Cloud-Native vNext with WebAssembly?! Using Krustlet & Fermyon Spin Thorsten Hans @ThorstenHans Cloud-Native Consultant

Consultant @ Thinktecture #Azure #Kubernetes #CloudNative #Docker thorsten.hans@outlook.com thinktecture.com thorsten-hans.com @ThorstenHans Microsoft MVP | Docker Captain Thorsten Hans

What we will cover today • Introduction • WebAssembly beyond the browser • Running WebAssembly workloads in Kubernetes • Running WebAssembly without Kubernetes • Conclusion Talking Points

What we will cover today • Introduction • Hello Spin & Hello Krustlet • Run Wasm modules with Spin • Run Wasm workloads with Krustlet • Conclusion Talking Points

• WebAssembly (Wasm) • WebAssembly System Interface (WASI) • WebAssembly Gateway Interface (WAGI) Introduction

WebAssembly (Wasm) • It’s virutal machine that processes stack-based instructions • Instruction are in binary format • For us as devs It’s a compiler target – so we compile our code into WebAssembly modules Introduction

WebAssembly (Wasm) • Fast 🏃‍‍‍ • Near native execution performance, leveraging available hardware capabilities • Safe 💪‍ • Wasm is a sandboxed, memory-safe execution environment • Portable 🧊 • All major browsers support Wasm & multiple ”server” Wasm runtimes available Introduction

WebAssembly System Interface (WASI) • Platform Integration 🧬 • WASI is a wrapper for underlying platform (OS) capabilities • Think of things like File:: open() • Portable 🚀 • WASI could become the default compiling target for EVERYONE! • Secure 👮‍ • Permissions can be defined per app (module) Introduction

Portability Introduction https://hacks.mozilla.org/2019/03/standardizing-wasi-a-webassembly-system-interface/

Security Introduction https://hacks.mozilla.org/2019/03/standardizing-wasi-a-webassembly-system-interface/

Security Introduction https://hacks.mozilla.org/2019/03/standardizing-wasi-a-webassembly-system-interface/

Security Introduction https://hacks.mozilla.org/2019/03/standardizing-wasi-a-webassembly-system-interface/

Security Introduction https://hacks.mozilla.org/2019/03/standardizing-wasi-a-webassembly-system-interface/

WebAssembly Gateway Interface (WAGI) • Use WebAssembly modules as HTTP handlers • Think of a hyper-focused microservices runtime • Comman Gateway Interface (CGI) implementation • HTTP headers become environment variables • HTTP payloads are piped to stdin • HTTP responses must be written to stdout Introduction

What we will cover today • Introduction • WebAssembly beyond the browser • Running WASM with Krustlet • Running WASM with Fermyon Spin • Conclusion Talking Points

Kubernetes-rust-kubelet • Krustlet is a kubelet written in Rust 🦀 • It responds to well-know Kubernetes requests like kubectl logs, kubectl describe, kubectl delete, … • Krustlet communicates with Kubernetes API server using HTTPs and reports status back like a regular kubelet, • Krustlet comes with providers. A provider specifies requirements for underlying Wasm runtime. Krustlet uses wastime by default, but you can choose a different provider such as WasmCloud or CRI What is krustlet

Kubernetes-rust-kubelet • It’s a binary – which attaches compute power to a Kubernetes cluster • Krustlet can be added to a wide variety of different Kubernetes distributions • Start small with dev environments like minikube or KIND • Grow to full blown Kubernetes distributions like bare metal Kubernetes or managed Kubernetes offerings like AKS, EKS, GKS What is krustlet

• Install krustlet with your Kubernetes cluster • krustlet is “Kubernetes-vendor” agnostic • Check https://docs.krustlet.dev/ for detailed installation guidance • Gain access to a container registry (must be OCI distribution spec compliant) • Azure Container Registry is used during this talk • Compile your code against wasm32-wasi • rustup target add wasm32-wasi && cargo build --release --target wasm32-wasi Krustlet

Krustlet integration with Kubernetes - Add krustlet to Kubernetes - Inspect krustlet nodes in a cluster Demo

What we will cover today • Introduction • What is krustlet and how can I get it • Running WebAssembly workloads in Kubernetes • Running WebAssembly without Kubernetes • Conclusion Talking Points

WebAssembly beyond the server in Action 🎉 - Running simple Wasm workloads in Kubernetes - Running WASI workloads in Kubernetes Demo

What we will cover today • Introduction • What is krustlet and how can I get it • Running WebAssembly workloads in Kubernetes • Running WebAssembly without Kubernetes • Conclusion Talking Points

• Fermyon (https://www.fermyon.com/) is massively driving Wasm for cloud computing • Spin – a framework to build microservices with WebAssembly • Fermyon Platform is a platform for running WebAssembly workloads • Could be hosted in your private datacenter too using Nomand • No hazzle with managing underlying Kubernetes • Feels ”serverless” for the developer Running WebAssembly without Kubernetes

Let’s give spin a spin 🚀 - Create a microservice with spin - Run microservices with spin Demo

What we will cover today • Introduction • What is krustlet and how can I get it • Running WebAssembly workloads in Kubernetes • Running WebAssembly without Kubernetes • Conclusion Talking Points

• Running Wasm workloads in the cloud will allow better resource utilization • We don’t need to package applications in containers • Strict sandboxing (WASI) will enahnce overall platform security and robustness • It’s still early – especially in managed Kubernetes (where we’ve limited control) • Spin and Fermyon Platform currently drive developer adoption in the community Conclusion

further questions?!?! Thorsten Hans @ThorstenHans Consultant Don’t be afraid. Shoot your question now in person, or later at thorsten.hans@outlook.com or @ThorstenHans thorsten-hans.com