Slide 1

Slide 1 text

Takeshi Yoneda, Software Engineer, Tetrate.io Infra Study 2nd #4ʮηΩϡϦςΟΤϯδχΞϦϯάͷੈքʯ WebAssemblyͷݱঢ়ͱల๬ ~ݴޠπʔϧνΣΠϯ͔ΒWASI·Ͱ~

Slide 2

Slide 2 text

• Takeshi Yoneda (Ϛελέ) / Twitter, Github: @mathetake • Software Engineer at Tetrate.io • OSS dev: Envoy, Istio, Proxy-Wasm. • Stable maintainer of Envoy • C++ maintainer of Proxy-Wasm project • Creator of Go, Zig SDK for Proxy-Wasm • Contributor of V8, Ziglang, TinyGo, etc. whoami

Slide 3

Slide 3 text

1. Introduction to WebAssembly (Wasm) 2. WasmͱݴޠπʔϧνΣΠϯ 3. Proxy-Wasm ABI: Envoy with Wasm VMs 4. Wasmͷ͜Ε͔Β Agenda

Slide 4

Slide 4 text

1. Introduction to WebAssembly

Slide 5

Slide 5 text

WebAssembly design goals • Safe • UntrustedͳίʔυΛ҆શʹ࣮ߦՄೳ • Language-independent (Polyglot) • Portable • ೚ҙͷҰൠతͳϋʔυ΢ΣΞ্ͰαϙʔτՄ • Platform-independent • ϒϥ΢β͚ͩͰͳ͘೚ҙͷ؀ڥ(e.g. OS)ʹຒΊࠐΊΔ • Open • WebAssemblyͱϗετ؀ڥͷؒͷAPI͕Φʔϓϯ https://webassembly.github.io/spec/core/intro/introduction.html

Slide 6

Slide 6 text

Why Wasm is innovative? Why WebAssembly is innovative even outside the browser: https://www.tetrate.io/blog/wasm-outside-the-browser/

Slide 7

Slide 7 text

• Stack-basedͳԾ૝ϚγϯͱόΠφϦͷ࢓༷ • ݩʑ͸JavaScriptͷߴ଎Խ͕໨త • asm.js -> WebAssembly(Wasm)΁ͱਐԽ • ࢓༷ΛಡΊ͹෼͔Δ͕Ұݴ΋ “host” ΁ͷཁٻ͕ͳ͍ • Portable, Platform-agnostic, Open-ended • Run at near-native speed: ΊͬͪΌ଎͍(※࣮૷ʹΑΔ) • Security: ελοΫ͕ϓϩάϥϜ͔Βݟ͑ͳ͍ͱ͔ͦ͏͍͏ͷ WebAssembly 101

Slide 8

Slide 8 text

• ଟ͘ͷݴޠ͔ΒίϯύΠϧՄೳ: C, C++, Rust, Go, AssemblyScript, Zig, etc. WebAssembly 101

Slide 9

Slide 9 text

• Import Functions: ผ໊Hostؔ਺ • WasmͷϓϩάϥϜΛ࣮ߦ͢Δϗε τଆͰ࣮૷(ఏڙ)͞ΕΔؔ਺ • Export Functions • WasmͷϓϩάϥϜ಺Ͱ࣮૷͞Εɺ ϗετଆͰར༻Մೳͳؔ਺ WebAssembly 101: Import / Export functions

Slide 10

Slide 10 text

WebAssembly in browsers V8 engine my.wasm Export function void changevalue() Export function int64_t myvalue() mycode.js* *ٖࣅίʔυͰ͢ Wasm΁ίϯύΠϧ

Slide 11

Slide 11 text

WebAssembly in browsers V8 engine my.wasm Import function void console_print(int64_t) Import function int64_t get_timestamp() mycode.js* Export function void myfunc() Wasm΁ίϯύΠϧ *ٖࣅίʔυͰ͢

Slide 12

Slide 12 text

• Import/Export functionsͷ࢓༷Λࡦఆ => ༷ʑͳϗετʹຒΊࠐΈՄೳ • POSIX APIͷΑ͏ͳImport functionsͷ࢓༷Λ࡞ͬͨΒศརͦ͏ • Wasm΁ͷίϯύΠϥ/ඪ४ϥΠϒϥϦͷPlatformλʔήοτ • WasmͷϓϩάϥϜ͕ී௨ͷlinux/amd64όΠφϦͷΑ͏ʹৼΔ෣͑Δ WebAssembly 101: Import / Export functions

Slide 13

Slide 13 text

WebAssembly 101 > hello world! syscalls Target: linux/riscv64, darwin/arm64, windows/amd64

Slide 14

Slide 14 text

WebAssembly 101 > hello world! Import functions Target: ????/wasm32

Slide 15

Slide 15 text

WebAssembly 101: WASI Import functions > hello world! Target: wasi/wasm32

Slide 16

Slide 16 text

• WasmͱHost OSؒͷPOSIX APIͷΑ͏ͳImport Functionsͷ࢓༷ WASI (WebAssembly System Interface) https://hacks.mozilla.org/2019/03/standardizing-wasi-a-webassembly-system-interface/

Slide 17

Slide 17 text

• WASIΛ࣮૷ͨ͠ϥϯλΠϜ͕ొ৔ • WAVM, Wasmtime, Wasmer, Lucet, ౳ʑ • Envoy΋WASIͷҰ෦system callΛαϙʔτ • “ී௨ͷϓϩηε”ͱಉ͡Α͏ʹWasm͕ಈ͘Α͏ʹͳΔ • KrustletͳͲͷ໺৺తϓϩδΣΫτͷొ৔ Wasm/WASI Runtimes

Slide 18

Slide 18 text

WebAssembly 101: WASI Import functions > hello world! Target: wasi/wasm32

Slide 19

Slide 19 text

WebAssembly 101: WASI

Slide 20

Slide 20 text

• ͓͞Β͍: Import/Export functionsͷ࢓༷Α༷ͬͯʑͳHost؀ڥΛ࡞ΕΔ • ࢓༷ = ABI (Application Binary Interface)ͱݺͿ • WASI = OS/SystemcallपΓͷABI • Compileͷඪ४తͳλʔήοτͱͳΔ: linux/amd64 <> wasi/wasm32 Wasm outside the web browsers WASI Linux / Darwin / Windows / … Wasm Virtual Machine

Slide 21

Slide 21 text

• WASIʹݶΒ༷ͣʑͳABI͕ొ৔ • Blockchain༻ͷABI, k8s֦ு༻ͷABI, Proxy-Wasm, etc. • ѥछABIͷRuntime͸WASI΋࣮૷͍ͯ͠Δ͜ͱ͕ଟ͍ • E.g. Envoy͸ wasi/wasm32޲͚ͷWasmόΠφϦΛαϙʔτ Wasm outside the web browsers WASI Proxy-Wasm Envoy / Nginx / ATS / … Wasm Virtual Machine

Slide 22

Slide 22 text

2. WasmͱݴޠπʔϧνΣΠϯ ~18:30

Slide 23

Slide 23 text

Supported languages https://blog.scottlogic.com/2021/06/21/state-of-wasm.html

Slide 24

Slide 24 text

• Rust, Zig • ެࣜͷݴޠπʔϧνΣΠϯ͕wasm32-{unknown,wasi}Λαϙʔτ • C/C++ • Clang: wasm32-{unknown,wasi}λʔήοτΛαϙʔτ • Emscripten: ࣮࣭Clangͷwrapper, ศརϨΠϠʔͷ௥Ճ Toolchains - Rust, C, C++, Zig

Slide 25

Slide 25 text

• C++ exception͕࢖͑ͳ͍: “-fno-exceptions” flag͕ඞਢ • Emscriptenಛ༗ͷABI͕ଘࡏ͢ΔͷͰαϙʔτՄͰ͸͋Δ • Hostଆͷtry-catchΛ࢖ͬͯtranslate • ͢΂ͯͷtry-catchʹରͯ͠Hostؔ਺ΛݺͿͷͰoverheadେ • ཧ༝͸ޙड़ Toolchains - C++ Limitations

Slide 26

Slide 26 text

• panic::recover, panic::catch_unwind͕࢖͑ͳ͍ • panic!͔Βͷ෮چ͸ෆՄೳ • ಺෦తʹ͸proc_exit(1)ΛݺΜͰ͍Δ • C++ͷྫ֎ͱಉ༷ͷཧ༝(ޙड़) Toolchains - Rust Limitations

Slide 27

Slide 27 text

• 2ͭͷίϯύΠϥ͕࢖͑Δ: ެࣜ, TinyGo • ެࣜ: GOOS=js GOARCH=wasmͷΈαϙʔτ: ❌WASI • GoಠࣗͷJavaScript ABIΛϗετଆͰαϙʔτ͠ͳ͍ͱ͍͚ͳ͍ • GoͷݴޠϥϯλΠϜ͕JavaScriptͷ࣮૷ʹີ݁߹ (e.g. Goroutineͷ࣮૷) • TinyGo: wasm32-{unknown, wasi}ͲͪΒ΋αϙʔτ • Runtime͕ඇৗʹ͍ܰͷͰόΠφϦαΠζ͕খ͍͞ Toolchains - Go

Slide 28

Slide 28 text

Toolchains - TinyGo’s WASI target https://github.com/tinygo-org/tinygo/pull/1373

Slide 29

Slide 29 text

• ݱঢ়JS؀ڥલఏͷWasmλʔήοτ • WASIͳόΠφϦ͸ੜ੒Ͱ͖ͳ͍ • Baremetal΋౰વແཧ = GoͷϥϯλΠϜͷ͍ͤ • WASIαϙʔτʹ޲͚ͨIssue: #25612, #31105, #38248 • ॴײ: Ұੜαϙʔτ͞Εͳ͍ͷͰ͸(෦෼తʹ͸͋ͱ2ʙ4೥ͳΒߦ͚ͦ͏) • ෦෼త = WASIʹ͸2ͭͷABI͕ଘࡏ, ยํ͸αϙʔτ͞ΕΔͷͰ͸? • ΋͏Ұํ͸ݪཧతʹGoroutine/Channel͕࣮૷ෆՄೳͳͷͰແཧͩͱ༧૝ Toolchains - Go: Official WASI support

Slide 30

Slide 30 text

• ࢖͑ͳ͍ύοέʔδ͕ଟʑ͋Δ: e.g. encoding/json • ݪҼ: Reflectionͷ࣮૷ͷҧ͍(=ݴޠͷ࣮૷͕ҧ͏ͷͰ౰ͨΓલ) • ݱࡏਐߦܥͰ͍Ζ͍Ζվળ͞Ε͍ͯΔ • recover()͕ະ࣮૷: panic͔Β෮چͰ͖ͳ͍ • ࣮૷͞Εͨͱͯ͠΋, C++ྫ֎ͱಉ༷ͷཧ༝ͰWasm͸ର৅֎(ޙड़) • WASIͷABIʹΑͬͯ͸Goroutine/channel͕࢖͑ͳ͍(ޙड़) • Goroutine/channel(ਖ਼֬ʹ͸scheduler)Λdisableͯ͠compile͕Ͱ͖Δͷ͕ྑ͍ Toolchains - TinyGo limitations

Slide 31

Slide 31 text

• WASIʹ͸2ͭͷ“Application ABI”͕ଘࡏ • WASI Command: ௨ৗͷexecutableͱಉ֓͡೦ • _start symbol͕Runtimeʹ࣮ߦ͞ΕΔ: ݴޠ࣮૷తʹ͸ͦͷதͰuser definedͳmainؔ਺ΛݺͿ • exitͨ͠ΒͦͷVM΋ഁغ • WASI Reactor: Event drivenͳruntimeͰ࢖ΘΕΔ (e.g. Envoy proxy) • _initialize symbol͕Runtimeʹ࣮ߦ͞ΕVM಺෦ॳظԽ͢Δ(C++ͷctorsݺͼग़͠ͱ͔) • _initializeΛൈ͚ͨ͋ͱVMΛഁغ͠ͳ͍ • export͞Εͨؔ਺ΛRuntime͕ୟ͘͜ͱͰԿ౓΋VMʹcall in͢Δ WASI command vs WASI reactor https://github.com/WebAssembly/WASI/blob/main/design/application-abi.md

Slide 32

Slide 32 text

• TinyGo͸Command/Reactorͱͯ͠ͷόΠφϦΛు͚Δ* • Reactorͱͯ͠࢖ΘΕΔ৔߹: • schedulerͷ֓೦͕ͿͬඈͿͷͰchannel, goroutine͕࢖͑ͳ͍ • ެࣜGo͸Commandͱͯ͠ͷWASIͰ͋Ε͹αϙʔτ͢Δະདྷ͕དྷΔ͔΋? • Reactorͷ৔߹͸scheduler͕ͳ͍, ݴޠ࢓༷(?)Λຬͨͤͳ͍ • Commandͩͱ೚ҙͷؔ਺Λexportͯ͠ϗετͱ͓஻Γͯ͠ɺͱ͍͏ͷ͕Ͱ͖ͳ͍ • Ϣʔεέʔε͕ݶΒΕ͍ͯΔ Toolchains - Go *ਖ਼֬ʹ͸command͕ͩexit͠ͳ͍ͱ͍͏ಛघͳ_startؔ਺ͷ࣮૷ʹͳ͍ͬͯΔ(๻͕ͦ͏࣮૷ͯ͠͠·ͬͨͷͰ௚ͨ͠΄͏͕͍͍ΜͩΑͳ͋…)

