Hacker News new | past | comments | ask | show | jobs | submit login

Yeah that's pretty much it -- "CGI, except containerized/as a single binary".

I guess I could make a Docker image that had a CGI-compliant server and an admin endpoint where you POST'ed file contents?

The current design I went with is that you upload a .zip or .tar.gz file that contains a "manifest.json" and then your source code.

The "manifest.json" points to the entrypoint file for each function you want to deploy, and says what HTTP endpoint it should live at, and what language it is.

It supports JS/TS, Python, Ruby, WASM, and LLVM langs (C/C++/Rust/Swift/Haskell/etc):

  {
    "version": 1,
    "handlers": [
      {
        "name": "javascript-signup",
        "language": "JAVASCRIPT",
        "endpoint": "/api/signup",
        "entrypoint_file": "src/signup.js"
      },
      {
        "name": "python-login",
        "language": "PYTHON",
        "endpoint": "/api/login",
        "entrypoint_file": "src/login.py"
      },
    ]
  }
The platform runs as a single static binary, or a JVM application (can be in a container), and it does a bunch of magic with GraalVM to convert the source code into executable functions, perform any kind of bundling/dependency library installation, etc, and finally creates the HTTP endpoints.



Check out this project: https://github.com/reddec/trusted-cgi

I’d say the base is CGI + chroot, and then you grow over this base.

If you want to rebuild AWS Lambda, though, check their documentation on custom runtimes and some “how to make your own docker using cgroups” guides.

Firecracker is used to improve workload/tenant isolation, but if all you’re running is trusted, you might skip this part.


Thank you!




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: