TL;DR
Zeroserve is a new lightweight web server that requires no configuration and allows scripting requests with eBPF in userspace. It offers high performance, supports HTTPS, and simplifies deployment by serving sites from a single tarball.
Zeroserve has been introduced as a fast, zero-configuration web server that enables request handling and middleware scripting through embedded eBPF programs, all in userspace, with the goal of simplifying static site deployment and improving performance.
Zeroserve is a small, high-performance HTTPS server that serves websites directly from a single tarball without the need for a traditional configuration file. It supports modern TLS 1.3, HTTP/2, and encrypted client hello, providing secure, fast delivery of static content. The key innovation is its use of eBPF programs, which are compiled from C source files and run sandboxed in userspace on every request, allowing flexible request manipulation such as routing, authentication, and rate limiting.
The server indexes the site content at startup by building a path-to-byte-range map from the tarball, avoiding disk unpacking and enabling atomic updates through simple file replacement and SIGHUP reloads. All network and disk I/O operations utilize io_uring, ensuring efficiency. eBPF scripts are compiled at pack time and run within a runtime called async-ebpf, which JIT-compiles them to native code, providing near-native performance and security through sandboxing.
Developers can write scripts in C that interact with request metadata, headers, and response generation, enabling dynamic behaviors without external configuration files. The entire site, including scripts and TLS material, is contained within a single tarball, simplifying deployment and updates. Learn more about building custom web servers. Zeroserve’s architecture aims to outperform traditional servers like nginx across various workloads, especially static file serving and small proxy responses, while maintaining a small footprint and high efficiency.
Why It Matters
This development matters because it offers a new approach to web server design, combining high performance with simplicity and security. By eliminating complex configuration files and enabling request scripting through eBPF, zeroserve could streamline static site deployment and reduce operational overhead. Its use of sandboxed, JIT-compiled eBPF programs in userspace also enhances security and flexibility, potentially influencing future server architectures and middleware approaches.
eBPF web server
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
Background
Traditional web servers like nginx and Caddy rely on declarative configuration languages and external scripting or plugin systems, which can be complex and less flexible. Zeroserve’s approach of embedding request logic directly into eBPF programs in userspace is a novel paradigm. The concept builds on recent advancements in eBPF’s capabilities and the trend toward minimal, efficient server architectures. This announcement follows ongoing efforts to leverage eBPF for networking and security tasks, now extended into web serving and middleware scripting.
“The eBPF programs are compiled at pack time and run on every request, enabling flexible, high-performance request handling without traditional config files.”
— the zeroserve developer
“Zeroserve’s architecture could significantly reduce complexity and improve efficiency for static sites and microservices, especially in resource-constrained environments.”
— industry analyst
HTTPS static site hosting server
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
What Remains Unclear
It remains unclear how zeroserve will perform under high traffic loads in real-world scenarios, and whether its scripting model can handle complex, large-scale applications. Additionally, the maturity of the runtime, security implications of sandboxed eBPF scripts, and compatibility with existing infrastructure are still being evaluated.
high performance web server
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
What’s Next
Next steps include community testing, benchmarking against established servers like nginx and Caddy, and exploring advanced use cases such as dynamic content or building custom web servers. Developers and organizations interested in lightweight, high-performance web serving will likely experiment with zeroserve in various environments.
secure static website deployment
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
Key Questions
How does zeroserve compare in performance to nginx?
Initial benchmarks suggest zeroserve can outperform nginx on static file serving over HTTPS on single-core setups, especially with small responses and scripted middleware, but comprehensive testing is ongoing.
Can I use zeroserve for dynamic websites?
Zeroserve is primarily designed for static sites and request manipulation via embedded scripts. Support for full dynamic content generation is not yet confirmed, but its scripting capabilities could enable some dynamic behaviors.
Is zeroserve secure for production use?
While sandboxed eBPF programs enhance security, the runtime’s maturity and security model are still under assessment. Caution is advised before deploying in sensitive environments.
How easy is it to update a site hosted with zeroserve?
Updating involves replacing the tarball and sending a SIGHUP signal to reload atomically, making deployment straightforward without downtime.
Source: Hacker News
