$30 off During Our Annual Pro Sale. View Details »

WebAssemblyの現状と展望 ~言語ツールチェインからWASIまで~

mathetake
August 24, 2021
14
3.7k

WebAssemblyの現状と展望 ~言語ツールチェインからWASIまで~

Infra Study 2nd #4「セキュリティエンジニアリングの世界」 https://forkwell.connpass.com/event/219136/

mathetake

August 24, 2021
Tweet

More Decks by mathetake

See All by mathetake
CGO-less Foreign Function Interface With WebAssembly
mathetake
4
530
Isolated multiple trust domain mTLS in Envoy and Istio
mathetake
2
910
Wasmで広がるEnvoyとIstioの世界
mathetake
7
3.3k
Proxy-Wasm: Wasmを利用したPlugin機構の開発
mathetake
3
1.4k
Proxy-Wasm: エッジでのWasm研究開発最先端
mathetake
8
2.1k
Introduction to Flagger
mathetake
5
4.8k

Featured

See All Featured
Embracing the Ebb and Flow
colly
77
3.8k
VelocityConf: Rendering Performance Case Studies
addyosmani
319
23k
Intergalactic Javascript Robots from Outer Space
tanoku
264
26k
Code Reviewing Like a Champion
maltzj
511
38k
Side Projects
sachag
450
39k
A Tale of Four Properties
chriscoyier
150
22k
GraphQLの誤解/rethinking-graphql
sonatard
45
8.7k
Music & Morning Musume
bryan
38
5.2k
Debugging Ruby Performance
tmm1
68
11k
Fantastic passwords and where to find them - at NoRuKo
philnash
34
2.2k
Designing on Purpose - Digital PM Summit 2013
jponch
108
6.2k
Making the Leap to Tech Lead
cromwellryan
120
8.2k

Transcript

  1. Takeshi Yoneda, Software Engineer, Tetrate.io
    Infra Study 2nd #4ʮηΩϡϦςΟΤϯδχΞϦϯάͷੈքʯ
    WebAssemblyͷݱঢ়ͱల๬
    ~ݴޠπʔϧνΣΠϯ͔ΒWASI·Ͱ~

    View Slide

  2. • Takeshi Yoneda (Ϛελέ) / Twitter, Github: @mathetake
    • Software Engineer at Tetrate.io
    • OSS dev: Envoy, Istio, Proxy-Wasm.
    • Stable maintainer of Envoy
    • C++ maintainer of Proxy-Wasm project
    • Creator of Go, Zig SDK for Proxy-Wasm
    • Contributor of V8, Ziglang, TinyGo, etc.
    whoami

    View Slide

  3. 1. Introduction to WebAssembly (Wasm)
    2. WasmͱݴޠπʔϧνΣΠϯ
    3. Proxy-Wasm ABI: Envoy with Wasm VMs
    4. Wasmͷ͜Ε͔Β
    Agenda

    View Slide

  4. 1. Introduction to WebAssembly

    View Slide

  5. WebAssembly design goals
    • Safe
    • UntrustedͳίʔυΛ҆શʹ࣮ߦՄೳ
    • Language-independent (Polyglot)
    • Portable
    • ೚ҙͷҰൠతͳϋʔυ΢ΣΞ্ͰαϙʔτՄ
    • Platform-independent
    • ϒϥ΢β͚ͩͰͳ͘೚ҙͷ؀ڥ(e.g. OS)ʹຒΊࠐΊΔ
    • Open
    • WebAssemblyͱϗετ؀ڥͷؒͷAPI͕Φʔϓϯ
    https://webassembly.github.io/spec/core/intro/introduction.html

    View Slide

  6. Why Wasm is innovative?
    Why WebAssembly is innovative even outside the browser: https://www.tetrate.io/blog/wasm-outside-the-browser/

