Scaling Facebook To 140 Million Users

1sockchuck writes "Facebook now has 140 million users, and in recent weeks has been adding 600,000 new users a day. To keep pace with that growth, the Facebook engineering team has been tweaking its use of memcached, and says it can now handle 200,000 UDP requests per second. Facebook has detailed its refinements to memcached, which it hopes will be included in the official memcached repository. For now, their changes have been released to github."

Thank goodness

[KeithJM]

I was losing sleep worrying that people sending me virtual Christmas tree decorations, garden accessories and such would have to wait 3 seconds after they clicked send.

Re:Thank goodness

[zappepcs]

Well, I think it's kind of cool that they are putting back, so to speak. If they can use that tweak, so can everyone else. If your requirements all fit on one host server, then that server might now be able to do much more. Perhaps the next changes should be to allow a setting that penalizes retail advertisements by adding some arbitrary delay of greater than 10 seconds?

Re:Thank goodness

[jank1887]

sure... 'cause currently I love waiting for the ads to load before the useful page elements are displayed. I wouldn't mind another 10 seconds.

Re:Thank goodness

[zappepcs]

I know what you mean, but I don't have that trouble much. Using FF with plugins I don't see much advertising at all. Sometimes, when I'm feeling nostalgic, I'll surf using the SeaMonkey browser because I left it default bare. That way I can see all those ads from doubleclick et al if I want to.

Sad but true, I don't get nostalgic much :-)

Re:Thank goodness

[Coopa]

I recently had trouble with my copy of Firefox on my home desktop. Even though adblock and filterset updater were installed i wasn't blocking any ads (i've since fixed it).

I was amazed at how many sites i regularly frequent that are now plastered in ads and horrible to use.

Re:Thank goodness

[Fred_A]

I did my bit a while ago by closing my Facebook account. If you care about Facebook, vote with your, um, mouse !

Support Facebook ! Close your account !

Re:Thank goodness

[Tomfrh]

You can't close facebook accounts. For some gay reason they don't let you.

Re:Thank goodness

[iNaya]

What on Earth are you talking about? I just checked, and yes, it is possible to deactivate one's account.

Re:Thank goodness

[Tomfrh]

deactivate != close

A deactivated account still exists and can instantly be reactivated fully intact at any time.

Re:Thank goodness

[iNaya]

Oh, ok then.

Re:Thank goodness

I remember when the WHOLE internet clicked over 40 million users... and you kids get off my lawn!

Re:Thank goodness

[darkpixel2k]

I was amazed at how many sites i regularly frequent that are now plastered in ads and horrible to use.

You're actually part of the problem. For every user with Firefox and AdBlock, they have to double the amount of ads shown to IE users.

Re:Thank goodness

I accidentally modded your post (the parent) as "troll." Truly sorry, I was going for "funny" but my finger slipped. Curse this instant modding feature!

wb

[Unintelligible] Facebook [Unintelligible]

[Jonah+Bomber]

The only word I understood in this post was "Facebook."

Re:[Unintelligible] Facebook [Unintelligible]

[MonsieurCoward]

The only word I got was "140 millions"

Re:[Unintelligible] Facebook [Unintelligible]

[cpricejones]

It's a series of tubes!

Re:[Unintelligible] Facebook [Unintelligible]

[CannonballHead]

I could be wrong, but I think that's two words. :)

Re:[Unintelligible] Facebook [Unintelligible]

[Arthur+B.]

You're wrong, that's five word.

Re:[Unintelligible] Facebook [Unintelligible]

GP was refering to the standard word size on the facebook platform which would be the loosely defined "just-a-bit".

Interestingly, all types are primitive on facebook.

Re:[Unintelligible] Facebook [Unintelligible]

As opposed to myspace which is a series of boobs.

Re:[Unintelligible] Facebook [Unintelligible]

[critical_point]

You and 140 million others...

Re:[Unintelligible] Facebook [Unintelligible]

[CannonballHead]

If you want to be *quite* technical (and I think it's quite hilarious we're being modded "informative" and "insightful"), the string "140 millions" would be broken into only four words in correct English: One hundred forty millions.

I presume the "five words" comes from the usual way to say it, one hundred and forty millions, which is technically incorrect as the "and" should refer to the decimal point, as in thirty-two and five one-hundredths.

I am unsure about the hyphen between one and hundred, though...

Re:[Unintelligible] Facebook [Unintelligible]

you mean bubes

Re:[Unintelligible] Facebook [Unintelligible]

[CannonballHead]

Actually, you're right in that it's not "millions." I meant to make that point and completely forgot in trying to remember the hyphen issue.

I know you might have been going for the comedy thing... but if "talking like a human being" means speaking incorrectly, then I'll pass, thanks. Not that I don't use colloquialisms or always use formal English, but I like trying to avoid grammar, spelling, and pronunciation errors...

Re:[Unintelligible] Facebook [Unintelligible]

[Grant_Watson]

Where does this idea come from? I remember being told it in grade school, but the practice of saying "and" between hundreds and tens has a long pedigree in English.

Re:[Unintelligible] Facebook [Unintelligible]

You appear to be lost. This is news for nerds.

Re:[Unintelligible] Facebook [Unintelligible]

It's not incorrect:
http://en.wikipedia.org/wiki/American_and_British_English_differences#Numbers

Re:[Unintelligible] Facebook [Unintelligible]

[CannonballHead]

It? Which "it"?

(nice article... no citations and [citation needed]... :))

Re:[Unintelligible] Facebook [Unintelligible]

I presume the "five words" comes from the usual way to say it, one hundred and forty millions, which is technically incorrect as the "and" should refer to the decimal point, as in thirty-two and five one-hundredths.

"and" is not "technically incorrect". Perhaps in North America.

Don't like Wikipedia? Here's a couple more links random links found with Google:

http://www.studyenglishtoday.net/cardinal-numbers.html
http://esl.about.com/library/beginnercourse/bl_beginner_course_numberbasic.htm

Re:[Unintelligible] Facebook [Unintelligible]

[MikeBabcock]

Its also used in older English when writing numbers such as "three score and four".

Re:[Unintelligible] Facebook [Unintelligible]

[iNaya]

Five words in correct English you insenstive clod! The only time I hear those numbers without "and" in them is when I hear American being spoken.

