This is very interesting. I hope someone write an indepth review regarding features and performance, compared to the competition.
I wonder why they went with openssl instead of rustls, it is not like OpenSSL have the best security reputation.
My guess is that the relevant keyword for the choice of OpenSSL is FIPS. Rusttls doesn’t (or at least didn’t) have that certification, which matters if you are dealing with US government (directly or indirectly). I believe there is an alternative backend (instead of ring) these days that does have FIPS though.
NGINX is purely in C, which is not memory safe by design. It is very error-prone to work with such a 3rd party code base. It is quite easy to get into memory safety issues, even for experienced engineers, and we wanted to avoid these as much as possible.
[…]
Since Pingora’s inception we’ve served a few hundred trillion requests and have yet to crash due to our service code.
In fact, Pingora crashes are so rare we usually find unrelated issues when we do encounter one. Recently we discovered a kernel bug soon after our service started crashing.
I didn’t develop Rust nor the service, but I can’t help but feel smug when reading that. RIR is quite valuable
This is very interesting. I hope someone write an indepth review regarding features and performance, compared to the competition. I wonder why they went with openssl instead of rustls, it is not like OpenSSL have the best security reputation.
My guess is that the relevant keyword for the choice of OpenSSL is FIPS. Rusttls doesn’t (or at least didn’t) have that certification, which matters if you are dealing with US government (directly or indirectly). I believe there is an alternative backend (instead of ring) these days that does have FIPS though.
The article on how they built Pingora is a good read too.
I didn’t develop Rust nor the service, but I can’t help but feel smug when reading that. RIR is quite valuable
CC BY-NC-SA 4.0