

Ask HN: What do you think of our demo website? - shin_lao

Hi HN!<p>We're working hard on our very own high-performance cache engine.<p>As a proof of concept/demo/test, we built an URL shortener service built around it.<p>The URL of the demo server is http://wrp.me/<p>What do you think about it? Especially, what do you think of the speed?<p>More generally speaking, would you be interested (read: ready to pay for) a high performance cache or this need is just the fruit of our imagination?
======
moe
_would you be interested (read: ready to pay for) a high performance cache or
this need is just the fruit of our imagination?_

You mean instead of just using memcached, redis, varnish or squid? All of
which are peer reviewed, battle tested, free, and optimized to perform about
as close to the metal as it gets?

Sorry, but I'd lean towards "fruit of your imagination".

~~~
shin_lao
Well, compared to all the products you named we're...

\- faster

\- designed for 64-bit from the ground up

\- scalable on multi core machines

\- portable - Windows, Linux, FreeBSD - out of the box

\- persistent out of the box

\- very easy to install and deploy (ok memcached is very easy to install and
deploy as well)

\- secure by default

\- come with support

Redis, varnish and squid aren't really equivalent products. Memcacheddb is our
closest equivalent.

What do you think?

Of course we're very keen on hearing more from you as we will offer a beta for
download.

~~~
donw
I'm going to be honest, and say that I've probably got no use for your
product. Memcache is _plenty_ fast enough (200k ops/sec without tuning) for
our needs, is open-source, well-tested, free, and has bindings for a lot of
different platforms.

That said, you may want to look at the Windows market, as they don't have a
native memcached, so that might give you some leverage.

Windows shops are also more likely to spend money.

I also read your FAQ, and it left me with a lot of questions:

You claim to be faster than memcached, but don't provide any benchmarks to
back those claims up.

What evidence do you have to support your scalability claims?

What language bindings do you offer?

What do you mean by 'secure by default'?

~~~
shin_lao
Thanks for your comments.

memcached is a competitor, as is Oracle Coherence and Gigaspaces.

memcached is a decent open source product, which appeals to a certain type of
customers.

We realize that there is a competition, but we think there is room for
improvement.

\- no benchmark for now, we think it's too early, we'll do that during the
beta. Our preliminary tests show we're at least twice faster and up to ten
times faster.

\- we tested our cache's performance on a 12 cores machine, so we can only say
"it scales up to 12 cores"

\- we offer out of the box a C language binding, PHP, Java, Ruby and Python

\- wrpme has been designed from the ground up with security in mind, the
default install is secure, you need to manually activate the remote and
administration features (if you need them)

~~~
donw
Fair enough; I can understand why you'd want to (a) tune, and (b) make sure
your benchmarks are going to stand up to scrutiny.

Regarding 'secure by default', though, your answer is very hand-wavy. Do you
employ cryptography for your network protocol? On-disk crypto for persisted
data? Authentication? How are credentials stored, assuming you do provide
authentication? What steps have you taken to avoid buffer overflow attacks?

These are all questions that customers will ask; be prepared to answer them.

~~~
shin_lao
Actually I was more referring to the hard work we do to avoid that kind of
vulnerabilities by design:

<http://securitytracker.com/alerts/2010/Apr/1023839.html>

and

<http://securitytracker.com/alerts/2009/Apr/1022140.html>

Everything we do we consider security first and do threat modeling.

All remote connections are done via TLS, we don't cipher the database on the
disk but if there is a demand for it we'll add the feature.

We've been extremely thorough to review the code an reduce the possibility for
buffer overflows to occur. We use only safe API and validate input thoroughly.
Buffers are encapsulated by a class in such a way that unsafe writing is
difficult to do.

I'm not claiming we'll never have an exploit, just saying we're doing the best
we can to avoid it.

~~~
moe
I would say those are non-issues in most deployments.

Application caches are normally deployed within an isolated, trusted
environment. TCP connections from untrusted clients simply don't happen, so
hardening is not needed at that level.

I'm confused about what use-case you have in mind with this.