    View Slide

  7. • Stack-basedͳԾ૝ϚγϯͱόΠφϦͷ࢓༷
    • ݩʑ͸JavaScriptͷߴ଎Խ͕໨త
    • asm.js -> WebAssembly(Wasm)΁ͱਐԽ
    • ࢓༷ΛಡΊ͹෼͔Δ͕Ұݴ΋ “host” ΁ͷཁٻ͕ͳ͍
    • Portable, Platform-agnostic, Open-ended
    • Run at near-native speed: ΊͬͪΌ଎͍(※࣮૷ʹΑΔ)
    • Security: ελοΫ͕ϓϩάϥϜ͔Βݟ͑ͳ͍ͱ͔ͦ͏͍͏ͷ
    WebAssembly 101

    View Slide

  8. • ଟ͘ͷݴޠ͔ΒίϯύΠϧՄೳ: C, C++, Rust, Go, AssemblyScript, Zig, etc.
    WebAssembly 101

    View Slide

  9. • Import Functions: ผ໊Hostؔ਺
    • WasmͷϓϩάϥϜΛ࣮ߦ͢Δϗε
    τଆͰ࣮૷(ఏڙ)͞ΕΔؔ਺
    • Export Functions
    • WasmͷϓϩάϥϜ಺Ͱ࣮૷͞Εɺ
    ϗετଆͰར༻Մೳͳؔ਺
    WebAssembly 101: Import / Export functions

    View Slide

  10. WebAssembly in browsers
    V8 engine
    my.wasm
    Export function
    void changevalue()
    Export function
    int64_t myvalue()
    mycode.js*
    *ٖࣅίʔυͰ͢
    Wasm΁ίϯύΠϧ

    View Slide

  11. WebAssembly in browsers
    V8 engine
    my.wasm
    Import function
    void
    console_print(int64_t)
    Import function
    int64_t
    get_timestamp()
    mycode.js*
    Export function
    void myfunc()
    Wasm΁ίϯύΠϧ
    *ٖࣅίʔυͰ͢

    View Slide

  12. • Import/Export functionsͷ࢓༷Λࡦఆ => ༷ʑͳϗετʹຒΊࠐΈՄೳ
    • POSIX APIͷΑ͏ͳImport functionsͷ࢓༷Λ࡞ͬͨΒศརͦ͏
    • Wasm΁ͷίϯύΠϥ/ඪ४ϥΠϒϥϦͷPlatformλʔήοτ
    • WasmͷϓϩάϥϜ͕ී௨ͷlinux/amd64όΠφϦͷΑ͏ʹৼΔ෣͑Δ
    WebAssembly 101: Import / Export functions

    View Slide

  13. WebAssembly 101
    > hello world!
    syscalls
    Target: linux/riscv64, darwin/arm64, windows/amd64

    View Slide

  14. WebAssembly 101
    > hello world!
    Import
    functions
    Target: ????/wasm32

    View Slide

  15. WebAssembly 101: WASI
    Import
    functions
    > hello world!
    Target: wasi/wasm32

    View Slide

  16. • WasmͱHost OSؒͷPOSIX APIͷΑ͏ͳImport Functionsͷ࢓༷
    WASI (WebAssembly System Interface)
    https://hacks.mozilla.org/2019/03/standardizing-wasi-a-webassembly-system-interface/

    View Slide

  17. • WASIΛ࣮૷ͨ͠ϥϯλΠϜ͕ొ৔
    • WAVM, Wasmtime, Wasmer, Lucet, ౳ʑ
    • Envoy΋WASIͷҰ෦system callΛαϙʔτ
    • “ී௨ͷϓϩηε”ͱಉ͡Α͏ʹWasm͕ಈ͘Α͏ʹͳΔ
    • KrustletͳͲͷ໺৺తϓϩδΣΫτͷొ৔
    Wasm/WASI Runtimes

    View Slide

  18. WebAssembly 101: WASI
    Import
    functions
    > hello world!
    Target: wasi/wasm32

    View Slide

  19. WebAssembly 101: WASI

    View Slide

  20. • ͓͞Β͍: Import/Export functionsͷ࢓༷Α༷ͬͯʑͳHost؀ڥΛ࡞ΕΔ
    • ࢓༷ = ABI (Application Binary Interface)ͱݺͿ
    • WASI = OS/SystemcallपΓͷABI
    • Compileͷඪ४తͳλʔήοτͱͳΔ: linux/amd64 <> wasi/wasm32
    Wasm outside the web browsers
    WASI
    Linux / Darwin / Windows / …
    Wasm Virtual Machine

