Upgrade to Pro — share decks privately, control downloads, hide ads and more …

WebAssemblyの現状と展望 ~言語ツールチェインからWASIまで~

mathetake
August 24, 2021
15
4.1k

WebAssemblyの現状と展望 ~言語ツールチェインからWASIまで~

Infra Study 2nd #4「セキュリティエンジニアリングの世界」 https://forkwell.connpass.com/event/219136/

mathetake

August 24, 2021
Tweet

More Decks by mathetake

See All by mathetake
CGO-less Foreign Function Interface With WebAssembly
mathetake
4
680
Isolated multiple trust domain mTLS in Envoy and Istio
mathetake
2
1.1k
Wasmで広がるEnvoyとIstioの世界
mathetake
7
3.7k
Proxy-Wasm: Wasmを利用したPlugin機構の開発
mathetake
3
1.6k
Proxy-Wasm: エッジでのWasm研究開発最先端
mathetake
8
2.4k
Introduction to Flagger
mathetake
5
5.1k

Featured

See All Featured
The MySQL Ecosystem @ GitHub 2015
samlambert
250
12k
Building a Scalable Design System with Sketch
lauravandoore
459
33k
Reflections from 52 weeks, 52 projects
jeffersonlam
346
20k
Build your cross-platform service in a week with App Engine
jlugia
229
18k
Practical Orchestrator
shlominoach
186
10k
Into the Great Unknown - MozCon
thekraken
32
1.5k
YesSQL, Process and Tooling at Scale
rocio
169
14k
Site-Speed That Sticks
csswizardry
0
23
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
26
2.1k
Writing Fast Ruby
sferik
627
61k
Large-scale JavaScript Application Architecture
addyosmani
510
110k
Docker and Python
trallard
40
3.1k

Transcript

  1. Takeshi Yoneda, Software Engineer, Tetrate.io Infra Study 2nd #4ʮηΩϡϦςΟΤϯδχΞϦϯάͷੈքʯ WebAssemblyͷݱঢ়ͱల๬

    ~ݴޠπʔϧνΣΠϯ͔ΒWASI·Ͱ~

  2. • Takeshi Yoneda (Ϛελέ) / Twitter, Github: @mathetake • Software

    Engineer at Tetrate.io • OSS dev: Envoy, Istio, Proxy-Wasm. • Stable maintainer of Envoy • C++ maintainer of Proxy-Wasm project • Creator of Go, Zig SDK for Proxy-Wasm • Contributor of V8, Ziglang, TinyGo, etc. whoami

  3. 1. Introduction to WebAssembly (Wasm) 2. WasmͱݴޠπʔϧνΣΠϯ 3. Proxy-Wasm ABI:

    Envoy with Wasm VMs 4. Wasmͷ͜Ε͔Β Agenda

  4. 1. Introduction to WebAssembly

  5. WebAssembly design goals • Safe • UntrustedͳίʔυΛ҆શʹ࣮ߦՄೳ • Language-independent (Polyglot)

    • Portable • ೚ҙͷҰൠతͳϋʔυ΢ΣΞ্ͰαϙʔτՄ • Platform-independent • ϒϥ΢β͚ͩͰͳ͘೚ҙͷ؀ڥ(e.g. OS)ʹຒΊࠐΊΔ • Open • WebAssemblyͱϗετ؀ڥͷؒͷAPI͕Φʔϓϯ https://webassembly.github.io/spec/core/intro/introduction.html

  6. Why Wasm is innovative? Why WebAssembly is innovative even outside

    the browser: https://www.tetrate.io/blog/wasm-outside-the-browser/

  7. • Stack-basedͳԾ૝ϚγϯͱόΠφϦͷ࢓༷ • ݩʑ͸JavaScriptͷߴ଎Խ͕໨త • asm.js -> WebAssembly(Wasm)΁ͱਐԽ • ࢓༷ΛಡΊ͹෼͔Δ͕Ұݴ΋

    “host” ΁ͷཁٻ͕ͳ͍ • Portable, Platform-agnostic, Open-ended • Run at near-native speed: ΊͬͪΌ଎͍(※࣮૷ʹΑΔ) • Security: ελοΫ͕ϓϩάϥϜ͔Βݟ͑ͳ͍ͱ͔ͦ͏͍͏ͷ WebAssembly 101

  8. • ଟ͘ͷݴޠ͔ΒίϯύΠϧՄೳ: C, C++, Rust, Go, AssemblyScript, Zig, etc. WebAssembly

    101

  9. • Import Functions: ผ໊Hostؔ਺ • WasmͷϓϩάϥϜΛ࣮ߦ͢Δϗε τଆͰ࣮૷(ఏڙ)͞ΕΔؔ਺ • Export Functions

