Zeroserve: A zero-config web server you can script with eBPF
4 hours ago
- #ebpf
- #webserver
- #performance
- Zeroserve is a fast, zero-config HTTPS server that serves websites from a single tarball with HTTP/2 and TLS 1.3 support.
- It uses eBPF programs as middleware for tasks like authentication, rate limiting, and reverse proxying, all running in userspace with JIT compilation and sandboxing.
- The server leverages io_uring for all network and disk I/O, operating as a single-threaded event loop for efficiency.
- Deployment involves replacing the tarball and sending a SIGHUP for atomic reloads without dropping connections.
- Scripts written in C are compiled to eBPF and can manipulate requests, handle dynamic responses, and integrate features like OIDC login and AWS SigV4.
- Benchmarks show zeroserve outperforming nginx and Caddy in serving small static files and handling reverse proxy tasks for small responses.
- For large files or proxying large responses, nginx may be more efficient, but zeroserve excels in small-file and scripting scenarios.
- Memory usage is moderate, with idle instances around 15 MB PSS, and multiple processes share binary pages to minimize overhead.