Why Meta, Discord & AWS Are Rewriting Everything in Rust in 2026

Added: 2026-05-16

[00:00:00]Let me ask you something.

[00:00:02]When was the last time Meta, Microsoft, Amazon, Discord, and Cloudflare all made the same engineering decision at the same time?

[00:00:10]These companies compete with each other.

[00:00:12]They have completely different stacks, different cultures, different engineering philosophies.

[00:00:18]They almost never agree on anything.

[00:00:21]And yet, in 2026, every single one of them is rewriting critical systems in the same language.

[00:00:27]Rust.

[00:00:29]Meta rewrote WhatsApp's media infrastructure. Discord moved their core real-time services from Go to Rust. AWS built Firecracker in Rust. Cloudflare replaced NGINX with a Rust proxy that now handles over a trillion requests every single day. Microsoft has over 180,000 lines of Windows kernel code already rewritten in Rust and has set a goal to eliminate every line of C and C++ from their entire code base by 2030.

[00:00:55]This is not hype. This is not a blog post trend. These are billion-dollar companies putting real engineering resources behind a real decision. And if you are a developer in 2026, understanding why they are doing this is one of the most important things you can know. So, in this video, I am going to take you through each company, what they rewrote, what results they got, and what it actually means for you. Let's go.

[00:01:19]Before we get into the individual stories, I want to explain the root cause behind all of these decisions because they all come down to the same fundamental problem. Memory safety bugs.

[00:01:29]When you write code in C or C++, you manage memory manually. You allocate it, you use it, and you are responsible for freeing it at exactly the right time.

[00:01:38]Miss the free and you have a memory leak. Free it too early and you have a use-after-free bug. Access one byte beyond the end of a buffer and you have a buffer overflow. These are not theoretical problems. They're the most common source of security vulnerabilities in production software.

[00:01:52]Microsoft ran the numbers on their own code base and found that around 70% of all the CVEs, that is the security vulnerabilities they publish every year, are caused by memory safety issues.

[00:02:04]Google found the same thing in Chrome.

[00:02:06]About 70% of security bugs over the past decade were memory related. Android's data is similar.

[00:02:13]So, you have these massive companies each spending enormous amounts of engineering time patching the same categories of bugs over and over and over again.

[00:02:21]Not because their engineers are bad, but because the languages they built everything in, C and C++, make these bugs possible and they are incredibly hard to find before they reach production. Rust fixes this at the compiler level.

[00:02:34]The ownership and borrow checker system means that an entire class of memory safety bugs simply cannot exist in Rust code.

[00:02:42]The compiler refuses to compile code that could cause a use-after-free, a buffer overflow, or a data race.

[00:02:49]These bugs are caught at build time, not at 3:00 in the morning when your on-call engineer gets paged. That is the reason.

[00:02:56]Not performance.

[00:02:58]Not developer experience.

[00:03:00]The primary driver for every one of these rewrites is eliminating a category of production incidents and security vulnerabilities that were costing real money and real reliability.

[00:03:10]Now, let's look at each company's story.

[00:03:13]Discord is probably the most well-known Rust rewrite story and it is a good one to start with because the before and after numbers are so clear.

[00:03:21]Discord runs a service internally called read states. If you use Discord, this service is working every single time you open a channel. It tracks which messages you have read across every server and every channel you are in.

[00:03:33]For Discord, this means handling millions of concurrent users simultaneously all the time. The original implementation was written in Go and for a while it worked fine. But as Discord's user base grew and they eventually hit over 5 million concurrent users, a specific problem started getting worse and worse.

[00:03:50]Go has a garbage collector.

[00:03:53]The GC is what manages memory automatically in Go. It periodically scans the heap, finds objects that are no longer referenced, and frees them.

[00:04:01]This is what makes Go so easy to write.

[00:04:04]You never think about memory. You just write code. But at Discord scale, the GC started causing latency spikes.

[00:04:12]Every 2 minutes or so, Go's garbage collector would pause for 10 to 50 milliseconds to do its cleanup work. For most applications, this is totally invisible. For Discord, where you have millions of users who notice when messages feel slow, it was a real problem. Power users with thousands of servers experienced it worst. So, they rewrote the read state service in Rust, and the results were not incremental.

[00:04:35]They were dramatic. Latency dropped by 10 times. The GC pauses disappeared completely because Rust does not have a garbage collector. Memory is managed at compile time through ownership.

[00:04:47]The worst-case latency, which used to spike to 50 milliseconds during GC pauses, now consistently stays well under 1 millisecond.

