If you did not notice it, VMWare and Redhat have been in a tussle
over a new open source project called Vert.x and it may very well be worth the
contention. Vert.x (Java, JVM based – in fact formerly
known as Node.x) and Node.js (Javascript) are event based (non blocking),
server side frameworks that present a very different way of serving up
capability especially web applications. In
fact there are other similar frameworks / projects like Webbit and Apache Deft
that aim to solve similar problems. These frameworks can support web frameworks
(ala Node.js based Express framework for building web applications) besides
other functions (socket based interfaces can enable messaging systems –not an
aspect that I have as yet looked into).
I was intrigued by the possibilities at the logical web server level where
we traditionally use the Apache web server (and its offshoots), the IIS or the
Nginx products.
Node.js is particularly appealing as it is Javascript based
(write once, run everywhere where V8 is available), fast and provides a managed
and more productive programming environment as compared to Apache Webserver,
Nginx (actually also uses an event based handler of requests) or IIS. Consider
the following use cases and options get very limited with say the Apache
Webserver;
- Need to secure access (Security Policy Enforcement Point – PEP) at the web server level – typically in the DMZ in order to sanitize web requests before they reach the applications deployed in the intranet
So if you have a security infrastructure based on some of the well-known
authentication and SSO products you are in luck. Web gateways (web server plugins) are
available for all the widely used web servers including the Apache web
server. Also if your authentication
needs are addressed by a single LDAP directory (maybe a meta directory or a
virtual directory can front any type of federation ) and can use mod_ldap, you
would be able to use the standard Apache Web Server.
Have a custom setup, an RDBMS based or a legacy infrastructure based user
repository and you are out of luck. The
barrier to entry into custom plugin space for these web servers is very steep
IMO – at least for the vast majority of programmers. This is where Node.js seems god sent. Expose your functions via say a RESTful
interface and you have a performant custom solution in the making.
- Reverse proxy and /or balance the web request work load among group of processes
If your work load balance needs are met by plugins like the SAP Web
Dispatcher, Websphere Application Server plugin or mod_jk (which I guess does
cover the vast majority of use cases), then there is no need to explore an
alternate solution. However if you
require an application specific load balancing or routing (like a multitenant
router), then again you require tremendous effort if you go the plugin route.
Taking this to the next level, infrastructures exist that offer still
richer support for capability like activating additional processes based on
work loads and correspondingly reallocate resources ( very relevant in
virtualized environments) when the work load goes down. I believe Websphere Virtual Enterprise / Extended
Deployment products falls in this category.
While these products may provide deep functionality around the core
idea, the core functionality associated with all these products I have
previously mentioned will be easier realized on frameworks like Node.js and
Vert.x. This would especially ring true
with the basic building blocks being
realized through component contributions enabled via excellent package managers
that at least Node.js has. It is much
easier to build new and build upon existing Node.js packages / plugins.
- Multitenant routing
I
have seen descriptions of schemes
to facilitate multitenant request routing for application using combinations of
mod_rewrite, mod_proxy and mod_redirect but not really attempted to see what types
of custom rules that can be supported using these plugins. However I am currently involved with building
a multitenant router for a web application using Node.js and it does seem that
all my requirements can be met (not done as yet but will update later on how it
comes along) on this platform.
There is no doubt that the established web servers have
tremendous value – well tested for functionality and security aspects but
frameworks like Node.js will be present more and more going forward IMO. Additionally it should be possible in most
cases (performance permitting) to fulfill requirements by tag teaming both
traditional web servers and frameworks like Node.js and Vert.x; either one of
them reverse proxying for the other. So
an example could be to use Node.js as a reverse proxy for enforcing identity
awareness in the DMZ – sanitizing web requests but using mod_rewrite and other
modules as needed thereafter for additional routing and load balancing.
