I was helping out a consumer of Have I been pwned? (HIBP) earlier today as they were trying to build up a profile of the pwnage state of their client base. This mean firing a heap of requests at the API so that they could assess a very large number of accounts. I’m always interested in how far this service can be stretched and indeed what the thresholds are before Azure starts applying auto-scale magic.
First up, keep in mind that each request to the API is searching through 175 million records in Azure Table Storage. You can read about the story of HIBP for background on why I chose this data structure but one of the key reasons is scale – it’s massive!
Anyway, here’s what I started seeing early this morning courtesy of New Relic: