Wednesday, November 12, 2014

Node.js Request Memory Leak

I have been a Node.js enthusiast for the past few years and have always loved it's ability to spawn numerous requests in parallel. This ability has allowed me to write software that far exceeded my expectations of "fast".

As I've moved forward in my career I've come to a place where I'm working with Big Data now. These days getting my feet wet consists of processing millions of records through these Node.js apps and often times making hundreds of thousands of http requests in the process.

On a recent project I noticed that while looping through a 2.5 Million item XML Feed I was getting a consistent memory growth (memory leak, possibly), until the app would eventually run out of memory then start back at 1... X( This was very frustrating and a bit hard to debug. Especially with the prevalence of 3rd party modules used, the leak could have been anywhere.

After hours of debugging I narrowed the issue to a new http request being made 1 time per record and decided to focus my energy on that. I then learned what the real problem was, and it's quite simple and easy to fix!

In Node.js the http requests use a connection pool managed by "http.Agent" with the following properties:
  1. agent.maxSockets
  2. agent.sockets
  3. agent.requests
agent.maxSockets sets how many connections per address can be open at once and is defaults to 5

agent.sockets is an object that contains the currently used sockets

agent.requests is an object of requests in queue waiting for an open socket

So picture this... You're processing thousands of items per second and sending out http requests but only 5 of those requests are getting set to a socket at a time, and the rest are piling up in your agent.requests object. Chances are very good that agent.requests object is going to keep growing and growing...and growing, until it eventually consumes all the memory in your system. This was the case for me.

Have no fear! The fix is easy:

Simply create your own instance of http.Agent as follows:

New Custom Connection Pool
var pool = new http.Agent;
pool.maxSockets = 1000; // play with this number to adjust memory consumption for your app

then in your request options:

Add Pool to Request
    url: '',
    pool: pool
}, callback);

That should do the trick!! Please share and comment. Let me know if this helped you!

Monday, May 26, 2014

Using Point of Sale Hardware in the Cloud

I recently started a new venture that required the use of a USB Barcode Scanner and Credit Card Reader on a website with only Javascript to process them and found it's much easier to handle than one might think.

The first thing you need to understand is this: these USB devices act exactly like keyboards.

  • They scan your barcode/credit card
  • They transmit the scanned data via `keypress` events
  • Once data is finished and keyCode 13 is sent

Using those rules above I started a simple, yet effective POS plugin built for jQuery, which you are free to use, upgrade for your own needs or contribute to.

Learn more on the gitHub page:

Known Issues:

  •  Currently the plugin only supports devices which return a keyCode 13 at EOD
  • Currently the barcode scanning plugin by default only supports digit only barcodes, but allows Regular Expression options to support other types, if overridden by you

Wednesday, April 9, 2014

OpenSSL Heartbleed Bug - Keep Calm Edition

I've been reading lots of articles about the heartbleed bug and even had to address the potential threat in my own systems. So, I'd like to clear up some misconceptions I have found floating around.

I've read articles claiming that this is a bug in systems built before April 7th, 2014, which is not completely true.

  • OpenSSL 1.0.1 through 1.0.1f
  • OpenSSL 1.0.2-beta

If you are running one of those versions, check with:
openssl version -a
you will want to update to the latest version of openssl ASAP.

Read more here:

Thank You for reading,

Keep Calm and Carry On

Monday, January 27, 2014

SSL Crisis Aversion Made Easy - For Apache

You know what I like about you...? You're here reading this post with the hopes that whatever problem you are trying to solve can be alleviated with a little extra knowledge.

I wish I would have been as smart as you the first time I tried to install an SSL Cert on our server. Let me rewind real quick...

When my company's site was created the CTO and Senior Developer at the time installed our SSL Cert. Now fast forward to a year later... Both of them are gone and the task now falls to me. Now that you have some context on the situation you can appreciate how much it sucked.

I figured okay, I'll copy this new cert from GeoTrust and paste it into the old file and boom we'll be rocking secure again...right? WRONG!

Apparently there's these things called, Intermediate Certificates, and guess what...those aren't your main certs. Basically I installed the Primary Intermediate Certificate as mysite.crt then restarted apache and got this funky error that looked something like this:

Error: "Unable to configure RSA server private key" 
Eror: "mod_ssl: Init: ( Unable to configure RSA server private key (OpenSSL library error follows)" 
Error: "OpenSSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch"

So now your website is down because apache can't recover from that very gracefully. If this happens make the quick save and run sudo a2endismod ssl followed by sudo /etc/init.d/apache2 restart

At least now the site is up again...right? RIGHT! ...hopefully :-/

Then I found this little gem which made me realize how simple the solution was:

Basically what that link does is allow you to paste in the code from your .key file in one textarea and your .crt file in another and it will tell you if they're a match. It's super easy, even easier than using openssl on your server to check first.

I found out that I was using the wrong .crt and once I replace it with the proper cert I was up and running in no time. Crisis averted! #downtimeisdeath #fixftw

I hope this little snippet helps all you other SSL newbs out there.

Please comment and share.

Also, stay tuned for my next article on setting up SSL for an nginx server with a reverse proxy to Apache.