Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
WebAssemblyの現状と展望 ~言語ツールチェインからWASIまで~
Search
mathetake
August 24, 2021
15
4.1k
WebAssemblyの現状と展望 ~言語ツールチェインからWASIまで~
Infra Study 2nd #4「セキュリティエンジニアリングの世界」
https://forkwell.connpass.com/event/219136/
mathetake
August 24, 2021
Tweet
Share
More Decks by mathetake
See All by mathetake
CGO-less Foreign Function Interface With WebAssembly
mathetake
4
680
Isolated multiple trust domain mTLS in Envoy and Istio
mathetake
2
1.1k
Wasmで広がるEnvoyとIstioの世界
mathetake
7
3.7k
Proxy-Wasm: Wasmを利用したPlugin機構の開発
mathetake
3
1.6k
Proxy-Wasm: エッジでのWasm研究開発最先端
mathetake
8
2.4k
Introduction to Flagger
mathetake
5
5.1k
Featured
See All Featured
A Tale of Four Properties
chriscoyier
156
23k
Rebuilding a faster, lazier Slack
samanthasiow
79
8.7k
Designing on Purpose - Digital PM Summit 2013
jponch
115
7k
Side Projects
sachag
452
42k
Site-Speed That Sticks
csswizardry
0
41
4 Signs Your Business is Dying
shpigford
180
21k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
44
6.8k
The Myth of the Modular Monolith - Day 2 Keynote - Rails World 2024
eileencodes
16
2.1k
Fashionably flexible responsive web design (full day workshop)
malarkey
405
65k
Product Roadmaps are Hard
iamctodd
PRO
49
11k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
232
17k
jQuery: Nuts, Bolts and Bling
dougneiner
61
7.5k
Transcript
Takeshi Yoneda, Software Engineer, Tetrate.io Infra Study 2nd #4ʮηΩϡϦςΟΤϯδχΞϦϯάͷੈքʯ WebAssemblyͷݱঢ়ͱల
~ݴޠπʔϧνΣΠϯ͔ΒWASI·Ͱ~
• Takeshi Yoneda (Ϛελέ) / Twitter, Github: @mathetake • Software
Engineer at Tetrate.io • OSS dev: Envoy, Istio, Proxy-Wasm. • Stable maintainer of Envoy • C++ maintainer of Proxy-Wasm project • Creator of Go, Zig SDK for Proxy-Wasm • Contributor of V8, Ziglang, TinyGo, etc. whoami
1. Introduction to WebAssembly (Wasm) 2. WasmͱݴޠπʔϧνΣΠϯ 3. Proxy-Wasm ABI:
Envoy with Wasm VMs 4. Wasmͷ͜Ε͔Β Agenda
1. Introduction to WebAssembly
WebAssembly design goals • Safe • UntrustedͳίʔυΛ҆શʹ࣮ߦՄೳ • Language-independent (Polyglot)
• Portable • ҙͷҰൠతͳϋʔυΣΞ্ͰαϙʔτՄ • Platform-independent • ϒϥβ͚ͩͰͳ͘ҙͷڥ(e.g. OS)ʹຒΊࠐΊΔ • Open • WebAssemblyͱϗετڥͷؒͷAPI͕Φʔϓϯ https://webassembly.github.io/spec/core/intro/introduction.html
