Can VMs beat containers in performance? • The Applied Go Weekly Newsletter 2024-04-21
Your weekly source of Go news, tips, and projects
What happened last week?
Well, if there is anything I can brag about, I added a dark mode to appliedgo.net. Yay.
This was in the back of my head for a long time, and whenever my computer switched to dark mode in the evening and I browsed websites that don't adapt to dark mode, I was thinking, "boy, I should tackle that now!". And finally, I did.
What else?
Oh, I found out about a way of running Go in unikernel VMs that boot super fast, are lightweight, and provide highest process isolation. I'm still exploring the system. See the Go Tip section below.
And Go bloggers, podcasters, and developers were busy creating new content to read and code to try out!
Let's start with Go performance improvements, type-safe enums, and a source code reading club.
Go performance from version 1.0 to 1.22
Is Go fast? No, Go is faster! Ben Hoyt measured performance for all major Go releases and found (almost) only improvements from release to release. Even when taking benchmarks results with a grain of salt (as you always should), the overall trend is clear. The flattening of the curve indicates that all opportunities to make big performance jumps have been taken advantage of already. (But I am open for positive surprises.)
Go performance from version 1.0 to 1.22
Type-safe enums in Go using generics
An enum implementation that is easy at the logical level and easy to the eye. Replacing the struct{} in the enum list with a custom type, e.g. type MyEnum struct{}, adds some eye candy.
Type-safe enums in Go using generics
Anyone interested in a Go open-source-project-reading club?
Gopher and Redditor /u/vsupalov started a Go Open-Source Reading Club. If you are interested in studying Go projects together, you can join their Discord server.
Anyone interested in a Go open-source-project-reading club?
Podcast corner
Cup o' Go
What if you had a declarative data language where you could specify the data schema in the language itself? Meet CUE, and listen to the interview with Paul Jolly, hacker at cuelang.org (that's how he describes himself). (The interview starts at 24:55.)
Cup o' Go | 🍪 Who stole the cookie from the cookie jar? Plus Paul Jolly talks about CUE
Go Time
Setting up a secure local environment always includes securing HTTP connections with TLS security. But properly setting up TLS certificates for servers and clients is not ease. The two guests on this episode, Ben Burkert and Chris Stolt explain how systems like lcl.host help reduce the complexity of setting up local HTTPS.
Local cert management for mere mortals with Ben Burkert & Chris Stolt from Anchor (Go Time #312)
go podcast()
Encore is a development platform focusing on building event-driven and distributed applications in Go. André Eriksson, software engineer and the founder of Encore, is the guest of this week's go podcast() episode.
go podcast() | 035: Going deeper into Encore with its founder André Eriksson
Go Tip: Run Go apps securely and efficiently with Unikraft
Containers are great for deploying apps, aren't they? A containerized app comes with its own environment — system libraries, helper tools, and whatnot — to run everywhere in a reproducible fashion. Say goodbye to but-it-works-on-my-machine apps. What about security? Containerized apps are isolated from each other... welllll, sort of. They still share the same OS kernel and other OS resources, only separated by a handful of kernel namespaces (and a chroot).
If you want to have more isolation, you need to run your app inside a complete virtual machine (VM) that provides a dedicated kernel to the apps it runs. VMs, however, are quite bulky compared to containers, as they come with a full OS, including a kernel, that they must boot in order to run apps. Spawning a resource-hungry VM only for running a modest Go app seems overkill.
If you want both security and lightness... you can actually have it! Unikernels are super lightweight virtual machines featuring a radically trimmed down kernel that's tailored for running a single application. Even the separation between kernel and user address space is removed, for much faster execution. Isolation from other processes happens entirely through hardware primitives, which is much more secure than OS-level isolation.
Unikernel-based VMs excel in situations where you want to quickly spawn an app to run a singular task and exit. When the app is not needed, it should not consume any resources. (This is typically called "scale to zero".) And when the app receives a request, the unikernel can boot up so fast that the user would barely notice the tiny, milliseconds-level delay.
I bet you are now curious to try running a Go app in a unikernel. Tip: check out Unikraft. Unikraft is an open-source unikernel development kit powered by a versatile CLI tool written in Go. I came across Unikraft recently because they announced the beta program of their new cloud service kraft.cloud. I launched a pre-configured Hugo server in no time by calling kraft run --rm -p 1314:1313 --plat qemu --arch x86_64 -M 512M . in the Unikraft-Hugo project directory. Sooo easy.
What I read in the docs is exciting and makes me want to further dig into the features and possibilities of Unikraft, with a keen focus on running Go apps with utmost resource efficiency. Think "Green Software". Or, at least, think about your wallet drained by the hyperscalers charging for idling apps. Indeed, this is one of the rare occasions where saving the climate and saving money can go hand-in-hand!
