Hacker News 中文摘要

RSS订阅

Caddy与zeroserve的兼容性:吞吐量提升3倍,延迟降低70% -- Caddy compatibility for zeroserve: 3x throughput and 70% lower latency

原文链接 | HN讨论 | 2026-06-15 04:18:09

文章摘要

zeroserve是一款高性能HTTPS服务器,现支持Caddy兼容模式,可将Caddy文件即时编译为eBPF和机器码运行。测试显示其吞吐量是Caddy的3倍,延迟降低70%,内存占用更少,并支持通过Caddyfile调用自定义eBPF代码实现高级功能。

文章总结

标题:zeroserve实现Caddy兼容:吞吐量提升3倍,延迟降低70%

内容摘要: zeroserve是一款高性能HTTPS服务器,支持在用户空间运行eBPF脚本。最新版本新增Caddy兼容模式——当提供Caddyfile配置文件时,zeroserve会将其即时编译为eBPF代码,进而转换为x8664/ARM64原生机器码,并在iouring事件循环中运行。

性能对比数据(HTTPS反向代理,2线程,AMD Ryzen 7 3700X环境): | 协议 | 服务器 | 吞吐量 | P50延迟 | P99延迟 | 内存占用 | | --- | --- | --- | --- | --- | --- | | HTTPS | zeroserve-clang | 38,948请求/秒 | 1.45ms | 3.91ms | 30.9MB | | HTTPS | zeroserve-tcc | 36,653请求/秒 | 1.67ms | 4.00ms | 34.2MB | | HTTPS | Caddy | 12,529请求/秒 | 4.74ms | 13.11ms | 67.4MB | | HTTPS | nginx | 37,424请求/秒 | 1.57ms | 4.24ms | 25.7MB |

快速体验方法: 1. 下载并运行zeroserve 2. 指定Caddyfile配置文件路径 3. 即可通过HTTP访问服务

高级功能示例: 通过集成AWS SigV4认证插件,可在Caddyfile中直接调用eBPF中间件实现S3兼容存储的反向代理,具体配置示例如下: example.com { route /s3/* { # 路径处理与请求重写 zeroserve_call io.su3.aws-sigv4 sign_request { access_key_id "minioadmin" secret_access_key "minioadmin" } reverse_proxy http://127.0.0.1:9000 } }

(注:原文中的版权声明、RSS订阅链接等非核心内容已省略)

评论总结

以下是评论内容的总结,平衡呈现不同观点并保留关键引用:

  1. 对zeroserve的兴趣与肯定

    • 有用户表达对zeroserve技术的兴趣:"Very cool stuff"(评论1)
    • 认为追求性能优势有合理性:"Interesting. Trying to get some of the performance advantages..."(评论8)

  2. 对实用性的质疑

    • 质疑实际应用场景:"has anyone ever encountered a use case where the Caddy was the bottleneck?"(评论2)
    • 认为性能优化非必要:"It's optimizing for a metric that wasn't a bottleneck..."(评论11)

  3. 与传统服务器的比较

    • 对nginx表现的惊讶:"I am surprised how well nginx holds up?!"(评论3)
    • 认为没必要重写:"NGINX still steals the show. Not everything needs to be rewritten"(评论7)

  4. 技术安全性担忧

    • 对eBPF复杂性的讨论:"There is still a complexity limit in the verifier"(评论4)
    • 对iouring的担忧:"Exposing services that use iouring is a hard pass"(评论10)
    • 对JIT编译的担忧:"The attack surface here is enormous"(评论11)

  5. 功能缺失批评

    • 缺少ACME支持是致命缺陷:"No ACME! That is a dealbreaker"(评论5)
    • 兼容性存疑:"'Caddy compatible' minus everything that matters"(评论7)

  6. 项目可持续性怀疑

    • 预测项目寿命短:"Another vibe coded, dead in 6 month Rust project"(评论9)
    • 质疑支持体系:"has 0 support/track record"(评论9)

  7. 异常情况报告

    • 用户报告奇怪的证书弹窗:"really weird Chrome pop-up asking which cert to use"(评论6)