Introduction
Previously in this series of posts on microservices, we discussed the features and traits necessary to next-generation applications. As 5G and Edge Computing infrastructure are built out, ultra low-latency and reliable applications and services will become increasingly common, accelerating already high user expectations for performance. In addition, with more people working, shopping, and learning online than ever, strict security measures will be needed to meet compliance requirements and ensure consumer privacy.
As such, serverless providers like Azion have a responsibility to deliver a platform designed to maximize performance, reliability, and security. That’s why Azion has chosen the Rust programming language as the foundation for our core technology, Azion Cells, which is used in Edge Functions and other Azion products. This post will provide an in-depth look at Rust, delving into its features and advantages, and discuss our implementation of Rust in Azion Cells.
Origin
Rust is a systems programming language designed to execute high-performing, reliable, and secure code. It was created by Mozilla programmer Graydon Hoare, who began work on Rust in 2006. In 2009, Mozilla backed Rust as part of the Servo Parallel Browser Project, a long-term initiative to rebuild their browser using safer concurrent technologies than their previous implementation in C++.
Rust’s first pre-alpha release took place in 2012, and its 1.0 stable version was released in 2015. Since then it has gained attention and popularity from the tech community for its reliability, security, and performance. Rust was initially designed as an alternative to C and C++ that could be used in high-performance applications while avoiding the memory issues that often occur while programming in C and C++.
In an interview with InfoQ, Hoare elaborated on his motivation for creating Rust:
A lot of obvious good ideas, known and loved in other languages, haven’t made it into widely-used systems languages, or are deployed in languages that have very poor (unsafe, concurrency-hostile) memory models….I wanted to revive some of their ideas and give them another go, on the theory that circumstances have changed: the internet is highly concurrent and highly security-conscious, so the design-tradeoffs that always favor C and C++ (for example) have been shifting.
Design principles
The official website for Rust refers to Rust as “A language empowering everyone to build reliable and efficient software,” touting its performance, reliability, and tooling. A 2020 blog post from GitLab lists Rust’s key design principles:
- Strictly enforcing safe borrowing of data
- Functions, methods, and closures to operate on data
- Tuples, structs, and enums to aggregate data
- Pattern matching to select and destructure data
- Traits to define behaviour on data
These traits, GitLab explains, essentially create “guardrails” enabling developers who use Rust to “create fast-moving code with few things that slow it down.”
Features
Stack Overflow’s blog touts features of Rust that improve both its speed and safety. It is strongly and statically typed, meaning that typing rules are constrained to ensure correctness and that type is checked at compile time instead of runtime. Its compiler has a borrow checker that allows for backward compatibility that “ensures references do not outlive the data they refer to.” Furthermore, as Mozilla notes in a 2016 video, the same safety checks that prevent memory bugs also catch multithread errors, allowing for safe parallelism and concurrency. Parallelism enables code to be run on multiple cores at once, whereas concurrency allows two or more tasks to run in overlapping time periods—both allowing for faster and more efficient execution.
In addition, it provides zero-cost abstractions, and does not use a garbage collector to manage memory. Finally, unlike C, it is safe by default, meaning that in order to write unsafe code, you have to opt in with a keyword.
- Strong and static typing
- Borrow-checking for backward compatibility
- Safe concurrency and parallelism
- Zero-cost abstractions
- No garbage collection
- Opt-in for unsafe mode
Advantages of Rust
Although Rust was not designed to be a functional programming language, the language allows the benefit of writing programs in a functional style which further enhances code quality and security.
Reliability and security
Perhaps Rust’s biggest advantage is its ability to detect and prevent memory errors. As stated above, Rust is safe by default, meaning that the programming language manages it from beginning to end. As The New Stack explains, “For a given object the proper amount of memory is promised to be allocated — or, reserved — for the object. When accessing this object, it is impossible to accidentally access a memory location that is out of bounds. And when its job is done, the object will automatically be deallocated by the system.” In other words, managing memory does not require the developer to make any calculations and, as a result, does not provide an opportunity to make mistakes and introduce errors.
