Upgrade to Pro — share decks privately, control downloads, hide ads and more …

WebAssembly beyond the browser: Let's conquer the cloud with Wasm in Kubernetes

Thorsten Hans
September 16, 2022

WebAssembly beyond the browser: Let's conquer the cloud with Wasm in Kubernetes

WebAssembly (Wasm) is the next big thing on the server and in the cloud. Although Wasm has been around for quite a while now, significant investments and improvements happen on platforms other than the browser. We are finally able to leverage the Wasm as a secure application sandbox using tools like krustlet. With krustlet, we can run Wasm workloads directly in Kubernetes without any container being required. What does that mean? What can you achieve today, and what is still experimental? And how can you get hands-on right now? Join this talk by Azure MVP and cloud-native enthusiast Thorsten Hans to get those and other questions answered.

Thorsten Hans

September 16, 2022
Tweet

More Decks by Thorsten Hans

Other Decks in Technology

Transcript

  1. What we will cover today • Introduction • WebAssembly beyond

    the browser • Running WebAssembly workloads in Kubernetes • Running WebAssembly without Kubernetes • Conclusion Talking Points
  2. What we will cover today • Introduction • Hello Spin

    & Hello Krustlet • Run Wasm modules with Spin • Run Wasm workloads with Krustlet • Conclusion Talking Points
  3. WebAssembly (Wasm) • It’s virutal machine that processes stack-based instructions

    • Instruction are in binary format • For us as devs It’s a compiler target – so we compile our code into WebAssembly modules Introduction
  4. WebAssembly (Wasm) • Fast 🏃‍‍‍ • Near native execution performance,

    leveraging available hardware capabilities • Safe 💪‍ • Wasm is a sandboxed, memory-safe execution environment • Portable 🧊 • All major browsers support Wasm & multiple ”server” Wasm runtimes available Introduction
  5. WebAssembly System Interface (WASI) • Platform Integration 🧬 • WASI

    is a wrapper for underlying platform (OS) capabilities • Think of things like File:: open() • Portable 🚀 • WASI could become the default compiling target for EVERYONE! • Secure 👮‍ • Permissions can be defined per app (module) Introduction
  6. WebAssembly Gateway Interface (WAGI) • Use WebAssembly modules as HTTP

    handlers • Think of a hyper-focused microservices runtime • Comman Gateway Interface (CGI) implementation • HTTP headers become environment variables • HTTP payloads are piped to stdin • HTTP responses must be written to stdout Introduction
  7. What we will cover today • Introduction • WebAssembly beyond

    the browser • Running WASM with Krustlet • Running WASM with Fermyon Spin • Conclusion Talking Points
  8. Kubernetes-rust-kubelet • Krustlet is a kubelet written in Rust 🦀

    • It responds to well-know Kubernetes requests like kubectl logs, kubectl describe, kubectl delete, … • Krustlet communicates with Kubernetes API server using HTTPs and reports status back like a regular kubelet, • Krustlet comes with providers. A provider specifies requirements for underlying Wasm runtime. Krustlet uses wastime by default, but you can choose a different provider such as WasmCloud or CRI What is krustlet
  9. Kubernetes-rust-kubelet • It’s a binary – which attaches compute power

    to a Kubernetes cluster • Krustlet can be added to a wide variety of different Kubernetes distributions • Start small with dev environments like minikube or KIND • Grow to full blown Kubernetes distributions like bare metal Kubernetes or managed Kubernetes offerings like AKS, EKS, GKS What is krustlet
  10. • Install krustlet with your Kubernetes cluster • krustlet is

    “Kubernetes-vendor” agnostic • Check https://docs.krustlet.dev/ for detailed installation guidance • Gain access to a container registry (must be OCI distribution spec compliant) • Azure Container Registry is used during this talk • Compile your code against wasm32-wasi • rustup target add wasm32-wasi && cargo build --release --target wasm32-wasi Krustlet
  11. What we will cover today • Introduction • What is

    krustlet and how can I get it • Running WebAssembly workloads in Kubernetes • Running WebAssembly without Kubernetes • Conclusion Talking Points
  12. WebAssembly beyond the server in Action 🎉 - Running simple

    Wasm workloads in Kubernetes - Running WASI workloads in Kubernetes Demo
  13. What we will cover today • Introduction • What is

    krustlet and how can I get it • Running WebAssembly workloads in Kubernetes • Running WebAssembly without Kubernetes • Conclusion Talking Points
  14. • Fermyon (https://www.fermyon.com/) is massively driving Wasm for cloud computing

    • Spin – a framework to build microservices with WebAssembly • Fermyon Platform is a platform for running WebAssembly workloads • Could be hosted in your private datacenter too using Nomand • No hazzle with managing underlying Kubernetes • Feels ”serverless” for the developer Running WebAssembly without Kubernetes
  15. Let’s give spin a spin 🚀 - Create a microservice

    with spin - Run microservices with spin Demo
  16. What we will cover today • Introduction • What is

    krustlet and how can I get it • Running WebAssembly workloads in Kubernetes • Running WebAssembly without Kubernetes • Conclusion Talking Points
  17. • Running Wasm workloads in the cloud will allow better

    resource utilization • We don’t need to package applications in containers • Strict sandboxing (WASI) will enahnce overall platform security and robustness • It’s still early – especially in managed Kubernetes (where we’ve limited control) • Spin and Fermyon Platform currently drive developer adoption in the community Conclusion
  18. further questions?!?! Thorsten Hans @ThorstenHans Consultant Don’t be afraid. Shoot

    your question now in person, or later at [email protected] or @ThorstenHans thorsten-hans.com