Cloudflare has recently unveiled Foundations, a groundbreaking Rust library poised to redefine the development of distributed, production-grade systems. Born from the Oxy proxy framework, Foundations has matured into a comprehensive library, designed to demystify the complexities associated with scaling and managing robust services.
Now hosted on GitHub as an open-source endeavor, Foundations enables engineers to concentrate on the essence of their business logic, freeing them from the intricacies of production operation setups. This transition from a simple local prototype to a sophisticated global service encapsulates the essence of Cloudflare’s innovative journey.
Foundations builds on the capabilities of tokio/tracing and slog for logging, introducing a streamlined process for contextual information handling. It simplifies the tracing setup and introduces flexibility in trace sampling, enabling a holistic view of service pipelines through distributed trace stitching.
use foundations::telemetry::metrics::{metrics, Counter, Gauge};
use std::sync::Arc;
#[metrics]
pub(crate) mod http_server {
pub fn active_connections(endpoint_name: &Arc) -> Gauge;
pub fn failed_connections_total(endpoint_name: &Arc) -> Counter;
pub fn requests_total(endpoint_name: &Arc) -> Counter;
pub fn requests_failed_total(endpoint_name: &Arc, status_code: u16) -> Counter;
}
Foundations enhances security with a robust API for seccomp, facilitating syscall sandboxing to fortify against threats. It simplifies the inclusion of syscalls while allowing for the amalgamation of multiple lists for comprehensive protection.
use foundations::security::common_syscall_allow_lists::{ASYNC, NET_SOCKET_API, SERVICE_BASICS};
use foundations::security::{allow_list, enable_syscall_sandboxing, ViolationAction};
allow_list! {
static ALLOWED = [
..SERVICE_BASICS,
..ASYNC,
..NET_SOCKET_API
]
}
enable_syscall_sandboxing(ViolationAction::KillProcess, &ALLOWED);
Cloudflare’s team attests that Foundations has significantly reduced development friction, showcasing its potential to benefit the wider community. This belief in the transformative power of Foundations is why Cloudflare has chosen to open-source this library, inviting developers to leverage its capabilities for creating efficient, scalable services.
As we delve into the possibilities that Cloudflare Foundations opens up, it’s clear that this library is not just a tool but a milestone in the journey towards more efficient, secure, and scalable service development.