Hacker News new | past | comments | ask | show | jobs | submit login

I am really hoping that someone builds an isolates based faas runtime. I think CloudFlare talked about open sourcing their stuff.

I have 3 products where I’d allow client code to run once we can make that happen.




Is the appeal of isolates in this case the cold start time or the isolation? We're working on some open source infrastructure for running sandboxed (gVisor) containers on the fly from web services[1], and one of the use cases people have is serving Jupyter notebooks which seems like it might resemble your use case?

[1] https://github.com/drifting-in-space/spawner/


It’s the isolation and sandboxing. So in a sense deno is appealing because you can whitelist functionality.

Say things like custom workflow logic or custom data transformations. They might require an api call.


I’m currently building a FaaS runtime using v8 isolates, which I hope to open-source soon. That’s actually not that hard since isolates are, isolated from each other.

Performance-wise, it’s also very promising. For a simple hello world, the « cold start » (which is mostly compile time) is around 10ms, and on subsequent requests it runs in 1ms.


It doesn’t worry you that the v8 team specifically tells you not to do this?

eta link: https://v8.dev/docs/untrusted-code-mitigations#sandbox-untru...


Can you give a link to this? Cloudflare (Workers) and Deno (Deploy) both uses v8 isolates for their runtimes, with I believe some significant clients running production code (huge clients like Vercel and Supabase use these solutions)

Edit:

> If you execute untrusted JavaScript and WebAssembly code in a separate process from any sensitive data, the potential impact of SSCA is greatly reduced. Through process isolation, SSCA attacks are only able to observe data that is sandboxed inside the same process along with the executing code, and not data from other processes.

I do run isolates in separate processes to prevent security issues, even if that may not be enough. Still an early prototype for now.


I'm talking about this: https://v8.dev/docs/untrusted-code-mitigations#sandbox-untru...

As long as you run each customer in a separate OS-level process, you should be good. But then, that is not much different from Lambda or other FAAS implementations.


For now, each process runs many isolates - but a single server run many processes. Cloudflare have implemented a similar mechanism [1]:

> Workers are distributed among cordons by assigning each worker a level of trust and separating low-trusted workers from those we trust more highly. As one example of this in operation: a customer who signs up for our free plan will not be scheduled in the same process as an enterprise customer. This provides some defense-in-depth in the case a zero-day security vulnerability is found in V8.

[1] https://blog.cloudflare.com/mitigating-spectre-and-other-sec...


Blueboat may be what you’re looking for

https://github.com/losfair/blueboat




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: