CNCF releases Wasm panorama

CNCF landscape was commissioned by Second State from CNCF. This article is a translation, translator: Miley Fu, Vivian Hu, original author: Chris Aniszczyk, Vivian Hu, Michael Yuan, original link: https://www.cncf.io/blog/2023/09/06/introducing-the- wasm-landscape/

“Containers are the new normal and WebAssembly is the future.”

——Key findings from CNCF’s 2022 annual survey.

WebAssembly (Wasm) was originally created as a secure sandbox for running compiled C/C++ code in a web browser, but it is gaining more attention and momentum on the server side. In the cloud, Wasm provides a lightweight, fast, secure, cross-language, cross-platform application runtime that can be used for a variety of user-submitted workloads. It is quickly becoming a critical part of the cloud native technology stack.

With the adoption of Wasm in cloud native projects, products and services, CNCF worked with the Wasm community to create a Wasm ecological panorama to better understand the scope of the Wasm ecosystem. Just as the original cloud native panorama helped outline the vast ecosystem surrounding cloud native technology, we believe that as the ecosystem develops and grows, Wasm will need the same panorama.

The first version of the Wasm Panorama was launched at the WasmCon conference and includes 11 categories and 120 projects or products, representing a total economic value of $59.4 billion. The Wasm panorama is divided into two major areas: Dev (application development) and Ops (application deployment).

application development

Wasm application development requires its own programming language and associated tool ecosystem, such as compilers, frameworks, libraries, tools, and runtimes.

programming language

When developers create an application, they start by choosing a programming language! One of the features of Wasm is its ability to run applications written in a variety of different programming languages. However, this does not mean that all programming languages ​​are created equal.

In fact, there are 4 categories of programming languages ​​in the Wasm panorama.

compiled language

First-class citizens are languages ​​that compile directly to Wasm bytecode and run in the Wasm runtime without any dependencies. C , C++ , Zig , and Rust all belong to this group. They produce the fastest and smallest Wasm applications.

Let's take Rust as an example. After installing the Rust language, all you need to do is add the wasm32-wasi target.

Managed language

Managed languages ​​are still compiled languages. But the compiler output requires a "managed runtime" to function properly. The most common task of the managed runtime is garbage collection (or GC).

For languages ​​like Kotlin and Dart , Wasm GC functionality is sufficient. Leading Wasm runtimes such as WasmEdge, Wasmtime and v8 have recently added Wasm GC support.

For Go , the compiler embeds the necessary runtime binaries into the compiled Wasm bytecode. This increases the size of Wasm applications but still provides a good developer experience.

For complex managed languages ​​such as Java and .Net (such as C#), we need to compile and run their managed runtimes (such as JVM) with bytecode applications in Wasm. This is usually a non-lightweight approach.

scripting language

Scripting languages ​​such as JavaScript, Ruby, PHP and Python can also run in Wasm. The approach here is to compile a scripting language interpreter (usually written in C) into Wasm. The Wasm-based interpreter program can then execute the script.

For example, VMware Labs' WebAssembly Laungage Runtimes project has ported the Python and PHP interpreters to Wasm.

The WasmEdge QuickJS project provides a JavaScript interpreter and a Wasm library that supports the node.js API in JavaScript.

Source: WasmEdge QuickJS documentation

Languages ​​that “compile to Wasm”

Last but not least is a new generation of compiled languages ​​optimized for the Wasm target. They are still in the very early stages. But if done right, they have the potential to become true first-class citizens in the Wasm panorama.

Moonbit and Grain are two leading examples in this category. They are designed using modern language features in Go and Rust, and are optimized for efficient Wasm compilation and execution.

Although still in its early stages, Moonbit comes with a full suite of tools, from dynamic code completion to an online IDE.

Runtime

Once the source code has been compiled into Wasm bytecode, you will need the Wasm runtime to execute them. The Wasm runtime provides all the features and benefits typically associated with Wasm, such as sandbox security, speed, and cross-platform portability. They are located in the center of the panorama.

In this cloud-native Wasm panorama, we'll focus on the popular Wasm runtime on the server side. We have WasmEdge (CNCF sandbox), Wasmtime/lucet , Wamr, WAVM , Wasmer , wasm3 , Lunatic , wazero , Wasmer and V8 .

