Upgrade to Pro — share decks privately, control downloads, hide ads and more …

CRI-O's WASM Adventure: Challenges, Strategies, and What Lies Ahead

Sohan Kunkerkar
April 11, 2024
Technology
0
25

CRI-O's WASM Adventure: Challenges, Strategies, and What Lies Ahead

Many years our two heroes CRI-O (a lightweight container runtime for Kubernetes) and WebAssembly spent apart, honing their strengths for the adventure to come. Join us in this talk, as we tell a tale describing the reasons why WASM support is essential for CRI-O, the challenges faced during its integration, such as runc's lack of support for WASM and the complexity of assigning the correct runtime to a pod, and the strategies employed to overcome these challenges. Additionally, we will outline our vision for the future of this integration such as handling WASM workload as container images and loading WASM plugins directly into CRI-O instead of NRI and how it will revolutionize the capabilities of CRI-O and Kubernetes. This talk is designed for developers, operators, weary travelers, and anyone interested in the intersection of Kubernetes, CRI-O, and WebAssembly

Sohan Kunkerkar

April 11, 2024
Tweet

More Decks by Sohan Kunkerkar

See All by Sohan Kunkerkar
CRI-O Odyssey: Exploring New Frontiers in Container Runtimes
sohankunkerkar
0
7

Other Decks in Technology

See All in Technology
エムスリーマルチデバイスチーム紹介資料 / Introduction of M3 Multi Device Team
m3_engineering
0
100
本番環境で Cloudflareを 使ってみた話
miu_crescent
2
120
スクラムに出会って「できた」を実感できるようになってきた話 / Scrum makes me feel like I can do it
yayoi_dd
2
110
動画配信サービスのフロントエンド実装に学ぶ設計原則
yud0uhu
0
120
Shinagile 2024
kawaguti
PRO
2
120
社内での継続的な機械学習勉強会の開催のコツ
yudai00
2
380
グイグイ系QAエンジニアでやっていくよ!
____rina____
0
730
生成AIと産業向けソフトウェアの自動生成 〜 ハノーバーメッセ2024より〜
kioto
2
420
Step by Stepで学ぶ、ADT(代数的データ型)、モナドからEffect-TSまで
leveragestech
1
2.7k
データ分析力を高めるSQL研修サービス『SQL Everyone』
hikarut
1
380
多言語化対応における TypeScript の型定義を通して開発のしやすさについて考えた / TSKaigi TypeScript Multilingualization
nabeliwo
2
380
複雑なビジネスルールに挑む:正確性と効率性を両立するfp-tsのチーム活用術 / Strike a balance between correctness and efficiency with fp-ts
kakehashi
5
3.4k

Featured

See All Featured
Unsuck your backbone
ammeep
664
57k
Into the Great Unknown - MozCon
thekraken
15
1.1k
How to Ace a Technical Interview
jacobian
273
22k
VelocityConf: Rendering Performance Case Studies
addyosmani
321
23k
Being A Developer After 40
akosma
67
580k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
188
16k
How STYLIGHT went responsive
nonsquared
92
4.8k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
245
20k
Clear Off the Table
cherdarchuk
85
310k
Web Components: a chance to create the future
zenorocha
306
41k
Making the Leap to Tech Lead
cromwellryan
125
8.6k
Rails Girls Zürich Keynote
gr2m
91
13k

Transcript

  1. Sohan Kunkerkar & Peter Hunt CRI-O's WASM Adventure: Challenges, Strategies,

    and What Lies Ahead A journey into integrating WebAssembly support in CRI-O and Kubernetes

  2. Contents • Brief Introduction to CRI-O and WASM • Unlocking

    the Potential With WASM • The Roadblocks We Faced • Overcoming Challenges • Demos • Future Work • Closing Remarks and Questions

  3. Introduction • CRI-O ◦ Lightweight and Focused ◦ Native Kubernetes

    Integration ◦ Security Emphasis • WASM ◦ Language Agnostic ◦ Efficient Execution ◦ Sandboxed Environment • Coming Together for This Adventure