    View Slide

  21. • WASIʹݶΒ༷ͣʑͳABI͕ొ৔
    • Blockchain༻ͷABI, k8s֦ு༻ͷABI, Proxy-Wasm, etc.
    • ѥछABIͷRuntime͸WASI΋࣮૷͍ͯ͠Δ͜ͱ͕ଟ͍
    • E.g. Envoy͸ wasi/wasm32޲͚ͷWasmόΠφϦΛαϙʔτ
    Wasm outside the web browsers
    WASI Proxy-Wasm
    Envoy / Nginx / ATS / …
    Wasm Virtual Machine

    View Slide

  22. 2. WasmͱݴޠπʔϧνΣΠϯ
    ~18:30

    View Slide

  23. Supported languages
    https://blog.scottlogic.com/2021/06/21/state-of-wasm.html

    View Slide

  24. • Rust, Zig
    • ެࣜͷݴޠπʔϧνΣΠϯ͕wasm32-{unknown,wasi}Λαϙʔτ
    • C/C++
    • Clang: wasm32-{unknown,wasi}λʔήοτΛαϙʔτ
    • Emscripten: ࣮࣭Clangͷwrapper, ศརϨΠϠʔͷ௥Ճ
    Toolchains - Rust, C, C++, Zig

    View Slide

  25. • C++ exception͕࢖͑ͳ͍: “-fno-exceptions” flag͕ඞਢ
    • Emscriptenಛ༗ͷABI͕ଘࡏ͢ΔͷͰαϙʔτՄͰ͸͋Δ
    • Hostଆͷtry-catchΛ࢖ͬͯtranslate
    • ͢΂ͯͷtry-catchʹରͯ͠Hostؔ਺ΛݺͿͷͰoverheadେ
    • ཧ༝͸ޙड़
    Toolchains - C++ Limitations

    View Slide

  26. • panic::recover, panic::catch_unwind͕࢖͑ͳ͍
    • panic!͔Βͷ෮چ͸ෆՄೳ
    • ಺෦తʹ͸proc_exit(1)ΛݺΜͰ͍Δ
    • C++ͷྫ֎ͱಉ༷ͷཧ༝(ޙड़)
    Toolchains - Rust Limitations

    View Slide

  27. • 2ͭͷίϯύΠϥ͕࢖͑Δ: ެࣜ, TinyGo
    • ެࣜ: GOOS=js GOARCH=wasmͷΈαϙʔτ: ❌WASI
    • GoಠࣗͷJavaScript ABIΛϗετଆͰαϙʔτ͠ͳ͍ͱ͍͚ͳ͍
    • GoͷݴޠϥϯλΠϜ͕JavaScriptͷ࣮૷ʹີ݁߹ (e.g. Goroutineͷ࣮૷)
    • TinyGo: wasm32-{unknown, wasi}ͲͪΒ΋αϙʔτ
    • Runtime͕ඇৗʹ͍ܰͷͰόΠφϦαΠζ͕খ͍͞
    Toolchains - Go

    View Slide

  28. Toolchains - TinyGo’s WASI target
    https://github.com/tinygo-org/tinygo/pull/1373

    View Slide

  29. • ݱঢ়JS؀ڥલఏͷWasmλʔήοτ
    • WASIͳόΠφϦ͸ੜ੒Ͱ͖ͳ͍
    • Baremetal΋౰વແཧ = GoͷϥϯλΠϜͷ͍ͤ
    • WASIαϙʔτʹ޲͚ͨIssue: #25612, #31105, #38248
    • ॴײ: Ұੜαϙʔτ͞Εͳ͍ͷͰ͸(෦෼తʹ͸͋ͱ2ʙ4೥ͳΒߦ͚ͦ͏)
    • ෦෼త = WASIʹ͸2ͭͷABI͕ଘࡏ, ยํ͸αϙʔτ͞ΕΔͷͰ͸?
    • ΋͏Ұํ͸ݪཧతʹGoroutine/Channel͕࣮૷ෆՄೳͳͷͰແཧͩͱ༧૝
    Toolchains - Go: Official WASI support