    • WasmͷϓϩάϥϜ಺Ͱ࣮૷͞Εɺ ϗετଆͰར༻Մೳͳؔ਺ WebAssembly 101: Import / Export functions

  10. WebAssembly in browsers V8 engine my.wasm Export function void changevalue()

    Export function int64_t myvalue() mycode.js* *ٖࣅίʔυͰ͢ Wasm΁ίϯύΠϧ

  11. WebAssembly in browsers V8 engine my.wasm Import function void console_print(int64_t)

    Import function int64_t get_timestamp() mycode.js* Export function void myfunc() Wasm΁ίϯύΠϧ *ٖࣅίʔυͰ͢

  12. • Import/Export functionsͷ࢓༷Λࡦఆ => ༷ʑͳϗετʹຒΊࠐΈՄೳ • POSIX APIͷΑ͏ͳImport functionsͷ࢓༷Λ࡞ͬͨΒศརͦ͏ •

    Wasm΁ͷίϯύΠϥ/ඪ४ϥΠϒϥϦͷPlatformλʔήοτ • WasmͷϓϩάϥϜ͕ී௨ͷlinux/amd64όΠφϦͷΑ͏ʹৼΔ෣͑Δ WebAssembly 101: Import / Export functions

  13. WebAssembly 101 > hello world! syscalls Target: linux/riscv64, darwin/arm64, windows/amd64

  14. WebAssembly 101 > hello world! Import functions Target: ????/wasm32

  15. WebAssembly 101: WASI Import functions > hello world! Target: wasi/wasm32

  16. • WasmͱHost OSؒͷPOSIX APIͷΑ͏ͳImport Functionsͷ࢓༷ WASI (WebAssembly System Interface) https://hacks.mozilla.org/2019/03/standardizing-wasi-a-webassembly-system-interface/

  17. • WASIΛ࣮૷ͨ͠ϥϯλΠϜ͕ొ৔ • WAVM, Wasmtime, Wasmer, Lucet, ౳ʑ • Envoy΋WASIͷҰ෦system

    callΛαϙʔτ • “ී௨ͷϓϩηε”ͱಉ͡Α͏ʹWasm͕ಈ͘Α͏ʹͳΔ • KrustletͳͲͷ໺৺తϓϩδΣΫτͷొ৔ Wasm/WASI Runtimes

  18. WebAssembly 101: WASI Import functions > hello world! Target: wasi/wasm32

  19. WebAssembly 101: WASI

  20. • ͓͞Β͍: Import/Export functionsͷ࢓༷Α༷ͬͯʑͳHost؀ڥΛ࡞ΕΔ • ࢓༷ = ABI (Application Binary

    Interface)ͱݺͿ • WASI = OS/SystemcallपΓͷABI • Compileͷඪ४తͳλʔήοτͱͳΔ: linux/amd64 <> wasi/wasm32 Wasm outside the web browsers WASI Linux / Darwin / Windows / … Wasm Virtual Machine

  21. • WASIʹݶΒ༷ͣʑͳABI͕ొ৔ • Blockchain༻ͷABI, k8s֦ு༻ͷABI, Proxy-Wasm, etc. • ѥछABIͷRuntime͸WASI΋࣮૷͍ͯ͠Δ͜ͱ͕ଟ͍ •

    E.g. Envoy͸ wasi/wasm32޲͚ͷWasmόΠφϦΛαϙʔτ Wasm outside the web browsers WASI Proxy-Wasm Envoy / Nginx / ATS / … Wasm Virtual Machine

  22. 2. WasmͱݴޠπʔϧνΣΠϯ ~18:30

  23. Supported languages https://blog.scottlogic.com/2021/06/21/state-of-wasm.html

  24. • Rust, Zig • ެࣜͷݴޠπʔϧνΣΠϯ͕wasm32-{unknown,wasi}Λαϙʔτ • C/C++ • Clang: wasm32-{unknown,wasi}λʔήοτΛαϙʔτ

    • Emscripten: ࣮࣭Clangͷwrapper, ศརϨΠϠʔͷ௥Ճ Toolchains - Rust, C, C++, Zig

  25. • C++ exception͕࢖͑ͳ͍: “-fno-exceptions” flag͕ඞਢ • Emscriptenಛ༗ͷABI͕ଘࡏ͢ΔͷͰαϙʔτՄͰ͸͋Δ • Hostଆͷtry-catchΛ࢖ͬͯtranslate •

