or do we?

    Meteor foresaw this problem and provided us with a very simple API to getaround it. Its not documented yet, but heres how you can use it.

    meteor-npm also comes with a set of async-utilities to work withnpm modules.

    function getUserProfile(req, callback) {ghapi.user.getFrom(req, callback);

    }var wrappedGetProfile = Meteor._wrapAsync(getUserProfile);

    Meteor.methods({getProfile: function(username) {return wrappedGetProfile({user: username});

    }});

    The code above is simple to understand. We wrapped the ghapi.user.getmethod in a function, and called that function with Meteor._wrapAsync to

    9

  • make it Fibers aware. Now we can use it inside Meteor methods and otherMeteor APIs.

    If you know how bind works, you can do the wrapping in a single line as shownbelow.

    var wrappedGetProfile = Meteor._wrapAsync(ghapi.user.getFrom.bind(ghapi.user));

    Finally

    Now you have a better knowledge of the Event Loop, Fibers, and how Meteoruses Fibers. And you know how to use asynchronous functions with Meteor usingMeteor._wrapAsync. Its time to supercharge your app with this knowledge.

    Additional Notes

    If you are looking to learn more about Fibers and related technology, pleaserefer to the following great screencasts by EventedMind.

    Introducing Fibers Using Futures Meteor._wrapAsync Understanding Event Loop Async and Fibers

    Does Meteor Scale?

    Most people considering Meteor for a production deployment are wondering if itcan scale. Some say Meteor is a good framework for prototyping, but not forproduction. After you read this, youll be able to decide for yourself.

    Scaling Myth

    With the emergence of cloud computing (and specifically Heroku), many havecome under the impression that scaling means adding more instances of anapplication. Thats not completely true.

    Routing, sessions, job processing, static file serving, and database optimizationare key concerns when it comes to scaling, among other things. Any Meteor appthat intends to deploy into production needs to addressor at least considertheseissues. On top of that, Meteor has its own issues.

    10

  • Issues Unique to Meteor

    Meteor isnt like Ruby on Rails, Express (the Node.js framework), or PHP. Itsa special framework with its own issues, many of which have been solved outsideof the Meteor community already. We just need to figure out how to fit themtogether and apply them correctly to Meteor. So, lets have a look at these issuesfirst.

    Use of SockJS

    Meteor uses SockJS as the transport layer for communicating between clientand server. SockJS needs sticky sessions, which means that all the requests fora particular client must be served from a single server for a specific amount oftime.

    Hot Code Reloading

    Meteor apps are single-page apps, which are long-lived in the browser. Single-page apps can sometimes experience conflicts between the server and client dueto a version mismatchespecially when new code is pushed often, which is notso rare these days. Fortunately, Meteor features hot code reload, which identifiesany code changes on the server and asks the browser to reload. Additionally,Meteor is smart enough to preserve session information through the reload.

    Due to the default hot code reload logic, a Meteor client app needs to connect(via DDP) to the same server it was loaded from.

    Polling for Changes in MongoDB

    Meteor is all real-time, which it currently achieves by fetching and comparingdocuments after every database write operation. Meteor also polls the databasefor changes every 10 seconds. These are the main bottlenecks when scalingMeteor, and they introduce two main issues:

    1. The polling and comparing logic takes a lot of CPU power and networkI/O.

    2. After a write operation, there is no way to propagate changes to otherMeteor instances in real-time. Changes will only be noticed the next timeMeteor polls (~10 seconds).

    See how Meteor identifies database changes with polling:

    11

  • Figure 5: Real-time Changes with MongoDB Polling

    How We Can Solve Meteors Scaling Issues

    There is nothing which cannot be solved. Continue reading to learn how to solvethe above-mentioned issues with Meteor, and some other common scaling issues.The next few sections will discuss the full implementation of these solutions.

    Sticky Session Enabled Load Balancing

    When serving requests to Meteor instances, a load balancer needs to be ableto handle the issues presented by SockJS and hot code reload. These issues arenot hard to solve so long as the load balancer can be configured to use stickysessionsand the sticky sessions need to apply to static content, at least for thefirst HTML page.