Slide 33

Slide 33 text

• https://github.com/WebAssembly/wasi-libc • A libc for WebAssembly based on WASI system calls. • Rust, C, C++, Zig, TinyGo͸wasi-libcͱ(fully-)static linkͯ͠όΠφϦΛੜ੒ • ެࣜϏϧυ͸dlmalloc͕allocatorͱ͍͖ͯͭͯͯ͠͠·͏ • ΧελϜallocatorͱซ༻ෆՄ: Heap͕Ԛછ͞ΕΔ • WASI SDK: https://github.com/WebAssembly/wasi-sdk • C/C++޲͚ͷϏϧυࡁΈWASI libc Toolchains - WASI libc

Slide 34

Slide 34 text

• lldͷWasm޲͚ͷport • Rust, C/C++, TinyGo, Zig͸಺෦తʹwasm-ldΛ࢖ͬͯ࠷ऴόΠφϦΛੜ੒ • ΦϒδΣΫτϑΥʔϚοτ͸Wasmࣗମͷ࢓༷ͷதʹ͸ͳ͍ • https://github.com/WebAssembly/tool-conventions/blob/main/Linking.md Toolchains - wasm-ld

Slide 35

Slide 35 text

• Wasmͷσόά͸೉͍͠ • ݱߦͷ࢓༷Ͱ͸Userۭ͔ؒΒ͸Stack͕ݟ͑ͳ͍ • StacktraceΛऔಘͨ͠Γunwindingͨ͠Γ͕ݴޠϨϕϧͰ࣮૷ෆՄೳ • Proposal͕ਐߦத͕ͩΨοπϦॻ͖௚͞ΕͨΓͯ͠Δ: ·ͩ·͔͔ͩ࣌ؒΓͦ͏ • ͜Ε͕C++ྫ֎΍Rustͷpanic::*, Goͷrecover͕࣮૷ෆՄೳͳཧ༝ • DWARFͷWasm޲͚ͷ࢓༷͕ެ։͞ΕͯΔ • DWARFͷ࢓༷ͷΞυϨεͷҙຯΛม͑ͨ΋ͷͳͷͰ΄΅ಉҰ • ݱঢ়αϙʔτͰ͖ͯΔϗετ؀ڥ͸΄΅ͳ͍: Chrome͙Β͍? Debugging Wasm

Slide 36

Slide 36 text

Debugging Wasm Stacktrace͸ϗετଆͰ࣮૷͢Δ͔͠ͳ͘, ͦͷ৔߹mangle͞Εͨsymbol໊ͱ໋ྩΞυϨε͔͠औΕͳ͍ͷͰ͜Μͳײ͡ʹͳͬͯ͠·͏ https://github.com/proxy-wasm/proxy-wasm-cpp-host/issues/149

Slide 37

Slide 37 text

3. Proxy-Wasm ABI: Envoy with Wasm VMs

Slide 38

Slide 38 text

• Proxy-Wasm: Envoy/IstioൃͷϓϩδΣΫτ: https://github.com/proxy-wasm/spec • ϓϩΩγαʔόΛ֦ு͢ΔͨΊͷImport/Exportؔ਺ͷ࢓༷ • ྫ: httpͷΠϕϯτຖʹWasm͔Βexport͞Εͨؔ਺ʹ࿩͔͚͠Δ • Proxy-Wasmͷhost͸WASI΋࣮૷ => Compileλʔήοτͱͯ͠͸wasm32-wasi Proxy-Wasm: Wasm ABI for network proxies WASI Proxy-Wasm Envoy / Nginx / ATS / … Wasm Virtual Machine

Slide 39

Slide 39 text

• ݱঢ়5ͭͷݴޠͷSDK͕ଘࡏ • C++, Rust by Google • Go (TinyGo) by Tetrate • ๻ͷझຯϓϩδΣΫτ͕࢓ࣄʹͳΓ·ͨ͠ • AssemblyScript by Solo.io • Ziglang by ๻ Proxy-Wasm: Wasm ABI for network proxies