Re:[Unintelligible] Facebook [Unintelligible]

If you'd like to set aside grammatical conventions and look at what would be *logically* correct, I would say it would be both.

One hundred forty million, vs.

One hundred and forty million, depending on how you grouped it, could mean 100+(40M) or (100+40)M.

The former, however, is less ambiguous and more economical in words. And since the "and" used in slang is said quickly and often slurred, you won't be misunderstood and might actually sound *gasp* intelligent.

I like your way.

Get a life

[strikeleader]

140 million people that need to get a life.

Wow

[TheDarkMaster]

140 million users? Wow... I can barely imagine the hardware to handle this

Re:Wow

[madhurms]

From hardware perspective, Facebook uses 10,000 web servers and 1800 database servers to handle the massive traffic.

Re:Wow

[aliquis]

"Your business sound more important with VmWare!"

Re:Wow

[madhurms]

And they also use about 200 memcached servers to speed things up.

Source: http://frro.net/blog/2008/04/26/just-how-big-is-facebooks-infrastructure/

Re:Wow

[Haoie]

What can I say: What they know about you can fill a warehouse.

Re:Wow

From hardware perspective, Facebook uses 10,000 web servers and 1800 database servers to handle the massive traffic.

That's funny because the Russian Business Network uses a 250,000 strong zombie botnet to create the Facebook accounts and massive traffic...

Re:Wow

[Baton+Rogue]

What they know about you can fill a warehouse.

What they know about you is only what you tell them.

Re:Wow

If you'd RTFA, you'd see it says: We use more than 800 servers supplying over 28 terabytes of memory to our users.

http://www.facebook.com/note.php?note_id=39391378919&id=9445547199&index=0

Re:Wow

[joss]

No, that's the problem with facebook, what they end up knowing about you is much more than you them. As soon as you add a page, people can find you and add information about you without your consent, not just the bare fact that you're friends with these psycho's but they will tag photos they have taken of you at various events you might not want potential employers or mates to know about etc.

Re:Wow

We use more than 800 servers supplying over 28 terabytes of memory to our users.

Re:Wow

Having photos tagged of you is a function of your own privacy settings. It is enabled by default, but you can turn it off.

Re:Wow

What they know about you can fill a warehouse.

What they know about you is only what you tell them.

That's not entirely true, they also know what your friends tell them about you.

Impressive

[txoof]

It's pretty impressive that Facebook has been able to grow so quickly and handle so much traffic. Their down time has been pretty insignificant related to the sheer number of requests that blow through their servers every day.

There's probably a thing or two that can be learned from their developers and IT folks. I just wish I knew more about the whole underlying structure so I could appreciate exactly what they've done.

Re:Impressive

[madhurms]

Here is a presentation which discusses how Facebook handles billions of photos. That should give an idea about how they handle massive load in other areas: http://www.flowgram.com/f/p.html#2qi3k8eicrfgkv

Re:Impressive

[CFrankBernard]

I'm not surprised considering who has a vested interest in Facebook profiling: http://albumoftheday.com/facebook/

Re:Impressive

[daveytay]

It's pretty impressive that Facebook has been able to grow so quickly and handle so much traffic. Their down time has been pretty insignificant related to the sheer number of requests that blow through their servers every day.

There's probably a thing or two that can be learned from their developers and IT folks. I just wish I knew more about the whole underlying structure so I could appreciate exactly what they've done.

I agree. I wonder how much of the Google Map Reduce and other innovations they brought into being are borrowed into facebook. I would like to see more details too!

Since it's that time of the year...

[XPeter]

...I thought I should make a Christmas carol about what we see on the net everyday.

Smashing through the door, comes Firefox three browsing sites we go laughing at IE all the way ha ha ha!

Steve Ballmer yells on youtube, making children cry. Oh what fun it is to see that stupid Windows guy. Hey!

Jingle bells Digg smells Slashdot all the way! Oh what fun it is to post on facebook every day, yay!

I have been wondering for a while...

What's the hardware behind Facebook / Myspace? I mean, they can't be run on average servers... (disclaimer: I don't really know anything about high-end web hosting)
Facebook is... barely acceptible for me to use, Myspace just plain sucks.

Re:I have been wondering for a while...

[larry+bagina]

Myspace used to run on cold fusion but switched to .NET. facebook runs on LAMP, though they have a customized MySQL and a customized linux kernel with support for the hierarchial page pinning algorithm.

Re:I have been wondering for a while...

but doesn't MySpace have a considerably larger user base and more traffic? i think you're too quick to blame when it seems to handle the amount of traffic pretty well.

Re:I have been wondering for a while...

[duguk]

Nope. Facebook has more unique visitors per month, MySpace had approximately 106 millions users as of 8th September 2008, and FTFS, facebook has 140 million (Wikipedia says 120 million.)

Re:I have been wondering for a while...

[Tibor+the+Hun]

[citation needed]

v.2

Re:I have been wondering for a while...

[poopdeville]

I remember when the Facebook was cool. Back in 2002 or so, while I was still in college. Now ALL my immediate supervisors/bosses are on it. Fuck that shit.

Re:I have been wondering for a while...

[n_are_q]

LOL, what the %$^$ is a hierarchical page pinning algorithm? You're a troll. Only thing that uses linux at myspace is the media processors and servers, and nothing uses mysql.

Re:I have been wondering for a while...

Yeah. It was all downhill after they opened it to high school students. It still sucks far less than MySpace, though.

Re:I have been wondering for a while...

[Kalriath]

That's what he said. I knew that reading the article and summary were considered taboo here, but not even reading the comments now? This place really has gone to shit.

Re:I have been wondering for a while...

[Stellian]

The number of accounts is not relevant. What matters is the traffic, double for face book, with Myspace slowly decreasing:
http://trends.google.com/websites?q=facebook.com%2C+myspace.com&geo=all&date=all&sort=0

Re:I have been wondering for a while...

[Trogre]

I wonder how long that will last, with MS now being a 5% stakeholder.

Re:I have been wondering for a while...

[Trogre]

By 5%, I of course mean the 1.6% that was successfully negotiated in 2007.

Pretty impressive operation

[pintpusher]

at least for me being a 38yo undergrad.

