小 田 Software Engineer @Go Conference mini 2 0 2 3 Winter in Kyoto Go Plugin

https://tomohisaoda.com 🍜 A ff i liation: COGNANO Community: Fukuoka.go Weight Training Tomohisa Oda / @linyows

https://research.sakura.ad.jp/ Mission: 力 人 ・ ・文 ・ Mission: 革

Outline 1 . Computing Plugin 2 . Go Plugin Mechanism 3 . Plugin Mechanism 4 . Plugin Mechanism Benchmark 比 5 . Conclusion 🙏 方

Computing Plugin

Plugin Plugin 心 高 Attack Surface 小 Plugin 目 Host Application Plugins … .

Plugin 生 Plugin 大 Browser Plugin 止 Capability Extension Extension 入

Go Plugin Mechanism

Plugin 手 Host Application 一 Shared Library 用 Host Application API 用 CLI 用 Host Application Plugin

Plugin 手 Shared Library 用 https://pkg.go.dev/plugin 用 API 用 https://github.com/hashicorp/go-plugin HashiCorp Products 十 Host Plugin GRPC CLI 用 https://github.com/kubernetes/kubectl git-style

Plugin Mechanism 比 ⾒ ** ** Performance Maintainability Deployability Reliability Scalability Security Shared Library 👍 👍 👍 ⏳ ⏳ ⏳ API ⏳ ⏳ ⏳ 👍 👍 👍 CLI ⏳ 👍 👍 👍 ⏳ ⏳

Plugin Mechanism

SMTP 用 Proxy: WARP 用 Mail Transfer Agent MTA MTA SMTP 高

SMTP 用 Proxy: WARP https://github.com/linyows/warp Multi-Tenancy Plugin 自 用

Shared Library 力 見 Multi-Tenancy 自 自 用 自 Performance Maintainability Deployability Reliability Scalability Security Shared Library 👍 👍 👍 ⏳ ⏳ ⏳

HashiCorp Products API Plugin 🥢 🏢 🤔 🔌

" " What About Shared Libraries? When we started using plugins (late 2 0 1 2 , early 2 0 1 3 ), plugins over RPC were the only option since Go didn't support dynamic library loading. Today, Go supports the plugin standard library with a number of limitations. Since 2 0 1 2 , our plugin system has stabilized from tens of millions of users using it, and has many benefits we've come to value greatly.For example, we use this plugin system in Vault where dynamic library loading is not acceptable for security reasons. That is an extreme example, but we believe our library system has more upsides than downsides over dynamic library loading and since we've had it built and tested for years, we'll continue to use it.Shared libraries have one major advantage over our system which is much higher performance. In real world scenarios across our various tools, we've never required any more performance out of our plugin system and it has seen very high throughput, so this isn't a concern for us at the moment. https://github.com/hashicorp/go-plugin#what-about-shared-libraries

Shared Library go-plugin plugin library plugin go-plugin 人 用 入 高

Plugin Plugin => 面 見 ok, ok.. Application Plugin v 1 . 21 . 4 v 1 . 20 . 1 1 🙅

Shared Library 方 !

No content

Plugin cgo glibc Production GoReleaser GitHub Actions Production Actions 行 Self-Hosted Runner 🙅

Plugin Mechanism 比 高 Performance Maintainability Deployability Reliability Scalability Security Shared Library 👍 👍 👍 ⏳ ⏳ ⏳ API ⏳ ⏳ ⏳ 👍 👍 👍 CLI ⏳ 👍 👍 👍 ⏳ ⏳ ❌ ❌

No content

Plugin Mechanism Benchmark 比

Shared Library API CLI Benchmark Plugin 文 echo Web Shared Library API 5 CLI 29 CLI 高 一方

No content

一

" " Warnings The ability to dynamically load parts of an application during execution, perhaps based on user-defined configuration, may be a useful building block in some designs. In particular, because applications and dynamically loaded functions can share data structures directly, plugins may enable very high- performance integration of separate parts. However, the plugin mechanism has many significant drawbacks that should be considered carefully during the design. For example: … . Ref: https://github.com/golang/go/issues/ 5 68 93 https://pkg.go.dev/plugin#hdr-Warnings

Plugin 大 欠 欠 一 Go Plugin Linux, FreeBSD, macOS 目 用

WASM Plugin Mechanism https://github.com/knqyf 2 6 3 /go-plugin @knqyf 2 6 3 手 HashiCorp go-plugin GRPC README 見 `It uses the same de fi nition as gRPC, but go-plugin communicates with plugins in memory, not over RPC.` WASM Sandbox Secure by Default ⾒

Conclusion Plugin 一方 Plugin 見 Plugin Production 一方 高

GMO 🙏