    View Slide

  30. • ࢖͑ͳ͍ύοέʔδ͕ଟʑ͋Δ: e.g. encoding/json
    • ݪҼ: Reflectionͷ࣮૷ͷҧ͍(=ݴޠͷ࣮૷͕ҧ͏ͷͰ౰ͨΓલ)
    • ݱࡏਐߦܥͰ͍Ζ͍Ζվળ͞Ε͍ͯΔ
    • recover()͕ະ࣮૷: panic͔Β෮چͰ͖ͳ͍
    • ࣮૷͞Εͨͱͯ͠΋, C++ྫ֎ͱಉ༷ͷཧ༝ͰWasm͸ର৅֎(ޙड़)
    • WASIͷABIʹΑͬͯ͸Goroutine/channel͕࢖͑ͳ͍(ޙड़)
    • Goroutine/channel(ਖ਼֬ʹ͸scheduler)Λdisableͯ͠compile͕Ͱ͖Δͷ͕ྑ͍
    Toolchains - TinyGo limitations

    View Slide

  31. • WASIʹ͸2ͭͷ“Application ABI”͕ଘࡏ
    • WASI Command: ௨ৗͷexecutableͱಉ֓͡೦
    • _start symbol͕Runtimeʹ࣮ߦ͞ΕΔ: ݴޠ࣮૷తʹ͸ͦͷதͰuser definedͳmainؔ਺ΛݺͿ
    • exitͨ͠ΒͦͷVM΋ഁغ
    • WASI Reactor: Event drivenͳruntimeͰ࢖ΘΕΔ (e.g. Envoy proxy)
    • _initialize symbol͕Runtimeʹ࣮ߦ͞ΕVM಺෦ॳظԽ͢Δ(C++ͷctorsݺͼग़͠ͱ͔)
    • _initializeΛൈ͚ͨ͋ͱVMΛഁغ͠ͳ͍
    • export͞Εͨؔ਺ΛRuntime͕ୟ͘͜ͱͰԿ౓΋VMʹcall in͢Δ
    WASI command vs WASI reactor
    https://github.com/WebAssembly/WASI/blob/main/design/application-abi.md

    View Slide

  32. • TinyGo͸Command/Reactorͱͯ͠ͷόΠφϦΛు͚Δ*
    • Reactorͱͯ͠࢖ΘΕΔ৔߹:
    • schedulerͷ֓೦͕ͿͬඈͿͷͰchannel, goroutine͕࢖͑ͳ͍
    • ެࣜGo͸Commandͱͯ͠ͷWASIͰ͋Ε͹αϙʔτ͢Δະདྷ͕དྷΔ͔΋?
    • Reactorͷ৔߹͸scheduler͕ͳ͍, ݴޠ࢓༷(?)Λຬͨͤͳ͍
    • Commandͩͱ೚ҙͷؔ਺Λexportͯ͠ϗετͱ͓஻Γͯ͠ɺͱ͍͏ͷ͕Ͱ͖ͳ͍
    • Ϣʔεέʔε͕ݶΒΕ͍ͯΔ
    Toolchains - Go
    *ਖ਼֬ʹ͸command͕ͩexit͠ͳ͍ͱ͍͏ಛघͳ_startؔ਺ͷ࣮૷ʹͳ͍ͬͯΔ(๻͕ͦ͏࣮૷ͯ͠͠·ͬͨͷͰ௚ͨ͠΄͏͕͍͍ΜͩΑͳ͋…)

    View Slide

  33. • https://github.com/WebAssembly/wasi-libc
    • A libc for WebAssembly based on WASI system calls.
    • Rust, C, C++, Zig, TinyGo͸wasi-libcͱ(fully-)static linkͯ͠όΠφϦΛੜ੒
    • ެࣜϏϧυ͸dlmalloc͕allocatorͱ͍͖ͯͭͯͯ͠͠·͏
    • ΧελϜallocatorͱซ༻ෆՄ: Heap͕Ԛછ͞ΕΔ
    • WASI SDK: https://github.com/WebAssembly/wasi-sdk
    • C/C++޲͚ͷϏϧυࡁΈWASI libc
    Toolchains - WASI libc

