Using Rust to Improve Dynamic Language PerformancePermalink

Kirill Fedorov:

In this article I’ll discuss different strategies for incrementally adding Rust into a server written in another language, such as JavaScript, Python, Java, Go, PHP, Ruby, etc.

I think all of the strategies are good, but Tier 3 stands out as being the best bang for the buck. If you can use an off-the-shelf binding generator library then writing a native function in Rust is super easy and it can have a profound effect on performance.

This is an interesting case study to read alongside Nolan Lawson’s recent post: Why I’m skeptical of rewriting JavaScript tools in “faster” languages:

One reason for my skepticism is that I just don’t think we’ve exhausted all the possibilities of making JavaScript tools faster. Marvin Hagemeister has done an excellent job of demonstrating this, by showing how much low-hanging fruit there is in ESLint, Tailwind, etc.

In the browser world, JavaScript has proven itself to be “fast enough” for most workloads. Sure, WebAssembly exists, but I think it’s fair to say that it’s mostly used for niche, CPU-intensive tasks rather than for building a whole website. So why are JavaScript-based CLI tools rushing to throw JavaScript away?

Now I will admit the posts are talking about different applications: CLI tools vs. web servers but they both consider performance. In Kirill’s post the Rust rewrite has 4.93× the request throughput, which I think supports Nolan’s thesis. However, the Rust version does it using 13 MB of RAM compared to 1.35 GB for the node.js version!

Optimisations Make Wasm Compilation 75× Faster in FirefoxPermalink

Jan de Mooij writing on the SpiderMonkey blog:

In September, machine learning engineers at Mozilla filed a bug report indicating that Firefox was consuming excessive memory and CPU resources while running Microsoft’s ONNX Runtime (a machine learning library) compiled to WebAssembly.

The issue with the ONNX module was that the Ion compiler backend took a long time and used a lot of memory to compile it. On my Linux x64 machine, Ion-compiling this module took about 5 minutes and used more than 4 GB of memory.

With these changes, Ion can compile the ONNX Wasm module in less than 3.9 seconds on my machine, more than 75x faster than before these changes.

I find it satisfying reading about optimisations like this. The same end-state is achieved, but in vastly less time and space—it feels like magic.

Cloudflare Details Trie Structure to Optimise Header SanitationPermalink

Kevin Guthrie writing on the Cloudflare blog:

This small and pleasantly-readable function consumes more than 1.7% of pingora-origin’s total cpu time. To put that in perspective, the total cpu time consumed by pingora-origin is 40,000 compute-seconds per second. You can think of this as 40,000 saturated CPU cores fully dedicated to running pingora-origin. Of those 40,000, 1.7% (680) are only dedicated to evaluating clear_internal_headers. The function’s heavy usage and simplicity make it seem like a great place to start optimizing.

The scale of Cloudflare’s operation is staggering when put in terms like this.

River Reverse ProxyPermalink

Josh Aas writing on the Prossimo blog:

The River reverse proxy recently has come a long way since we announced the project in February.

River is a project of Prossimo, itself a project of the Internet Security Research Group (ISRG) project. ISRG are the folks behind Let’s Encrypt. The River reverse proxy is implemented in Rust.

Just about every significantly-sized deployment on the Internet makes use of reverse proxy software, and the most commonly deployed reverse proxy software is not memory safe. This means that most deployments have millions of lines of C and C++ handling incoming traffic at the edges of their networks, a risk that needs to be addressed if we are to have greater confidence in the security of the Internet.

Our own goal is to have River ready to replace Nginx and other reverse proxy software used by Let’s Encrypt within the next year, and we encourage other organizations to start considering where they might start to improve the security of their networks with memory safe proxy software.

That would constitute quite a significant production deployment for the project.

The Static Site ParadoxPermalink

Loris Cro:

In front of you are two personal websites, each used as a blog and to display basic contact info of the owner:

  1. One is a complex CMS written in PHP that requires a web server, multiple workers, a Redis cache, and a SQL database. The site also has a big frontend component that loads as a Single Page Application and then performs navigation by requesting the content in JSON form, which then gets “rehydrated” client-side.
  2. The other is a collection of static HTML files and one or two CSS files. No JavaScript anywhere.

If you didn’t know any better, you would expect almost all normal users to have [2] and professional engineers to have something like [1], but it’s actually the inverse: only few professional software engineers can “afford” to have the second option as their personal website, and almost all normal users are stuck with overcomplicated solutions.

For №2 to be successful for “normal” users I think there needs to be an approachable UI to be able to make changes on the fly… and the implementation gets complicated quickly if you’re doing it on the website itself.

The funny thing is that we we had such a thing in the early days of the web: native apps for authoring a website and uploading it, such as Frontpage, Dreamweaver, or Netscape Composer. It’s strange that these seem to have fallen out of favour now.