Skip to content
/ pavis Public

An experimental Rust proxy exploring a Frozen Data Plane model: compile-time semantics, immutable artifacts, and a deliberately dumb runtime.

github.com/fabian4/pavis

License

Apache-2.0 license
5 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

fabian4/pavis

BranchesTags

Repository files navigation

Pavis logo

Pavis

Positioning

Pavis is an engineering thesis that proves a Frozen Data Plane can run a Layer 7 proxy without any runtime interpretation. It is a compiler pipeline plus a dumb executor that only loads immutable .pvs artifacts. It is not a product roadmap, not a platform for feature plug-ins, and not a service mesh.

License Language Engine

Status codecov

Core Thesis

  • All routing, security, and retry semantics are compiled ahead of time into RuntimeConfig and then sealed into .pvs artifacts.
  • The runtime only swaps between validated artifacts; it does not interpret text config, evaluate policy, or invent defaults.
  • Failure is explicit: an artifact either loads atomically or is rejected, and the runtime keeps serving the last-known-good payload.
  • The Relay remains opaque. It never inspects artifacts and only handles versioning and persistence.
  • Operational recovery is limited to reloading a previously sealed artifact; there is no heuristics-based repair path.

This design is described in detail in: “Pavis: A Dumb Proxy for Boring Reloads”.

Deliberate Non-Goals

  • No runtime DSLs, WASM, Lua, or scripting of any form.
  • No graceful degradation, traffic shadow heuristics, or best-effort fallbacks.
  • No runtime xDS client, Kubernetes operator baked into the runtime, or gateway-layer feature surface.
  • No global or local dynamic policy engines, token validation, or external auth hooks.

What Is Closed

The compiler pipeline, artifact sealing, runtime execution, security stack, observability surface, and relay boundaries are implemented and verified under the Frozen Data Plane rule set. Capabilities are cataloged in docs/roadmap/features.md.

Performance Overview

Here’s a summary of the current benchmark results based on CI-level testing (which is limited by resources such as CPU cores and workers). These results reflect the current status and are expected to improve with optimized production environments.

Performance benchmarks are executed continuously in CI. See the latest results here: https://github.com/fabian4/pavis/actions/workflows/pipeline.yaml

Note: These performance results are based on CI testing and will vary in real-world, production environments with optimized resources.

About

An experimental Rust proxy exploring a Frozen Data Plane model: compile-time semantics, immutable artifacts, and a deliberately dumb runtime.

github.com/fabian4/pavis

Topics

infrastructure rust networking proxy zero-copy configuration observability sidecar data-plane pingora frozen-data-plane configuration-compilation immutable-artifacts semantic-closure failure-semantics

Resources

Readme

License

Apache-2.0 license

Code of conduct

Code of conduct

Contributing

Contributing

Security policy

Security policy
Activity

Stars

5 stars

Watchers

0 watching

Forks

1 fork
Report repository

Languages