A portable binary instruction format known as WebAssembly (Wasm) for building software that runs in a memory-safe, sandboxed execution environment is starting to gain traction as a method for building a new class of cloud-native applications that can be deployed on both clients and servers.
Originally developed by the World Wide Web Consortium (W3C) to create a common format for browsers executing JavaScript code, Wasm is now starting to be employed to rapidly build lighter-weight applications that can be deployed on any server platform much like how JavaScript evolved to enable applications developed in that programming languages to be used on both servers and in browsers. In fact, the promise of being able to write and application once and deploy it anywhere is finally being realized using Wasm some 25 years after the initial introduction of the Java programming language.
Wasm isn’t necessarily going to replace existing approaches for building cloud-native applications using containers, but it does provide an alternative for developing lighter-weight applications that should run faster than an application because Wasm binaries are created in a way that allows them to start up in milliseconds. In comparison, the speed at which container binaries start up is typically measured in seconds.
In addition to being faster, Wasm is more secure. Existing approaches to building applications rely on the aggregation of software components that tend to lack distinct boundaries between them. As a result, it becomes relatively simple for malware to infect all the components of an application. Wasm code runs in a sandboxed environment that isolates execution environments in a way eliminates the ability of malware to laterally move across an application environment.
There are two consortiums leading the development of Wasm. The first is the Bytecode Alliance, a nonprofit organization dedicated to creating secure new software foundations based on Wasm and the WebAssembly System Interface (WASI). Members of The Bytecode Alliance that are included to advancing Wasm on the client and server side of production environments include Amazon, Intel, Google and Microsoft.
The Cloud Native Computing Foundation (CNCF), an arm of the Linux Foundation, is, meanwhile, trying to advance adoption of Wasm in server environments via an open source wasmCloud runtime project. Originally developed by Cosmonic, wasmCloud is currently a sandbox level project, but Cosmonic has already made available a commercially supported platform-as-a-service (PaaS) environment based on the platform. Fermyon, meanwhile, has also launched a rival PaaS environment for building Wasm applications as a cloud service.
The CNCF this week during its Kubecon + CloudNativeCon Europe 2023 conference this week in Amsterdam is hosting a Wasm Day that is also being made accessible online. The overall goal is to highlight compatibility between Wasm and containers running on the Kubernetes platform. Docker, Inc., for example, recently, announced Wasm support for the tools it provides for building containerized applications.
It’s not clear just how much momentum there is behind Wasm because it’s not easy to build these applications. However, a recent straw poll of 93 IT professionals conducted by conducted by CNCF finds 42% are writing, or plan to develop, server-wide applications using Wasm, with 48% combining or planning to combine server-side work with client-side code.
It’s not likely Wasm will completely supplant containers. Rather, both types of software artifacts will be employed alongside each other for many years to come. That may ultimately add additional levels of complexity in terms of managing those artifacts across DevOps workflows, but the benefits of Wasm on the server side are difficult to ignore. The challenge and the opportunity now is to determine to what when and where it makes sense to employ Wasm not just today but also as the tooling for building applications using this format continues to improve.