This is a particularly useful feature, since memory bugs can be difficult to catch and can hang around for years undetected. Eliminating—or better yet, preventing—these bugs is crucial, given the scope of their consequences, which Mozilla describes in a 2019 blog post:
- Crash: terminating unexpectedly due to accessing invalid memory
- Information leakage: exposing non-public data, such as passwords
- Arbitrary code execution (ACE): inadvertently giving attackers the ability to execute arbitrary commands on a target machine; or remote code execution (RCE) when it occurs over a network
In other words, Rust prevents memory errors that not only make a program less reliable, they make it far less secure. As Mozilla puts it, “The best case scenario with most memory errors is that an application will crash harmlessly—this isn’t a good best case. However, the worst case scenario is that an attacker can gain control of the program through the vulnerability (which could lead to further attacks).”
Performance
Despite the potential for security flaws, unsafe code can be used to achieve performance gains—hence its default use in C and C++. And while Rust does have an unsafe mode you can opt into, safe Rust is also designed for speed and resource efficiency. To avoid the errors introduced by manually managing memory, as is the case in C and C++, many languages use a garbage collector to manage memory automatically. However, this safety guardrail comes with a cost. Programs must pause during garbage collection, resulting in intermittent spikes in latency. To avoid this pause, Rust instead uses an ownership model, imposing rules that allow the compiler to manage memory without slowing down runtime performance.
In addition, Rust provides a way to deliver fast execution through safe concurrent and parallel programming. For decades, performance gains from CPUs were steadily increasing, but have now reached a limit where further optimization is no longer possible. In order to speed up processing, tasks must be executed on multiple cores at the same time, requiring either concurrent (overlapping) or parallel (simultaneous) programming. However, this type of multi-thread programming is difficult and can introduce numerous errors which can often go undetected for years, forcing developers to choose between speed and safety—a tradeoff that is not necessary with Rust.
How Rust compares with other languages
Rust was explicitly developed to solve some of the frustrations developers expressed with C and C++, and has been often recognized as improving upon these issues. A widely shared 2015 TechCrunch opinion article from Jon Evans posited Rust as an alternative to C for “getting down to the bare metal and working at mach speed” without introducing “subtle bugs that can turn into gaping security holes.”
Rust has also attracted attention for solving problems of other programming languages. In 2016, Sentry used Rust to make source mapping faster and more resource efficient than it was able to achieve in Python due to Python’s object headers and garbage collection. Similarly, Discord switched to Rust in 2020 to reduce latency spikes that occured during Go’s forced garbage collection and was able to significantly reduce latency and optimize memory and CPU.
As a result of its benefits, Rust has been voted “most loved” language for the past five years on Stack Overflow’s annual developer survey. In addition, it is being used more and more frequently, and for larger projects, breaking into Tiobe’s top 20 list of most popular programming languages this past June. In addition, Microsoft is now adopting it to reduce bugs and security flaws after determining that 70% of all security patches are due to memory-related issues.
Implementing Rust in Azion Cells
AWS Lambda uses Node.js as its engine core, which is written in C/C++ and JavaScript. In contrast, Azion Cells’ engine core is written in Rust, allowing for more reliability and speed. It also enables better performance with fewer resources, since it is able to execute JavaScript without spinning up an entire process. In addition, Azion Cells uses V8 Isolates on top of a multi-tenant environment, which keeps each function isolated and secure without the need for containers, which can further degrade performance with high and unpredictable latency due to cold starts.
Azion Cells are building blocks to Edge Functions, enabling the fast, reliable, and secure execution of serverless functions on our edge network. Azion’s Edge Functions is ideal for modern applications, particularly 5G, Edge Computing, IoT and other emerging data-centric technologies that raise the bar for performance, security, and reliability.
