Post

Understanding WebAssembly (Wasm)

Posted Updated
By Nikos Nikolakakis 6 min read

What is WebAssembly (Wasm)?

WebAssembly, commonly referred to as Wasm, is a binary instruction format designed for a stack-based virtual machine. It serves as a portable compilation target for various programming languages, enabling their deployment on the web for both client and server applications. Since its official recommendation by W3C in 2019, Wasm has been supported by all major browsers, offering a way to run applications written in languages like C, C++, Rust, Go, Python, and more within the browser environment without requiring additional installations or configurations.

The Origin and Purpose of Wasm

Wasm was created to address the limitations of web technologies like HTML, CSS, and JavaScript. While these technologies are sufficient for building simple web applications, they fall short for complex applications such as desktop-like applications (e.g., Photoshop) or performance-intensive applications (e.g., games). Rewriting such applications in JavaScript can be a monumental task, often leading to performance issues.

Wasm allows developers to compile applications written in various languages into a binary format that can run efficiently in browsers. This eliminates the need for complete rewrites and offers near-native performance, making it ideal for high-performance web applications.

Comparison with Other Technologies

Wasm vs. Docker Containers

While Docker containers package applications along with their dependencies, Wasm modules contain only the application binary. Here’s a detailed comparison:

  • Size and Speed: Wasm modules are typically smaller and start faster than Docker containers. They run at near-native speeds, making them highly efficient.
  • Security: Wasm modules run in a sandboxed environment, providing strong isolation from the host system and other modules. This enhances security compared to containers, which have more direct access to the host OS.
  • Portability: Wasm binaries are platform-neutral, capable of running on any OS and architecture without modification. Containers, while portable, still require specific builds for different environments.

Wasm in Different Environments

Wasm’s success in browsers has led to its exploration in other environments, including servers and edge devices:

  • Servers: Wasm’s platform neutrality, security, and efficiency make it a compelling choice for server-side applications. It can potentially replace traditional server binaries.
  • Edge Devices: Running applications on edge devices comes with resource constraints and security challenges. Wasm’s small footprint and secure execution environment make it suitable for edge computing.

Ecosystem and Integration with Kubernetes

Kubernetes has become the standard for container orchestration, offering a rich ecosystem of tools and services. While Wasm provides advantages in performance, security, and portability, its ecosystem is still maturing. For Wasm to be a viable alternative to containers in Kubernetes, it needs robust integration and support within the Kubernetes ecosystem.

Kwasm: Bringing Wasm to Kubernetes

Kwasm is a Kubernetes operator that adds WebAssembly support to Kubernetes nodes. It simplifies the setup process, allowing Kubernetes clusters to run Wasm modules as if they were containers. Here’s how it works:

  1. Installation: Using Helm charts, you can easily install the Kwasm operator in your Kubernetes cluster.
  2. Node Provisioning: Nodes are annotated to indicate their readiness to run Wasm modules.
  3. Runtime Configuration: Kwasm supports various Wasm runtimes (e.g., WasmEdge, Spin), which can be configured to handle Wasm applications.

Containerd Shims for Wasm

Containerd, a widely-used container runtime, supports shims that enable running Wasm applications. These shims act as intermediaries, interfacing with containerd and the Wasm runtime. Here’s how it works:

  1. Shim Installation: Shims are binary executables that include code to interface with containerd and the Wasm runtime.
  2. Configuration: Shims are registered in the containerd configuration file, allowing containerd to manage Wasm applications.
  3. Execution: When a Wasm application is deployed, containerd spawns a shim process to manage the Wasm runtime and execute the application.
  4. Execution: When a Wasm application is deployed, containerd spawns a shim process to manage the Wasm runtime and execute the application.

