Upgrade to Pro — share decks privately, control downloads, hide ads and more …

CloudNative Meets WebAssembly: Exploring Wasm's...

Kohei Ota
October 05, 2024
1.8k

CloudNative Meets WebAssembly: Exploring Wasm's Potential to Replace Containers

Kohei Ota

October 05, 2024
Tweet

More Decks by Kohei Ota

Transcript

  1. Kohei Ota / Senior Field Engineer @ Open Engineering, Apple

    YAPC::Hakodate 2024 CloudNative Meets WebAssembly Exploring Wasm's Potential to Replace Containers
  2. Wasm is… • NOT the “Assembly”! • Originally derived from

    asm.js, a subset designed to run 
 non-JavaScript applications in the browser
 → Such as those written in C or C++, mainly for use cases like games that go beyond the limits of HTML5 + JS • Has stricter type constraints than JavaScript and functions like an "intermediate language"
  3. Wasm is… • NOT the “Assembly”! • Originally derived from

    asm.js, a subset designed to run 
 non-JavaScript applications in the browser
 → Such as those written in C or C++, mainly for use cases like games that go beyond the limits of HTML5 + JS • Has stricter type constraints than JavaScript and functions like an "intermediate language" After Mozilla proposed asm.js in 2013 it evolved into WebAssembly (Wasm), and starting around 2017-2018, various tools began being ported to Wasm such as Vim, FFmpeg, and others.
  4. Basic Wasm model Compilation Execution Language Modern browsers can execute

    Wasm on the same runtime layer as JS There are runtimes like Wasmer/ Wasmtime/WasmEdge in order to run Wasm apps on Operating Systems
  5. Browser Wasm execution details • JavaScriptCore / V8 / SpiderMonkey

    can execute Wasm binary directly • (For Chromium) Lifto ff interpreter converts functions in .wasm into machine language, and TurboFan (also used for JS) optimizes functions that are called often, re-compiles and caches the machine code • Because it’s browser based, it cannot violate anywhere further than the browser, such as direct access to host fi lesystem, host memory and plugged devices
  6. What Changes • Compile target is changed in static languages

    like Swift / C / Go / Etc. • Executed within a sandbox-by-default environment • High inter-language-operability
  7. Current compilation in existing languages Swift: swift build --swift-sdk x86_64-swift-linux-musl

    Golang: GOOS=linux GOARCH=amd64 go build main.go Compiled binaries cannot run on a host with different OS/CPU Why? → ABI is not compatible
  8. Common Components in the ABI • CPU-dependent de fi nition

    including instruction set • Call numbers of system calls used • Call information for dynamically linked shared libraries
  9. Windows Darwin Linux BSD Intel (AMD) ARM RISC-V PowerPC MIPS

    Compiler Even for daily development use Mac / Linux / Win x Intel / Arm is 6 patterns
  10. When compiling for Wasm swift build --swift-sdk wasm32-unknown-wasi GOOS=wasip1 GOARCH=wasm

    go build -o main.wasm main.go Point the build target to Wasm when cross compiling the code
  11. For Perl (Because we are at a Perl conference) •

    There’s WebPerl for Wasm adoption with Perl… • But the code base hasn’t changed in 4 years and the maintainer shared that they have limited time for the project • It runs on Node.js(V8), but no speci fi c timeline for WASI support
  12. For Ruby • Load Ruby.wasm through JS on a browser

    Or • Load the release binary of github.com/ruby/ruby.wasm on Wasm runtimes such as Wasmtime on server
  13. For Python • Major 2 runtime impls: Pyodide and Wasmer’s

    py2wasm • The former is the browser version of CPython • The latter is a fork of Nuitka (an OSS that can compile Python to an executable single binary)
  14. What is it like to run “a Wasm app” from

    a dev POV? • Generate a Wasm binary and ignite on a Wasm runtime Or • Put the script on a language runtime on Wasm and execute on it
  15. What is it like to run “a Wasm app” from

    a dev POV? • Generate a Wasm binary and ignite on a Wasm runtime Or • Put the script on a language runtime on Wasm and execute on it This is one of the factors that makes look like containers
  16. “Calling” Wasm on a browser Language .wasm Binary Lightweight interpreter