    Meteor with MongoDB oplog

    As mentioned above, Meteors bottleneck to scaling exists in the way it pollsthe database and runs an algorithm to detect and patch in any changes to therest of the app. But we can get much more performance out of Meteor using theMongoDB oplog. An oplog-based solution works with multiple Meteor instances

    12

  • without much effort. You can even write directly to the database outside ofMeteor, and Meteor will notice the changes.

    Oplog integration removes the bottleneck of MongoDB polling.

    MongoDBs oplog is a log that records every database write operation. Its soreliable that its used for MongoDB replication (Replica Sets). Also, the oplogis a capped collection, which can be configured to have a fixed size and can betailed. Oplog tailing can be used to capture database changes in real-time.

    See following illustration to see how Meteor gets database changes with the oplog.

    Smart Caching

    Its a good idea to put a caching server in front of Meteor. This will reduce theload on Meteor to serve static content. Node.js (where Meteor runs) does notwork well when it comes to static file serving, so using a caching server improvesperformance.

    The caching server shouldnt cache the first HTML page loaded from Meteorinto the browser. This is the only HTML content Meteor loads, and it containsa JavaScript variable called serverId that is used to compare versions in hot codereload logic.

    Improved Application & MongoDB Performance

    Fixing the most common performance issues helps a lot in the scaling process.The first thing to optimize is database indexes. Meteor doesnt auto-magicallyadd indexesthey need to be added explicitly. Indexes can provide a largeperformance gain.

    13

  • Subscriptions and queries can also be optimized, with notable performance gains.

    Scaling MongoDB

    MongoDB is a core component of Meteor, so it needs to be prioritized wherescaling and performance are concerned. Generally, MongoDB performs quitewell. It supports both vertical and horizontal scaling. It can be run on a morepowerful server, or use MongoDB sharding to scale horizontally.Although MongoDB comes with good sharding tools, care needs to be takenwhen using sharding.

    Use of a CDN

    If your application is heavy on static content like images and video, you mustnot host these files using Meteor. Nowadays, using a CDN (Content DeliveryNetwork) is standard practice, and its not very hard.

    Okay, Does Meteor Scale?

    Now you can decide if Meteor scales or not! In the next section, youll learn howto use commonly available tools and services to scale Meteor.

    How to Scale Meteor?

    In the previous section, we looked at the problems and possible solutions forscaling Meteor applications. But I did not show you how to scale an app inpractice. So, this section covers that.

    Scaling Set-up

    Our component diagram is:There are three Meteor servers, one MongoDB server and a HaProxy server asthe load balancer. For SSL support, we will use Stud in front of HaProxy.Lets discuss these components and configurations.

    Configuring MongoDB

    Im using a single-server replicaSet for MongoDB, which supports the oplog. Itis better to use a multiserver replica set, but I will be using a single server tokeep things simple.

    14

  • Figure 6: Meteor Scaling Setup - Components

    Configuring a Single-Server Replica First, we need to start our MongoDBserver with replicaSet aware. Use the following command to start MongoDBwith replicaSet meteor:

    mongod --replSet meteor

    Then, open a Mongo shell and add the following to configure the single-serverreplicaSet:

    var config = {_id: "meteor", members: [{_id: 0, host: "127.0.0.1:27017"}]}rs.initiate(config)

    It is wise to run a 3 node MongoDB ReplicaSet for your app. I highlyrecommend using MongoHQ Dedicated Servers, if you dont havethe expertise.

    Access Control Since we are using a separate MongoDB server, we need toprevent unauthorized access of it. We can configure a firewall or use MongoDBsrole-based access control. To make the set-up simple, I assume weve configuredthe firewall properly. If it is not possible to configure a firewall, try usingMongoDBs role-based access control.

    Well be using app as the database for our Meteor app. For the oplog integration,we will be using the local database that contains the oplog.

    15

  • Configuring Meteor

    We need to keep an eye on a few things when we are planning a scalable Meteordeployment. Ill show these in this section.

    Oplog Support

    I already mentioned in the previous section how oplog can help Meteor to scalehorizontally.

    All youve to do is, simply expose the MongoDB URL of your local database asMONGO_OPLOG_URL.

