Actually, in my experience, Rust is one of the best languages for ease of deployment (for much the same reason as Go). Rust/Cargo produces self-contained statically linked binaries. Rust/Cargo also has a real nice cross-compiling story. Often my deployment will be to build the binary and then basically scp the binary and supporting files (such as html/config) to the target. You don't really need Docker.
I wrote a quick blog post in the past describing what the parent comment is talking about.
https://logankeenan.com/posts/deploy-your-rust-project-to-an...
When Rust deployment gets hairy, it is typically the fault of non-Rust-dependencies.
[0] I’m ideally hoping for a framework which ticks the same boxes that Go’s `net/http` was ticking in 2016: https://blog.cloudflare.com/exposing-go-on-the-internet/
Or at least I can say - I’ve not experienced issues doing this in an app serving 100m in a day. YMMV etc.
https://spacedimp.com/blog/using-rust-axum-postgresql-and-to...
Not blaming anyone - the maintainers don't owe us anything - it just wouldn't be my crate of choice if I was starting today. If any of the maintainers read this, shoot me a message because I'd love to help out and get the ball rolling again on tide.
I know of more than a few projects that have looked into just dropping support for it entirely.
- axum: 100k installs/day
- warp: 25k installs/day
- actix: 15k installs/day
- rocket: 7k installs/day
- tide: 1k installs/day
(For comparison, hyper - the HTTP library that most web frameworks use under the hood - is at 200k/day, many of which are using it for client rather than server functions. So unless there is another not-hyper-based framework out there, then I’d be moderately confident guessing that axum has >50% of the server market)
Rocket seemed to gain popularity for a bit but then there was some drama with the maintainer disappearing / not releasing 0.5 for a long time.
Meanwhile, quietly, the guys who did tokio (the most popular async runtime) released axum, which is compatible with tower middlewares. So they had tons of features pretty early.
I switched from actix to axum around 0.4 and updates have been very sensible and kept improving the DX.
Nowadays Axum is at the top for downloads number: https://www.arewewebyet.org/topics/frameworks/
There was like 3 uses of “unsafe” and the developer was being systematically attacked and harassed by the rust community for months.
It wasn’t “a bit”, nor would I call it “the usual”. The rust subreddit and discord literally organized brigading and harassment campaigns against the dude.
But for a lot of usecases this model is faster than Axum work stealing. I am not a super huge fan of hyper (on which Axum is based), I salute the work (it is impressive) but it is very clunky to use, the code is hard to read and usage is super opiniated.
Alternatively, Axum is built by the same people that made tokio, is work-stealing multi-threaded, and the Websocket code is async be default. It is just overall a better library.
They're probably both fine choices, I chose Axum because the middleware architecture was easier to grok and at the time I felt that staying under the tokio umbrella would be safer long term.
Why would you want to restart a service frequently?
- Flush incorrect state
- Reset memory leaks
- ...others reasons?
Rust's immutable-by-default semantics makes it harder (but not impossible) to end up where your long-running process'es state is incorrect.
You can still mark everything as `&mut` and litter the code with ref-counts. I've seen a lot of this "removing the safety rails because it's more convenient" among C/C++ developers who were forced into using Rust.
I think a bigger attack vector for anything dynamic, including a type-safe, memory-safe Axum back-end service, is denial-of-service because requests take too long to process. Application development is always vulnerable for being feature-driven: features sure do like resources! A service doesn't need bugs to get killed efficiently. It just needs to get slow over time.
As mentioned in the original comment - I haven’t found a web framework which supports timeouts for idle TCP connections (they all seem to be built on top of Hyper, which doesn’t support them). And so even tweaking kernel parameters to bump up the connection limit to a few hundred thousand (any higher than that and I start hitting a different set of problems), and only having a few thousand actually active connections, my app still runs out of sockets and hangs after a few hours.
It is true that jemalloc is much better than the standard malloc, but it still suffers from memory fragmentation, although typically a program can run for much longer with it.
> It’s the operating system’s job to manage fragmentation in the allocator, right?
No, not really. The operating system does nothing with the memory space of the process, other than providing syscalls for giving the process more pages.
> Wouldn’t this be a criticism of any long-running program which uses dynamic allocation, not only Rust?
What some thicker runtimes such as JVM do is that 1) they track all pointers present in the data used by the program and do not allow programs to cast them to raw integers (or back); 2) they can defragment the heap by moving the memory chunks around to fill in the gaps and at the same time they rewrite all pointers that point to moved chunks so that they still point to the same data.