Why Wasm is innovative? Why WebAssembly is innovative even outside
the browser: https://www.tetrate.io/blog/wasm-outside-the-browser/
• Stack-basedͳԾϚγϯͱόΠφϦͷ༷ • ݩʑJavaScriptͷߴԽ͕త • asm.js -> WebAssembly(Wasm)ͱਐԽ • ༷ΛಡΊ͔Δ͕Ұݴ
“host” ͷཁٻ͕ͳ͍ • Portable, Platform-agnostic, Open-ended • Run at near-native speed: ΊͬͪΌ͍(※࣮ʹΑΔ) • Security: ελοΫ͕ϓϩάϥϜ͔Βݟ͑ͳ͍ͱ͔ͦ͏͍͏ͷ WebAssembly 101
• ଟ͘ͷݴޠ͔ΒίϯύΠϧՄೳ: C, C++, Rust, Go, AssemblyScript, Zig, etc. WebAssembly
101
• Import Functions: ผ໊Hostؔ • WasmͷϓϩάϥϜΛ࣮ߦ͢Δϗε τଆͰ࣮(ఏڙ)͞ΕΔؔ • Export Functions
• WasmͷϓϩάϥϜͰ࣮͞Εɺ ϗετଆͰར༻Մೳͳؔ WebAssembly 101: Import / Export functions
WebAssembly in browsers V8 engine my.wasm Export function void changevalue()
Export function int64_t myvalue() mycode.js* *ٖࣅίʔυͰ͢ WasmίϯύΠϧ
WebAssembly in browsers V8 engine my.wasm Import function void console_print(int64_t)
Import function int64_t get_timestamp() mycode.js* Export function void myfunc() WasmίϯύΠϧ *ٖࣅίʔυͰ͢
• Import/Export functionsͷ༷Λࡦఆ => ༷ʑͳϗετʹຒΊࠐΈՄೳ • POSIX APIͷΑ͏ͳImport functionsͷ༷Λ࡞ͬͨΒศརͦ͏ •
WasmͷίϯύΠϥ/ඪ४ϥΠϒϥϦͷPlatformλʔήοτ • WasmͷϓϩάϥϜ͕ී௨ͷlinux/amd64όΠφϦͷΑ͏ʹৼΔ͑Δ WebAssembly 101: Import / Export functions
WebAssembly 101 > hello world! syscalls Target: linux/riscv64, darwin/arm64, windows/amd64
WebAssembly 101 > hello world! Import functions Target: ????/wasm32
WebAssembly 101: WASI Import functions > hello world! Target: wasi/wasm32
• WasmͱHost OSؒͷPOSIX APIͷΑ͏ͳImport Functionsͷ༷ WASI (WebAssembly System Interface) https://hacks.mozilla.org/2019/03/standardizing-wasi-a-webassembly-system-interface/
• WASIΛ࣮ͨ͠ϥϯλΠϜ͕ొ • WAVM, Wasmtime, Wasmer, Lucet, ʑ • EnvoyWASIͷҰ෦system
callΛαϙʔτ • “ී௨ͷϓϩηε”ͱಉ͡Α͏ʹWasm͕ಈ͘Α͏ʹͳΔ • KrustletͳͲͷ৺తϓϩδΣΫτͷొ Wasm/WASI Runtimes
WebAssembly 101: WASI Import functions > hello world! Target: wasi/wasm32
WebAssembly 101: WASI
• ͓͞Β͍: Import/Export functionsͷ༷Α༷ͬͯʑͳHostڥΛ࡞ΕΔ • ༷ = ABI (Application Binary
Interface)ͱݺͿ • WASI = OS/SystemcallपΓͷABI • Compileͷඪ४తͳλʔήοτͱͳΔ: linux/amd64 <> wasi/wasm32 Wasm outside the web browsers WASI Linux / Darwin / Windows / … Wasm Virtual Machine