    MONGO_OPLOG_URL=mongodb://localhost/local

    (Of course, you need to set MONGO_URL as usual)

    IE 8 and 9 Sticky Session Support

    IE 8 and 9 do not send cookies with Ajax requests; so this breaks our loadbalancer, which well be exploring in the next section. Fortunately, SockJS hasa solution for that, but it is turned off by default with Meteor. To turn it on,you need to export the following environmental variable:

    export USE_JSESSIONID=1

    Selecting Servers

    It is very important that you choose identical servers for Meteor. They should bein the same data center and the performance, operating systems and architectureshould also all be the same; otherwise well have an unbalanced load across ourMeteor servers.

    In this setup, I am using only a single process on the server. So a server withmultiple cores will not be much help. So try to pick single core server instances.Ill cover this further in the next section.

    Deploying

    It is very important to deploy your Meteor app correctly and configure theservers carefully. If possible, try consulting someone who knows how. Otherwiseyou can use Meteor Up, which I built to deploy production-quality Meteor apps.

    16

  • Configuring the Load Balancer (HaProxy)

    Im using HaProxy as the load balancer for our Meteor app. It is something verystable and used in production by many companies. Also, HaProxy has built-insupport for sticky sessions and some of the other configurations that we will beusing.

    Sticky Session Support

    There are a couple of ways we can implement sticky sessions. We can implementsticky sessions with cookies, hashing source IP information or customized URLs.There are some other ways, but these are the common ones.

    Hashing source IP is the easiest to implement, but it does not balance the loadproperly. We cant trust the IP information and transparent proxy servers (verycommonly used by ISPs) hide the original IP information, which means oneserver will get many requests and the others wont.

    A customized URL path is a very good option and it is very well supportedby SockJS. But for this, well need some custom logic in the load balancer andfurther configuration on Meteor.

    The cookie-based solution is ideal for us, since it can balance the load properlyand it is easy to set up.

    Load-Balancing Algorithm

    It is very important to choose a good load-balancing algorithm. HaProxy comeswith a bunch of algorithms. The roundrobin algorithm is recommended in thedocs. roundrobin is very good for stateless webapps built with Ruby on Railsor PHP.

    However, Meteor is stateful and it has long-lasting connections, so it is better touse the leastconn algorithm. It sends new connections to the server that hasthe lowest number of connections. This balances the load equally, even if a servergoes down and comes back. If we use roundrobin, well have an unbalancedload.

    Configuration

    See how you can configure HaProxy using the following configuration file:

    defaultsmode httptimeout connect 5s

    17

  • timeout client 10stimeout server 10s

    frontend public#binding port 80bind *:80default_backend apps

    backend apps#load balancing algorithmbalance leastconn

    #using JSESSIONID as the cookiecookie JSESSIONID insert nocache

    #adding serverserver host1 host1.example.com cookie host1server host2 host2.example.com cookie host2server host3 host3.example.com cookie host3

    Ive removed some parts of the config file to keep it simple. You can get the fullconfig file from here.

    SSL with Stud

    Running your app with SSL is a must in production. Unfortunately the stableversion of HaProxy does not support SSL. But we can use Stud in front ofHaProxy to terminate SSL. It is better to deploy Stud on the same server asHaProxy.

    Make sure to install Stud from the source. The version you wouldget with apt-get is outdated.

    You can use the following configuration file:

    #bind to defualt SSL portfrontend = "[*]:443"

    #haproxy host and portbackend = "[localhost]:80"

    #location of the .pem filepem-file = "/path/to/ssl.pem"

    18

  • Click here to get the complete configuration file.Stud needs your SSL certificate and the private key in a single .pem file. Seethese instructions for how to create a .pem file.

    Enjoy

    I hope this section will help you to scale your Meteor app horizontally.

    Run Meteor on Multiple CPUs

    You already know that Node.js has a single-process, single-threaded executionmodel. Since Meteor is built on top of Node.js, it shares the same model.So, even if your hosting environment supports multiple CPUs (or multiple cores),you cannot take advantage of more than one by default.

    Ill be using the term multiple CPUs to address the scenario ofboth multiple cores and multiple CPUs.

    Why not the Node.js cluster module?

