How to be a better Node.js developer in 2019

This article compiles 19 skills and topics that may be valuable in 2019. But don't feel any pressure - I and most other developers aren't familiar with every topic. I just think these things deserve our attention, and the JavaScript ecosystem is never ending.

1. Add types and patterns - TypeScript is a very good candidate in 2019

It turns out that typeless coding is not only inefficient , and error-prone. But this does not mean that you must use strict type syntax. You can choose the strictness of the type according to the actual situation, such as using JSON Schema or Joi to verify entities and models, or using static types to annotate JS (please refer to https: //github.com/facebook/flow ), or use the full TypeScript.

TypeScript has made significant progress in 2018 and seems to have entered Node territory. If you plan to use TypeScript, you should ask yourself whether you just want to use its type capabilities. If you also want to use interfaces and abstract classes, you may need to learn a new programming paradigm.

2. Enrich your linter

Linter is actually a free lunch, it only takes 5 minutes to set up, you can get automatic code protection for free and find major problems while typing code. Gone are the days when linting was just fancy. Today, linters can catch serious code problems, such as errors not being thrown properly, missing information, unfulfilled promises, and other bugs you never really want to stay in your code.

3. More Java and less Ruby – Deepen your architectural knowledge

There is not much knowledge about the architecture and design of the NodeJS ecosystem, everyone is talking about it Microservices, but only talked about some internal structures. Therefore, most of the applications and examples are based on MVC concepts along with some other patterns from Ruby. What's wrong with this? MVC is great for building content services, but not very good at building robust backends. Can you use two classes - Controller and Model to describe your entire business logic, rules, data access, communication with other microservices?

I definitely don't recommend going with the heavyweight Java/Spring pattern (that's why we're in Node territory, isn't it?), but choosing something that provides value without sacrificing application simplicity. idea.

4. Plan how to leverage Async Hooks for better tracking and context

The single-threaded model has a drawback - requests lose context when they flow through multiple files and perform asynchronously When operating, variables are not retained throughout their lifetime. Why is this bad? For example, developers often want to include a unique identifier in each log entry so that all log entries for the same request can later be correlated - this is not very easy to achieve in 2018.

There will be new things coming out in 2019, and Async Hook is one of them (not a brand new feature, but it will end the experimental phase soon) - simply put, this is an asynchronous operation A mechanism to inject custom code at any time at the beginning and end. This allows you to correlate all code for the same request and preserve context. This laid the foundation for many custom packages that take Node's tracking and contextual capabilities to the next level.

5. Learn about the latest in “Serverless”

Note: The terms FaaS and Serverless are used interchangeably here, although they are not exactly the same.

Originally, FaaS was used for the development of microtasks, not for "microservices" applications. As their popularity grew, so did the appetite of cloud providers, and soon new features began to stack up, and by 2019, it seemed to be turning into a robust application infrastructure.

Can it now compete with Kubernetes and serve large applications? Some consider serverless and FaaS to be orthogonal technologies, but in reality, every new cloud application in 2019 must choose one of three: bare metal instances (such as EC2 or GCP Compute), Kubernetes, or FaaS. Therefore, understanding K8S and FaaS/Serverless and knowing the difference between them will become an essential design skill.

6. Understand the latest JavaScript features

I am not a fan of chasing every new language feature. Sometimes, these shiny toys can violate the principle of simplicity of code. Some truly valuable JavaScript features will settle down over time (like async/await introduced two years ago), so the TC39 proposal list and node.green are worth checking out.

7. Be familiar with at least one API technology - GraphQL is a good candidate in 2019

REST-style API is well suited to its design goal: to provide good control over the modification and query of entities. Assuming you have a financial system of record, you may want to design the endpoints to be very rigid, i.e. a single explicit data model. However, there are other very common scenarios where REST falls short, such as executing a series of queries that may return different data sets, low-bandwidth networks where API payloads need to be minimized, machine-to-machine communications where speed is emphasized, and so on. So should it be replaced with something else? Of course not, you can choose to mix it up. APIs are not architecture, they are just ports (i.e. entry points) to applications, and multiple API styles can coexist, even on top of a single web framework like Express.

So which one should you learn? Your best bet is probably GraphQL, which is becoming mainstream. Its ecosystem is very mature and provides very popular use cases such as dynamic search and hierarchical data sources. On the other hand, gRPC is still a niche technology suitable for server-to-server communication because it has very little overhead (e.g. used in Pub-Sub/message queuing systems).

8. Beyond Unit and Integration Testing

Are you already familiar with the testing pyramid, unit, integration and end-to-end testing? Great, these are the foundations of a successful testing strategy. The development landscape has changed dramatically over the past 10 years, but the testing model has remained almost the same, leaving us wondering how to test things like microservices, rich frontends, and serverless. Some modern technologies complement and sometimes even replace traditional technology stacks, allowing for a leaner testing strategy and higher ROI.

9. Follow SRE/DevOps best practices in monitoring

In 2019, even a medium-sized application may contain dozens of moving parts. However, most developers don’t take the trouble to learn the monitoring and alerting aspects taught to them by SRE engineers. For example, developers often prioritize and focus on internal hardware metrics like CPU and memory rather than thinking about metrics that directly impact the end-user experience, such as error rates or latency. These customer-facing indicators are sometimes referred to as “golden signals,” and in 2019 you may want to start by paying attention to these indicators and adopt similar best practices.