    App Code Load .wasm from JavaScript WebAssembly.instantiateStreaming(fetch("simple.wasm"), importObject).then( (results) => { // Do something with the results! }, );
  17. “Calling” Wasm on a container Language .wasm Binary Lightweight interpreter

    App Code Load an OCI image FROM scratch COPY app-wasm-binary . ENTRYPOINT [“/app-wasm-binary”]
  18. What Changes • Compile target is changed • Executed within

    a sandbox-by-default environment <— Browser Like • High inter-language-operability
  19. Browser is like an OS that runs sandbox environments •

    Di ff erent process on each tab • That means CPU and memory space are secured/consumed separately • In modern security standards, it's common to ensure that user data is isolated between di ff erent browser tabs.
  20. Browser is like an OS that runs sandbox environments •

    Di ff erent process on each tab • That means CPU and memory space are secured/consumed separately • In modern security standards, it's common to ensure that user data is isolated between di ff erent browser tabs. Basically what a container does Basically what a OS isolation does
  21. Wasm specification includes… • Binary format - used by compilers

    and runtimes in common • Data structure - data types and formats Wasm handles for computing • Execution model - de fi nition of environment and behavior when processes are being executed
  22. Again, key strengths of Wasm • Language and OS/CPU independent

    • Common binary format • Executable in sandboxed environment like browsers and VMs
  23. Similarities between Java and Wasm • The compilation and execution

    model (JDK + JVM) • It’s been discussed about Docker vs JVM many times too • Run “anywhere” • WebAssembly (Wasm) gained popularity due to its easy setup for development and execution, and its growth in a CI/CD-friendly ecosystem. (Just IMO) • Java has no concept like “inter-language-operability”
  24. What Changes • Compile target is changed • Executed within

    a sandbox-by-default environment • High inter-language-operability <— its just byte code
  25. Again, key strengths of Wasm • Language and OS/CPU independent

    • Common binary format • Executable in sandboxed environment like browsers and VMs Inter-language-operability
  26. Again, Wasm specification includes… • Binary format - Used by

    compilers and runtimes in common • Data structure - Data types and formats Wasm handles for computing • Execution model - De fi nition of environment and behavior when processes are being executed
  27. Kohei Ota / Senior Field Engineer @ Open Engineering, Apple

    YAPC::Hakodate 2024 CloudNative Meets WebAssembly Exploring Wasm's Potential to Replace Containers JVM
  28. Key differences from the JVM • Size of spec/impl (As

    of 2024, at least…) • Originating from highly sandboxed browsers, Wasm’s inherent limitations aim to avoid surpassing the browser environment • To enable non-browser Wasm environments, more POSIX-like capabilities were needed, leading to the creation of WASI.
  29. WASI (WebAssembly System Interface) ? • WASI extends the browser-based

    Wasm runtime by o ff ering a portable, secure, POSIX-like, runtime-independent API. It covers infrastructure functions like I/O, sockets, WebGPU, as well as essential OS-provided features like random number generation, logging, and parallel processing. • As an extension of Wasm, it preserves key principles like CPU, OS, and language independence, open speci fi cation, and the security needed for running arbitrary code.
  30. Wasm is used in production already on… • Running arbitrary

    applications in major browsers • Utilization in CDN-based edge cloud services • More advanced and fi ne-grained control in reverse proxies, beyond lua and mruby • A framework for FaaS, competing with AWS Lambda • A test execution platform in CI toolchains for Swift • A target runtime for applications in Docker and Kubernetes environments.
  31. CDN FaaS Container Browser Lightweight Numbers of requests More limitations

    on platform → Yet more advanced functionality More interface support on WASI Support OCI format Support SQLɾStorageɾAI/ML use-cases… Run non-JS apps Game / Native apps Edge (on-device) AI
  32. CDN FaaS Container Browser Lightweight Numbers of requests More limitations

    on platform → Yet more advanced functionality More interface support on WASI Support OCI format Support SQLɾStorageɾAI/ML use-cases… Run non-JS apps Game / Native apps Edge (on-device) AI Isn’t it cool that a single binary can do all of this? 😎
  33. Key takeaways • Wasm has a lot of potential and

    future • WASI still needs to support more functionalities to replace containers • Maybe it won’t fully replace containers, but there will be cases where we *SHOULD* use Wasm over containers, and vice versa in practical and realistic future