    Node.js has provided a solution to this limitation with its Cluster module. Letshave a look at it.Cluster spawns multiple processes of your app at your command. Then, whenyour app receives a new HTTP request, it passes the raw socket to one of thoseprocesses randomly. Cluster is not a proxyit simply forwards the raw socket toanother process, and that process takes care of the processing. This makes itvery efficient. Unfortunately, Clusters routing algorithm doesnt support stickysessions, which we need (as discussed in the previous section), so we cant useCluster directly with Meteor.There has been an attempt to add sticky session support to Cluster, but its basedon source IP information. There are better ways to implement sticky sessions,such as using cookies or HTTP path (URL), but they are nearly impossible toimplement into Cluster due to the way it works. Cluster doesnt read the contentof the raw socketsuch as cookies and other HTTP informationit just forwardsit before anything is read on the server.

    Using a separate load balancer

    So, how do we take advantage of multiple CPUs? The only solution is to use aseparate load balancer. We talked about load balancers and how to use HaProxywith Meteor in our last section. We can use the same technique here.

    19

  • Figure 7: How cluster works

    Make sure to add a different cookie name for the load balancer usedhere and the load balancer used for scaling.

    Cloudflare Meets Meteor

    If you have not yet heard about Cloudflare, its a must-have item for yourweb toolbox. It offers many services for web appsprimarily for increasedperformance and security. Here is a list of services Cloudflare offers (in orderedof my personal preference).

    Simple DNS Management SSL Support Caching Proxy (with CDN) for your static files Optimize HTML and static files for faster loading Web Application Firewall DDOS Protection

    In addition to these features, Cloudflares pricing model is extremely attractive.Cloudflare does not charge for the usage: instead, it offers an affordable per-application flat fee. Of course, a free tier is offered as well.

    20

  • Using Meteor with Cloudflare is a bit tricky, as Meteors DDP connection usesWebSockets, which is not supported by Cloudflare yet. But with few simpletweaks, you will be able to use Meteor with Cloudflare.

    This is not a guide on how to use Cloudflares features, but on howto use Cloudflare with Meteor

    DDP and Cloudflare

    Cloudflare runs on top of a customized nginx server but it does not yet supportWebSockets. If youve just added Cloudflare support to your Meteor app, youllfind issues connecting to the DDP server. You have two options here.

    Option 1: Disable WebSockets

    Figure 8: Using Cloudflare with Disabling WebSockets

    This is the simplest and the best option. All you have to do is export thefollowing environment variable before starting your Meteor app.

    export DISABLE_WEBSOCKETS=1

    Option 2: Use a separate subdomain for the DDP connection

    With this option, you can continue to use WebSockets with your Meteor app,but you will not be able to use some of the Cloudflares features. All you needto do is add a separate DDP connection to your Meteor app, which will bypassCloudflare. Follow the steps below:

    Add a CNAME or A record called ddp pointing to the your Meteor App

    21

  • Figure 9: Using Cloudflare with WebSockets

    Bypass Cloudflare by not clicking the cloud icon on the DNS manager. (Itneeds to be grey.)

    Add the above subdomain as your default DDP connection by exportingthe following environmental variable before starting your Meteor app.

    export DDP_DEFAULT_CONNECTION_URL=http://ddp.yourdomain.com

    Now your DDP connection is bypassing Cloudflare and your Meteor can useWebSockets.

    What are the benefits for using Cloudflare with Meteor?

    Now its time to explore how Cloudflare helps Meteor with Cloudflares features.However, not all of the features help Meteor; some of them need to be turned offor to be used with care.

    As a Caching Proxy with CDN

    As Ive mentioned before, it is not wise to use Meteor to serve static content.Cloudflare proxies all of the static content, such as CSS, JavaScript. and Imagesby default. As such, your Meteor app is not directly serving any static content,which is exactly what we need. Also, Cloudflare acts as a CDN, so you gain thatbenefit, too.

    However, Cloudflare does not cache any HTML content. That helps us to loadbalance our Meteor app correctly with sticky sessions.

