Cloudflare published the release of Pingora 0.4, a framework designed to develop secure high-performance network services in Rust. Pingora has been used in the CloudFlare content delivery network for over two years, replacing Nginx and handling more than 40 million requests per second. The code is written in Rust and published under the Apache 2.0 license.
The main features of Pingora include:
- Support for HTTP/1 and HTTP/2, with plans for HTTP/3 support, as well as creating services using the protocols of UDP/TCP.
- Support for multi-flow processing of requests in asynchronous mode.
- Ability to attach callback processors and filters to control different stages of request processing.
- GRPC and WebSocket support.
- Connected load balancers.
- Ability to change configuration without restarting.
- Support for updating application code without breaking connections.
- Failover capability to switch load in case of failure.
- Integration with various monitoring and logging systems.
- Support for TLS shifting.
- Ready-made Rust packets for various network functions.
Among the changes in the new version:
- Initial support for the cryptographic library rustls using crypto providers like AWS-LC-RS and Ring based on BoringSSL.
- Experimental support for Windows.
- Introduction of fictitious TLS for situations where real TLS implementation is not possible.
- Added support for GRPC-WEB module for handling customer requests.
- Ability to process h2c connections and http/1 on a single network port.
- Custom implementation of the Connect() function for behavior modification during network connections.
- Option to ignore informational responses while proxying.
- Support for unpacking GZIP compressed responses.
- Implementation of backet state for monitoring.
- Ability to bind to a range of local ports.
/Reports, release notes, official announcements.