Interview - Matt Asay: “MongoDB is the perfect fit… NoSQL in general is a better fit”
MongoDB, the open-source NoSQL database, was recently named "Database Management System of the Year" by DB-Engines – with good reason. DeveloperTech (DT) spoke with Matt Asay (MA), VP of Business Development and Corporate Strategy, about why customers should choose Mongo…
DT: Can you give a bit of background to MongoDB and why organisations should choose it?
MA: One of the things which is most interesting about MongoDB is the product was formed before the company was, and it was formed out of a need which a lot of enterprises need today. When the founders started in 2009, they were actually building a PaaS company.
At some point they decided, “this is too ambitious to build a PaaS system,” especially at that time, so they thought, “let’s focus on the area we think is strongest” … and that was MongoDB.
They looked at other systems - MySQL, PostGreSQL, and other open source systems – and ultimately decided they had to build their own in order to get the kind of scalability that they needed, and the kind of development flexibility that they needed.
So MongoDB is, as founder Dwight Merriman says, “the database he always wanted at his previous companies,” and he started DoubleClick – an early online advertising company he sold to Google for a few billion dollars – and he would have like it there for its scalability, flexibility, and ease of use.
DT: You mentioned scalability as being at MongoDB’s core. With the online environment being so vast, how well does it deal with the issue?
MA: It’s true horizontal scalability and you don’t have to shut-down your application to scale out. It really is as easy as you just worry about your application; and the database takes care of managing the provisioning to ensure you always have enough capacity there to meet it.
You can get that with a relational database if you work at it really hard. For example, Facebook uses a lot of MySQL, but Facebook has more engineers than most companies have employees, and more people working on that scalability issue. For most enterprises they’re simply not able to “scale out” with a relational database – period.
In 2010, when Facebook were looking at relational databases they could use, they were running millions of transactions per second. There wasn’t a single relational database on the planet which could handle that, and there were some fantastic relational databases.
You have to have a truly horizontal system, and frankly, one of the things which is important; whether you’re running at Facebook’s scale – and most people aren’t – or if you’re a single developer in her garage and you’re just trying to build an application… the main thing you’ve got to be thinking as a developer is “how can I minimise the cost of failure?”
You want to be able to get started, iterate quickly, and let that application move in the direction you or your organisation need.
DT: We’ve seen, frankly crazy, accusations about MongoDB providing a “backdoor” for the NSA… what is your stance on security and privacy in the database?
MA: That’s a good question. You can have really bad security for an open-source project, you can have really good security for an open-source project. The thing that is different for a database like MongoDB is you can see the code… there’s no possibility for a backdoor.
The real benefit of open-source for security is not so much in the upfront coding, but it’s rather after the code is out there in the wild. People can find the holes, plug the holes, and call out the holes that are there. So for MongoDB we take security very seriously; it’s one of the core things we worry about, because it’s a database, and people want to know their data is secure.
In terms of backdoors, and the NSA, or other organisations being able to infiltrate MongoDB – I’d say; no, if anything it’s inherently more secure as we have more eyeballs, more of the public can actually look and see what’s going on in that code, find the problems, and fix the problems themselves and contribute the code to us or tell us about it – which quite frankly happens more often.
As is generally the case with open-source; people can’t just chuck code into it. So say the NSA hires some “black hat” developer and they contribute code to us that has this “backdoor” security hole.
Every line of code that goes into MongoDB is vetted. So is it secure? Yes, it’s at least as secure as Oracle, or MySQL, or the other systems out there. I guess the proof of that is where we’re being used… we’re being used in seriously “mission-critical” applications in finance, government, retail… you name it. These are serious applications which depend on hardcore security.
DT: What changes, if any, do you think we’ll see in 2014 within the database market?
MA: We’re not going to see the relational database market fall into the sea and become the “next Atlantis” or anything like that… it’s not going to happen. There are lots of great applications out there which fit really well with the relational model.
We’ll continue to see a robust relational market, but within that market the interesting thing we’re seeing is Postgres…
Postgres was always the ugly sibling to the sexy, cool MySQL. It’s making a comeback, and part of this is the perceived fumbling by Oracle of MySQL. Although if you look what they’ve done; they’ve done a pretty good job of developing MySQL and making it truly enterprise-ready.
Some of the criticism towards Oracle is definitely misplaced, but they have done some things like the removal of test cases and what-not that have made people leery of Oracle as a community steward.
So I think we’ll see this resurgence of Postgres in the relational database side.
But I think we’ll see a huge shift towards modern databases. We’re seeing that with MongoDB, Cassandra… and fortunately for us we’re seeing it a lot more with MongoDB. It’s hard to think of many interesting applications today which aren’t somehow touching mobile, or the web, and for those MongoDB is the perfect fit… NoSQL in general is a better fit.
DT: The “Internet of Things” is a big trend set for 2014; can Mongo help overcome the technical challenges presented by this new technology?
MA: You need scale, low-cost, and you need to be able to manage a wide-variety of data types – and introduce new types – all the time. So if you’re a utility company; today you have your energy meters, but maybe you want to add to that with a new kind of meter or some other data that you want to collect… you need to be able to do that and iterate.
It’s not really well-suited for the old world of relational databases; so we’re seeing people use MongoDB for a variety of Internet of Things and M2M-type applications.
DT: Couchbase’s CEO told our sister publication, CloudTech, to let Oracle, IBM, and SAP “play in the old market because it’s almost irrelevant” – is that a view you share?
MA: So that’s Bob, we ski together at least once a season! I think that’s true up to a point, it’s maybe less true for SAP with ‘HANA’ which I think is actually pretty cool technology. IBM plays in the new market because they standardised on MongoDB for mobile and web applications…
Oracle… what Bob says there may actually be true. They are trying to figure out NoSQL, and these modern databases. They have their own - quite frankly it’s not very good today - but they have lots of resources to get it right.
They have even more incentive to keep feeding their “cash cow” business -- the old-school relational database. So I think what Bob says is mostly true, but each of these companies are trying to figure out how to be relevant in this modern application development world.
Do you agree with Matt’s comments and the benefits of NoSQL databases?