    ͢΂ͯͷtry-catchʹରͯ͠Hostؔ਺ΛݺͿͷͰoverheadେ • ཧ༝͸ޙड़ Toolchains - C++ Limitations

  26. • panic::recover, panic::catch_unwind͕࢖͑ͳ͍ • panic!͔Βͷ෮چ͸ෆՄೳ • ಺෦తʹ͸proc_exit(1)ΛݺΜͰ͍Δ • C++ͷྫ֎ͱಉ༷ͷཧ༝(ޙड़) Toolchains

    - Rust Limitations

  27. • 2ͭͷίϯύΠϥ͕࢖͑Δ: ެࣜ, TinyGo • ެࣜ: GOOS=js GOARCH=wasmͷΈαϙʔτ: ❌WASI •

    GoಠࣗͷJavaScript ABIΛϗετଆͰαϙʔτ͠ͳ͍ͱ͍͚ͳ͍ • GoͷݴޠϥϯλΠϜ͕JavaScriptͷ࣮૷ʹີ݁߹ (e.g. Goroutineͷ࣮૷) • TinyGo: wasm32-{unknown, wasi}ͲͪΒ΋αϙʔτ • Runtime͕ඇৗʹ͍ܰͷͰόΠφϦαΠζ͕খ͍͞ Toolchains - Go

  28. Toolchains - TinyGo’s WASI target https://github.com/tinygo-org/tinygo/pull/1373

  29. • ݱঢ়JS؀ڥલఏͷWasmλʔήοτ • WASIͳόΠφϦ͸ੜ੒Ͱ͖ͳ͍ • Baremetal΋౰વແཧ = GoͷϥϯλΠϜͷ͍ͤ • WASIαϙʔτʹ޲͚ͨIssue:

    #25612, #31105, #38248 • ॴײ: Ұੜαϙʔτ͞Εͳ͍ͷͰ͸(෦෼తʹ͸͋ͱ2ʙ4೥ͳΒߦ͚ͦ͏) • ෦෼త = WASIʹ͸2ͭͷABI͕ଘࡏ, ยํ͸αϙʔτ͞ΕΔͷͰ͸? • ΋͏Ұํ͸ݪཧతʹGoroutine/Channel͕࣮૷ෆՄೳͳͷͰແཧͩͱ༧૝ Toolchains - Go: Official WASI support

  30. • ࢖͑ͳ͍ύοέʔδ͕ଟʑ͋Δ: e.g. encoding/json • ݪҼ: Reflectionͷ࣮૷ͷҧ͍(=ݴޠͷ࣮૷͕ҧ͏ͷͰ౰ͨΓલ) • ݱࡏਐߦܥͰ͍Ζ͍Ζվળ͞Ε͍ͯΔ •

    recover()͕ະ࣮૷: panic͔Β෮چͰ͖ͳ͍ • ࣮૷͞Εͨͱͯ͠΋, C++ྫ֎ͱಉ༷ͷཧ༝ͰWasm͸ର৅֎(ޙड़) • WASIͷABIʹΑͬͯ͸Goroutine/channel͕࢖͑ͳ͍(ޙड़) • Goroutine/channel(ਖ਼֬ʹ͸scheduler)Λdisableͯ͠compile͕Ͱ͖Δͷ͕ྑ͍ Toolchains - TinyGo limitations

  31. • WASIʹ͸2ͭͷ“Application ABI”͕ଘࡏ • WASI Command: ௨ৗͷexecutableͱಉ֓͡೦ • _start symbol͕Runtimeʹ࣮ߦ͞ΕΔ:

    ݴޠ࣮૷తʹ͸ͦͷதͰuser definedͳmainؔ਺ΛݺͿ • exitͨ͠ΒͦͷVM΋ഁغ • WASI Reactor: Event drivenͳruntimeͰ࢖ΘΕΔ (e.g. Envoy proxy) • _initialize symbol͕Runtimeʹ࣮ߦ͞ΕVM಺෦ॳظԽ͢Δ(C++ͷctorsݺͼग़͠ͱ͔) • _initializeΛൈ͚ͨ͋ͱVMΛഁغ͠ͳ͍ • export͞Εͨؔ਺ΛRuntime͕ୟ͘͜ͱͰԿ౓΋VMʹcall in͢Δ WASI command vs WASI reactor https://github.com/WebAssembly/WASI/blob/main/design/application-abi.md

