In today's rapidly evolving tech landscape, two technologies have been making waves: WebAssembly (WASM) and OpenShift. While they serve different purposes, their combination can lead to powerful, scalable, and efficient applications. In this blog, we'll explore how WASM and OpenShift can work together and why this pairing is significant for modern developers.
WASM is available as a developer preview feature in OpenShift 4.14.
What is WebAssembly (WASM)?
WebAssembly, often abbreviated as WASM, is a binary instruction format for a stack-based virtual machine. It's designed as a portable target for the compilation of high-level languages like C, C++, and Rust, enabling deployment on the web for client and server applications.
Key Features of WASM:
Performance: WASM is designed to be faster than JavaScript for certain tasks, as it's a low-level binary format.
Security: It runs inside a sandboxed environment, ensuring that applications don't harm the host system.
Portability: WASM can run on any platform that has a suitable virtual machine.
How can WASM and OpenShift work together?
Microservices with WASM: Microservices architectures are becoming the norm, and OpenShift is a leading platform for deploying them. WASM can be used to build lightweight, high-performance microservices that can be containerized and managed by OpenShift.
Edge Computing (MicroShift): As edge computing grows, there's a need for lightweight, efficient, and fast executables. WASM modules can be deployed at the edge, and OpenShift can manage these edge deployments, ensuring scalability and reliability.
Serverless Functions (OpenShift Knative): Serverless architectures allow developers to focus on code, leaving the infrastructure management to platforms. WASM can be used to write serverless functions, and OpenShift can orchestrate these functions, ensuring they're run efficiently and can scale as needed.
Portable Plugins: WASM can be used to write plugins for platforms that support them, ensuring they're portable across different systems. OpenShift can manage the deployment and scaling of these platforms to ensure high availability.
Why is this combination powerful?
Efficiency: WASM's performance benefits combined with OpenShift's auto-scaling means applications can run efficiently, using resources only when necessary.
Cross-platform: Both WASM and OpenShift are designed to be cloud-agnostic. This means applications can be written once and deployed on any cloud.
Flexibility: Developers can write code in multiple languages, compile it to WASM, containerize it, and deploy it using OpenShift. This provides immense flexibility in choosing the right tools for the job.
Running a WASM workload in OpenShift
The ability to run WASM workloads is enabled by updating the configuration of CRI-O on the OpenShift worker nodes to use the crun-wasm runtime.
Create a MachineConfig resource to configure the worker nodes with the necessary crun-wasm configuration. We need a CRI-O drop-in config to configure `crun-wasm` as the default runtime. {%raw %}
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
metadata:
labels:
machineconfiguration.openshift.io/role: worker
name: 99-workers-wasm-workloads
spec:
config:
ignition:
config: {}
security:
tls: {}
timeouts: {}
version: 3.2.0
networkd: {}
passwd: {}
storage:
files:
- contents:
source: data:text/plain;charset=utf-8;base64,W2NyaW8ucnVudGltZV0KZGVmYXVsdF9ydW50aW1lID0gImNydW4td2FzbSIKW2NyaW8ucnVudGltZS5ydW50aW1lcy5jcnVuLXdhc21dCnJ1bnRpbWVfcGF0aCA9ICIvdXNyL2Jpbi9jcnVuIgpwbGF0Zm9ybV9ydW50aW1lX3BhdGhzID0geyJ3YXNpL3dhc20zMiIgPSAiL3Vzci9iaW4vY3J1bi13YXNtIn0K
mode: 0644
overwrite: true
path: /etc/crio/crio.conf.d/99-crun-wasm.conf
extensions:
- wasm
The MachineConfig will create a file at /etc/crio/crio.conf.d/99-crun-wasm.conf (base64 string in the MachineConfig example above) containing the following:
[crio.runtime]
default_runtime = "crun-wasm"
[crio.runtime.runtimes.crun-wasm]
runtime_path = "/usr/bin/crun"
platform_runtime_paths = {"wasi/wasm32" = "/usr/bin/crun-wasm"}
Apply the MachineConfig using the oc apply -f <filename> command, replacing <filename> with the name of the YAML file.