Slide 40

Slide 40 text

Proxy-Wasm Implementation in Envoy TCPύέοτͷ౸ண ଞʹ΋HTTP headerͷ౸ணΠϕϯτ౳

Slide 41

Slide 41 text

Proxy-Wasm Implementation in Envoy Ұ࿈ͷHTTPϦΫΤετϑϩʔʹର͢ΔWasm VM<->Envoyͷձ࿩ϩά

Slide 42

Slide 42 text

Proxy-Wasm σϞ

Slide 43

Slide 43 text

4. Wasmͷ͜Ε͔Β

Slide 44

Slide 44 text

Wasmͷ͜Ε͔Β • πʔϧνΣΠϯͷ੒ख़ • ެࣜGoͷαϙʔτ౳ • JITͷߴ଎Խ! • ֤छProposalͷਐల • Threads, Exceptions, GC, External Ref, etc.

Slide 45

Slide 45 text

Wasmͷ͜Ε͔Β • ϓϥάΠϯػߏͱͯ͠ͷWasmར༻ͷྲྀߦ • Envoy/Proxy-Wasm͕࠷ͨΔྫ • OpenPolicyAgentͳͲ͕࠾༻Λ࢝Ί͍ͯΔ • πʔϧνΣΠϯ͕ΑΓਐԽ(ଟݴޠԽ)͢Ε͹ΑΓڧྗʹͳΔ • ϥΠόϧͱͯ͠͸Lua?

Slide 46

Slide 46 text

Wasmͷ͜Ε͔Β • “ίϯςφ” ͱͯ͠ͷར༻ • Krustlet: https://github.com/krustlet/krustlet • WasmtimeΛར༻ͯ͠wasm32-wasiͳϓϩάϥϜΛK8s಺ʹdeploy • ϢʔβʔۭؒͰ࣮૷͞ΕͨΧʔωϧͱͯ͠ػೳ͢ΔͷͰ gVisorʹ͍ۙ

Slide 47

Slide 47 text

Wasmͷ͜Ε͔Β • WasmόΠφϦͷύοέʔδϯά • OCI Imageͱͯ͠WasmΛ֨ೲͯ͠ɺ഑෍(Helm΍HomebrewͳͲͱಉ༷) Envoyʹ഑ΔͨΊͷWasmΛ֨ೲͨ͠OCIΠϝʔδͷ࢓༷ॻ for Istio: https://github.com/solo-io/wasm/blob/master/spec/README.md

Slide 48

Slide 48 text

·ͱΊ

Slide 49

Slide 49 text

·ͱΊ • Wasm͸ྑ͍ͱ͜ͲΓͷԾ૝Ϛγϯ+όΠφϦϑΥʔϚοτͷ࢓༷ • Export/Import functionʹΑΓՄೳੑ͸ແݶେ • WASIʹΑΓ࣮ࡍͷOSͰಈ͘Α͏ͳϓϩάϥϜ͕ॻ͚Δ • Wasmࣗମ/πʔϧνΣΠϯ͸·ͩ·ͩൃల్্ • ࢖͑Δݴޠ΍ػೳʹ੍ݶɿݱঢ়ؾʹ͢Δ΂͖ϙΠϯτ͕ͨ͘͞Μ • Proxy-Wasm͸WasmΛ࢖ͬͨNetwork proxyͷ֦ுػೳͷϓϩδΣΫτ • ϓϥάΠϯػߏͱͯ͠ͷWasmར༻͸΋͏ՄೳͳϑΣʔζ

Slide 50

Slide 50 text

ࠓ೔࿩{͞,ͤ}ͳ͔ͬͨ͜ͱ • ಠࣗͷABIʹैͬͨHost؀ڥ/SDK։ൃͷਏ͞ • ύϑΥʔϚϯεͷ࿩ (Luaͱൺ΂ͯͲ͏ͳͷʂʁΈ͍ͨͳ࿩) • ࠷ۙͷProposalͷ࿩ • ϑϩϯτΤϯυWasmͷ࿩ (શ͘ઐ໳͡Όͳ͍ͷͰ͢Έ·ͤΜ…)

Slide 51

Slide 51 text

Software Design 2021೥3݄߸ʹࠓ೔ͷ࿩୊ʹ͍ͭͯͷهࣄΛدߘ͠·ͨ͠ʂ

Slide 52

Slide 52 text

We are hiring! https://www.tetrate.io/careers/ Work Anytime and Anywhere + Unlimited paid time off