Cloudflare Open sources Pingora (NGINX replacement)
Vložit
- čas přidán 16. 05. 2024
- Cloudflare has announced they are open sourcing Pingora as a networking framework! This is their in-house Rust proxy they built few years ago to replace NGINX
This is kind of Big news for few reasons, let us discuss
blog.cloudflare.com/pingora-o...
0:00 Intro
0:30 Reasons why Cloudflare built Pingora?
3:00 It is a framework!
7:30 What in Pingora?
11:50 Security in Pingora
13:45 Multi-threading in Pingora
21:00 Customization vs Configuration
25:00 Summary
Discovering Backend Bottlenecks: Unlocking Peak Performance
performance.husseinnasser.com
Fundamentals of Backend Engineering Design patterns udemy course (link redirects to udemy with coupon)
backend.husseinnasser.com
Fundamentals of Networking for Effective Backends udemy course (link redirects to udemy with coupon)
network.husseinnasser.com
Fundamentals of Database Engineering udemy course (link redirects to udemy with coupon)
database.husseinnasser.com
Follow me on Medium
/ membership
Introduction to NGINX (link redirects to udemy with coupon)
nginx.husseinnasser.com
Python on the Backend (link redirects to udemy with coupon)
python.husseinnasser.com
Become a Member on CZcams
/ @hnasr
Buy me a coffee if you liked this
www.buymeacoffee.com/hnasr
Arabic Software Engineering Channel
/ @husseinnasser
🔥 Members Only Content
• Members-only videos
🏭 Backend Engineering Videos in Order
backend.husseinnasser.com
💾 Database Engineering Videos
• Database Engineering
🎙️Listen to the Backend Engineering Podcast
husseinnasser.com/podcast
Gears and tools used on the Channel (affiliates)
🖼️ Slides and Thumbnail Design
Canva
partner.canva.com/c/2766475/6...
Stay Awesome,
Hussein - Věda a technologie
Backend fundamentals udemy course backend.win
All your courses are actually good refresher of the knowledge I got from videos on this channel plus I get them all consolidated sequentially 👍
"everybody will IMMEDIENTLY move to rust" you first!
AWS ready to copy it and release a new service 😂
😅 oh god didn’t think of that, hopefully the license limits that abuse
😂😅
@@hnasr Its Apache License 2.0 so here comes Elastic Pingora
That's how tech works you know 😂😂😂
@ldm8146😂
I've been learning Rust since the end of 2022 and I'm enjoying it a lot. It has some really nice design choices. I think you will like it!
Great to open source it. It’s a win win for all. But they get great support from the community with features that are actually useful and needed along with great pool of developers to maintain and keep contributing and most importantly adoption by everyone else.
pingora is the web components of load balancers now its extremely flexible and will allow engineers to finally make customized http proxy. The future of the web is really looking like its gonna be built with Rust.
But couldn't engineers always just implement a HTTP proxy which fits their exact requirements?
@@marksmith2540 no you are at the mercy of companies like Nginx alot of companies use commercial licenses for this kind of stuff
@@marksmith2540Assembling is easier than developing from scratch.
The prediction of a 'basic pingora' is so on point, that was the first thing I thought when I noticed the use of 'framework'
I probably don't need this, just like to listen this guy explaining things.
They already announced a new reverse proxy called River based on Pingora.
With the intention to add WASM support, that's also a way to not have to do much configuration.
6:49 Loved it when your inner anime soul came out lol
😂😂😂that caught me by surprise too
super amazing; sadly we starting migrating to envoy 1 year ago; I'd love to get more insights/benchmark comparing this two!
the extensability in envoy via WASM is nice; but sometimes a bit too non-transparent.
You really ought to try some multi-threaded code in rust, with mutexes and the like. I found it significantly easier to write that kind of code compared to the C equivalent.
Compared to advantages over nginx, I think cloudflare is ready to patch all undiscovered glitches of new system..
it is going to be a year or two or just stabilization.
Love Rust
Yes sir!!
What I'm seeing this being used for are cloud services that would create web-based configuration UI to configure your own proxy and the service would then build it and host it exactly the way you want.
Something else to know about nginx process model, nginx had to add an eBPF program to make sure their SO_REUSEPORT for QUIC would perform well.