• WasmEdge (CNCF Sandbox) is a lightweight, high-performance, and scalable WebAssembly runtime for cloud-native, edge, and decentralized applications.
• Wasmtime is a standalone wasm-optimized runtime only for WebAssembly and WASI.
• WebAssembly Micro Runtime (WAMR) is a lightweight standalone WebAssembly (Wasm) runtime with a small footprint, high performance and highly configurable capabilities for applications ranging from embedded, IoT, edge to trusted execution environments (TEE), smart contracts, cloud native and other applications.
• WAVM is a WebAssembly virtual machine designed for use in non-browser applications.
• Wasm3 is a fast WebAssembly interpreter and the most versatile WASM runtime.
• Lunatic is a WebAssembly runtime inspired by Erlang.
• wazero is a WebAssembly-compliant interpreter written in Go.
• Wasmer is a WebAssembly runtime that enables lightweight containers to run anywhere.
• V8 is Google's open source, high-performance JavaScript and WebAssembly execution engine.

application framework

Wasm runs like an operating system. Libraries and frameworks provide application developers with the high-level and easy-to-use components they need.

The WasmEdge runtime is unique in that it supports high-level POSIX APIs beyond the Wasm standard, which allows many popular Rust and JS application frameworks such as tokio, hyper, reqwest, warp, node.js, and MySQL/Postgres/Redis/ Kafka/ElasticSearch client library, running in WasmEdge. However, as with all other Wasm runtimes, the application framework is required to provide basic functionality such as HTTP/HTTPS network and database access.

In this part of the panorama, we cover Spin , WasmCloud (CNCF sandbox), SpiderLightning , WasmEdge plug-ins , Dapr SDK for WasmEdge , Homestar , Ambient , WASIX , Extism , Timecraft , vscode-wasm , and WasmEx .

• Spin is a popular application framework and component library for building WebAssembly microservices and web applications. It is used with the wasmtime runtime.
• WasmCloud allows for simple, secure, distributed application development using WebAssembly actors and capability providers.
• SpiderLightning is a set of WIT interfaces that abstract distributed application capabilities and a runtime CLI for running Wasm applications that use these capabilities.
• While WasmEdge supports popular Rust application frameworks for HTTP and database access, it can go further with plugins that support frameworks and libraries such as TLS networking, zlib, OpenCV, ffmpeg, PyTorch, Tensorflow, and large language model (LLM) inference. Replenish.
• Dapr SDK for WasmEdge is an experimental Dapr SDK implemented in Rust. It allows WasmEdge-based microservices to access more than 100 enterprise services through Dapr sidecar.
• Homestar is a Rust implementation and runtime of IPVM.
• Ambient is a runtime for building high-performance multiplayer games and 3D applications, powered by WebAssembly, Rust, and WebGPU.
• WASIX is a superset of WASI.
• Extism is a universal plug-in system. Powered by WebAssembly.
• Timecraft is a software runtime that executes WebAssembly modules with sandboxing, task orchestration, and time travel capabilities.
• vscode-wasm is a WASI implementation that uses VS Code's extension host as the implementation API.
• Wasmex is a fast, secure WebAssembly and WASI runtime for Elixir.

edge/bare metal

A key feature of Wasm is cross-platform portability, which means the ability to execute the same bytecode application across different operating systems and CPU architectures. In the JVM era, operating systems were limited to Unix-like systems (such as Linux), Windows, and MacOS. However, Wasm can run on non-traditional systems commonly used in edge and IoT computing.

Docker and Linux containers have never been cross-platform. For example, the container image must match the host CPU.

• Genode is a free and open source software operating system (OS) framework consisting of a microkernel abstraction layer and a set of user-space components.
• SeL4 RTOS is a highly reliable and high-performance operating system microkernel that has undergone comprehensive formal verification without affecting performance.
• Flatcar Container Linux is a lightweight, streamlined Linux distribution designed specifically for containers. It is an excellent host for the Wasm runtime.
• Unikraft is a fast, secure and open source Unikernel development kit.

AI reasoning

As artificial intelligence workloads become more popular in cloud data centers, Wasm is increasingly used as an alternative to heavyweight, complex, and slow Python stacks. The WASI NN specification defines how the Wasm runtime should interact with native AI/ML libraries such as PyTorch and TensorFlow for AI inference using high-performance languages ​​such as Rust.

Wasmtime, WasmEdge and WAMR are Wasm runtimes that support WASI NN.