• WASIʹݶΒ༷ͣʑͳABI͕ొ • Blockchain༻ͷABI, k8s֦ு༻ͷABI, Proxy-Wasm, etc. • ѥछABIͷRuntimeWASI࣮͍ͯ͠Δ͜ͱ͕ଟ͍ •
E.g. Envoy wasi/wasm32͚ͷWasmόΠφϦΛαϙʔτ Wasm outside the web browsers WASI Proxy-Wasm Envoy / Nginx / ATS / … Wasm Virtual Machine
2. WasmͱݴޠπʔϧνΣΠϯ ~18:30
Supported languages https://blog.scottlogic.com/2021/06/21/state-of-wasm.html
• Rust, Zig • ެࣜͷݴޠπʔϧνΣΠϯ͕wasm32-{unknown,wasi}Λαϙʔτ • C/C++ • Clang: wasm32-{unknown,wasi}λʔήοτΛαϙʔτ
• Emscripten: ࣮࣭Clangͷwrapper, ศརϨΠϠʔͷՃ Toolchains - Rust, C, C++, Zig
• C++ exception͕͑ͳ͍: “-fno-exceptions” flag͕ඞਢ • Emscriptenಛ༗ͷABI͕ଘࡏ͢ΔͷͰαϙʔτՄͰ͋Δ • Hostଆͷtry-catchΛͬͯtranslate •
ͯ͢ͷtry-catchʹରͯ͠HostؔΛݺͿͷͰoverheadେ • ཧ༝ޙड़ Toolchains - C++ Limitations
• panic::recover, panic::catch_unwind͕͑ͳ͍ • panic!͔Βͷ෮چෆՄೳ • ෦తʹproc_exit(1)ΛݺΜͰ͍Δ • C++ͷྫ֎ͱಉ༷ͷཧ༝(ޙड़) Toolchains
- Rust Limitations
• 2ͭͷίϯύΠϥ͕͑Δ: ެࣜ, TinyGo • ެࣜ: GOOS=js GOARCH=wasmͷΈαϙʔτ: ❌WASI •
GoಠࣗͷJavaScript ABIΛϗετଆͰαϙʔτ͠ͳ͍ͱ͍͚ͳ͍ • GoͷݴޠϥϯλΠϜ͕JavaScriptͷ࣮ʹີ݁߹ (e.g. Goroutineͷ࣮) • TinyGo: wasm32-{unknown, wasi}ͲͪΒαϙʔτ • Runtime͕ඇৗʹ͍ܰͷͰόΠφϦαΠζ͕খ͍͞ Toolchains - Go
Toolchains - TinyGo’s WASI target https://github.com/tinygo-org/tinygo/pull/1373
• ݱঢ়JSڥલఏͷWasmλʔήοτ • WASIͳόΠφϦੜͰ͖ͳ͍ • Baremetalવແཧ = GoͷϥϯλΠϜͷ͍ͤ • WASIαϙʔτʹ͚ͨIssue:
#25612, #31105, #38248 • ॴײ: Ұੜαϙʔτ͞Εͳ͍ͷͰ(෦తʹ͋ͱ2ʙ4ͳΒߦ͚ͦ͏) • ෦త = WASIʹ2ͭͷABI͕ଘࡏ, ยํαϙʔτ͞ΕΔͷͰ? • ͏ҰํݪཧతʹGoroutine/Channel͕࣮ෆՄೳͳͷͰແཧͩͱ༧ Toolchains - Go: Official WASI support
• ͑ͳ͍ύοέʔδ͕ଟʑ͋Δ: e.g. encoding/json • ݪҼ: Reflectionͷ࣮ͷҧ͍(=ݴޠͷ࣮͕ҧ͏ͷͰͨΓલ) • ݱࡏਐߦܥͰ͍Ζ͍Ζվળ͞Ε͍ͯΔ •
recover()͕ະ࣮: panic͔Β෮چͰ͖ͳ͍ • ࣮͞Εͨͱͯ͠, C++ྫ֎ͱಉ༷ͷཧ༝ͰWasmର֎(ޙड़) • WASIͷABIʹΑͬͯGoroutine/channel͕͑ͳ͍(ޙड़) • Goroutine/channel(ਖ਼֬ʹscheduler)Λdisableͯ͠compile͕Ͱ͖Δͷ͕ྑ͍ Toolchains - TinyGo limitations
• WASIʹ2ͭͷ“Application ABI”͕ଘࡏ • WASI Command: ௨ৗͷexecutableͱಉ֓͡೦ • _start symbol͕Runtimeʹ࣮ߦ͞ΕΔ:
ݴޠ࣮తʹͦͷதͰuser definedͳmainؔΛݺͿ • exitͨ͠ΒͦͷVMഁغ • WASI Reactor: Event drivenͳruntimeͰΘΕΔ (e.g. Envoy proxy) • _initialize symbol͕Runtimeʹ࣮ߦ͞ΕVM෦ॳظԽ͢Δ(C++ͷctorsݺͼग़͠ͱ͔) • _initializeΛൈ͚ͨ͋ͱVMΛഁغ͠ͳ͍ • export͞ΕͨؔΛRuntime͕ୟ͘͜ͱͰԿVMʹcall in͢Δ WASI command vs WASI reactor https://github.com/WebAssembly/WASI/blob/main/design/application-abi.md
