WASM and Docker can work together. WASM applications can run inside containers managed by Docker and containerd. Docker Desktop now supports running WASM modules via containerd-wasm-shim. The demo showed building a Rust application into a WASM module, packaging it in a Docker image, and running it in a container on the same network as normal containers. In the future, WASM could be used to run untrusted code securely inside containers and easily install plugins in desktop applications.

1. WASM and Docker
Antonis Kalipetis
@akalipetis
Docker Athens | #DockerAth

2. 👋 I’m Antonis
* Software Engineer at Platform.sh
* DevOps with LOGIC
* Docker Captain
* One half of mikrikouventa.fm
* Python lover and Go developer
* Docker and Containers aficionado
* Everything that comes to my hands becomes a container

3. 🎯 Goals for the day
* Better understand WASM
* See how WASM plays with Docker
* Explore the future of containers and WASM

5. What is WASM?

6. * WASM stands for WebAssembly
* WASM is a binary instruction format for a stack-based
virtual machine
* It was initially meant as a way to ship code in the web
browser, other than JS
🤨 What is WASM?

7. * An efficient and fast way to compile and package
applications written in a variety of languages
* A way to run those application into sandboxed
environments, either in the browser or elsewhere
* An application format that can run in the same way between
different environments, from edge servers to your browser
and inside other applications
💡 What is WASM today?

8. * WASM is currently supported by all major web browsers,
including Chrome, Firefox, and Safari
* The standard is owned by W3C
* Originally created to provide near-native speed code
execution in the browser
🕸 The Web in WebAssembly

9. * Figma was written in WASM
* CloudFlare workers run WASM
* There was also WASM in Marathon’s latest Compensation
Report
📸 WASM highlights

10. WASM
And
Docker

11. 🐳 Docker Desktop and WASM
Docker Engine
containerd-shim
runc
Container process
containerd-shim
runc
Container process
containerd-wasm
-shim
wasmedge
Wasm Module

12. DEMO TIME!

13. * We built a Docker image using a Dockerfile, where the
application was compiled from Rust code ⚙ into WASM
* The .wasm application was copied to a SCRATCH image
* WASM and normal containers were started, using the same
network
🧵 What did just happen there?

14. * Boundaries are very constraint by design
* WASI is being developed to provide a standardized
interface for interacting with system resources
* containerd has support for running different types of WASI
interfaces
https://github.com/containerd/runwasi
🏺 How are the applications contained?

15. * Very fast startup time (ms)
* Single application for all
architectures/OSes
* Restrictive on the type of code
you can run
* Fast startup time
* One image for each
architecture/OS
* Run everything a Linux machine
can run
🥊 WASM vs Containers

16. * Manage large amounts of WASM containers
* Run untrusted code with very specific boundaries
* Easily install plugins to CLIs or other desktop
applications
🔮 What could the future look like?

17. * OCI images are a great packaging format
* containerd is a great tool for managing workloads
* There are multiple orchestrators orchestrating workloads
that run with containerd
❓ Docker, containers and WASM a few months in

18. Connect the dots…

19. Questions?

20. Thanks!
Antonis Kalipetis
@akalipetis