[00:04:55]Discord also reported a 60% reduction in PagerDuty alerts. That is the system that wakes engineers up at night when something goes wrong for their Rust services compared to their Go services.

[00:05:06]The lesson from Discord is not that Go is bad. Go is an excellent language. The lesson is that at a certain scale, predictable latency matters more than average latency, and garbage collector pauses are fundamentally unpredictable.

[00:05:19]Rust gives you deterministic memory behavior because the compiler handles everything at compile time. No pauses, ever. By the way, if you are finding this useful, hit the like button right now.

[00:05:30]It takes 2 seconds, and it genuinely helps this video reach more developers who are trying to understand where the industry is heading.

[00:05:38]And if you are not subscribed yet, subscribe. We do deep dives like this every week.

[00:05:43]Okay, let's keep going.

[00:05:46]Amazon Web Services runs Lambda.

[00:05:48]The serverless compute product where you upload a function and AWS runs it on demand, charging you only for the actual execution time. This sounds simple from the outside. The engineering challenge underneath is extraordinary. Every Lambda function needs to run in isolation. You cannot let one customer's code touch another customer's code.

[00:06:08]That means each function runs in its own virtual machine.

[00:06:11]But traditional virtual machines are heavy. They can take seconds to start and they use hundreds of megabytes of memory each. When you're trying to run hundreds of thousands of isolated functions simultaneously at AWS scale, that overhead becomes a serious cost problem. So, AWS built Firecracker. It is a micro VM manager, a new kind of very lightweight virtual machine specifically designed for serverless and container workloads. And they built it in Rust. Firecracker achieves less than 125 megabytes of memory per micro VM.

[00:06:43]Startup time is under 1 second. Compare that to a traditional VM, which might need 1 to 4 GB of RAM and can take 15 to 30 seconds to fully boot. The numbers that matter here are not just performance numbers.

[00:06:56]They are infrastructure economics numbers.

[00:06:59]If you can fit 10 times as many isolated functions into the same hardware, your costs for running Lambda are a fraction of what they would be otherwise. Rust's zero overhead, no garbage collector, no runtime, memory usage that maps directly to what you actually allocate, is what makes those numbers possible.

[00:07:17]AWS also uses Rust across other parts of their infrastructure, networking systems, storage systems, serverless runtimes. The pattern is consistent.

[00:07:26]Wherever they need very low memory usage, very predictable performance, and very high security guarantees, they reach for Rust. This one is close to home for this channel because we built a Cloudflare WAF series right here on Aaron Be Dev Hub.

[00:07:41]If you have not watched that, it is in the description. We actually built a production firewall using the Pingora framework.

[00:07:48]Cloudflare is the proxy infrastructure for a huge chunk of the internet.

[00:07:52]When you visit almost any popular website, there is a good chance your request passes through Cloudflare's network.

[00:07:59]The service that does this work, receiving your request, checking it, forwarding it to the origin server, and returning the response, was originally built on Nginx. Nginx is a very reliable piece of software.

[00:08:13]It has been powering the web for years, but at Cloudflare's scale, its limitations became expensive.

[00:08:19]Nginx is written in C. It has a worker process architecture, where each request is pinned to a single worker, which makes load balancing uneven and connection reuse inefficient.

[00:08:30]And being C, every new feature Cloudflare wanted to add carried the risk of introducing memory safety bugs into the most critical path of their infrastructure.

[00:08:38]So, they built Pingora from scratch in Rust. The results are on their engineering blog, and the numbers are hard to argue with.

[00:08:45]Pingora uses about 70% less CPU than their old Nginx-based system for the same traffic load. Memory usage is about 67% lower.

[00:08:55]And it now serves over 1 trillion requests every single day.

[00:09:00]The CPU savings alone, at Cloudflare's scale, translate to tens of millions of dollars in annual infrastructure costs.

[00:09:07]There is also a reliability number that I think is the most impressive of all.

[00:09:12]Since Pingora launched, Cloudflare has served a few hundred trillion requests, and they have yet to experience a crash caused by their own service code.

[00:09:21]Rust's memory safety means the category of crashes that used to require emergency patches in their C-based system simply cannot happen.

[00:09:28]When something does go wrong, it is always external, a dependency, a hardware issue, something outside their code.

[00:09:36]Their own Rust code has been essentially crash-free at scale.