We had one of their engineers give a talk a couple of weeks ago. The most recent number he had was 120 million members (who've logged on in the last 30 days) and over 65 billion page views per month. And they do it with 200 or so engineers.

I was fully expecting (being interested primarily in verifiable systems and fp) to be annoyed by this talk, but they have some pretty interesting problems to solve over there. The fact that they're doing it with OSS, and giving back to boot, really made my day.

Re:Pretty impressive operation

[SatanicPuppy]

Yea, but if they could do it with Windows, now that would be a challenge!

Re:Pretty impressive operation

[Bill,+Shooter+of+Bul]

And if the rumors of Microsoft eventually buying a majority stake in them, that's exactly what they'll have.

It would be hotmail all over again, but even stupider.

Re:Pretty impressive operation

[aaron.axvig]

Like MySpace does? http://www.baselinemag.com/c/a/Projects-Networks-and-Storage/Inside-MySpacecom/5/

Re:Pretty impressive operation

at least for me being a 38yo undergrad.

Wow, and I thought my taking six years to graduate from college was bad. Hopefully you're getting some good tail from confused 20 year olds (okay -- 'confused' is redundant here). Once you're too enfeebled by age to be able to lift your own 40, it's probably time to graduate.

There is nothing "bad" about it. I'm 35 and back in school after a 13+ year career in software engineering (no schooling, so this is my first real stint in college). I grew bored with computers so I decided to get a degree in math and econ. I'm having a great time and learning so much. The best part about it is that I know why I'm in school - I didn't go because that's just what you do after high school. ;)

I wish my fellow "old person" the best of luck!

Re:Pretty impressive operation

I was only teasing; I'm 31 and many of my friends are in some level of college. I've tossed around the idea of grad school in computers or going back to undergrad for architecture, but I grew up with an aversion for academia and I'm not sure I could find a program that wouldn't trigger it again - and if I found one, whether my previous poor grades would make me unacceptable to the school. Best of luck to you both.

Blaming Linux...

[TypoNAM]

Is it just me or does the entire first part of the article scream "Linux is to blame!" when they were discussing about dealing with UDP network overhead issues in their software? For example:

We discovered that under load on Linux, UDP performance was downright horrible. This is caused by considerable lock contention on the UDP socket lock when transmitting through a single socket from multiple threads. Fixing the kernel by breaking up the lock is not easy. Instead, we used separate UDP sockets for transmitting replies (with one of these reply sockets per thread). With this change, we were able to deploy UDP without compromising performance on the backend.

I bolded the quote to show what their real problem was. They had a shit load of threads trying to use a single socket and of course there was huge overhead involved due to the mutex lock (Semaphore on kernel side) on a shared resource (the socket). So they blame Linux instead of them selves for such a half-ass implementation of sending out packets from multiple threads with a single socket. They would have gotten the same exact result if they tried it with a single TCP connection socket and attempted to have multiple threads firing off packets with that. If you want multiple threads sending out packets use multiple sockets... Wow what a concept!

Sorry for my ranting, but it just pisses me off when moron programmers blame the operating system for their own stupidity.

Anyway, haven't nearly all MMOs gone with using UDP internally of the game cluster network and TCP externally to reduce latency and network overhead? So this is nothing new to me.

Re:Blaming Linux...

[The_Abortionist]

Linux is pretty terrible for performance multi-threading, that's a fact. It features unreliable file IO too, but I digress..

In the case of Facebook, it's true that it's not the OS fault since Mutexes are always slow anyway.

There are lockless libraries that lock the CPU(s) for one cycle so that the program doesn't need to lock a mutex to increment a counter, for example. Thousands of times faster...

But these wouldn't have helped there. Like you said, it just seems like a design problem in the software. Still 140M users is very impressive.

Re:Blaming Linux...

[Flyers2391]

Personally, I wouldn't take anything facebook says about linux seriously ... Microsoft did invest $240 million in them about a year ago

Re:Blaming Linux...

[imboboage0]

No... I don't think they were really blaming Linux. If anything, I'd say they were praising it for having the functionality to be modified to fit their needs. They admitted that the previous configuration they had wasn't ideal, and they fixed it. I think the important part here is that they used Linux to fix it, they continue to use Linux, they documented the fix, and now they are giving back to the OSS community with information on how they did it.

Re:Blaming Linux...

[epiphani]

Wow, you're uninformed on multiple levels with this post.

1. "They" didn't write memcached. Livejournal did, and then they open sourced it. "They" didn't provide a half-assed implementation. They pushed a piece of open source software further than it had before, and found problems.

2. If you'd read the next sentence right after your bold line, you'd notice they were talking about a kernel lock. Not a lock in memcached. Thats a totally valid reason to blame linux.

If you bothered to actually spend some time programming hugely complex high performance applications, you'd realize quite quickly that the Linux kernel, while damn near the best kernel out there, isnt perfectly suited to your application. I can list off five or six things right now that I have problems with in the Linux kernel. But -every- application designer with sufficient experience (especially in large-scale performance apps) can probably do the same.

Before you say: well why don't you fix it yourself.. look at the quote you referenced again. They considered it, and took a different route.

Re:Blaming Linux...

[inKubus]

Then there was this:

Another issue we saw in Linux is that under load, one core would get saturated, doing network soft interrupt handing, throttling network IO. In Linux, a network interrupt is delivered to one of the cores, consequently all receive soft interrupt network processing happens on that one core.

Likewise, I thought irqbalance already handles this? It's fairly commonly installed in 64-bit distros, probably most others by now. Not to mention you could go to TOE for the machines you have the most traffic on, offloading the TCP stack to the network cards, minimizing the amount work the CPU has to do. You can max out a current processor with 10GB ethernet just on overhead..

Re:Blaming Linux...

[jjohnson]

It's just you thinking that they're blaming Linux. They built their system, found some roadblocks in memcache and the Linux kernel, and fixed or worked around them. Then they publicized their fixes like good OSS users should.

It's only "blaming" Linux if you think Linux is perfect and can do no wrong.

Re:Blaming Linux...

As in bought stocks / parts? Maybe they just wanted to like, invest the money and hope for returns?

Re:Blaming Linux...

[aliquis]

Are there other oses (FreeBSD, Solaris?) which would had been able to handle multiple threads using the same socket better?