Quote of the week: Go is a rediscovery of what made Unix and C great
The success of Go is founded upon a backlash that has been stewing due to an overabundance of complexity that has done little to move the needle towards better software. Go is simply a rediscovery of the things that made Unix and C great many decades ago, repackaged for the modern era. These things have stood the test of time and proven themselves effective in practice, rather than in theory.
/u/SEgopher in Clean architecture/ best practices in Go? : r/golang
More articles, videos, talks
How Render Enforces Access Controls with Go Generics | Render Blog
During development, engineers might accidentally omit adding permission checks to new code. Render found a way to enforce using permission checks at compile time, thus making life easier for code authors and reviewers.
Welcome to the Microsoft for Go Developers Blog! | Microsoft for Go Developers
Microsoft runs a Go blog since March 20th (but it circulated through social media and /r/golang only this week). Expect to see Microsoft/Azure-specific articles, as Microsoft works on making Go work well on Azure.
go delve - The Golang Debugger - Earthly Blog
Your code is well written, has tons of tests, does proper error handling, logs its activities, but still, you cannot find out where that dreaded fault comes from that keeps haunting you? Time for some open-heart surgery. Time for Delve.
Projects
Libraries
ace package - modernc.org/ace - Go Packages
A lossless, grammar-based compression algorithm based on Re-Pair. It's labeled "special-purpose" and does not play well with huge files. I bet this one's not easy to market!
Tools and applications
From the author: "Last year I made a Mac app in Java designed to help developers/students get their machines up and running as quickly as possible. Yesterday, I decided to revisit the project and remake it using Go/Fyne since Java/Swing was never anywhere close to what I wanted in terms of speed and agility."
Sackmesser | ˈzakmɛsɐ | n. (Swiss) pocket knife. Sackmessser is a tool for manipulating (but not querying) YAML and JSON files.
GitHub - zuzuleinen/medium2hugo: Export Medium articles into Hugo format
For all who want to escape from a proprietary blogging platform, this tool turns your Medium articles into a format consumable by Hugo, the static site generator. (This format is basically Markdown with TOML, YAML, or JSON frontmatter.)
GitHub - 1buran/rHttp: REPL for HTTP
A mini-Postman/Insomnia in your terminal.
GitHub - wcharczuk/go-diskq: A ordered buffer of data on disk.
"Single-node Kafka", so to say.
GitHub - matronator/amock: API mock server
Don't let your API tests run amo(c)k
GitHub - bevzzz/nb: Render Jupyter Notebooks in pure Go 📔
Think "Markdown renderer for Jupyter Notebooks"
Completely unrelated to Go
Provision an OS to a PC. No IaC required.
Infrastructure as Code, or IaC, is a topic that can fill bookshelves. IaC tries to hide the tediousness (and, more often than not, the complexity) of provisioning all sorts of infrastructure — hardware, networks, storage,... — behind a scripting (or maybe just description) language with an only moderate learning curve.
But what if all you need is to provision an operating system to a computer near you, via a simple Ethernet cable? Most IaC tools are an overkill for this task, but wait — here comes mgmt provisioner.
A new provisioning tool built with mgmt - https://purpleidea.com/
How did your latest rollout go?
Imagine you roll out a pretty substantial change to millions of users and no one notices.
A Feat of Engineering - by Thorsten Ball - Register Spill
Semicolons — huh! What are they good for?
Go has semicolons; you just don't see them! Other languages bluntly expose them at the end of each and every statement; but why semicolons? Why not a full stop; or an exclamation mark?!
The origin and virtues of semicolons in programming languages | nicole@web
Happy coding! ʕ◔ϖ◔ʔ
Questions or feedback? Drop me a line. I'd love to hear from you.
Best from Munich, Christoph
Not a subscriber yet?
If you read this newsletter issue online, or if someone forwarded the newsletter to you, subscribe for regular updates to get every new issue earlier than the online version, and more reliable than an occasional forwarding.
Find the subscription form at the end of this page.
How I can help
If you're looking for more useful content around Go, here are some ways I can help you become a better Gopher (or a Gopher at all):
On AppliedGo.net, I blog about Go projects, algorithms and data structures in Go, and other fun stuff.
Or visit the AppliedGo.com blog and learn about language specifics, Go updates, and programming-related stuff.
My AppliedGo YouTube channel hosts quick tip and crash course videos that help you get more productive and creative with Go.
Enroll in my Go course for developers that stands out for its intense use of animated graphics for explaining abstract concepts in an intuitive way. Numerous short and concise lectures allow you to schedule your learning flow as you like.
Christoph Berger IT Products and Services
Dachauer Straße 29
Bergkirchen
Germany