10. Think like an attacker: Increase your security level by learning attack tools and techniques

If you can’t think like an attacker, you can’t think like a defender. In 2019, you shouldn’t outsource your defense efforts to third-party companies or rely solely on static security scanners: the number of attack types is overwhelming, and the rate at which applications change is uncontrollable – after two days of conducting a security workshop , the team may have added several new AWS services, database types, and new IAM roles... Therefore, developers are actually the biggest hidden threat, and educating them seems to be the ultimate remedy. You have to embed security DNA into yourself and your team and add security to everything.

When you start doing this, it turns out that security issues are not that scary after all. You just need to familiarize yourself with common attack types and tools, draw out the application architecture and flow, and think about how you would attack it yourself. Over time, and before you know it, you'll be thinking about security in every design decision you make and every line of code you write.

11. Develop a package update strategy

Lessons from 2018: Updating too early can be dangerous. A team will typically use one of these two package update strategies: one is to update as quickly as possible, sometimes even using an automated process. One is that there is no update strategy at all, and sometimes updates are based on mood. Although the first method seemed better, surprisingly it became the most dangerous method in 2018: within 40 days, the community discovered several incidents of malicious packages such as flat-stream. Those who are waiting Or people who didn't update were fine. Consider using automated tools to formalize your update strategy and find the sweet spot between no updates and updates.

12. Perform progressive installation and separate deployment and release phases

In 2019, you may find it important to perform more secure deployments, that is, not roll out to all production environments at once, and then Make your little heart pound like a hammer. Doing fine-grained deployments (aka canary deployments) can be broken down into 3 phases: Deployment – ​​sending new code to an isolated new production environment (such as a new Kubernetes service or a new machine instance). At this stage it's not serving actual users, so there's nothing to worry about. Testing – A small number of people can now use an instance of the production environment and test the new code. Release - Gradually allow more users to use the new version, and when you are confident enough, you can remove the old version.

Note: Conducting a full-scale canary deployment is still very expensive in 2019 because it requires coordinating many infrastructure parts, such as routing and monitoring. Therefore, consider starting with simple and semi-manual canary deployments (e.g. manually spinning up more hosts with a new version deployed based on monitoring metrics).

13. Kubernetes is eating the world

There is a clear trend: Kubernetes (K8S), an infrastructure that provides networking, scale-out, deployment and other backbone services for application components, is now Almost the de facto standard for hosted applications. Its popularity is staggering: with support from all cloud vendors and an unrivaled scaling ecosystem, 54% of enterprises already have at least one K8S cluster.

If you are a beginner, here is a good overview to get started. Also learn about Istio, K-Native, Kuberenes jobs, network policy, Helm, Scaffold. Bottom line: the time you spend developing a deeper understanding of K8S skills will ultimately pay off.

14. Blockchain technology provides some great opportunities

A very obvious trend: Blockchain is not just used for Bitcoin and cryptographic functions, it can also be used for any distributed transaction sexual system.

15. Acquire machine learning skills and at least have some talking points

This is an obvious trend. Unfortunately, I know nothing about machine learning libraries. My goal for 2019 is to at least be able to talk about it. Come up with something about machine learning and be able to identify quick wins (e.g. JS libraries like tensorflow.js and brain.js can provide some insights without a strong infrastructure).

16. Understand other open source library code

Note that using the same technology in a project for a long time may narrow your vision and hide many alternatives. So, try to learn more about other projects, mainly successful open source projects.

17. Deepen your understanding of the Linux operating system and focus on the Linux process

Understanding the Linux process will give you a real competitive advantage because it will affect many development tasks, such as monitoring, Protect processes, use Docker, shut down gracefully, and other tasks. Try to understand processes, signals, permission models, common commands, process types, and more.

18. Look inside Node.js

I really like what Ryan Dahl (original author of Node.js) said: “You can’t understand everything. But, you should let Get to know the system yourself.” Having a deep understanding of the underlying machine proves valuable when you need to deal with a production headache or design some infrastructure components such as monitoring event loop performance. You may already be familiar with core building blocks like v8 and libuv.

So 2019 is a good time to learn more about Node.js, for example, what exactly happens in each libuv event loop cycle? Or maybe understand how interaction with operating system IO works (e.g. activity handles)?

19. Learn to use the scientific method

What you learn and internalize will shape your future career. However, many developers have neither learning strategies nor learned how to use scientific methods for effective learning.

In a meeting about "Preventing JavaScript Type Errors", the VP asked to continue using JavaScript without refactoring the entire code base (without using TypeScript...), and suddenly one of your colleagues suggests using Facebook Flow, Everyone in the room agreed! You suddenly remember that you have seen an article about it before, but it was never internalized by you, it just passed through your mind.

How is this going?

Apparently, there’s a phenomenon called the “competition illusion” that explains why we forget these things: you might spend an hour reading a blog post but not remember it within a few days! Research shows that if you try to talk to someone about these things later, or read the article summary again the next day, you can greatly improve your memory success. Of course, there are various other techniques that can help you remember and acquire the right knowledge at the right time. Spending a few hours learning how to study can pay huge dividends in your career!

The above is the detailed content of How to be a better Node.js developer in 2019. For more information, please follow other related articles on the PHP Chinese website!