    View Slide

  34. • lldͷWasm޲͚ͷport
    • Rust, C/C++, TinyGo, Zig͸಺෦తʹwasm-ldΛ࢖ͬͯ࠷ऴόΠφϦΛੜ੒
    • ΦϒδΣΫτϑΥʔϚοτ͸Wasmࣗମͷ࢓༷ͷதʹ͸ͳ͍
    • https://github.com/WebAssembly/tool-conventions/blob/main/Linking.md
    Toolchains - wasm-ld

    View Slide

  35. • Wasmͷσόά͸೉͍͠
    • ݱߦͷ࢓༷Ͱ͸Userۭ͔ؒΒ͸Stack͕ݟ͑ͳ͍
    • StacktraceΛऔಘͨ͠Γunwindingͨ͠Γ͕ݴޠϨϕϧͰ࣮૷ෆՄೳ
    • Proposal͕ਐߦத͕ͩΨοπϦॻ͖௚͞ΕͨΓͯ͠Δ: ·ͩ·͔͔ͩ࣌ؒΓͦ͏
    • ͜Ε͕C++ྫ֎΍Rustͷpanic::*, Goͷrecover͕࣮૷ෆՄೳͳཧ༝
    • DWARFͷWasm޲͚ͷ࢓༷͕ެ։͞ΕͯΔ
    • DWARFͷ࢓༷ͷΞυϨεͷҙຯΛม͑ͨ΋ͷͳͷͰ΄΅ಉҰ
    • ݱঢ়αϙʔτͰ͖ͯΔϗετ؀ڥ͸΄΅ͳ͍: Chrome͙Β͍?
    Debugging Wasm

    View Slide

  36. Debugging Wasm
    Stacktrace͸ϗετଆͰ࣮૷͢Δ͔͠ͳ͘, ͦͷ৔߹mangle͞Εͨsymbol໊ͱ໋ྩΞυϨε͔͠औΕͳ͍ͷͰ͜Μͳײ͡ʹͳͬͯ͠·͏
    https://github.com/proxy-wasm/proxy-wasm-cpp-host/issues/149

    View Slide

  37. 3. Proxy-Wasm ABI: Envoy with Wasm VMs

    View Slide

  38. • Proxy-Wasm: Envoy/IstioൃͷϓϩδΣΫτ: https://github.com/proxy-wasm/spec
    • ϓϩΩγαʔόΛ֦ு͢ΔͨΊͷImport/Exportؔ਺ͷ࢓༷
    • ྫ: httpͷΠϕϯτຖʹWasm͔Βexport͞Εͨؔ਺ʹ࿩͔͚͠Δ
    • Proxy-Wasmͷhost͸WASI΋࣮૷ => Compileλʔήοτͱͯ͠͸wasm32-wasi
    Proxy-Wasm: Wasm ABI for network proxies
    WASI Proxy-Wasm
    Envoy / Nginx / ATS / …
    Wasm Virtual Machine

    View Slide

  39. • ݱঢ়5ͭͷݴޠͷSDK͕ଘࡏ
    • C++, Rust by Google
    • Go (TinyGo) by Tetrate
    • ๻ͷझຯϓϩδΣΫτ͕࢓ࣄʹͳΓ·ͨ͠
    • AssemblyScript by Solo.io
    • Ziglang by ๻
    Proxy-Wasm: Wasm ABI for network proxies

    View Slide

  40. Proxy-Wasm Implementation in Envoy
    TCPύέοτͷ౸ண
    ଞʹ΋HTTP headerͷ౸ணΠϕϯτ౳

    View Slide

  41. Proxy-Wasm Implementation in Envoy
    Ұ࿈ͷHTTPϦΫΤετϑϩʔʹର͢ΔWasm VM<->Envoyͷձ࿩ϩά

    View Slide

  42. Proxy-Wasm
    σϞ

    View Slide

  43. 4. Wasmͷ͜Ε͔Β

    View Slide

  44. Wasmͷ͜Ε͔Β
    • πʔϧνΣΠϯͷ੒ख़
    • ެࣜGoͷαϙʔτ౳
    • JITͷߴ଎Խ!
    • ֤छProposalͷਐల
    • Threads, Exceptions, GC, External Ref, etc.