For example, the WasmEdge runtime supports OpenVINO , Pytorch , Tensorflow, TensorFlow Lite and MMGL/Llama2 as inference backends, as well as OpenCV and ffmpeg as pre- or post-processors. It also supports mediapipe, document AI, llama2 and other models.

embedded function

Wasm can safely execute user-defined or community-contributed code as embedded functions (or plug-ins) in software products.

In this part of the Wasm panorama, we present software products that select and integrate Wasm as a plug-in mechanism. The longest category is database and data flow applications, where Wasm is used to execute user-defined functions (UDFs).

Databases such as Libsql , OpenGauss and Singlestore and message queues such as Open Policy Agent , InfinyOn , YoMo , eKuiper and Redpanda are using Wasm to execute UDFs. Traffic proxies such as Envoy , Istio , APISIX , KubeWarden , and NGINX are using Wasm to execute custom logic in the data plane. FaaS platforms such as OpenFunction and Knative allow Wasm functions to be embedded into Kubernetes Pods.

• Libsql is an open source, open contribution fork of SQLite. Its goal is to bring SQLite to the server side.
• OpenGauss is a high-performance, high-security, and high-reliability enterprise-level open source relational database.
• SingleStore is a distributed SQL database designed to power data-intensive applications.
• Open Policy Agent is an open source general policy engine.
• InfinyOn is a composable unified data streaming platform.
• YoMo is an open source streaming serverless framework for building low-latency geographically distributed systems.
• eKuiper is an edge lightweight IoT data analysis/streaming software.
• Redpanda is a simple, powerful, and cost-effective streaming data platform that is compatible with the Kafka® API while removing the complexity of Kafka.
• Envoy is an open source edge and service proxy designed for cloud-native applications.
• Istio is an open source service mesh that can be transparently layered on top of existing distributed applications.
• Apache APISIX is a dynamic, real-time, high-performance API gateway.
• Kubewarden is the policy engine for Kubernetes. Its mission is to simplify the adoption of strategy as code.
• Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy, and HTTP cache.
• OpenFunction is a cloud-native open source FaaS (Function as a Service) platform.

tool chain

Ultimately, developers rely on tools to piece together languages, frameworks, libraries, and runtimes into working applications. The maturity of the tool chain is an important indicator of measuring the maturity of the entire developer ecosystem. At Wasm Panorama, we cover important tools for building Wasm applications.

• Cargo : Build Wasm applications from Rust source code. It provides modern dependency management tools and source code repo.
• LLVM : In theory, any language with an LLVM backend can be compiled into Wasm.
• Binaryen : Compiler and toolchain infrastructure library for WebAssembly
• Emscripten : Compile C and C++ to WebAssembly using LLVM and.
• wasm-pack : Compile Rust to Wasm, which can interact with JavaScript in the browser or Node.js
• wasm-bindgen : Facilitates advanced interaction between Wasm modules and JavaScript
• Wabt : A set of tools for WebAssembly, including wat2wasm, wasm2wat, wasm2c, etc.
• Witc : The compiler generates code for .wit files
• Wit bindgen :Client language binding generator for WIT and component models
• Asyncify : A JavaScript wrapper designed to be used with Binaryen's Asyncify functionality.

Application deployment

After creating your Wasm application, the next step is to deploy and scale it in production. There are a large number of tools, frameworks and services in the cloud native panorama to manage application deployment. Many of them have integrated Wasm support.

Orchestration and Management

Wasm containers can be seamlessly managed with existing container tools such as Docker, containerd, and Kubernetes. There are two ways to manage Wasm applications as "containers". Both methods allow you to build a Kubernetes cluster that runs Linux containers and Wasm containers in parallel.

Method #1 is to use OCI runtimes such as crun and youki on top of a container management stack . crun detects whether the OCI image is wasm or Linux based on the image's target operating system and CPU platform. If the image targets wasi/wasm, crun will bypass the Linux container setup process and just use WasmEdge to run it. Based on crun , we can get the entire Kubernetes stack to run Wasm images, including CRI-O (CNCF project), containerd (CNCF project) , Podman , kind , K8s (CNCF project), OpenYurt (CNCF project), SuperEdge (CNCF project) , KubeEdge (CNCF project).

Method #2 is to use containerd-shim (such as runwasi ) to run the Wasm application in containerd. When containerd receives an image, it checks the image's target platform and if the image is wasi/wasm, it routes to runwasi for execution. If the image is x86 or arm, it routes to runc.

