Could we actually replace containers?

Day 1 | 15:50 | 00:20 | UD2.218A | Dan Phillips


Note: I'm reworking this at the moment, some things won't work.

The stream isn't available yet! Check back at 15:50.

The now infamous quote:

“Webassembly on the server is the future of computing” – Solemn Hykes, creator of Docker

But really, what would it take? I'm talking about FULL feature parity. This talk will go deep into how we looked at and attempted to solve every single piece of this very large problem.

While containers have been pivotal in cloud computing, offering isolated environments for applications, they bring notable drawbacks. These include substantial overhead, resulting in larger, less efficient deployments and startup times, and a dependency on the underlying OS for security, posing potential vulnerabilities.

WebAssembly (Wasm) addresses these challenges, and this talk will introduce the open-source project Boxer (https://boxer.dev), which offers tooling for taking existing containerized workloads and definitions, and creating near-universally deployable Wasm distributions (“Boxes”) offering roughly the same environment, with all the benefits of the WebAssembly target. Wasm, a compact binary instruction format, enables lightweight, sandboxed execution, significantly reducing overhead compared to traditional containers. This leads to enhanced performance and smaller, more efficient deployments, ideal for cloud computing. Additionally, Wasm's memory-safe, isolated execution environment provides superior security, independent of the OS. Thus, Wasm, with its blend of efficiency and security, emerges as not just an alternative, but a substantial improvement over container technology for cloud deployments.

Marcotte (https://github.com/dphilla/marcotte) -- the underlying tool for virtualizing layers of system functionality -- allows us to make safe, sandboxed, discrete, and composable system functionality, by leveraging Rust's memory safety model, and the inherent properties of WebAssembly.

This talk will critically examine this new technology, its approach, benefits, and existing limitations compared with containers, and its path forward as a new standard in cloud infrastructure.