blueboat VS gvisor

Right now it is an exciting time for JavaScript. We just got a new shiny fast runtime Bun, with the last new kid Deno being released only 4 years ago, and we have edge computing/serverless runtimes like Cloudflare worker and Blueboat. With all these hypes for the JavaScript community, I could not help but ask, how come only JavaScript gets all these fancy new runtimes? Why don’t we hear these more often in other languages?

Hello HN! I'm building mvsqlite, a distributed variant of SQLite with MVCC transactions, that runs on FoundationDB. It is a drop-in replacement that just needs an `LD_PRELOAD` for existing applications using SQLite.

I made this because [Blueboat](https://github.com/losfair/blueboat) needs a native SQL interface to persistent data. Apparently, just providing a transactional key-value store isn’t enough - it is more easy and efficient to build complex business logic on an SQL database, and it seems necessary to bring a self-hostable distributed SQL DB onto the platform. Since FoundationDB is Blueboat’s only stateful external dependency, I decided to build the SQL capabilities on top of it.

At its core, mvsqlite’s storage engine, mvstore, is a multi-version page store built on FoundationDB. It addresses the duration and size limits (5 secs, 10 MB) of FDB transactions, by handling multi-versioning itself. Pages are fully versioned, so they are always snapshot-readable in the future. An SQLite transaction fetches the read version during `BEGIN TRANSACTION`, and this version is used as the per-page range scan upper bound in future page read requests.

For writes, pages are first written to a content-addressed store keyed by the page's hash. At commit, hashes of each written page in the SQLite transaction is written to the page index in a single FDB transaction to preserve atomicity. With 8K pages and ~60B per key-value entry in the page index, each SQLite transaction can be as large as 1.3 GB (compared to FDB's native txn size limit of 10 MB).

mvsqlite is not yet "production-ready", since it hasn’t received enough testing, and I may still have a few changes to make to the on-disk format. But please ask here if you have any questions!

This sounds quite a bit like Cloudflare Workers, and they have a comparison page - https://github.com/losfair/blueboat/wiki/Comparison-with-Clo....

Blueboat may be what you’re looking for

https://github.com/losfair/blueboat

> If one writes Go or Rust, there are much better ways to run them than targeting WASM

wasm has its place, especially for contained workloads that can be wrapped in its strict capability boundaries (think, file-encoding jobs that shouldn't access anything else but said files: https://news.ycombinator.com/item?id=29112713).

> Containers are still the defacto standard.

wasmedge [0], atmo [1], krustlet [2], blueboat [3] and numerous other projects are turning up the heat [4]!

[0] https://github.com/WasmEdge/WasmEdge

[1] https://github.com/suborbital/atmo

[2] https://github.com/krustlet/krustlet

[3] https://github.com/losfair/blueboat

[4] https://news.ycombinator.com/item?id=30155295

https://github.com/losfair/rusty-workers

They're not perfectly isolated to a high security standard such that you could deploy your own v8 workers SaaS. And they do have quirks and development woes. I haven't tested in production but if it's just your trusted apps wanting to exceed the cloudflare workers 30 scripts limit then both are wonderfully powerful solutions to put behind a https proxy.

An analogous project from Google with similar use cases is gvisor, which IIRC underlies Cloud Run: https://gvisor.dev/

Yeah, runtimeClass lets you specify which CRI plugin you want based on what you have available. Here's an example from the containerd documentation - you could have one node that can run containers under standard runc, gvisor, kata containers, or WASM. Without runtimeClass, you'd need either some form of custom solution or four differently configured nodes to run those different runtimes. That's how krustlet did it - you'd have kubelet/containerd nodes and krustlet/wasm nodes, and could only run the appropriate workload on each node type.

It all depends on your use-case and expectations. You should definitely check out gvisor. It creates a userpace isolated kernels for every container, thus making it sandboxed. The workloads then still run inside a container, not a stripped down OCI compatible VM as in kata.

The Linux kernel has a huge attack surface, and privilege escalation vulnerabilities abound. This is why https://gvisor.dev/ exists - it's a memory-safe proxy for Linux syscalls. This is also why Chrome OS runs its Linux environment in a custom hypervisor written in Rust instead of containers.

I can chime in with some optimizations (linux).

For normal UDP sockets UDP_GRO and UDP_SEGMENT can be faster than sendmmsg/recvmmsg.

In Gvisor they decided that read/write from tun is slow so they did PACKET_MMAP on raw socket instead. AFAIU they just ignore tap device and run a raw socket on it. Dumping packet from raw socket has faster interface than the device itself.

https://github.com/google/gvisor/blob/master/pkg/tcpip/link/...

You mean "all I could find was Kubernetes, Docker, TerraForm infrastructure as code language, Istio service mesh, gVisor security layer, Prometheus metrics service, Argo CD..." Oh, and almost every tool on https://landscape.cncf.io/

https://github.com/google/gvisor :

> gVisor is an application kernel, written in Go, that implements a substantial portion of the Linux system surface. It includes an Open Container Initiative (OCI) runtime called runsc that provides an isolation boundary between the application and the host kernel.

Have Gvisor and Kata containers for kernel isolation.

gVisor: Secure container runtime 🔗Link