WebAssembly on the Edge: Sandboxing AND Performance
ScyllaDB
170 views
29 slides
Oct 14, 2024
Slide 1 of 29
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
About This Presentation
Moving apps to the Edge can complicate performance due to security constraints. Learn how WebAssembly bridges the gap, enabling both speed and security. We'll share insights from Exograph app migrations, focusing on Wasi advancements and the new component model. #EdgeComputing #WebAssembly
Slide Content
A ScyllaDB Community
WebAssembly on the Edge:
Sandboxing AND Performance
Brian Sletten
Bosatsu Consulting, Inc.
Ramnivas Laddad
Exograph, Inc.
WebAssembly on the Edge:
Sandboxing AND Performance
Brian Sletten
Bosatsu Consulting, Inc.
Ramnivas Laddad
Exograph, Inc.
Brian Sletten (he/him)
President, Bosatsu Consulting, Inc
■Author of O'Reilly book "WebAssembly : The Definitive Guide"
■Author of "Resource-Oriented Architecture Patterns for Webs of
Data"
■Teaches and speaks internationally about REST, Semantic Web,
WebAssembly, Data Science, Machine Learning, GPU Computing,
Security, Visualization, Architecture
■International Pop Recording Artist
President, Bosatsu Consulting, Inc
■Author of O'Reilly book "WebAssembly : The Definitive Guide"
■Author of "Resource-Oriented Architecture Patterns for Webs of
Data"
■Teaches and speaks internationally about REST, Semantic Web,
WebAssembly, Data Science, Machine Learning, GPU Computing,
Security, Visualization, Architecture
■International Pop Recording Artist
Ramnivas Laddad (he/him)
Co-founder, Exograph, Inc
■Former Spring Framework and Cloud Foundry
committer
■Author of “AspectJ in Action”
■Speaker at many professional conferences
■Indian Classical Music aficionado
Co-founder, Exograph, Inc
■Former Spring Framework and Cloud Foundry
committer
■Author of “AspectJ in Action”
■Speaker at many professional conferences
■Indian Classical Music aficionado
WebAssembly
https://hacks.mozilla.org/2018/10/webassemblys-post-mvp-future
Edge Computing
https://tinyurl.com/edge-landscape
Exograph
Express the domain model
and have the server ready! ??????
context AuthContext {
@jwt("sub") id: Int
@jwt role: String
}
@postgres
module ConcertData {
type Concert {
@pk id: Int = autoIncrement()
title: String
venue: Venue
}
@access(AuthContext.role == "ADMIN")
type Venue {
@pk id: Int = autoIncrement()
name: String
concerts: Set<Concert>
published: Boolean
}
}
and have the server ready! ??????
context AuthContext {
@jwt("sub") id: Int
@jwt role: String
}
@postgres
module ConcertData {
type Concert {
@pk id: Int = autoIncrement()
title: String
venue: Venue
}
@access(AuthContext.role == "ADMIN")
type Venue {
@pk id: Int = autoIncrement()
name: String
concerts: Set<Concert>
published: Boolean
}
}
Exograph
Builder
exo_ir
Exograph
Runtime
context AuthContext {
@jwt("sub") id: Int
@jwt role: String
}
@postgres
module ConcertData {
type Concert {
@pk id: Int = autoIncrement()
title: String
venue: Venue
}
@access(AuthContext.role == "ADMIN")
type Venue {
@pk id: Int = autoIncrement()
name: String
concerts: Set<Concert>
published: Boolean
}
}
{
concerts {
id
title
}
}
{
"data": {
"concerts": [
{
"id": 1,
"title": “The Beatles"
},
{
"id": 2,
"title": "The Rolling Stones"
}
]
}
}
Builder
exo_ir
Exograph
Runtime
context AuthContext {
@jwt("sub") id: Int
@jwt role: String
}
@postgres
module ConcertData {
type Concert {
@pk id: Int = autoIncrement()
title: String
venue: Venue
}
@access(AuthContext.role == "ADMIN")
type Venue {
@pk id: Int = autoIncrement()
name: String
concerts: Set<Concert>
published: Boolean
}
}
{
concerts {
id
title
}
}
{
"data": {
"concerts": [
{
"id": 1,
"title": “The Beatles"
},
{
"id": 2,
"title": "The Rolling Stones"
}
]
}
}
Exograph Deployment Targets
Demo
Moving to the Edge
Experience post Rust code: Computation
■Serializing intermediate representation to/from its model
■Parsing and validating GraphQL queries
■Mapping GraphQL queries to SQL
■Validating JWT tokens
■Serializing intermediate representation to/from its model
■Parsing and validating GraphQL queries
■Mapping GraphQL queries to SQL
■Validating JWT tokens
Experience post Rust code: System Interface
#[cfg(not(target_family = "wasm"))]
use std::time::Instant;
#[cfg(target_family = "wasm")]
use web_time::Instant;
#[cfg(not(target_family = "wasm"))]
use std::time::Instant;
#[cfg(target_family = "wasm")]
use web_time::Instant;
Connecting to Postgres
let socket = Socket::builder()
.secure_transport(SecureTransport::StartTls)
.connect(host, port)?;
wasm_bindgen_futures::spawn_local(async move {
if let Err(error) = pg_connection.await {
// report
}
});
let (pg_client, pg_connection) = config
.connect_raw(socket, PassthroughTls)
.await?;
let socket = Socket::builder()
.secure_transport(SecureTransport::StartTls)
.connect(host, port)?;
wasm_bindgen_futures::spawn_local(async move {
if let Err(error) = pg_connection.await {
// report
}
});
let (pg_client, pg_connection) = config
.connect_raw(socket, PassthroughTls)
.await?;
Contributing back to the ecosystem
