Rust and Kubernetes in the Safety Boat
The popular open-source container management tool Kubernetes is used to run WebAssembly modules, and our team at DeisLabs recently released a new piece of software called Krustlet. Kubernetes, which is primarily written in the Go programming language, is widely used to run cloud software across numerous vendors and businesses.
You do n’t frequently hear tales of cloud software or Kubernetes software being written in Rust, despite the fact that there are many stories about using it for systems-level programming. We therefore wanted to justify our decision.
WASM a person?
Let’s start with some crucial context first. WASM, also known as WebAssembly, was initially created to run in browsers. Any browser can download and run the compiled binary known as WASM.
This is currently utilized in many popular web applications and enables the execution of performant applications inside of a browser. Recent research has made it possible to run compiled WASM binaries ( also known as modules ) on any system.
One of the few languages that supports native builds for these binaries is Rust. As a result, we can integrate WASM modules into our projects because many of the projects that run them are also written in Rust. One of the main reasons we chose Rust was because of this.
Security and safety
Rust’s robust safety and security assurances were another factor in our decision. We began by berating Rust’s borrow checker, which statistically enforces many of its safety guarantees, and occasionally fought with it for hours.
However, as we began to understand how to code things better, we became aware of the numerous flaws and issues the compiler had been preventing. We avoided exposing potential null pointers, thread safety concerns, and other unnoticed bugs as a result. We spent about a month learning everything.
We wasted a lot of time learning how borrows operated during the first week or so. We returned to 50 % efficiency after about 2 weeks, which was higher than when we were writing in Go.
After a month, we were all content enough to resume writing as much code as we could at our previous level of efficiency. We did, however, notice that we were more productive because we did n’t have to manually check for things like null pointers or debug as many issues ( I’ll go into more detail about that below ).
Sometimes a case is more difficult for us to solve than it would be with other languages. However, as time passes and we gain experience, this happens less frequently.
The Rust compiler’s defense against various concurrency bugs is a concrete illustration of this. Krautlet is in charge of paralleling an arbitrary number of WASM modules.
The borrow checker discovered instances where we passed a data structure between threads while writing the code to manage the running modules, which could have led to unsafe or concurrent data access issues. Additionally, it prevented us from using objects that earlier sections of the code might have already accessed.
The pain we have avoided due to the strict rules of the Rust compiler is incalculable, even though we occasionally miss having a garbage collector so we do n’t have to worry about cloning, borrowing, ownership, etc. In Helm, another Kubernetes-related project we maintain that has been around for at least a year and passed the race checker for Go, we noticed an important race condition last week. Helm was written in Go. The Rust compiler would never have missed that error, preventing the bug from ever occurring.
We have a lot of confidence in the code we are writing because of the extensive customization ( at least in Kubernetes ) with custom data types and the distributed nature of cloud computing. Although it does n’t completely eliminate bugs, it does assist us in avoiding many of the common concurrency ones right away.
Additionally, for projects that need to handle multiple custom data types in similar ways, having a robust type system that still enables extensibility ( in the form of traits, which the Rust docs define as the capacity” to define shared behavior in an abstract way” and bind generic parameters to that behavior ) is incredibly useful and flexible.
In other words, Rust’s adaptability, safety, and security outweigh any drawbacks, such as the lack of a garbage collector or the need to adhere to stringent compiler rules regarding lifetime and borrowing. These features will help cloud software projects avoid many common bugs and are a much-needed addition.
Things to be on the lookout for
Rust is n’t perfect just because we adore so many aspects of it. As you decide whether to use Rust for a new cloud software project, we also learned about some drawbacks that we think are crucial to note.
The fact that async runtimes are still a little hazy is one of the biggest ones to draw attention to. There are currently two options available, each of which has drawbacks and issues of its own.
Additionally, many implementation-related details are dependent on particular runtimes, so if you have a dependency that prefers one over another, you’ll frequently be forced to use it. Rust’s async story has advanced significantly over the past year, but some problems are still being resolved.
The learning curve is another thing to be on the lookout for. Before the learning curve flattens out, it takes several weeks of arduous effort to learn how to code correctly in Rust.
The aforementioned safety features, however, make up for the initial hard work in dividends. We also observed that once developers move past the initial hurdle, they can contribute to coding with the same ease as any other language. Just be prepared for some discomfort at first.
There is no reason why you should n’t at least think about using Rust for your upcoming project if you are prepared to address these current issues. Although every language has drawbacks, we believe that the advantages outweigh them all.
Conclusion
For cloud-based software, Rust has a promising future. We intend to keep using it for any of our projects where it would be beneficial in the near future. We highly recommend Rust as a choice for your upcoming cloud software project given the features it offers, despite the fact that it lacks some well-known features ( like garbage collection ).
Taylor Thomas, senior software engineer at Azure’s DeisLabs
Why use Rust to program saRust is being used to create the Azure IoT Edge Security Daemon.(Opens in a new browser tab)Having worked as an intern and# 039 with Rust(Opens in a new browser tab)creating a Rust COM library(Opens in a new browser tab)