Might be an interesting topic.
24:00 this seems likely, i was thinking the same, it all depends on what people want/need and if they are already covered by what exists right now.
But first we will see an explosion in specialized proxies based on this.
24:54 their are many HTTP-frameworks/libraries and some of them for example, I think some Python libraries, also support proxying.
This is interesting. I can see me using it for some network services but it’s a bit low level for a web framework I think
It would be interesting to see if someone builds a fully formed API Gateway project on this, perhaps APISix?
I haven’t done much with rust or nodejs, but this makes me wonder if a rust interpreter or transpiler for js could be connected with these apis to make a very performant nodejs server replacement
"basic pangora" was actually announced in the "Open source, present and future" section
This seems similar to netty and little toolkit known as vertx in the Java world. Although rust seems a nice language to implement such a thing mainly because of the guardrails imposed by the language in memory management and a lack of gc which may of may be not an issue with Java.
What are some of your suggestions for opensource repositories to contribute to , for beginners???
My two cents. Rust doesn't exactly auto solve the mutex / semaphore problem. But the compiler doesn't allow you to access that connection/ memory unless you deal with these. As long as you can prove to the compiler that only one thread will be accessing the connection at any point in time, It'll allow you to compile. In other words, if compiler is allowing you to do it, it's most likely safe to do so.
Masallah 3alek :)
Oh boy, Rust is taking over the world 😂
The problem is there is no job for rust developers,
@@Noor-kq4rr not for noobs
Yeah right. In youtube comments :)
I am fan of C/C++/Java syntax for decade,
It's difficult to me to read the Rust syntax, it is really hard.
22:30
According to my simple knowledge, Suckless tools work in this way. There are no configuration files. You customize the code in the way you want and with the features you want.
If you do not want this feature, then it does not exist in reality for you.
Isn't this more of a replacement for HAProxy?
I think, that was possible because that rust's powerful macro system. You can do wild pre-compiled that way.
Sure, proc macros make some wild stuff possible, but even then they are unfortunately pure dumpster fire compared to the C++ compile time facilities.
Same, terrible debugging experience minus type information = even more awful to work with.
Someone please explain to me. Nginx does all that and is also open source. Then whats the difference between this and nginx (apart of the process vs thread thing)
more fine grained control on the proxy
Nothing for average user, it's mainly for high performance outputs. For most users even apache with mpm is more than enough.
There's barely any difference. And it probably won't do any.
Nginx is more than enough for performant server. You will much more likely hit the limits with your backend bottlenecks.
7:28 And, David Mills said, "What's in the box?"
discuss about the at&t outage
*** insert please
Hussein, they didn't open Pandora's Box. They literally opened Pingora's box! 😅
How to use Pingora as web server
You don't use it as a web server. You build a web server using pingora. ;)
@@mad_t omg
is that miyamoto musashi in the back ?
this isn't a NGINX replacement .. it's a rust library. it's not a drop-in replacement for NGINX/apache/caddy/etc...
YARP
"i'll reference the video for reference..." and then forget about adding it to description...
There isn't really a debate at all that Rust is safer than C/C++, Rust forces you to write memory safe code by default, C/C++ does not. As none one can argue with the fact that most vulnerabilities stem form memory safety issues, there can be no debate that Rust forces you to write code, that is at least safer in this aspect.
The only argument that people have against this that they can write perfectly safe code in C, which the majority of people cannot though as evidenced by the memory safety vulnerability stats.
Well isn’t White House asking ppl not to use C/C++, but to use language like rust.
you can read the acttuall code instead of guessing!!!
please learn rust and make videos about rust. Microsoft also advocating rust
rust is super hard to learn.
Pingora hmmm...
Does this guy have a clue what he's even saying?
Instead of bashing C, get better C developers. NGINX was developed in C for performance reasons.
*Why sacrifice efficiency because of developer incompetence.*
nginx sucks, its architecture is crap. If you want to install a module you need to recompile, how dumb is that? Even as proxy sucks, it is slow, there are much better alternatives. It is an old piece of crap.
Next 4 years, Pingora is bad, we recommend another latest fad. Nothing is perfect.