• Overview

  • Favorite Features

    • Instant Purge

    • Custom VCL

    • Surrogate keys

  • Why Fastly

    • Flexibility

    • Cater to Developers

    • Visibility

Sonatype screenshot

About Sonatype

Sonatype is the leader in software supply chain automation, with a long history of significant contributions to the open source community. Major contributors to the Apache Maven project and distributors of the open source Nexus Repository Manager, Sonatype also operates the largest repository (known as Central or Maven Central) for Java software components — analogous to npm for JavaScript, RubyGems for Ruby, PyPI for Python, etc. This repository is where open source software developers publish libraries and modules, and where developers expect to retrieve them in order to build applications. Sonatype served over 30 billion requests for such components in 2015, and continues to add thousands of new or updated components daily.

Sonatype Icons

Why Fastly

Sonatype’s solutions are critical infrastructure that developers use every day. Fastly helps provide a reliable, secure experience for Sonatype's more than 10 million users worldwide as they continue to scale, more than doubling total monthly releases, tripling bandwidth and quadrupling total request traffic.

“Fastly allows us to get into the guts of our CDN; we can quickly configure things the way we need to configure them. With other providers, configuration was totally opaque — we’d have to go through customer support to get rules changed, and that’s pretty unwieldy and not very effective. Fastly has its own API, giving us ultimate flexibility.”
Jason Swank, Technical Operations Lead

“Knock on wood, but in the more than three years we have leveraged Fastly, we’ve delivered a huge global user base 100% uptime, coincident with exceptional network performance. In short, it just works… really, really well.”
Mike Hansen, SVP Product Development and Engineering

Support during growth

The exploding growth in both the production and usage of open source software has led to corresponding scale requirements in network delivery and the availability requirements dictated by part of the world’s critical development infrastructure. Fastly gives Sonatype the ability to cache millions of open source components while offering the flexibility to update content instantly, ensuring those components are always available. As a result, they’ve been able to readily support the enormous and rapid growth that continues year after year.

“We’ve had zero issues with Fastly’s service. Download requests from the Central Repository have increased by 3x and request traffic by 4x, all without skipping a beat. Fastly has helped us get there.”
Jason Swank, Technical Operations Lead

100% Uptime

Maven Central is a free service, sometimes making it difficult for Sonatype to gather user feedback. Developers see the service as a utility, but maintaining reliability is key to ensuring that users don’t go elsewhere.

“Fastly helps us provide extremely reliable service for developers. Being able to readily meet the expectations of 100% uptime for a free service is just awesome.”
Mike Hansen, SVP Product Development and Engineering

Varnish : Transparent & open source

One of the reasons Sonatype chose Fastly is because it’s built on Varnish, the open source web accelerator. This offers the benefits of open source, which includes an extensive, knowledgeable community and documentation.

“One big benefit to using Varnish is it allows us to run our own instances, letting us test things out very easily. With our previous provider, we had to wait for an engineer to make rules changes for us, so it was painful dealing with that feedback cycle.”
Jason Swank, Technical Operations Lead

Sonatype screenshot 2

Diagnosing problems in real time

Because Maven Central is used by developers around the world, it’s critical that Sonatype can look into their site health to ensure successful builds. This was challenging with their previous CDN, which didn’t offer visibility into their environment. Fastly offers real-time analytics that give Sonatype insight into events as they occur, allowing them to identify and fix security issues quickly. Sonatype streams logs to S3 endpoints to gather information and make changes as necessary.

“Being able to monitor and diagnose problems instantly was a huge selling point for Fastly. Now we can stream live syslog data, addressing problems as they happen. This is especially beneficial for security issues; by gathering together information gleaned from streaming logs, we can determine both the popularity and vulnerability of certain components. If there is a vulnerability, we can easily identify and fix it.”
Jason Swank, Technical Operations Lead

Real-time log streaming is also key to Sonatype’s commercial products, which include security mitigation, license mitigations, and popularity information.

“We have a pretty significant infrastructure around crunching data for our commercial products, and Fastly helps us streamline this process en route to our customers.”
Jason Swank, Technical Operations Lead