    View Slide

  45. Wasmͷ͜Ε͔Β
    • ϓϥάΠϯػߏͱͯ͠ͷWasmར༻ͷྲྀߦ
    • Envoy/Proxy-Wasm͕࠷ͨΔྫ
    • OpenPolicyAgentͳͲ͕࠾༻Λ࢝Ί͍ͯΔ
    • πʔϧνΣΠϯ͕ΑΓਐԽ(ଟݴޠԽ)͢Ε͹ΑΓڧྗʹͳΔ
    • ϥΠόϧͱͯ͠͸Lua?

    View Slide

  46. Wasmͷ͜Ε͔Β
    • “ίϯςφ” ͱͯ͠ͷར༻
    • Krustlet: https://github.com/krustlet/krustlet
    • WasmtimeΛར༻ͯ͠wasm32-wasiͳϓϩάϥϜΛK8s಺ʹdeploy
    • ϢʔβʔۭؒͰ࣮૷͞ΕͨΧʔωϧͱͯ͠ػೳ͢ΔͷͰ gVisorʹ͍ۙ

    View Slide

  47. Wasmͷ͜Ε͔Β
    • WasmόΠφϦͷύοέʔδϯά
    • OCI Imageͱͯ͠WasmΛ֨ೲͯ͠ɺ഑෍(Helm΍HomebrewͳͲͱಉ༷)
    Envoyʹ഑ΔͨΊͷWasmΛ֨ೲͨ͠OCIΠϝʔδͷ࢓༷ॻ for Istio: https://github.com/solo-io/wasm/blob/master/spec/README.md

    View Slide

  48. ·ͱΊ

    View Slide

  49. ·ͱΊ
    • Wasm͸ྑ͍ͱ͜ͲΓͷԾ૝Ϛγϯ+όΠφϦϑΥʔϚοτͷ࢓༷
    • Export/Import functionʹΑΓՄೳੑ͸ແݶେ
    • WASIʹΑΓ࣮ࡍͷOSͰಈ͘Α͏ͳϓϩάϥϜ͕ॻ͚Δ
    • Wasmࣗମ/πʔϧνΣΠϯ͸·ͩ·ͩൃల్্
    • ࢖͑Δݴޠ΍ػೳʹ੍ݶɿݱঢ়ؾʹ͢Δ΂͖ϙΠϯτ͕ͨ͘͞Μ
    • Proxy-Wasm͸WasmΛ࢖ͬͨNetwork proxyͷ֦ுػೳͷϓϩδΣΫτ
    • ϓϥάΠϯػߏͱͯ͠ͷWasmར༻͸΋͏ՄೳͳϑΣʔζ

    View Slide

  50. ࠓ೔࿩{͞,ͤ}ͳ͔ͬͨ͜ͱ
    • ಠࣗͷABIʹैͬͨHost؀ڥ/SDK։ൃͷਏ͞
    • ύϑΥʔϚϯεͷ࿩ (Luaͱൺ΂ͯͲ͏ͳͷʂʁΈ͍ͨͳ࿩)
    • ࠷ۙͷProposalͷ࿩
    • ϑϩϯτΤϯυWasmͷ࿩ (શ͘ઐ໳͡Όͳ͍ͷͰ͢Έ·ͤΜ…)

    View Slide

  51. Software Design 2021೥3݄߸ʹࠓ೔ͷ࿩୊ʹ͍ͭͯͷهࣄΛدߘ͠·ͨ͠ʂ

    View Slide

  52. We are hiring! https://www.tetrate.io/careers/
    Work Anytime and Anywhere + Unlimited paid time off

    View Slide