Cloud Native / Edge / IoT / Kubernetes / Contributed

Cloud Native WebAssembly Applications Are Already Here

29 Oct 2021 5:00am, by
Michael Yuan
Michael Yuan is the founder and maintainer of WasmEdge, an open source WebAssembly runtime hosted by the CNCF for edge computing, service mesh, and embedded functions. Dr. Yuan is the author of six books on software engineering, and a long-time open source contributor. He is the co-founder of Second State, a venture-funded startup that supports and commercializes enterprise applications in the WebAssembly and Rust ecosystem.

In July 2021, Association of Computing Machinery Special Interest Group on Programming Languages awarded its prestigious Programming Language Software Award to WebAssembly to acknowledge its achievement as “the first new broadly-adopted language in web browsers since JavaScript.” And this year also marks WebAssembly’s explosive growth outside of web browsers, especially in server-side and cloud native environments.

So far in 2021, the Cloud Native Computing Foundation has officially accepted at least three WebAssembly projects, including WasmEdge Runtime, a cloud native WebAssembly runtime, wasmCloud, a WebAssembly application framework, and Krustlet, a tool to run WebAssembly programs in Kubernetes pods, with many more existing CNCF projects starting to adopt WebAssembly.

To accommodate the cloud native community’s growing interest in WebAssembly, KubeCon+CloudNativeCon North America held a dedicated Cloud Native Wasm Day event in Los Angeles in October. Over 300 developers registered (and paid) to participate in the day-long event. I was on the event’s planning committee and attended the event in person.

The event started with keynotes from Microsoft Azure’s Ralph Squillace and Cosmonic’s Liam Randall. Both Squillace and Randall are veterans of cloud computing. Their keynotes discussed the evolution of cloud computing architecture, and provided the context for the rise of WebAssembly as a cloud native runtime.

WebAssembly is a lightweight, fast, safe, and polyglot “container” for functions. It brings the cloud native programming model, pioneered by Kubernetes and Docker, beyond mega data centers into the realms of edge computing and microservices.

The takeaway message from the event is that cloud native WebAssembly applications are already being adopted by enterprises of all sizes, and along with the applications, we are also seeing a thriving ecosystem of frameworks, tools, and runtimes emerging.


Since Kubernetes has become the de facto “control plane” for all cloud native applications, WebAssembly must be supported in Kubernetes in order to see serious adoption. Cloud native WebAssembly on the server not only requires WASI to access operating system functions but also needs Kubernetes integration. We need to run WebAssembly workload side by side with other containers (eg. containerd, Docker, and cri-o) in a Kubernetes cluster. In this event, we saw two leading approaches.

The Krustlet project runs WebAssembly programs directly from a Kubernetes pod. Throughout the Wasm day event, we saw multiple demonstrations using krustlet. In fact, Microsoft Azure AKS announced a WebAssembly service based on krustlet during the conference. Check it out!

The crun project is a popular container runtime for the Kubernetes ecosystem. It can auto-detect whether a container image is for WebAssembly or containerd/Docker, and then start and manage the appropriate runtime/container. It makes WebAssembly programs first-class citizens in Kubernetes clusters.

WebAssembly programs are not just workloads managed and controlled by Kubernetes. They can also extend Kubernetes itself. Rafael Fernández López from SUSE introduced us to the Kubewarden project, which provides a WebAssembly-based policy engine for Kubernetes.

Application Frameworks

Application frameworks are built on top of Kubernetes to provide common services to applications. A good example is Dapr, created by Microsoft and soon to be a CNCF incubation project. Dapr utilizes the sidecar pattern to provide commonly used services, such as service discovery and invocation, resilient retries, logging and tracing, monitoring, secret stores, connection security, etc., to microservice applications attached to those sidecars. Those sidecar applications (microservices) could be managed by Kubernetes. We have learned that WebAssembly-based sidecar applications are now supported on Dapr.

The wasmCloud project is an actor-based application framework specifically designed for WebAssembly. Stuart Harris and Aayush Attri from Red Badger gave a talk on how they used a wasmCloud cluster, managed by Kubernetes, to implement a large-scale application inside a European bank.

Service meshes are built on top of application frameworks. They provide additional features such as traffic routing and splitting through a proxy. The Envoy Proxy is an early adopter for WebAssembly-based service mesh extensions. Ant Group’s MOSN is a service mesh that manages a mega cluster of over 200,000 servers.