Future of Wasm

The future of WebAssembly (Wasm) looks incredibly promising, especially with the advancements in its integration with Kubernetes through projects like Kwasm. Here are some key points to consider:

Serverless Computing

Wasm can be leveraged to build more secure and efficient serverless platforms. Its fast startup times and low resource consumption make it ideal for serverless environments where performance and cost-efficiency are crucial. Several companies and cloud providers are already exploring Wasm for their serverless offerings, looking to provide enhanced security and speed compared to traditional container-based approaches.

Edge Computing

Wasm’s small footprint and robust security features make it particularly well-suited for edge devices, which often have limited resources and heightened security concerns. The ability to run Wasm applications efficiently on various architectures and operating systems without modification provides significant flexibility and reduces deployment complexity on edge devices.

Integration with Kubernetes Ecosystem

The introduction of Kwasm has significantly bolstered the ecosystem around Wasm, bringing it closer to mainstream adoption. With Kwasm, Kubernetes clusters can now run Wasm modules alongside traditional containers, leveraging the extensive Kubernetes ecosystem for management, monitoring, and scaling.

Demonstration: Running Wasm in a Kind Cluster

To provide a practical demonstration, follow these steps to set up a Kind (K8s) cluster and run a Wasm runtime.

Step 1: Create a Kind Cluster

Create a Kind cluster using the provided configuration. Save the following YAML into a file named kind-config.yaml:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17

kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
nodes:
  - role: control-plane
    kubeadmConfigPatches:
      - |
        kind: InitConfiguration
        nodeRegistration:
          kubeletExtraArgs:
            node-labels: "ingress-ready=true"
    extraPortMappings:
      - containerPort: 80
        hostPort: 80
        protocol: TCP
      - containerPort: 443
        hostPort: 443
        protocol: TCP

Create the cluster using the configuration file:

1

kind create cluster --config kind-config.yaml

Step 2: Install KWasm Operator

Add the Helm repository and install the KWasm operator:

1
2

helm repo add kwasm http://kwasm.sh/kwasm-operator/
helm install -n kwasm --create-namespace kwasm-operator kwasm/kwasm-operator

Annotate the nodes to indicate that they are ready for KWasm:

1

kubectl annotate node --all kwasm.sh/kwasm-node=true

Step 3: Install Wasm Runtime and Create a Test Workload

Choose one of the following runtimes to install and test:

Spin

Apply the following YAML to create a RuntimeClass and a Deployment using Spin:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29

kubectl apply -f - <<EOF
apiVersion: node.k8s.io/v1
kind: RuntimeClass
metadata:
  name: wasmtime-spin
handler: spin
EOF

kubectl apply -f - <<EOF
apiVersion: apps/v1
kind: Deployment
metadata:
  name: wasm-spin
spec:
  replicas: 1
  selector:
    matchLabels:
      app: wasm-spin
  template:
    metadata:
      labels:
        app: wasm-spin
    spec:
      runtimeClassName: wasmtime-spin
      containers:
      - name: spin-hello
        image: ghcr.io/deislabs/containerd-wasm-shims/examples/spin-rust-hello:latest
        command: ["/"]
EOF

For the Spin runtime, you can test the deployment by port-forwarding and making a request:

1

kubectl port-forward deployment/wasm-spin 8000:80

In a separate terminal, test the application:

1

curl localhost:8000/hello

You should see a response from the Wasm application.

Conclusion

WebAssembly is a transformative technology with significant advantages in performance, security, and portability. The integration of Wasm into the Kubernetes ecosystem through Kwasm marks a pivotal moment in its evolution, enabling Wasm applications to leverage the full power of Kubernetes’ robust infrastructure and ecosystem. This advancement not only facilitates the adoption of Wasm in serverless and edge computing but also positions it as a strong contender for a wide range of cloud-native applications. As the ecosystem continues to grow, Wasm is poised to become a foundational technology in the modern software landscape.

WASM Understanding WebAssembly (Wasm)

sre kubernetes wasm kwasm serverless
This post is licensed under CC BY 4.0 by the author.