  4. Unlocking the Potential with WASM • Cross-Platform Execution ◦ Single

    binary for multiple OS and architectures • Efficient and Near-Native Performance ◦ Low disk footprint ◦ Minimal startup time • Secure Execution Environment ◦ Module signing for code integrity and authenticity ◦ Runtime security controls independent of host OS user privilege ◦ Secured execution environments with controlled memory access. Image source: https://www.freepik.com/free-vector/open-padlock-concept-illustration_82647715.htm

  5. Benefits of WASM Support in CRI-O • Edge Computing Agility

    ◦ Enables cross-architecture, lightweight deployments • Dynamic Scaling ◦ Low disk footprint and rapid startup time • Security-Enhanced Microservices: ◦ Provides module signing and runtime security controls • Polyglot Microservices Architecture ◦ Enables polyglot programming for language flexibility

  6. Roadblocks • No native support for WASM in runc ◦

    https://github.com/opencontainers/runc/is sues/3271 • Alternative solution: crun with Image annotation ◦ Requires adding an annotation (module.wasm.image/variant=compat-s mart) to an image ◦ This mechanism involves propagating OCI image annotations to the runtime

  7. Roadblocks • Choosing the right runtime class ◦ Uncertainty about

    the image platform, posing a significant hurdle to automatic runtime assignment.

  8. Strategies • Treat images with the wasi/wasm as WASM by

    default • Introduction to platform_runtime_paths to the RuntimeConfig • https://github.com/cri-o/cri-o/pull/7180

  9. Demos

  10. Run WASM workloads using CRI-O in Kubernetes

  11. Future Work https://i.pinimg.com/736x/0e/e9/53/0ee9530fec754e01f46c48d8ed2c3dd0.jpg

  12. Future Work Plugins: • Supporting plugins and wiring additional data

    ◦ https://github.com/sohankunkerkar/cri-o/tree/wasm-poc-2 ◦ https://github.com/containers/crun/pull/1432 ◦ Allows more meaningful work ◦ Two buzzwords in one (WASM + AI) ◦ Subject to change

  13. Running AI models in Kubernetes with CRI-O

  14. Future Work Optimize WASM handling: • Handling WASM artifacts as

    Container images ◦ https://github.com/cri-o/cri-o/issues/7492 ◦ No need to pack into a scratch image!

  15. Future Work Optimize WASM handling: • Handling WASM artifacts as

    Container images ◦ https://github.com/cri-o/cri-o/issues/7492 ◦ No need to pack into a scratch image! • Direct integration of WASM plugins into CRI-O ◦ https://github.com/cri-o/cri-o/issues/7277 ◦ Optimize out crun?

  16. Quick Aside: NRI • Node Resource Interface ◦ Common framework

    for extending OCI-compatible runtimes ◦ Supported by containerd and CRI-O ◦ https://github.com/containerd/nri/

  17. Quick Aside: NRI https://static.sched.com/hosted_files/kccncna2022/cc/KubeCon-NA-2022-NRI-presentation.pdf

  18. Future Work Extend WASM Investment: • WASM plugins loaded instead

    of NRI ◦ https://github.com/cri-o/cri-o/issues/7277 • No RPC, no external process, just plugins!

  19. Future Work https://static.sched.com/hosted_files/kccncna2022/cc/KubeCon-NA-2022-NRI-presentation.pdf

  20. Future Work

  21. Conclusion

  22. Closing Remarks and Questions Github Slack

  23. References • https://github.com/cri-o/cri-o • https://www.redhat.com/en/blog/webassembly-wasm-and-open shift-a-powerful-duo-for-modern-applications • https://github.com/WasmEdge/WasmEdge • https://medium.com/@seifeddinerajhi/wasm-and-kubernetes-a-

    new-era-of-cloud-native-application-deployment-b3c59b39f64 • https://arxiv.org/pdf/2305.00600.pdf

  24. Closing Remarks and Questions Thank you!

  25. None