Run the following command to debug a worker node and check if crun-wasm installed successfully:
oc debug node/<node-name> -- chroot /host && crun-wasm -v
Replace <node-name> with the name of a worker node in your cluster. Once inside the debug session, you can check if crun-wasm is available by running the crun-wasm -v command.
Use the following example to check if wasm bits are enabled appropriately:
In this example, we are applying the label pod-security.kubernetes.io/enforce with the value baseline to the namespace default. By labeling the namespace with baseline, we are ensuring that all pods created within this namespace adhere to a standard set of security policies and configurations designed for the OCP cluster.
$ oc label ns/default pod-security.kubernetes.io/enforce=baseline --overwrite
namespace/default labeled
$ oc apply -f - <<EOF
apiVersion: v1
kind: Pod
metadata:
labels:
name: http-server
name: http-server
namespace: default
spec:
containers:
- name: http-server
image: quay.io/crio/example-wasm-http:latest
command: ["/http_server.wasm"]
ports:
- containerPort: 1234
protocol: TCP
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop: ["ALL"]
livenessProbe:
tcpSocket:
port: 1234
initialDelaySeconds: 3
periodSeconds: 30
EOF
$ oc get pod
NAME READY STATUS RESTARTS AGE
http-server 1/1 Running 0 3m8s
$ oc expose po/http-server
service/http-server exposed
$ oc expose service/http-server
route.route.openshift.io/http-server exposed
$ ROUTE_NAME=$(oc get route http-server -o jsonpath='{.spec.host}')
$ curl $ROUTE_NAME -d "Hello world!"
echo: Hello world!
Following these steps, you can enable crun-wasm in your OCP cluster and test its functionality using the provided example.
We've seen how, with a simple MachineConfig, you can get WASM applications running in OpenShift containers. This is just the first step — be on the lookout for additional enhancements in the future. The developer preview support for WebAssembly workloads in OpenShift 4.14 only scratches the surface of what you can achieve. WebAssembly promises to revolutionize containerization by offering improved density, enhanced security, and increased efficiency. Runtimes like crun-wasm pave the way for exciting opportunities to explore and experiment with WASM-based applications on OpenShift Container Platform (OCP).
Conclusion
The combination of WebAssembly and OpenShift offers a promising path for the future of application development and deployment. As both technologies mature and more tools emerge to bridge the gap between them, we can expect to see even more innovative solutions that leverage the strengths of both. For developers and businesses alike, this duo presents an opportunity to build and scale applications like never before.
저자 소개
유사한 검색 결과
채널별 검색
오토메이션
기술, 팀, 인프라를 위한 IT 자동화 최신 동향
인공지능
고객이 어디서나 AI 워크로드를 실행할 수 있도록 지원하는 플랫폼 업데이트
오픈 하이브리드 클라우드
하이브리드 클라우드로 더욱 유연한 미래를 구축하는 방법을 알아보세요
보안
환경과 기술 전반에 걸쳐 리스크를 감소하는 방법에 대한 최신 정보
엣지 컴퓨팅
엣지에서의 운영을 단순화하는 플랫폼 업데이트
인프라
세계적으로 인정받은 기업용 Linux 플랫폼에 대한 최신 정보
애플리케이션
복잡한 애플리케이션에 대한 솔루션 더 보기
오리지널 쇼
엔터프라이즈 기술 분야의 제작자와 리더가 전하는 흥미로운 스토리
제품
- Red Hat Enterprise Linux
- Red Hat OpenShift Enterprise
- Red Hat Ansible Automation Platform
- 클라우드 서비스
- 모든 제품 보기
툴
체험, 구매 & 영업
커뮤니케이션
Red Hat 소개
Red Hat은 Linux, 클라우드, 컨테이너, 쿠버네티스 등을 포함한 글로벌 엔터프라이즈 오픈소스 솔루션 공급업체입니다. Red Hat은 코어 데이터센터에서 네트워크 엣지에 이르기까지 다양한 플랫폼과 환경에서 기업의 업무 편의성을 높여 주는 강화된 기능의 솔루션을 제공합니다.