Re:Blaming Linux...

[blitzkrieg3]

They said that "on Linux, UDP performance was downright horrible."

This statement is just downright disingenuous and wrong. UDP performance in general on Linux is comparable or better than other Operating Systems. What he found out is that accessing a single UDP socket on Linux requires a lock, and that when trying to share that lock over multiple threads you have a performance issue. Welcome to intro level operating systems.

This has nothing to do with UDP performance, which I define as either throughput or in some cases packets per second. He then goes on to imply that he worked around some issues in Linux, when in actuality he attacked the problem from the wrong angle and through trial and error found the obvious solution. Why would you even think to use the same socket in a connectionless protocol like UDP in the first place?

I do agree that in general the article was written in more or less praise of Linux, but reading that sentence makes my blood boil.

Re:Blaming Linux...

[blitzkrieg3]

2. If you'd read the next sentence right after your bold line, you'd notice they were talking about a kernel lock. Not a lock in memcached. Thats a totally valid reason to blame linux.

How do you hope to architect a fix for this? Thought I don't know the specifics, they said that they were using the same UDP socket to transmit from multiple threads. That means you have one kernel space data structure across the entire UDP/IP stack being shared by multiple threads. Therefore you need a lock around updates to that data structure.

Until we see some atomic sendto() operations this is not going to change.

Re:Blaming Linux...

[TypoNAM]

2. If you'd read the next sentence right after your bold line, you'd notice they were talking about a kernel lock. Not a lock in memcached. Thats a totally valid reason to blame linux.

If you bothered to even read my entire post you would see that I acknowledged the fact they were talking about the kernel lock on the socket being the problem, but I also mentioned reason as to why it was happening (the socket is a shared resource: buffer management, FIFO, etc..) and realistically completely unavoidable in the kernel. Instead the only reasonable way to fix it is to use multiple sockets of which they did afterward to resolve the issue which should have been a no brainer to begin with.

My point in ranting about their post was the wording they use to make it sound like it was Linux's fault, not theirs since they just recently switched from a TCP to UDP packet exchange method and they did things that they shouldn't have done or wouldn't have done if they were still using TCP, but thought they would get away with it in UDP of which didn't make sense in this particular case. So, no, it wasn't memcached developers that did the half-ass'd changes, it was facebook's developers that did as talked about in their own article.

Re:Blaming Linux...

[hesaigo999ca]

Too often the people that are left to explain the problem in detail to the press are not the engineers that worked on the solution for that problem. If we had a discussion with one of them, we would hear a totally different story!

Re:Blaming Linux...

And you're missing the point of GP's post.

It was about their usage of sockets, not memcached.

Re:Blaming Linux...

They said that "under load on Linux, UDP performance was downright horrible."

There, fixed it for you. By omitting what you did, you were being as disingenuous as they were. Of course, the exact type of load that caused their problem was their fault, and they admit to that. Sure they could have worded it differently in the line you [mis]quoted, but the overall message was still there. Unlike in your quote, where you make it sound like they're saying that UDP never works well in Linux.

Re:Blaming Linux...

Ahahaha. Dude, you got modded down literally because you said something that might be taken negatively about Linux. No fanbois around here, no-siree.

Re:Blaming Linux...

[Raenex]

If we had a discussion with one of them, we would hear a totally different story!

Then again, a lot of times "software engineers" are fumbling around and gaining experience on the job. There's just too much to know and too little standardized knowledge. Having read the article, the author sounds like he was involved.

Re:Blaming Linux...

[ranulf]

[...] So they blame Linux instead of them selves for such a half-ass implementation of sending out packets from multiple threads with a single socket.[...]

Sorry for my ranting, but it just pisses me off when moron programmers blame the operating system for their own stupidity.

The point is that it wasn't their own stupidity. They took someone's open source project and improved it so it could better handle high loads. I don't see them blaming Linux, I see them recognising the limitations of the system they are using and coming up with a solution and then sharing it. Normally, this is cause to say "Yay! Open source!" rather than calling them "moron programmers".

Re:Blaming Linux...

[hesaigo999ca]

quite plausible, but unlikly in facebook's later stages (bringing in real experts)
of dealing with its problems

Re:Blaming Linux...

[epiphani]

How do you hope to architect a fix for this? Thought I don't know the specifics, they said that they were using the same UDP socket to transmit from multiple threads. That means you have one kernel space data structure across the entire UDP/IP stack being shared by multiple threads. Therefore you need a lock around updates to that data structure.

No idea, I haven't reviewed the kernel either. But from this line:

Fixing the kernel by breaking up the lock is not easy.

It would appear that they did. It is not impossible to write a lockless queue mechanism.

Re:Blaming Linux...

> Therefore you need a lock around updates to that data structure.

I guess you haven't heard of lockless queues?

Re:Blaming Linux...

[Chirs]

Mutexes aren't always slow. In the uncontended case they don't require a system call (although they do require an atomic operation which involves some inter-processor signalling).

Lockless algorithms are generally harder to get right, from what I've seen. It's not just locking the cpus for a cycle, but you also need to worry about using memory barriers (generally written in assembly) to enforce correct visibility across all cpus in the system.

There are guys on comp.programming.threads that spend a *lot* of time trying to perfect them, and there are often subtle errors that pop up later on. Given the number of problems that regular lock-based algorithms cause, I'd only use lockless if it's absolutely necessary.

Re:Blaming Linux...

... I think they were sending from that one socket because they were recieving on that same socket ...

(so the client would send to port 11211 .. get response back from port 11211)

Re:Blaming Linux...

[NullProg]

Excuse me?

Linux is pretty terrible for performance multi-threading, that's a fact. It features unreliable file IO too, but I digress..

Which part of your sentence do you digress? What facts do you own that the rest of us don't have?

My SBC 486 class ELAM chip with 16Meg of RAM running a 2.4.16 Linux kernel says your full of Shit. The SBC board sitting next to me is currently handling 203 simultaneous threads/sockets and responding with the less than 1ms response time required by the hardware manufacturer(sensors). Its doing that while running a THTTP webserver and cron, at the same time. For 203 threads the memory usage is less than 5Meg. Bonus, the Linux kernal actually releases memory when a POSIX thread goes away.