• TinyGoCommand/Reactorͱͯ͠ͷόΠφϦΛు͚Δ* • Reactorͱͯ͠ΘΕΔ߹: • schedulerͷ֓೦͕ͿͬඈͿͷͰchannel, goroutine͕͑ͳ͍ • ެࣜGoCommandͱͯ͠ͷWASIͰ͋Εαϙʔτ͢Δະདྷ͕དྷΔ͔? •
Reactorͷ߹scheduler͕ͳ͍, ݴޠ༷(?)Λຬͨͤͳ͍ • CommandͩͱҙͷؔΛexportͯ͠ϗετͱ͓Γͯ͠ɺͱ͍͏ͷ͕Ͱ͖ͳ͍ • Ϣʔεέʔε͕ݶΒΕ͍ͯΔ Toolchains - Go *ਖ਼֬ʹcommand͕ͩexit͠ͳ͍ͱ͍͏ಛघͳ_startؔͷ࣮ʹͳ͍ͬͯΔ(͕ͦ͏࣮ͯ͠͠·ͬͨͷͰͨ͠΄͏͕͍͍ΜͩΑͳ͋…)
• https://github.com/WebAssembly/wasi-libc • A libc for WebAssembly based on WASI
system calls. • Rust, C, C++, Zig, TinyGowasi-libcͱ(fully-)static linkͯ͠όΠφϦΛੜ • ެࣜϏϧυdlmalloc͕allocatorͱ͍͖ͯͭͯͯ͠͠·͏ • ΧελϜallocatorͱซ༻ෆՄ: Heap͕Ԛછ͞ΕΔ • WASI SDK: https://github.com/WebAssembly/wasi-sdk • C/C++͚ͷϏϧυࡁΈWASI libc Toolchains - WASI libc
• lldͷWasm͚ͷport • Rust, C/C++, TinyGo, Zig෦తʹwasm-ldΛͬͯ࠷ऴόΠφϦΛੜ • ΦϒδΣΫτϑΥʔϚοτWasmࣗମͷ༷ͷதʹͳ͍ •
https://github.com/WebAssembly/tool-conventions/blob/main/Linking.md Toolchains - wasm-ld
• Wasmͷσόά͍͠ • ݱߦͷ༷ͰUserۭ͔ؒΒStack͕ݟ͑ͳ͍ • StacktraceΛऔಘͨ͠Γunwindingͨ͠Γ͕ݴޠϨϕϧͰ࣮ෆՄೳ • Proposal͕ਐߦத͕ͩΨοπϦॻ͖͞ΕͨΓͯ͠Δ: ·ͩ·͔͔ͩ࣌ؒΓͦ͏ •
͜Ε͕C++ྫ֎Rustͷpanic::*, Goͷrecover͕࣮ෆՄೳͳཧ༝ • DWARFͷWasm͚ͷ༷͕ެ։͞ΕͯΔ • DWARFͷ༷ͷΞυϨεͷҙຯΛม͑ͨͷͳͷͰ΄΅ಉҰ • ݱঢ়αϙʔτͰ͖ͯΔϗετڥ΄΅ͳ͍: Chrome͙Β͍? Debugging Wasm
Debugging Wasm StacktraceϗετଆͰ࣮͢Δ͔͠ͳ͘, ͦͷ߹mangle͞Εͨsymbol໊ͱ໋ྩΞυϨε͔͠औΕͳ͍ͷͰ͜Μͳײ͡ʹͳͬͯ͠·͏ https://github.com/proxy-wasm/proxy-wasm-cpp-host/issues/149
3. Proxy-Wasm ABI: Envoy with Wasm VMs
• Proxy-Wasm: Envoy/IstioൃͷϓϩδΣΫτ: https://github.com/proxy-wasm/spec • ϓϩΩγαʔόΛ֦ு͢ΔͨΊͷImport/Exportؔͷ༷ • ྫ: httpͷΠϕϯτຖʹWasm͔Βexport͞Εͨؔʹ͔͚͠Δ •
Proxy-WasmͷhostWASI࣮ => Compileλʔήοτͱͯ͠wasm32-wasi Proxy-Wasm: Wasm ABI for network proxies WASI Proxy-Wasm Envoy / Nginx / ATS / … Wasm Virtual Machine
• ݱঢ়5ͭͷݴޠͷSDK͕ଘࡏ • C++, Rust by Google • Go (TinyGo)
by Tetrate • ͷझຯϓϩδΣΫτ͕ࣄʹͳΓ·ͨ͠ • AssemblyScript by Solo.io • Ziglang by Proxy-Wasm: Wasm ABI for network proxies
Proxy-Wasm Implementation in Envoy TCPύέοτͷ౸ண ଞʹHTTP headerͷ౸ணΠϕϯτ
Proxy-Wasm Implementation in Envoy Ұ࿈ͷHTTPϦΫΤετϑϩʔʹର͢ΔWasm VM<->Envoyͷձϩά
Proxy-Wasm σϞ
4. Wasmͷ͜Ε͔Β
Wasmͷ͜Ε͔Β • πʔϧνΣΠϯͷख़ • ެࣜGoͷαϙʔτ • JITͷߴԽ! • ֤छProposalͷਐల •
Threads, Exceptions, GC, External Ref, etc.