  32. • TinyGo͸Command/Reactorͱͯ͠ͷόΠφϦΛు͚Δ* • Reactorͱͯ͠࢖ΘΕΔ৔߹: • schedulerͷ֓೦͕ͿͬඈͿͷͰchannel, goroutine͕࢖͑ͳ͍ • ެࣜGo͸Commandͱͯ͠ͷWASIͰ͋Ε͹αϙʔτ͢Δະདྷ͕དྷΔ͔΋? •

    Reactorͷ৔߹͸scheduler͕ͳ͍, ݴޠ࢓༷(?)Λຬͨͤͳ͍ • Commandͩͱ೚ҙͷؔ਺Λexportͯ͠ϗετͱ͓஻Γͯ͠ɺͱ͍͏ͷ͕Ͱ͖ͳ͍ • Ϣʔεέʔε͕ݶΒΕ͍ͯΔ Toolchains - Go *ਖ਼֬ʹ͸command͕ͩexit͠ͳ͍ͱ͍͏ಛघͳ_startؔ਺ͷ࣮૷ʹͳ͍ͬͯΔ(๻͕ͦ͏࣮૷ͯ͠͠·ͬͨͷͰ௚ͨ͠΄͏͕͍͍ΜͩΑͳ͋…)

  33. • https://github.com/WebAssembly/wasi-libc • A libc for WebAssembly based on WASI

    system calls. • Rust, C, C++, Zig, TinyGo͸wasi-libcͱ(fully-)static linkͯ͠όΠφϦΛੜ੒ • ެࣜϏϧυ͸dlmalloc͕allocatorͱ͍͖ͯͭͯͯ͠͠·͏ • ΧελϜallocatorͱซ༻ෆՄ: Heap͕Ԛછ͞ΕΔ • WASI SDK: https://github.com/WebAssembly/wasi-sdk • C/C++޲͚ͷϏϧυࡁΈWASI libc Toolchains - WASI libc

  34. • lldͷWasm޲͚ͷport • Rust, C/C++, TinyGo, Zig͸಺෦తʹwasm-ldΛ࢖ͬͯ࠷ऴόΠφϦΛੜ੒ • ΦϒδΣΫτϑΥʔϚοτ͸Wasmࣗମͷ࢓༷ͷதʹ͸ͳ͍ •

    https://github.com/WebAssembly/tool-conventions/blob/main/Linking.md Toolchains - wasm-ld

  35. • Wasmͷσόά͸೉͍͠ • ݱߦͷ࢓༷Ͱ͸Userۭ͔ؒΒ͸Stack͕ݟ͑ͳ͍ • StacktraceΛऔಘͨ͠Γunwindingͨ͠Γ͕ݴޠϨϕϧͰ࣮૷ෆՄೳ • Proposal͕ਐߦத͕ͩΨοπϦॻ͖௚͞ΕͨΓͯ͠Δ: ·ͩ·͔͔ͩ࣌ؒΓͦ͏ •

    ͜Ε͕C++ྫ֎΍Rustͷpanic::*, Goͷrecover͕࣮૷ෆՄೳͳཧ༝ • DWARFͷWasm޲͚ͷ࢓༷͕ެ։͞ΕͯΔ • DWARFͷ࢓༷ͷΞυϨεͷҙຯΛม͑ͨ΋ͷͳͷͰ΄΅ಉҰ • ݱঢ়αϙʔτͰ͖ͯΔϗετ؀ڥ͸΄΅ͳ͍: Chrome͙Β͍? Debugging Wasm

  36. Debugging Wasm Stacktrace͸ϗετଆͰ࣮૷͢Δ͔͠ͳ͘, ͦͷ৔߹mangle͞Εͨsymbol໊ͱ໋ྩΞυϨε͔͠औΕͳ͍ͷͰ͜Μͳײ͡ʹͳͬͯ͠·͏ https://github.com/proxy-wasm/proxy-wasm-cpp-host/issues/149

  37. 3. Proxy-Wasm ABI: Envoy with Wasm VMs

  38. • Proxy-Wasm: Envoy/IstioൃͷϓϩδΣΫτ: https://github.com/proxy-wasm/spec • ϓϩΩγαʔόΛ֦ு͢ΔͨΊͷImport/Exportؔ਺ͷ࢓༷ • ྫ: httpͷΠϕϯτຖʹWasm͔Βexport͞Εͨؔ਺ʹ࿩͔͚͠Δ •

    Proxy-Wasmͷhost͸WASI΋࣮૷ => Compileλʔήοτͱͯ͠͸wasm32-wasi Proxy-Wasm: Wasm ABI for network proxies WASI Proxy-Wasm Envoy / Nginx / ATS / … Wasm Virtual Machine