    22

  • As your SSL terminator + SSL provider

    As Ive also previously mentioned, NodeJS is not good at serving SSL, andMeteor has no option to configure SSL. Therefore, we need to use a separateSSL terminator such as stud or nginx.Cloudflare has a very interesting SSL service that acts as both an SSL certificateprovider and as an SSL terminator. Simply put, you dont need to buy an SSLcertificate and make any configurations; you just need to click a button.Unfortunately, if youve used Option 2 to allow DDP support, you cant enjoythis feature, as now your DDP connection is bypassing Cloudflare.

    To use SSL support, you need to use the Cloudflare Pro subscriptionplan

    Turn off Minification and the Rocket Loader

    Meteor does already minify all your JS and CSS files. There is therefore noreason to do so inside Cloudflare. However, minifying multiple times does notbreak anything.Cloudflare also has a feature called RocketLoader, which loads JavaScript asyn-chronously. But Meteors JavaScript (just a single file) needs to be loadedsynchronously, so you will need to turn this off.Cloudflare has some security options, which asks users to enter a CAPTCHAbefore entering the site. This is used to block malicious users. Sometimes,your users may be using a shared Internet connection, or the ISP is using atransparent proxy or something similar. This might cause Cloudflare to triggerthe CAPTCHA, which might confuse the users of your app.I really cant say whether it is a good option to turn this off or not. But keep inmind that there is a situation like this also.

    DDOS Protection

    First of all, if you are considering this, your app is popular :)Cloudflare does a good job at handling DDOS, and it has prevented some majorattacks. This is how you can gain its benefitTo obtain the DDOS protection, you need to hide the IP address (or directaccess) to your Meteor app from the public. This relates to both your mainwebsite and the DDP connection.If you are using Option 1 with disabling WebSockets, you are already behindCloudflare, and direct access to your Meteor app is hidden from the public. Sowhenever you need DDOS protection, you can simply turn it on.

    23

  • But if you are using Option 2 with a separate DDP connection, your DDPconnection is exposing direct access to your site. This allows the attacker tobypass Cloudflare and directly attack your app. If you are keep using this option,and if you decided to use DDOS protection at a later point, migrate your app(or load balancer) into a new server. Then apply Option 1 and turn on theDDOS protection.

    Hope this section helps you to use Cloudflare with Meteor correctly and handoversome responsibilities to it and keep focus on building your app.

    Finally

    Now, youve learn about How Meteor actually works and how it can run as aproduction deployment.

    This is not the end, there are some other topic which will be available later.Make sure you are subscribing to the Pro Meteor guide on MeteorHacks.

    24

    Introduction to Pro MeteorUnderstanding Meteor InternalsMeteor Internals: Meteor as a Server and a ClientMeteor Handles Three Different Types of RequestsStatic FilesDDP MessagesHTTP Requests

    Meteor has Two Types of ServersHTTP ServerDDP Server

    MongoDB and Meteor

    Fibers, Event Loop and MeteorEvent Loop and Node.jsObservations

    FibersHow Meteor Uses FibersHow To Use Async Functions With MeteorFinallyAdditional Notes

    Does Meteor Scale?Scaling MythIssues Unique to MeteorUse of SockJSHot Code ReloadingPolling for Changes in MongoDB

    How We Can Solve Meteor's Scaling IssuesSticky Session Enabled Load BalancingMeteor with MongoDB oplogSmart CachingImproved Application & MongoDB PerformanceScaling MongoDBUse of a CDN

    Okay, Does Meteor Scale?

    How to Scale Meteor?Scaling Set-upConfiguring MongoDBConfiguring MeteorOplog SupportIE 8 and 9 Sticky Session SupportSelecting ServersDeploying

    Configuring the Load Balancer (HaProxy)Sticky Session SupportLoad-Balancing AlgorithmConfiguration

    SSL with StudEnjoy

    Run Meteor on Multiple CPUsWhy not the Node.js cluster module?Using a separate load balancer

    Cloudflare Meets MeteorDDP and CloudflareOption 1: Disable WebSocketsOption 2: Use a separate subdomain for the DDP connection

    What are the benefits for using Cloudflare with Meteor?As a Caching Proxy with CDNAs your SSL terminator + SSL providerTurn off Minification and the Rocket LoaderDDOS Protection

    Finally