Jebin

Tags

Top Highlights

• Having worked on Analytics and ChatBot platforms, one important thing I observed is, you will have to be fast in developing solutions and the requirements will keep coming crazily. To meet the competition, I had to develop solution in both these products which allows the users to write code to create solutions without having to add new features to the product. It helped a lot to showcase or convert any abstract thought to working solution in matter of minutes without undergoing any product deployment or testing cycle.

• Similarly, in case of ChatBots, we had to provide a JS editor in which people do loads of state management, external API calls and data transformations. This untrusted code will run in NodeJS VM which is a controlled sandbox where only a few modules(xml parser, JSON parser, node-fetch, JWT token creation, cryptojs) are available via context, not even require, fs, http, etc, are available. The VM has timeout option through which we can specify when the VM should terminate the operation and exit.

• We can solve this problem by moving this whole VM to execute in a child process and kill the process after it is done or exceeds the given time limit. If we want to fork one child process per request for VM every time, it might go uncontrolled. It is a bad idea to keep creating new processes. What if we keep only one process that creates multiple VMs to run the code on demand. Still it won’t solve the problem because the processes cannot identify which VM is executing the infinite loop as these problem causing functions are async and running in altogether a different frame. In this case if we kill the whole process by time limit, it will kill other VMs too which were running other users’ code. That is a again not acceptable.