A Safe Dock for our Programs

A Safe Dock for our Programs
Docker + WASM (+WASI)
By Mario A. Santini

Mario A. Santini
Software Developer
Telecomunication Field

Docker Desktop
●
Minimum version 4.15
●
Enable containerd
( say goodbay to all existing images)
●
Use the scratch image

Run WASM on Docker
Docker Engine
Containerd
containerd-shim containerd-shim containerd-shim
runc runc wasmedge
Container process Container process Wasm Module

1 fn main() {
2 println!("Hello, Docker Hub!");
3 }
main.rs
Dockerfile
1 FROM scratch
2
3 COPY ./target/wasm32-wasi/release/hello-docker.wasm
/hello-docker.wasm
4 ENTRYPOINT [ "hello-docker.wasm" ]

$ docker run
--runtime=io.containerd.wasmedge.v1
$image_name
$ docker buildx build
--platform=wasi/wasm32
-t $image_name .

How Good Stuff Usually Came From
«Amateurs sit and wait for
inspiration, the rest of us just get
up and go to work.»
Stephen King

From JavaScript to asm.js
Source Code AST
Bytecode
Baseline
Compiled
Code
Ion-
Compiled
Code
Run
Run & Profile
Parse Generate
Compile
Compile
Bail

Mozilla asm.js
Source Code AST
Bytecode
Baseline
Compiled
Code
Ion-
Compiled
Code
Run
Run & Profile
Parse Generate
Compile
Compile
Bail
asm.js

WebAssembly
WebAssembly is a binary instruction format for a stack-
based virtual machine.
...is designed as a portable compilation target for
programming languages, enabling deployment on the web
for client and server applications.
webassembly.org

What’s make WASM so cool
●
Efficient and fast
●
Safe
●
Open and debuggable
●
Part of the open web platform

Efficient and fast
●
Compact in size
●
Fast load time
●
Execution at “native speed”
●
Binary format
●
Can take advantage of the hardware*

Safe
●
Memory safe
●
Sandboxes execution environment
●
Same origin and permission policy
enforcement (on the web platform)

Part of the open web platform
●
Designed to enforce versionless,
feature-tested, backward-compatible
●
Callable in and out from JavaScript
●
Accessing the web API
...but it’s not limited on that platform...

How it Works on the Web
●
Load the .wasm file from JavaScript
●
Compile it with the WebAssembly
interface
●
Instantiate the module through
JavaScript
●
Access the exported functions

A WASM File Example
;; simple.wasm
(module
(func $i (import "imports" "i") (param i32))
(func (export "e")
i32.const 42
call $i))

How to Work on the Browser
function instantiate(bytes, imports) {
return WebAssembly
.compile(bytes)
.then(m => new WebAssembly.Instance(m, imports));
}
var importObject = {
imports: {
i: arg => console.log(arg)
}
};
fetch('simple.wasm')
.then(response => response.arrayBuffer())
.then(bytes => instantiate(bytes, importObject))
.then(instance => instance.exports.e());

WebAssembly System Interface
●
It’s designed to be independent from Browsers
and web APIs or JavaScript
●
Inspired by POSIX
●
Focused on portability and security
●
A modular set of standard interfaces

WIP
●
WASI is still Work In Progress
●
WASI-CORE is the starting point
●
There are also open points:
– Asynchronous I/O
– File watching
– File locking

WASM 2.0 and Beyond
●
Tail calls → standardized but still not ready
●
Exception handling
●
Garbage collection
●
Memory64
●
Multiple memory
●
Relaxed SIMD
●
Threads and atomics
●
Type reflection

Conclusions
●
WASM is not ready on the server yet
●
It’s a pretty good portable format
●
Running WASM as a container it’s really
promising
●
WASI is still in a early stage

References
●
Docker + WASM https://docs.docker.com/desktop/wasm/
●
Emscripten https://emscripten.org/
●
Wasmtime https://wasmtime.dev/
●
WasmEdge https://wasmedge.org/
●
Lunatic https://github.com/lunatic-solutions/lunatic
●
AssemblyScript https://www.assemblyscript.org/
●
W3C WASM https://www.w3.org/wasm/
●
WebAssembly https://webassembly.org/
●
Bytecode Alliance https://bytecodealliance.org/
●
WASI https://wasi.dev/

A Safe Dock for our Programs

More Related Content

Similar to A Safe Dock for our Programs

More from Mario Alexandro Santini

Recently uploaded

A Safe Dock for our Programs