Is your cache meant to be exposed to the general public, sort of like the
things you can do with couchdb?

~~~
shin_lao
We want indeed the software to be usable as a high-performance key/value
storage system, which is why we think about security.

------
carbocation
From your FAQ:

"Will wrpme be open source?

No, users will need to purchase a license to use the software except for
evaluation and educational purposes."

Sounds like you guys must have done something pretty impressive to warrant
such a statement! Can you tell us a bit about what differentiates your
offering enough from memcached? Are performance comparisons available?

~~~
shin_lao
Yes, we're much faster but I don't want to commit any benchmark yet, we want
to be 100% sure.

------
pedalpete
I like the look of the site, and I found it to be quite speedy as well.

I use memcache on one of my sites, and never found the need for anything else.

Clearly, you felt there was an opportunity in that space, and maybe there is.
But to me it wasn't obvious.

That may be a bit of a stepping stone. you're like memcache but...!

I don't know that 'faster' is the main target (though I could be wrong). Lots
of sites seem to be quite happy with memcache. But if you can show a savings
of x over memcache due to server resources or speed, etc. you might be on to
something.

~~~
shin_lao
That's our thoughts, if you read my other replies to the comment I list what I
believe we offer compared to memcached and equivalent products.

~~~
ionrock
I think the speed is always a feature, but at the same time, caching always
feels more interesting in terms of a proxy. For example, where I work, we're
able to use one server and proxy massive amounts of traffic to a cluster of
services. I know we paid for this tool and it has proved to be worth the
money. That said, it does a great deal more than just caching where even if
there were a faster caching solution, I'm not sure it would be worth paying
for.

I hope that makes sense since simply stating "there are already those kinds of
programs available" does mean that there isn't room for improvement. The
evolution of lighttpd, nginx and cherokee all suggest that people found apache
limiting in some way.

As for the service it did feel pretty darn fast, so kudos for that. More use
cases or a more general caching proxy/load balancer might be something more
people could consider worth paying for but that is just my own thought.

Good luck!

------
motvbi
It would be hard to pay for something that I know very little about. There
isn't much information about the cache engine itself on your website. How does
this compare with memcached? Numbers on the performance would give us more
insight.

------
olegkikin
Boring. There are hundreds of sites like that already.

I also tried submitting the same URL over and over again, and I get new
shortened URLs. Seems like a waste.

<http://wrp.me/99Jaa>

<http://wrp.me/99Maa>

<http://wrp.me/99Oaa>

~~~
danieldon
Links above go to test.com

FYI: <http://www.example.com> (<http://www.rfc-editor.org/rfc/rfc2606.txt>)

------
akirk
It sounds like you keep the URLs in memory. What do you do if the power goes
out?

~~~
crescendo
From the FAQ:

 _wrpme is an ultra fast _persistent_ cache engine_

~~~
akirk
Also from the FAQ:

 _How long is a wrpme URL valid? An URL is valid - at least - thirty (30) days
from its last access. In other words, an URL will be kept alive as long as
it's acceded once every thirty (30) days ._

If it is persistent I wonder why they have this rule. Just to save RAM?

~~~
shin_lao
It's saved to disk but then it gets evicted after 30 days.

------
wicknicks
Looks nice. If I try and shorten the URL "<http://wrp.me/>, it actually
enlarges it to "<http://wrp.me/999Ea>.

------
javery
How is this better than redis? I can't imagine needing something higher
performance than redis, especially if I had to pay for it and it was closed
source.

~~~
shin_lao
Actually Redis is probably better than our product when it comes to "database"
features. Redis offers semantics we don't offer, if I'm correct with redis you
can get list of objects and the like. We're lower level than that, we focused
on one thing: speed and scalability.

~~~
javery
So you are faster than Redis? Can you back that up?

------
kylebragger
I'm curious how this will stack up against free, open-source libraries such as
memcache and redis.

------
vyrotek
Does it only work on a single machine? Or can it be used distributed across
multiple servers?

~~~
shin_lao
It currently only works on a single machine but we will implement consistent
hashing soon.

------
taykh
clickable link: <http://wrp.me/>

