undefined | Better HN

0 pointsmholt5y ago0 comments

It is a great choice for a general purpose proxy. (That's kind of the point.)

0 comments

4 comments · 1 top-level

atonse5y ago· 3 in thread

But they mentioned that they wanted to use C++ instead of go to get even that extra performance out.

I use Caddy a lot and it's perfectly fine for my scale, but at dropbox's scale, maybe go wouldn't be enough for the ingress part?

mholtOP5y ago

I just lament the increasing deployments of programs written in memory-unsafe languages to the edge, in general.

I am more curious what makes the author think Caddy "might not be the best choice for a general purpose ingress/egress proxy" (there were no other qualifications to that statement, but no evidence to support it either).

mperham5y ago

Yeah, to its credit, the article brought it up but then kinda hand waved away "envoy had many more security issues than nginx". Having a huge load of C library dependencies in a user-facing service seems like a bug these days.

Part of reducing dependencies in my own software was a conscious decision to minimize future CVE exposure.

DarkWiiPlayer5y ago

> C++ instead of go to get even that extra performance out

Might as well use C then (with some hand-written asm sprinkled in where the compiler gets confused and doesn't see an obvious optimization) for that. And I'm not even being sarcastic here (I wish I was though)

j / k navigate · click thread line to collapse