Docker + WebAssembly Overview
Docker has started native support for WebAssembly (Wasm) workloads. You can manage traditional containers and Wasm containers with the same toolchain, enabling lighter and faster execution environments.
Why Wasm
Comparing Containers and Wasm
| Item | Linux Container | Wasm Container |
|---|---|---|
| Startup time | Seconds | Milliseconds |
| Image size | Tens of MB to GB | Hundreds of KB to MB |
| Memory usage | High | Low |
| Security | Namespace isolation | Sandbox |
| Portability | OS dependent | Completely independent |
Creating Wasm Containers
Example in Rust
// main.rs
fn main() {
println!("Hello from WebAssembly!");
}
# Build for Wasm target
rustup target add wasm32-wasip1
cargo build --target wasm32-wasip1 --release
Creating Dockerfile
# syntax=docker/dockerfile:1
FROM scratch
COPY ./target/wasm32-wasip1/release/hello.wasm /hello.wasm
ENTRYPOINT ["/hello.wasm"]
Build and Run
# Build Wasm image
docker buildx build --platform wasi/wasm -t hello-wasm .
# Run
docker run --runtime=io.containerd.wasmedge.v1 hello-wasm
WASIp2 (WASI Preview 2)
The new WASI specification enables more features.
// Filesystem access
use std::fs;
fn main() {
let content = fs::read_to_string("/data/config.txt").unwrap();
println!("Config: {}", content);
}
# Mount host directory
docker run --runtime=io.containerd.wasmedge.v1 \
-v ./data:/data \
hello-wasm
Docker Compose Integration
# docker-compose.yml
services:
api:
image: my-wasm-api
platform: wasi/wasm
runtime: io.containerd.wasmedge.v1
ports:
- "8080:8080"
web:
image: nginx
depends_on:
- api
Use Cases
Edge Computing
flowchart TB
Cloud["Cloud<br/>(Full features)"]
Edge["Edge<br/>(Resource limited)<br/>← Run lightweight with Wasm"]
Device["Device"]
Cloud --> Edge --> Device
Serverless Functions
- Fast cold start
- Good memory efficiency
- Safe in multi-tenant environments
Plugin Systems
- Sandboxed plugin execution
- Language-agnostic plugins
Supported Runtimes
| Runtime | Features |
|---|---|
| WasmEdge | High performance, AI inference support |
| Wasmtime | Bytecode Alliance developed |
| Spin | Fermyon developed, serverless-oriented |
# Check runtime
docker info | grep -i wasm
Limitations
Current limitations:
- Network functionality is limited
- Some system calls are not supported
- GPU/hardware access is restricted
- Existing Linux binaries cannot be directly executed
Summary
Docker + WebAssembly provides a new option in container technology. It’s expected to be utilized in workloads that require lightweight and fast startup, especially in edge and serverless environments. As WASI matures, it will support more use cases.
← Back to list