In this FaaS solution, the following two problems are mainly solved:
- What is the relationship between the compiled wasm file and the docker image?
- The target wasm file is finally built into an ordinary image and pushed to Dockerhub. The process of pulling the image is also consistent with the original image, but the target wasm file will be extracted from the image and loaded separately during actual operation.
- How to make k8s manage and deploy wasm files?
- Incorporating into the k8s life cycle management and scheduling strategy, the Containerd-shim-layotto-v2 plugin implements the v2 interface definition of Containerd, and changes the container runtime to Layotto Runtime. For example, the implementation of k8s creating a container is modified to load and run functions in form of wasm.
- Thanks to the excellent sandbox isolation environment of WebAssembly, Layotto as a function base can load and run multiple wasm functions. Although they all run in the same process, they do not affect each other. Compared with docker, this idea of nanoprocess can make fuller use of resources.
The wasm1 and wasm2 in the above figure respectively represent two functions. After the function is developed, it will be compiled into the form of *.wasm and loaded and run. It makes full use of the sandbox isolation environment provided by WebAssembly(wasm) to avoid mutual influence between multiple functions.
B、Layotto
The goal is to provide services, resources, and safety for the function. As the base of function runtime, it provides functions including WebAssembly runtime, access to infrastructure, maximum resource limit for functions, and system call permission verification for functions.
Officially supported container runtime, docker is currently the most widely used implementation. In addition, secure containers such as kata and gvisor also use this technology. Layotto also refers to their implementation ideas and integrates the process of loading and running functions into the container runtime.
Based on the V2 interface definition of Containerd, the runtime logic of the container is customized. For example, the implementation of creating a container is modified to let Layotto load and run the wasm function.
The current container scheduling standards, life cycle management and scheduling strategies are excellent. Layotto chose to use the containerd in order to perfectly integrate the scheduling of functions with the k8s ecology.
On the basis of proxy-wasm/spec, refer to the definition of Runtime API, add APIs for functions to access infrastructure.
It is used to implement the logic of Runtime ABI in Layotto.