Windows CE/XP embedded choked under the same requirements. Maybe you can teach me about how Linux sucks in any environment. Perhaps you can show me how the WinCE/XP embedded CreateThread() is better in a limited memory environment.

Enjoy,

Re:Blaming Linux...

[ultranova]

I bolded the quote to show what their real problem was. They had a shit load of threads trying to use a single socket and of course there was huge overhead involved due to the mutex lock (Semaphore on kernel side) on a shared resource (the socket). So they blame Linux instead of them selves for such a half-ass implementation of sending out packets from multiple threads with a single socket. They would have gotten the same exact result if they tried it with a single TCP connection socket and attempted to have multiple threads firing off packets with that. If you want multiple threads sending out packets use multiple sockets... Wow what a concept!

Your attitude is reminds me of a response I recently got to a bug in Firefox 3 here on Slashdot: the page which triggered the bug is "stupid", and it's not the Firefox developers fault that the program locks up when it encounters a "stupid" page. Thus it's a low priority to fix it, since it only affects users of "stupid" pages; hardly even a bug at all !

As for this UDP issue, I find it very hard to believe that a properly designed system needs to hold the lock long enough to cause significant lock contention. We are talking about adding a single item to a linked list or a comparable operation. It takes - what, setting two pointers ? Or three if it's a doubly linked list.

Besides, threads are just processes which share more context than processes in general. And a socket is just a logical construct the operating system uses in its network API. There's no inherent reason why two threads sending UDP packets over a single UDP socket should be any slower than sending them over different sockets, or two separate processes sending them over different ports, since they ultimately leave through the same hardware interface. If it is indeed slower, then that is because of the design choices a particular implementation has taken. These choices may or may not be justified; however, the user is not "stupid" simply because he didn't realize you would make these particular choices instead of some other, possibly equally reasonable ones.

Sorry for my ranting, but it just pisses me off when moron programmers blame the operating system for their own stupidity.

It is always hard to hear criticism of things you hold dear. That doesn't mean that the bearer of the bad news is a moron.

Re:Blaming Linux...

[I_redwolf]

Part of the problem is that it's not better at handle higher loads reliably. Much of what they are doing is basic stuff to improve performance. They could improve performance even more if they stored required data in Varnish instead of memcache and use the remaining mem for other more important things. Of course it sounds like they are now learning about parallel programming so it'll be a while before they get there.

Re:Blaming Linux...

2. If you'd read the next sentence right after your bold line, you'd notice they were talking about a kernel lock. Not a lock in memcached. Thats a totally valid reason to blame linux.

How do you hope to architect a fix for this?

UDP is out of order, so using one lockless queue per processor and then having the kernel pick off whatever is handy and shipping it to the network seems as a reasonable architecture.

Thought I don't know the specifics, they said that they were using the same UDP socket to transmit from multiple threads. That means you have one kernel space data structure across the entire UDP/IP stack being shared by multiple threads. Therefore you need a lock around updates to that data structure.

You should be less bombastic. All your recent comments are either wrong or are based on so little information ("Then you were not taught functional programming") that neither you nor I can know if you were wrong.

multiplexing?

[SchroedingersCat]

Because we have thousands and thousands of computers, each running a hundred or more Apache processes, we end up with hundreds of thousands of TCP connections open to our memcached processes.

Why not just multiplex memcached requests on single connection at web host level?

Re:multiplexing?

Um, because PHP is not a real application server? mod_perl could hold a persistent connection open for all the apache processes to share.

... And Yet Very Lacking From a Security Angle

[eldavojohn]

It's pretty impressive that Facebook has been able to grow so quickly and handle so much traffic. Their down time has been pretty insignificant related to the sheer number of requests that blow through their servers every day.

There's probably a thing or two that can be learned from their developers and IT folks. I just wish I knew more about the whole underlying structure so I could appreciate exactly what they've done.

Well, call me cynical but the things that interest me about Facebook are what has gone wrong. Like hackers selling account details for pennies. This is the end result:

The scam works by a victim clicking on a spam link that appears to be coming from one of their Facebook friends or someone in their address book which lodges spyware in their machine. This then records all the information, including passwords, when they log in to various sites.

The passwords can then be sent on to money-laundering gangs who use them to infiltrate users' bank accounts.

While this is true of any other networking site, I think this severe security issue needs to be address successfully one of these days.

All I've seen Facebook do to remedy this is explain how to clean it off your computer.

I fear for the millions of homes where a kid logs onto Facebook, gets mail from Timmy. Clicks the link, finds nothing and leave. Mom and dad log into their online banking/credit card statement later that night and ... it's only a matter of time.

Re:... And Yet Very Lacking From a Security Angle

[bigstrat2003]

It can't be addressed... because it's not a security issue with the site. It's an issue that the user needs to be trained on how to spot, and good luck getting that to happen.

I mean, come on, banks have the "problem" you described, and most banks aren't what we'd call insecure.

Re:... And Yet Very Lacking From a Security Angle

[gnick]

Facebook would do well to proactively encourage users to prevent such attacks by securing their systems. For example, by installing this simple application, you can ensure that your computer will never fall victim to malware:
http://not-malware.i-promise.org/magic-bullet.htm
Just enable scripts and click OK whenever it tells you to. It's that easy.

Now, if /. allowed me to post the (fake) link above, how are they any more at fault than facebook is for allowing potentially dodgy links to be shared via their service? They even went the extra step of helping users remove the malware from their PCs. I'd imagine that most conduits for malicious links (IM, social networking, e-mail, online forums, etc) wouldn't have even gone that far. Their users were being targeted and exploited, so they helped them avoid being taken advantage of - Good on 'em.

Were I malicious, I could grab the e-mail address you share in your title line, look through your /. 'friends' list for other accounts with posted addresses, and e-mail you a malicious link "From" one of them. How would that be different?

Re:... And Yet Very Lacking From a Security Angle

It can't be addressed

Are you daft? Not only did he provide a link where Facebook was addressing it, addressing it is the only way it can be combated!

Re:... And Yet Very Lacking From a Security Angle

Now, if /. allowed me to post the (fake) link above, how are they any more at fault than facebook is for allowing potentially dodgy links to be shared via their service?