■rust-postgres
●A new API to make it work with external pooling
■oidc-jwt-validator
●Async runtime adjustment
●std::time replacement
■tree-sitter-c2rust
■worker-rs
■deadpool-postgres
■rust-postgres
●A new API to make it work with external pooling
■oidc-jwt-validator
●Async runtime adjustment
●std::time replacement
■tree-sitter-c2rust
■worker-rs
■deadpool-postgres
Challenges
Latency in Module Loading
Exograph
Builder
exo_ir
Exograph
Runtime
context AuthContext {
@jwt("sub") id: Int
@jwt role: String
}
@postgres
module ConcertData {
type Concert {
@pk id: Int = autoIncrement()
title: String
venue: Venue
}
@access(AuthContext.role == "ADMIN")
type Venue {
@pk id: Int = autoIncrement()
name: String
concerts: Set<Concert>
published: Boolean
}
}
{
concerts {
id
title
}
}
{
"data": {
"concerts": [
{
"id": 1,
"title": “The Beatles"
},
{
"id": 2,
"title": "The Rolling Stones"
}
]
}
}
Builder
exo_ir
Exograph
Runtime
context AuthContext {
@jwt("sub") id: Int
@jwt role: String
}
@postgres
module ConcertData {
type Concert {
@pk id: Int = autoIncrement()
title: String
venue: Venue
}
@access(AuthContext.role == "ADMIN")
type Venue {
@pk id: Int = autoIncrement()
name: String
concerts: Set<Concert>
published: Boolean
}
}
{
concerts {
id
title
}
}
{
"data": {
"concerts": [
{
"id": 1,
"title": “The Beatles"
},
{
"id": 2,
"title": "The Rolling Stones"
}
]
}
}
Exograph
Builder
exo_ir
Exograph
Runtime
context AuthContext {
@jwt("sub") id: Int
@jwt role: String
}
@postgres
module ConcertData {
type Concert {
@pk id: Int = autoIncrement()
title: String
venue: Venue
}
@access(AuthContext.role == "ADMIN")
type Venue {
@pk id: Int = autoIncrement()
name: String
concerts: Set<Concert>
published: Boolean
}
}
{
concerts {
id
title
}
}
{
"data": {
"concerts": [
{
"id": 1,
"title": “The Beatles"
},
{
"id": 2,
"title": "The Rolling Stones"
}
]
}
}
Builder
exo_ir
Exograph
Runtime
context AuthContext {
@jwt("sub") id: Int
@jwt role: String
}
@postgres
module ConcertData {
type Concert {
@pk id: Int = autoIncrement()
title: String
venue: Venue
}
@access(AuthContext.role == "ADMIN")
type Venue {
@pk id: Int = autoIncrement()
name: String
concerts: Set<Concert>
published: Boolean
}
}
{
concerts {
id
title
}
}
{
"data": {
"concerts": [
{
"id": 1,
"title": “The Beatles"
},
{
"id": 2,
"title": "The Rolling Stones"
}
]
}
}
Lowering Module Size: Do less work
■Simplify resolver logic
●Supported pre-defined queries (persisted/trusted queries)
●Map instead of compute
■Look up the query
■Find the query plan
■Validate variables
■Execute!
■Guide users in defining queries that can be mapped
■Simplify resolver logic
●Supported pre-defined queries (persisted/trusted queries)
●Map instead of compute
■Look up the query
■Find the query plan
■Validate variables
■Execute!
■Guide users in defining queries that can be mapped
Lowering Module Size: Tools
■wasm-opt, wasm-gc to optimize the size and DCE
■https://wasmphobia.surma.technology/ to analyze size contributions
■wasm-opt, wasm-gc to optimize the size and DCE
■https://wasmphobia.surma.technology/ to analyze size contributions
Connection Latency: Application-level pooling
Exograph
Runtime
Pool
Exograph
Runtime
Pool
Error: Cannot perform I/O on behalf of a different request. I/O objects
(such as streams, request/response bodies, and others) created in the
context of one request handler cannot be accessed from a different
request's handler. This is a limitation of Cloudflare Workers which allows
us to improve overall performance. (I/O type: WritableStreamSink)
Exograph
Runtime
Pool
Exograph
Runtime
Pool
Error: Cannot perform I/O on behalf of a different request. I/O objects
(such as streams, request/response bodies, and others) created in the
context of one request handler cannot be accessed from a different
request's handler. This is a limitation of Cloudflare Workers which allows
us to improve overall performance. (I/O type: WritableStreamSink)
Connection Latency: Edge-provided pooling
Exograph
Runtime
Exograph
Runtime
Hyper
drive
No pooling: ~345ms
With Hyperdrive: ~60ms
Exograph
Runtime
Exograph
Runtime
Hyper
drive
No pooling: ~345ms
With Hyperdrive: ~60ms
Wasi
https://wasi.dev
https://wasi.dev/interfaces
Thank you! Let’s connect.
Brian Sletten
[email protected]
https://bosatsu.net
@[email protected]
Ramnivas Laddad
[email protected]
https://exograph.dev
@ramnivas
Brian Sletten
[email protected]
https://bosatsu.net
@[email protected]
Ramnivas Laddad
[email protected]
https://exograph.dev
@ramnivas
Tags
Categories
GeneralDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 170
- Slides 29
- Age 414 days
Related Slideshows
22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
30 views
26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
32 views
31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
30 views
14
Fertility awareness methods for women in the society
Isaiah47
29 views
35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
26 views
5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
28 views