Building on Kubernetes, we also introduced some emerging tools to help manage production Wasm workloads.

Kuasar is another container runtime that supports multiple types of sandboxes, including microVM, Linux containers, application kernels, and WebAssembly runtimes.

Kwasm is a Kubernetes Operator that adds WebAssembly support to your Kubernetes nodes. It works with local and hosted cloud K8s distributions based on Ubuntu/Debian and Containerd,

container2wasm is a container to wasm image converter that can run containers on WASM.

Hosted platform

If you don't want the hassle of running your own servers and Kubernetes clusters, hosting platforms are an excellent choice for deploying and scaling Wasm applications as services.

• Flows.network is a serverless Wasm platform for AI-native workflow automation.
• Fermyon Cloud deploys and manages serverless Wasm functions written using the Spin framework.
• Cosmonic is a Wasm-based Actor service deployed on WasmCloud.
• Cloudflare Workers is a v8-powered serverless function runtime for Wasm and JavaScript on the Cloudflare edge network.
• [Fastly @Edge Function]( http://fastly.com/products/edge-compute ) is a serverless Wasm function platform deployed on the Fastly edge network.
• AKS : Supports creating WASI node pools in Azure Kubernetes Service (AKS) to run WebAssembly (WASM) workloads
• Taubyte is a cloud-native platform for running applications, specifically Wasm applications.
• Golem Cloud is a computing platform that allows developers to build and deploy long-running, stateful serverless workers in Wasm.

Decentralized platform

The blockchain-based smart contract platform is a decentralized cloud computing network. Instead of a central Operator running all workloads, your cloud applications (i.e. smart contracts) are executed by nodes in the network. Because smart contracts are trustless and must be executed very frequently (hundreds of times per second per computer), Wasm is the ideal execution engine for this application scenario. In fact, Wasm is used by almost all leading smart contract blockchain networks.

• Polkadot
• NEAR
• Dfinity
• GEAR
• Filecoin
• Ripple
• EOS
• CosmWasm
• Quai Network

Debugging and Observability

Debugging and observability are important production features that enable operations teams to continuously monitor applications and provide useful feedback to development teams. This is the part of the Wasm panorama that is currently lacking. We expect this area to grow as Wasm is increasingly deployed in production.

• WASI logging is the Wasm specification for emitting log messages. It is supported by leading Wasm runtimes such as wasmtime and WasmEdge.
• Modsurfer provides operations and development teams with the first logging system + diagnostics application to search, browse, verify, audit and investigate Wasm binaries.

Artifacts

Artifacts repo is an important element in the panorama. They provide a centralized and always available location to store, discover, verify, download, and track multiple released versions of Wasm packages. Not only are they convenient tools, they are also critical to software supply chain security.

• Docker Hub is the place to create, manage and deliver your team's container applications. If you upload a pure Wasm image on Docker Hub, the image's operating system/architecture will be tagged wasi/wasm.
• Harbor is an open source, trusted cloud-native registry project for storing, signing, and scanning content. It supports Wasm artifacts.
• Warg is a WebAssembly component registry.
• wapm is a package manager for WebAssembly.
• crates.io is a crate registry for rust, the most commonly used Wasm language.

Help us build the Wasm panorama

The production of Wasm panorama is inseparable from the joint efforts of the community. With the rise of Wasm adoption, Wasm panorama is also developing rapidly. We intend to keep you updated on the latest progress. However, we can only do this with the help of the entire Wasm community.
If there is anything you want to add or update, please submit a PR! You can refer to this PR to add your project name, logo, website, GitHub repo link and crunchbase.

Bun releases official version 1.0, a magical bug in Windows File Explorer when JavaScript is runtime written by Zig , improves performance in one second JetBrains releases Rust IDE: RustRover PHP latest statistics: market share exceeds 70%, the king of CMS transplants Python programs To Mojo, the performance is increased by 250 times and the speed is faster than C. The performance of .NET 8 is greatly improved, far ahead of .NET 7. Comparison of the three major runtimes of JS: Deno, Bun and Node.js Visual Studio Code 1.82 NetEase Fuxi responded to employees "due to BUG was threatened by HR and passed away. The Unity engine will charge based on the number of game installations (runtime fee) starting next year.

{{o.name}}

{{m.name}}