This is ridiculous, if you can't think of a way to combat this, you don't have a very good imagination. The fact that Slashdot includes a [i-promise.org] after your link is one very simple way to inform the user.

Facebook already notifies you that you're leaving Facebook when you click on mail or an instant message inside Facebook ... would it really be that hard for them to test it against a known malicious links database like Firefox's phishing extension does?

You are creating a product for 140 million users, I would expect you to be doing all you can to protect their security and safety. Right now, it's becoming a hotbed for crime.

Don't get me wrong, it's WAY better than any other social networking site but if someone can overcome these problems, they're going to be more secure than Facebook.

Re:... And Yet Very Lacking From a Security Angle

[jcarkeys]

Actually, they recently created a "go-between" page for all external links, I believe. It repeats what URL is being requested and then has a button that says "go there anyway". The ones that are known viruses are completely blocked.
That sounds pretty proactive to me

Re:... And Yet Very Lacking From a Security Angle

[dubbreak]

That link is dead. Could repost a working link?

I really need that application. I get so many viruses.

Re:... And Yet Very Lacking From a Security Angle

Dear sir, I am very interested in your computer program. I would like to purchase it, but your Web Site appears to be offline. I tried your address using both of my web browsers (The Internet and the Fox one), your site won't load with either one. My credit card number is 7612 4397 0000 3211. Can you ship in time for Christmas?

Re:... And Yet Very Lacking From a Security Angle

[zapakh]

That link is dead. Could repost a working link? I really need that application. I get so many viruses.

Me too! Plz send me teh codez

Re:... And Yet Very Lacking From a Security Angle

Security? What about speed.

This article talks about how great they scale, but can someone explain to my why facebook has been slower than snail shit the last week or so? And if you say its my internet connection, I'll slap you, because im not the only one bitching lately.

Re:... And Yet Very Lacking From a Security Angle

most banks aren't what we'd call insecure.

Online, a surprising number are.

Re:... And Yet Very Lacking From a Security Angle

[Firehed]

Were I malicious, I could grab the e-mail address you share in your title line, look through your /. 'friends' list for other accounts with posted addresses, and e-mail you a malicious link "From" one of them. How would that be different?

It would be no different. I think the more interesting problem here is that while social engineering attacks are pretty damn easy to pull off with complete strangers (I speak from experience; I did some harmless stuff ages ago just to see), they move into the realm of trivial when these same attacks appear to come from "friends" - which is presumably the case with those originating from Facebook messages.

For what it's worth, Facebook at least filters some links warning that you're going to go to an external site and that they're not in control of that content, etc. Not all of them, but it's a start. Were they to run all external links through that filter and combine it with Google's malware host lists, they could probably go farther to prevent these kinds of attacks.

No, obviously there's not a whole lot they can do to make sure that IE is patched and as safe as it can be, but they've implemented some measures in some places to make sure you won't get that far. Which is really as much as you can ask for. Even if you can train all of your 140m users to not click suspicious links (yeah, right), they'll probably still trust links that appear to be from an acquaintance.

Re:... And Yet Very Lacking From a Security Angle

http://www.ubuntu.com/

Re:... And Yet Very Lacking From a Security Angle

[RichM]

Blizzard have done the same for a year or so on their Warcraft forums. A large majority of trojans these days are designed to steal game login details for World of Warcraft because the accounts are worth a lot of money.

Re:The problem of Facebook

[CambodiaSam]

I use a false name, and I don't post anything that can easily identify me. If I want a friend to associate with me, I let them know what to look for.

Now I get the mundane details of everyone's life, such as "Getting a haircut, yea!" on the rare occasions I check it. At least people can't bug me to be on it anymore.

I'm jenny seeing forest gump @ wash momument

[FeynmansBastard]

I went to high school with the guy who wrote that post at facebook!

That is *not* a Facebook problem

[RMH101]

User is sent link, directed to website with malware payload, such as a 0-day IE exploit. User is running unpatched Windows, user is 0wned, PC is 0wned. Hilarities ensue.
It's just a standard trojan with an unusual delivery method of using fake Facebook profiles run by trojan bots. I can't see how this is Facebook's problem any more than it's your email program's fault that you clicked on a dodgy link without checking it.

Re:That is *not* a Facebook problem

User is sent link, directed to website with malware payload, such as a 0-day IE exploit.

Funny you should say that ... I find it hilarious that the group think here is that when a tool like IE is being raped by malicious people, it's IE's fault. When a product like Facebook is under the same target of malicious users then it's the malicious users faults? How do I know when it's the hacker's faults and when the tool's maker should be protecting me?

Re:That is *not* a Facebook problem

[byner]

When it's an unpatched exploit we're talking about, it's pretty easy to see where people are drawing the line on who's fault it is. You can't see the difference when people blame someone for not patching their software versus not blaming someone for providing links?

Re:That is *not* a Facebook problem

I think the GPP's point is that the vast majority of Facebook users are only accessing it through IE, which has been known for security problems for years and years. They, along with the hundreds of millions of other IE users re also using IE to access other websites, some of which also target security flaws in IE.

Facebook's security problem is small compared to the tool people are using to access Facebook.

Re:That is *not* a Facebook problem

Facebook is a delivery mechanism. IE is part of the Windows OS. What's your point? Is it Thunderbird or Pine's fault if they deliver an email to you saying "please click here to be haxored" and you do? Or if you get a 419 scam in the post is it the Post Office's fault?

Re:The problem of Facebook

[fprintf]

There are some people from work who I added as friends, before I knew them really well. Now I get all their exciting updates like "So and So just joined the group 'Whereever you go, there is a Jew' or 'Jews are the nicest people'". This person is really nice at work, but I'd really like to sever this facebook relationship. Not because they are Jewish, mind you, but because they wear their religion on their sleeve, have some strong religious views (they could easily be Hindu, Muslim, Christina and I'd think the same) and I don't like it. The problem is, I can't figure out how to either a) turn off their notifications or b) defriend them without causing an issue in the office.

Re:The problem of Facebook

[clone53421]

Yes, you can delete your account... not sure if Facebook purges the data from their servers, but it shouldn't be accessible to anyone else after you delete your profile.