  39. • ݱঢ়5ͭͷݴޠͷSDK͕ଘࡏ • C++, Rust by Google • Go (TinyGo)

    by Tetrate • ๻ͷझຯϓϩδΣΫτ͕࢓ࣄʹͳΓ·ͨ͠ • AssemblyScript by Solo.io • Ziglang by ๻ Proxy-Wasm: Wasm ABI for network proxies

  40. Proxy-Wasm Implementation in Envoy TCPύέοτͷ౸ண ଞʹ΋HTTP headerͷ౸ணΠϕϯτ౳

  41. Proxy-Wasm Implementation in Envoy Ұ࿈ͷHTTPϦΫΤετϑϩʔʹର͢ΔWasm VM<->Envoyͷձ࿩ϩά

  42. Proxy-Wasm σϞ

  43. 4. Wasmͷ͜Ε͔Β

  44. Wasmͷ͜Ε͔Β • πʔϧνΣΠϯͷ੒ख़ • ެࣜGoͷαϙʔτ౳ • JITͷߴ଎Խ! • ֤छProposalͷਐల •

    Threads, Exceptions, GC, External Ref, etc.

  45. Wasmͷ͜Ε͔Β • ϓϥάΠϯػߏͱͯ͠ͷWasmར༻ͷྲྀߦ • Envoy/Proxy-Wasm͕࠷ͨΔྫ • OpenPolicyAgentͳͲ͕࠾༻Λ࢝Ί͍ͯΔ • πʔϧνΣΠϯ͕ΑΓਐԽ(ଟݴޠԽ)͢Ε͹ΑΓڧྗʹͳΔ •

    ϥΠόϧͱͯ͠͸Lua?

  46. Wasmͷ͜Ε͔Β • “ίϯςφ” ͱͯ͠ͷར༻ • Krustlet: https://github.com/krustlet/krustlet • WasmtimeΛར༻ͯ͠wasm32-wasiͳϓϩάϥϜΛK8s಺ʹdeploy •

    ϢʔβʔۭؒͰ࣮૷͞ΕͨΧʔωϧͱͯ͠ػೳ͢ΔͷͰ gVisorʹ͍ۙ

  47. Wasmͷ͜Ε͔Β • WasmόΠφϦͷύοέʔδϯά • OCI Imageͱͯ͠WasmΛ֨ೲͯ͠ɺ഑෍(Helm΍HomebrewͳͲͱಉ༷) Envoyʹ഑ΔͨΊͷWasmΛ֨ೲͨ͠OCIΠϝʔδͷ࢓༷ॻ for Istio: https://github.com/solo-io/wasm/blob/master/spec/README.md

  48. ·ͱΊ

  49. ·ͱΊ • Wasm͸ྑ͍ͱ͜ͲΓͷԾ૝Ϛγϯ+όΠφϦϑΥʔϚοτͷ࢓༷ • Export/Import functionʹΑΓՄೳੑ͸ແݶେ • WASIʹΑΓ࣮ࡍͷOSͰಈ͘Α͏ͳϓϩάϥϜ͕ॻ͚Δ • Wasmࣗମ/πʔϧνΣΠϯ͸·ͩ·ͩൃల్্

    • ࢖͑Δݴޠ΍ػೳʹ੍ݶɿݱঢ়ؾʹ͢Δ΂͖ϙΠϯτ͕ͨ͘͞Μ • Proxy-Wasm͸WasmΛ࢖ͬͨNetwork proxyͷ֦ுػೳͷϓϩδΣΫτ • ϓϥάΠϯػߏͱͯ͠ͷWasmར༻͸΋͏ՄೳͳϑΣʔζ

  50. ࠓ೔࿩{͞,ͤ}ͳ͔ͬͨ͜ͱ • ಠࣗͷABIʹैͬͨHost؀ڥ/SDK։ൃͷਏ͞ • ύϑΥʔϚϯεͷ࿩ (Luaͱൺ΂ͯͲ͏ͳͷʂʁΈ͍ͨͳ࿩) • ࠷ۙͷProposalͷ࿩ • ϑϩϯτΤϯυWasmͷ࿩

    (શ͘ઐ໳͡Όͳ͍ͷͰ͢Έ·ͤΜ…)

  51. Software Design 2021೥3݄߸ʹࠓ೔ͷ࿩୊ʹ͍ͭͯͷهࣄΛدߘ͠·ͨ͠ʂ

  52. We are hiring! https://www.tetrate.io/careers/ Work Anytime and Anywhere + Unlimited

    paid time off