Wasmͷ͜Ε͔Β • ϓϥάΠϯػߏͱͯ͠ͷWasmར༻ͷྲྀߦ • Envoy/Proxy-Wasm͕࠷ͨΔྫ • OpenPolicyAgentͳͲ͕࠾༻Λ࢝Ί͍ͯΔ • πʔϧνΣΠϯ͕ΑΓਐԽ(ଟݴޠԽ)͢ΕΑΓڧྗʹͳΔ •
ϥΠόϧͱͯ͠Lua?
Wasmͷ͜Ε͔Β • “ίϯςφ” ͱͯ͠ͷར༻ • Krustlet: https://github.com/krustlet/krustlet • WasmtimeΛར༻ͯ͠wasm32-wasiͳϓϩάϥϜΛK8sʹdeploy •
ϢʔβʔۭؒͰ࣮͞ΕͨΧʔωϧͱͯ͠ػೳ͢ΔͷͰ gVisorʹ͍ۙ
Wasmͷ͜Ε͔Β • WasmόΠφϦͷύοέʔδϯά • OCI Imageͱͯ͠WasmΛ֨ೲͯ͠ɺ(HelmHomebrewͳͲͱಉ༷) EnvoyʹΔͨΊͷWasmΛ֨ೲͨ͠OCIΠϝʔδͷ༷ॻ for Istio: https://github.com/solo-io/wasm/blob/master/spec/README.md
·ͱΊ
·ͱΊ • Wasmྑ͍ͱ͜ͲΓͷԾϚγϯ+όΠφϦϑΥʔϚοτͷ༷ • Export/Import functionʹΑΓՄೳੑແݶେ • WASIʹΑΓ࣮ࡍͷOSͰಈ͘Α͏ͳϓϩάϥϜ͕ॻ͚Δ • Wasmࣗମ/πʔϧνΣΠϯ·ͩ·ͩൃల్্
• ͑Δݴޠػೳʹ੍ݶɿݱঢ়ؾʹ͢Δ͖ϙΠϯτ͕ͨ͘͞Μ • Proxy-WasmWasmΛͬͨNetwork proxyͷ֦ுػೳͷϓϩδΣΫτ • ϓϥάΠϯػߏͱͯ͠ͷWasmར༻͏ՄೳͳϑΣʔζ
ࠓ{͞,ͤ}ͳ͔ͬͨ͜ͱ • ಠࣗͷABIʹैͬͨHostڥ/SDK։ൃͷਏ͞ • ύϑΥʔϚϯεͷ (LuaͱൺͯͲ͏ͳͷʂʁΈ͍ͨͳ) • ࠷ۙͷProposalͷ • ϑϩϯτΤϯυWasmͷ
(શ͘ઐ͡Όͳ͍ͷͰ͢Έ·ͤΜ…)
Software Design 20213݄߸ʹࠓͷʹ͍ͭͯͷهࣄΛدߘ͠·ͨ͠ʂ
We are hiring! https://www.tetrate.io/careers/ Work Anytime and Anywhere + Unlimited
paid time off