You can also set it so that only certain groups of people (or no one at all) can see your profile, customizable on an item-by-item basis (including various things like phone, address, profile picture, status, birthday, birth year, friends list, bio, wall posts, videos, pictures) and/or comment on your wall, pictures/videos, or send you messages.

You can also tell it not to let search engines like Google find your profile, which I'd also recommend.

Actually, if you really want to play with it, I'd recommend that you register under a fake name and fool around with the security settings. If you're satisfied that it's private enough for your tastes you can put your real name and info up.

Re:The problem of Facebook

[clone53421]

I generally like looking through my friends' new pictures and sometimes their notes (if the note shows up in the feed and looks interesting).

"PHP Doesn't Scale"

[0100010001010011]

Like or hate social networking. Facebook has gone a long way in showing how well PHP can be made to scale. They also contribute quite a bit back to the PHP project and PHP related projects.

5 years ago if anyone came along saying they were going to build a website in PHP ./ would be up in arms calling them idiots of all sorts and saying they NEED to go with compiled C or Perl.

Re:"PHP Doesn't Scale"

5 years ago, that may have been the case, no?

Re:"PHP Doesn't Scale"

[clone53421]

No... 5 years ago they still could have made PHP scale better and then used it. (Which they did, albeit with help from the rest of the people who also helped make PHP better over the past 5 years.)

Re:"PHP Doesn't Scale"

[guruevi]

PHP is good for all types of projects. It's the use of PHP that makes the difference. If you write clear, intelligent and documented code it runs fine. It's even better if you use good function design and definitions. It's plenty fast too and can be pre-compiled or cached. It's also good at scaling because the programmer only has minimal interaction with threading, locking and similar issues and PHP leaves most of it over to the libraries (Apache, IIS, MySQL).

Programming in PHP is a lot like programming in Java: you have a bad developer and your code will run as slow as hell and will be difficult to maintain. Coding is simple and the optimization is minimal because it's a quite high level language. There are of course a lot of inherited problems in PHP (magic quotes and safe mode to start off with) but with PHP5 and PHP6 they are slowly being phased out. But if you do it well, you can write very secure and fast applications in PHP.

Re:"PHP Doesn't Scale"

[RightSaidFred99]

C or perl. Ahahaha. Yeah, what's sad is you're right people probably would have said it. Those people were retarded then and they're retarded now.

Re:"PHP Doesn't Scale"

[merreborn]

Like or hate social networking. Facebook has gone a long way in showing how well PHP can be made to scale.

Anything can be made to scale if you have millions of dollars worth of servers providing terrabytes of memcached instances. Scalability is an architecture problem, not a language problem.

Re:"PHP Doesn't Scale"

Facebook has gone a long way in showing how well PHP can be made to scale.

I know someone who works at Facebook. PHP causes a world of pain for Facebook. They are scaling out IN SPITE OF the horrible performance of PHP.

They are finding ways to mitigate some of the pain and they are sharing those ways. But I'll bet they wish they could go back in time and build their site on something else.

Re:"PHP Doesn't Scale"

[gakguk]

Your post can also be read as it's also possible to write high performance sites with VB.NET. This is a violation of /. usage guidelines.

Please correct your post accordingly. Thank you for your cooperation.

Re:"PHP Doesn't Scale"

[JasterBobaMereel]

PHP has the same problems that Basic and VB have, it is easy to write very bad code and relatively difficult to write fast, easily maintainable code

It is possible to write bad code in any language but it is easier in some and PHP has a reputation (well justified) for making it easy or even encouraging bad coding practices

PHP is improving, and is vastly better than it was (mainly due to it's use in large websites) but there are still languages that are intrinsically better ...

Re:The problem of Facebook

"Relationship"? You're talking about "Facebook friends" here. The vast majority of Facebook users probably don't even know half the people on their so-called "Friends list", much less consider them to be friends.

In reality, "facebook friends" doesn't mean much more than "people I probably wouldn't kill if I met them randomly on the street."

Get over it. If you don't want to delete them, then just ignore them... the same as you'd ignore a notification that said "Timmy just ate a booger".

They built a tuple store.

[Animats]

Amazon and Google faced similar problems, and dealt with them in ways that are roughly equivalent - by adding a tuple store to their system.

If the data behind your web site is mostly accessed via one primary key, a tuple store, something that stores name/value pairs, beats a general-purpose relational database. Both Amazon and Google have such a mechanism in their "cloud" systems. Facebook has a somewhat low-rent solution; they're front-ending MySQL with a tuple store cache. This only works if all the queries contain some ID that has to match exactly, like user ID. Effectively, instead of one big database, the problem consists of a large number of tiny databases, all somewhat independent. Problems like that can be scaled up without much trouble.

Tuple stores distribute nicely - you can spread them over as many machines as you want, just by cutting up the keyspace into conveniently sized shards. There are distributed relational DBMS systems, but they have to be able to do inter-machine joins, which is a hard problem. (That's what you pay the big bucks to Oracle for.)

Re:They built a tuple store.

[Azarael]

I believe that there's some clever tricks you can use when generating tuple keys to make things fuzzier. Not easy, but if you customize your approach and know enough about the data, it should be possible

You're right about the key space splits, there's an addon to memcached called libketama that uses consistent hashing to do exactly that.

Re:They built a tuple store.

[NorthDude]

Do you have any links pointing to informations about tuple stores? I'm interested in reading more about this. I did a quick google search but could not dig up anything relevant...

Re:They built a tuple store.

[StandardDeviant]

If I understand the grand-parent post and this space in general correctly, think things like BigTable at google or open-source implementations like Hypertable or HBase.

Re:They built a tuple store.

[Animats]

Right. The term "key/value pair" is generally used by "cloud" people. The term "tuple store" is a more generic term from academia.

Re:They built a tuple store.

[copdk4]

Yes you are right but Google/Amazon are read-heavy so a big hash table works perfect since there is less disk access - however FaceBook is both READ and WRITE heavy so its more challenging. From their last SIGMOD Cassandra paper, I gather they use some sort of in-memory write which is then synced with their bigtable. Very cool stuff!

Business plan?

How does Facebook make money?

Re:Business plan?

[clone53421]

Advertising, I assume.

Re:Business plan?

[CannonballHead]

No assumptions necessary, just visit the site. :)

Re:Business plan?

