KUBECON PARIS: The Rustvolution
And why Rust is the Future of Cloud Native. This talk by Flynn from Bouyant really stood out to me. Not only is Flynn an excellent and understandable speaker, the talk itself was easy to follow and contains multiple examples using Go and Rust. I would categorise this talk as an intro lesson into Rust and memory safety. It had a lot of similarities with the very first Rust lesson I had back in university, so nothing in this talk was very new to me but it really illustrates why Rust can be useful not only Cloud Native software but also everywhere else.
THE PROBLEM
What creates memory issues in programming today? Pointers, or as Flynn calls them `The root of all evil`. While pointers by themselves might not be that dangerous, languages like C and C++ allow pointer arithmetic. Which can cause all sorts of memory issues. Pointer arithmetic can be very useful, for example in kernel programming. But it lets the program(mer) “scribble” all over memory (Stack, variables, memory-management metadata, executable code, …). As a result, it is possible to create memory vulnerabilities.
“We will make every mistake that the language allows us to make”
THE SOLUTION
OWNERSHIP
Who is responsible for a given datum? Who gets to manipulate it?
Ownership is implicit in all cloud-native languages. Rust makes ownership explicit and it is checked at compile time. Each value must be attached to its owner (variable) and must have exactly one owner. Values can be moved between different owners through assignment or function parameters. If ownership must not be moved than you can use references.
LIFETIMES
Lifetimes are implicit in most languages but are explicit in Rust. Problems with lifetimes are usually solved by using a Garbage collector. Rust on the other hand refuses to compile if a reference points to data that has exceeded its lifetime. It is possible to specify static lifetimes or pass lifetimes from one value to another so they cannot outlive one another. This allows Rust to remove garbage collection and NULL pointers (which can’t be checked statically).
Both of these improvements make Rust faster and safer. Also, most of the hard work is done during compile time.
Flynn states the following axioms of safety:
- Static checks are safer than runtime checks
- In order to code freely and easily, you must first give up pointers
- Making things explicit is harder up front, but pays off for the rest of your (code’s) life
- Making lifetimes explicit lets you get rid of pointers and the garbage collector