[00:09:39]Cloudflare also built in Fire, a custom large language model inference engine in Rust running on their edge network. It runs Llama 3.1 on Cloudflare's edge and delivers faster inference than the Python-based vLLM.

[00:09:53]This is Rust now entering AI infrastructure, which is a story that is just beginning. Quick one, if this channel has helped you understand Rust and systems programming, and you want to support the work that goes into making these videos, you can buy me a coffee.

[00:10:07]The link is in the description.

[00:10:09]Every supporter makes it possible to keep doing this full-time.

[00:10:13]Genuinely thank you to everyone who has already. Meta's story is different from the others because the scale is almost incomprehensible.

[00:10:21]We are not talking about a single service.

[00:10:24]Meta is rewriting the mobile messaging infrastructure that powers Facebook, Messenger, Instagram, and their VR platforms. Code that collectively touches billions of users.

[00:10:34]The legacy C code base was in C++ as Meta's own engineers described it as spaghetti. Years and years of layered code that was genuinely difficult to reason about, full of manual memory management, and responsible for production incidents that were hard to diagnose because the bugs were memory-related and non-deterministic.

[00:10:51]The Rust migration changed several things at once. Memory safety bugs disappeared. But what surprised Meta's teams was that developer velocity also improved. The Rust compiler, which forces you to think carefully about ownership and lifetimes, actually produces better structured code.

[00:11:08]Engineers reported faster feedback cycles because the compiler catches problems that would previously have only shown up in production.

[00:11:15]They had more confidence shipping changes because the type system eliminates whole categories of runtime surprises.

[00:11:21]Commercial Rust adoption grew by nearly 70% between 2021 and 2024. And 2026 is being called the year the conversation shifted from how to use Rust to how fast can we migrate.

[00:11:31]Meta's investment is a huge part of that shift. Microsoft is doing something that would have seemed unthinkable 5 years ago.

[00:11:38]They are rewriting Windows.

[00:11:41]Now, I want to be precise about this because there was some drama around the announcement.

[00:11:45]A Microsoft distinguished engineer named Galen Hunt posted on LinkedIn saying his goal was to eliminate every line of C and C++ from Microsoft by 2030.

[00:11:55]He wrote about using AI combined with automated tools to rewrite code bases at a rate of 1 million lines per engineer per month.

[00:12:03]The internet had strong opinions about this.

[00:12:06]Microsoft then clarified that Windows is not being rewritten all at once with AI.

[00:12:10]Hunt's post was describing a research project his team is working on, not an official product strategy.

[00:12:16]But, here is what is actually happening, which is significant regardless of the 2030 goal.

[00:12:22]The Windows 11 kernel already has Rust code in it. Project Mu, Microsoft's UEFI firmware that runs on Surface laptops and Azure data centers, is entirely in Rust. Microsoft has over 180,000 lines of Windows kernel and DirectWrite code already rewritten in Rust.

[00:12:39]Azure now mandates that all new system-level code be written exclusively in Rust. And the reasoning is the same as everyone else.

[00:12:47]Microsoft's own security team has publicly stated that around 70% of all security vulnerabilities they assign CVEs to each year are memory safety issues.

[00:12:57]That number has been consistent for decades. No amount of code review or tooling has been able to bring it down significantly because the root cause is the language, not the engineers.

[00:13:06]The Microsoft Security Response Center put it plainly, "Rust is the best path forward for safe systems programming, and the benefits of memory safety are too significant to ignore."

[00:13:15]When a company with one of the largest C and C++ code bases in human history says that, it carries weight. Google has been quietly running one of the most important natural experiments in software engineering history.

[00:13:27]They started writing Android system components in Rust a few years ago.

[00:13:31]And they tracked the vulnerability density, the number of security vulnerabilities per thousand lines of code, in their Rust code versus their C and C++ code.

[00:13:40]The result is one of the most striking data points in modern software engineering.

[00:13:46]Android's Rust code has had zero memory safety vulnerabilities since it was introduced. Their C and C++ components historically produced more than one vulnerability per thousand lines of code. 1,000 * 0 is still 0. Google also has data showing a thousandfold reduction in vulnerability density in Android code that has been migrated to Rust.

[00:14:07]This is not a small improvement.

[00:14:09]It is an elimination of an entire category of bugs.

[00:14:13]The Linux kernel also made a permanent commitment to Rust at the 2025 maintainer summit.

[00:14:18]Android 16 ships with a core memory allocator written in Rust.

[00:14:22]Debian introduced hard Rust requirements in APT.

