Cloudflare has recently unveiled Foundations, a groundbreaking Rust library poised to redefine the development of distributed, production-grade systems. Born from the Oxy proxy framework, Foundations has matured into a comprehensive library, designed to demystify the complexities associated with scaling and managing robust services.
Empowering Engineers with Open-Source Solutions
Now hosted on GitHub as an open-source endeavor, Foundations enables engineers to concentrate on the essence of their business logic, freeing them from the intricacies of production operation setups. This transition from a simple local prototype to a sophisticated global service encapsulates the essence of Cloudflare’s innovative journey.
Core Principles Behind Foundations
- High Modularity: Crafted for adaptability, Foundations promotes the integration of its components at a pace that suits individual teams, ensuring a seamless migration for existing services.
- API Ergonomics: With a focus on user-friendly interactions, Foundations harnesses Rust’s procedural macros to deliver an intuitive and thoroughly documented API.
- Simplified Setup and Configuration: Embodying a ‘plug and play’ philosophy, Foundations offers out-of-the-box functionality alongside customizable settings for nuanced adjustments.
Comprehensive Components for Service Needs
- Logging: Enhances operational insight with detailed textual records.
- Tracing: Provides granular timing analyses for pinpointing performance issues.
- Metrics: Supplies vital quantitative data for monitoring service health and performance.
Innovations in Logging, Tracing, and Metrics
Foundations builds on the capabilities of tokio/tracing and slog for logging, introducing a streamlined process for contextual information handling. It simplifies the tracing setup and introduces flexibility in trace sampling, enabling a holistic view of service pipelines through distributed trace stitching.
use foundations::telemetry::metrics::{metrics, Counter, Gauge};
use std::sync::Arc;
#[metrics]
pub(crate) mod http_server {
pub fn active_connections(endpoint_name: &Arc) -> Gauge;
pub fn failed_connections_total(endpoint_name: &Arc) -> Counter;
pub fn requests_total(endpoint_name: &Arc) -> Counter;
pub fn requests_failed_total(endpoint_name: &Arc, status_code: u16) -> Counter;
}
Securing Services with Advanced Features
Foundations enhances security with a robust API for seccomp, facilitating syscall sandboxing to fortify against threats. It simplifies the inclusion of syscalls while allowing for the amalgamation of multiple lists for comprehensive protection.
use foundations::security::common_syscall_allow_lists::{ASYNC, NET_SOCKET_API, SERVICE_BASICS};
use foundations::security::{allow_list, enable_syscall_sandboxing, ViolationAction};
allow_list! {
static ALLOWED = [
..SERVICE_BASICS,
..ASYNC,
..NET_SOCKET_API
]
}
enable_syscall_sandboxing(ViolationAction::KillProcess, &ALLOWED);
A Testament to Cloudflare’s Commitment
Cloudflare’s team attests that Foundations has significantly reduced development friction, showcasing its potential to benefit the wider community. This belief in the transformative power of Foundations is why Cloudflare has chosen to open-source this library, inviting developers to leverage its capabilities for creating efficient, scalable services.
As we delve into the possibilities that Cloudflare Foundations opens up, it’s clear that this library is not just a tool but a milestone in the journey towards more efficient, secure, and scalable service development.
Experts in development, customization, release and production support of mobile and desktop applications and games. Offering a well-balanced blend of technology skills, domain knowledge, hands-on experience, effective methodology, and passion for IT.