[clone53421]

No assumptions necessary

Well, I'm positive of the advertising, and I'm assuming that's how they make money. They might have other revenue sources that I'm unaware of...

just visit the site

'course, I use adblock plus, so visiting the site wouldn't prove much in my case. heh.

Re:Business plan?

1. Build social network site.
2. Sell all information about who knows who to the intelligence agencies of the world.
3. Profit.

Facebook has been slow

[bdbolton]

I've noticed a general slow down and unresponsiveness in facebook. It started when they rolled out the new fully ajaxified UI a few months back.

I figured the slow down was caused by the ajax but maybe it was the 600,000 new users getting added per day.

I hope facebook speeds up.

140 million

[howman]

Doesn't take into account the 40 accounts I have. One for each time I get tired of having too many friends and not enough inclination to actually delete them all. Create, fill, overflow, start over.

Re:140 million

[owlnation]

Yep that's very true. Facebook, like Myspace and eBay and others before them are quick to tout the "xxx million members" stats. It's NEVER true. It's pure hyperbole.

That's not active users. Many people register and never go back. Many people register several user accounts. For me, I registered a Facebook account a year or two ago, looked around and have never been back. Never will. There's nothing of value nor interest to me on Facebook. Yet they are presumably counting my id in that 140 million like I'm a satisfied, active user. I'm not.

Re:140 million

[Kijori]

According to a poster further up, the figure is based on the number of users that have logged in in the last 30 days. While that number will still be a bit high it shouldn't be awful.

Netcraft

The question is: as Netcraft counts MySpace accounts as 'Web sites' in its figures, will it now count these 140 million accounts as 'Web sites' also?

If not, whenever you look at Netcraft's figures, don't forget to add 140 million Apache sites to them (not to mention minusing all those GoDaddy parked domains from IIS).

Biggest takeaway from this story?

[LynnwoodRooster]

140 million people need validation from a web page...

Re:Biggest takeaway from this story?

[MadMidnightBomber]

Er, in Soviet Amerika, HTML validates you?

Re:Biggest takeaway from this story?

140 million people need validation from a web page...

Says the /. poster who wanted to validate said statement by making sure not to post anonymously

Yes,

[internerdj]

if by validation you mean:
Being able to find old friends you haven't been able to contact in years.
Having a central pull information spot rather than the push model of spaming every email address you have with pics of the new baby, house, car, toaster.
A central and standardized organization spot for arranging informal gatherings with friends, like parties.

Re:Yes,

[TheTyrannyOfForcedRe]

What are these "parties" you speak of?

Re:Yes,

You left out 'providing a commercial data mine for companies to exploit'.

Yeah, but how many REAL users are there?

[Wyck]

And 150 million of those users are bots.

Either that or facebook has tonnes of supermodels that have only two or three friends. ...not that I've been searching ;)

Re:Yeah, but how many REAL users are there?

[w3c.org]

Yes, and don't forget that you can't delete your account on facebook... only suspend it. Talk about so much users!

Cancelled

Wow, I'm surprised people still use Facebook. I cancelled my account... to many stupid application invites. Eventually it will be myspace, filled with the same people who do the Rogers Wireless commercials... The same people I target in parking lots when I decide I want to hit something.

Re:The problem of Facebook

[jank1887]

when their little messages or updates show up, there's a little "Options" link that pops up when you mouseover the item. Click on that, and there are "More about John" "Less about John" links. Click the Less link. Do it anytime you see something about them. It should only take one or two clicks, and you'll never see anything about them ever again, even though they're still in your Friend list.

Upgrading....

[supernova_hq]

Our chance to slashdot facebook is diminishing as we speak!

Re:Upgrading....

[SL1200MKII]

I was actually thinking along the same lines. There are not too many sites that can withstand being slashdotted. Perhaps Facebook is one of them, or maybe not....

Re:Upgrading....

[supernova_hq]

I've always been surprised that slashdot doesn't get slashdotted....

Re:Upgrading....

[SL1200MKII]

It's gotta be all those users sacrificing themselves by only browsing /. on Lynx
Go Lynx!

Re:Pretty impressive operation - NOT!

From the article by Paul Saab:
"We discovered that under load on Linux, UDP performance was downright horrible. This is caused by considerable lock contention on the UDP socket lock when transmitting through a single socket from multiple threads. Fixing the kernel by breaking up the lock is not easy. Instead, we used separate UDP sockets for transmitting replies (with one of these reply sockets per thread). With this change, we were able to deploy UDP without compromising performance on the backend..."

He mentions at least 3 other problems which (to anyone wanting to get the job done well) read as "Linux is not the best OS for this job!", but they're still struggling with Linux and trying to hack up some kind of ad hoc solution. Why not just use FreeBSD instead?

No, this is not flamebait, I'm being serious.

Re:Pretty impressive operation - NOT!

I don't know the details of the 3 other problems, but using separate udp sockets for replies to break up low level contention is straight out of unp - off the top of my head I've used it on at least 2 projects on solaris. Doesn't sound like a linux problem to my way of thinking.

Plaaaeeze

Count me out. That social networking crap is a load of BS. People do NOT need to be in touch that often and that deeply. Learn some privacy folks.

Re:Plaaaeeze

if you think you could somehow talk people out of enjoying spending time talking to friends, you must have one sad, lonely life.

the reverse would be more likely

[Trepidity]

The traffic levels aren't even close.

Re:the reverse would be more likely

[supernova_hq]

That's just down right depressing...

Re:The problem of Facebook

[fprintf]

Ah, I noticed that option and have tried it once or twice before. I will click it a few more times. Thanks for the advice!

Re:The problem of Facebook

[JasterBobaMereel]

Simple solution is don't tell facebook ...and then Facebook will not know

If your phone number, address, work history, educational history is on facebook then you are foolish, your friends and family already know this information (or don't care), and facebook does not need to know

The security on facebook should be assumed to be flawed, since it is unlikely to be perfect and so you should not put any more information on than you would be willing to let everyone on facebook see ...

Re:Pretty impressive operation - NOT!

[zoefff]

But did they test any other OS udp performance under load? Not being a fanboy...
Could very well be that that would be horrible as well, unless it was designed from the start for a high load, which would probably bring you to solaris or so.