MOSN team’s Jason Song gave a lightning talk in the event to discuss running WebAssembly functions in the service mesh in place of traditional containers. MOSN’s proxy supports the proxy-wasm specification as an extension mechanism. MOSN’s sidecar framework, known as Layotto, supports microservices written in WebAssembly. Jason gave a live demo on how to use Kubernetes to deploy and manage WebAssembly functions on MOSN and Layotto in an e-commerce application.

Embedded Functions in SaaS

So far, we have learned WebAssembly’s application in cloud native infrastructure. How about business logic applications?

WebAssembly makes it easy for business applications to support third-party plug-ins or extensions. A centrally hosted cloud native application (eg a SaaS) could use a WebAssembly runtime to safely and efficiently execute any user-submitted code function.

Suborbital’s Connor Hicks gave a very articulate explanation on why reactive embedded functions are much better suited to extend and customize SaaS than traditional webhooks or “native integrations” (ie customization templates). Suborbital is an application framework that makes it easily to embed WebAssembly functions into a SaaS. 

Shopify is a pioneer in using embedded WebAssembly functions to extend and customize its SaaS. It has been discovered that developers really want to use JavaScript, not Rust or C/C++, to write those functions. Shopify’s Saúl Cabrera gave a talk on how to run and optimize JavaScript programs on WebAssembly. Along the same lines, we have seen WebAssembly runtimes, such as WasmEdge, supporting advanced JavaScript features, such as ES6 modules, async networking, and Rust / JavaScript interaction.

Bailey Hayes & Carl Sverre gave a talk about how SingleStore uses WebAssembly to execute user-defined functions embedded in cloud databases. It allows data storage and computation to stay close together and improves efficiency. In their talk, the team demonstrated how to perform real-time sentiment analysis using AI models on a large dataset. As early adopters in the space, the team is also engaged in standardization efforts proposing a WASI-data spec to support a standard two-way communication protocol between databases and WebAssembly runtimes.

AI and IoT

As Liam Randall discussed in his keynote speech, perhaps the greatest application opportunities for WebAssembly are on the edge, both on edge networks and on edge devices.

Dan Mihai Dumitriu presented how Midokura, a Sony division for IoT applications, is deploying WebAssembly applications on sensor devices. The small footprint and high performance of WebAssembly enable it to run on small devices as a safety sandbox for user applications. Kate Goldenring from Microsoft and Rodrigo Farias Rodrigues Lemos from the Federal University of Pernambuco presented Akri, a WebAssembly application running as Krustlet, to discover IoT devices and to make them available as resources in a Kubernetes cluster.

In fact, CNCF now has at least three Kubernetes-on-the-edge projects, KubeEdge, SuperEdge, and OpenYurt. With the aforementioned Kubernetes integration, WebAssembly’s future on IoT devices is bright.

An important application on today’s edge network is AI inference. Lightweight and fast WebAssembly runtimes can bring AI inference computation closer to sensors and data sources on the edge. There are two talks specifically about AI inference in this event.

Shivay Lamba from Layer5 and Mritunjay Sharma from Hackerrank gave a talk on how to use WasmEdge’s Tensorflow and Tensorflow Lite API extension to do image recognition at a rate of milliseconds per image. This API is available to both Rust and JavaScript developers.

Radu Matei from Microsoft discussed the WASI-NN specification, which provides a standard API to incorporate any AI inference library into WebAssembly. The WasmEdge Tensorflow extension is also being adapted to WASI-NN.

Ecosystem Innovations

As WebAssembly applications grow, developers are rushing in to improve WebAssembly itself and its related tools. Two noticeable WebAssembly ecosystem efforts are presented in this event, Bindle and Grain.

Bindle aims to provide a package management system for WebAssembly modules and artifacts. As we have seen from the successes of NPM, Docker Hub, Go, and Rust crates, package management could foster collaboration and enable developers to build on each other’s work. Matt Butcher from Microsoft Azure and Taylor Thomas from Cosmonic gave a talk on how Bindle is designed and how to use it. We look forward to more adoption of this important technology.

Grain is a WebAssembly-first programming language. A statically typed and compiled programming language can most effectively leverage WebAssembly’s lightweight runtime. However, static typed languages such as Rust and C/C++ are not easy for beginners. Oscar Spencer from the Grain project discussed how Grain is designed as an easy-to-use programming language that can compile into efficient WebAssembly bytecodes. This project is still early but highly promising.

What’s Next

Cloud native WebAssembly applications started to take off in 2021. As WebAssembly is incorporated into almost all leading cloud native projects, we could see the pervasive deployment of WebAssembly applications in the cloud in the next 12 months. What are you waiting for?

The New Stack is a wholly owned subsidiary of Insight Partners, an investor in the following companies mentioned in this article: Docker, SingleStore.

Feature image via Pixabay.