[00:14:26]The operating system layer of the software world is gradually becoming Rust. There is one more piece of this story that does not get enough coverage in developer circles, and that is the regulatory pressure coming from governments.

[00:14:38]CISA, the US Cybersecurity and Infrastructure Security Agency, published a secure by design initiative that essentially says memory safety vulnerabilities significantly elevate risk to national security, national economic security, and national public health and safety.

[00:14:54]They set a January 2026 deadline for major software vendors to publish memory safety road maps.

[00:14:59]This is not a recommendation. This is government pressure backed by the kind of language that makes legal and compliance teams inside large enterprises pay attention.

[00:15:09]What this means in practice is that for any company building software for government contracts, health care systems, critical infrastructure, or financial services, the pressure to move away from C and C++ is now coming not just from engineering teams internally, but from regulators externally.

[00:15:24]Rust is the primary answer to that pressure.

[00:15:26]Not the only one. There are other memory safe languages, but Rust is the one that delivers memory safety without sacrificing the performance that system software requires. If you want to talk through any of this with other developers learning Rust, come join the Discord community. The link is in the description below.

[00:15:43]We run a weekly study group on Sunday evenings where people pick a topic, prepare it, and explain it to the group.

[00:15:50]It is one of the best ways I have seen to actually retain this stuff. Come say hi. Okay, so we have covered all the companies and all the data.

[00:15:58]Now, let me talk about what this actually means for you sitting here watching this video. The first thing I want to say is that you should not read this as everything must be rewritten in Rust. That is not the lesson.

[00:16:09]The TypeScript compiler team explicitly considered Rust and chose Go.

[00:16:14]There are teams that tried Rust for their back-end services and switched back to Go because compile times and onboarding were too painful. These are legitimate engineering decisions for legitimate reasons.

[00:16:24]The lesson is more nuanced.

[00:16:26]Rust is the right language when the cost of a memory-related bug is high, when you need predictable latency without garbage collector pauses, when you are deploying to constrained environments where memory overhead matters, or when you're writing code that will be audited for security vulnerabilities.

[00:16:42]For typical CRUD web services, Go or Python or Java are often better choices because developer velocity matters more than raw performance in those contexts.

[00:16:51]Rust makes the most sense at the layers of the stack where the language is guarantees translate directly into dollars saved or incidents prevented.

[00:16:58]The career implication is clear though.

[00:17:00]Every company on that list is hiring Rust engineers and paying a premium for them because the supply is small. The market pays Rust developers 10 to 20% more than equivalent Go or Python positions because there genuinely are not that many engineers who are comfortable with the language. If you are thinking about investing time into learning Rust, the question to ask yourself is not whether Rust is a good language. That debate is over. The question is whether the domains where Rust is essential, systems programming, performance-critical infrastructure, safety-critical code, are domains you want to work in. If the answer is yes, 2026 is a very good time to start.

[00:17:38]The ecosystem is mature.

[00:17:40]The tooling is excellent.

[00:17:42]The job market is growing.

[00:17:44]And now you understand exactly why the biggest companies in the world are betting on it.

[00:17:49]That is the full story of why Meta, Discord, AWS, Cloudflare, Microsoft, Google, and the Linux kernel are all moving to Rust in 2026.

[00:17:59]The pattern across all of them is the same. Memory safety bugs are expensive.

[00:18:04]Rust eliminates them at compile time, and the performance and reliability improvements that follow are not incremental. They are dramatic. If this video gave you a clearer picture of where Rust is headed and why it matters, please hit the like button. It genuinely helps this channel grow and reach more developers. And share this with someone who is on the fence about learning Rust.

[00:18:24]The data in this video might help them make up their mind.

[00:18:27]Subscribe if you are not already. We build real systems in Rust and Go every week. Frameworks, tools, deep dives like this one.

[00:18:35]You will get notified when the next video drops.

[00:18:38]Drop a comment below which company story surprised you the most.

[00:18:42]I read every single comment. And if you want to go deeper on Rust right now, check out the Gupty series on this channel. We are building a full zero-knowledge secret sharing app with Axum and Leptos from scratch. Or check out the Agaya series if you want to see a production Rust web framework built from the ground up.

[00:19:00]Both are in the description. Come join the Discord community as well. The link is below. We have a great group of developers learning Rust and Go together, and it genuinely makes the learning faster. And if you want to support the channel, you can buy me a coffee. The link is in the description.

[00:19:15]It goes directly toward the time spent building these projects and making these videos.

[00:19:20]Thanks for watching and happy coding.