While most business logic can run in response to web requests, some computations require more than 200ms to complete. Although developers have a cornucopia of web frameworks to choose from, relatively little investment has been made in general purpose systems for delayed execution.

Coursera’s general purpose nearline execution framework—Iguazú—has seen broad utility across many aspects of our global learning platform. Built upon containers and optimized for developer productivity, we use this system to handle researcher data exports, broadcast announcements, and peer reviewer matching. A secured instance of Iguazú is used to safely evaluate programming assignment submissions for a variety of courses and programming languages.

Together, we will trace Coursera’s journey from PHP to the JVM to Docker. This talk will cover aspects of Coursera’s architecture that enables us to rapidly build sophisticated features for our learning platform. Additionally, we will discuss our experience running containers in production; what works, what doesn’t, and why. Finally, we will briefly touch upon container threat models, and how to architect a defense-in-depth strategy to mitigate both known and unknown vulnerabilities.