Serverless functions save developers a ton of trouble managing the backend infrastructure. It also simplifies the development process as developers only need to focus on the business logic. This article is a step-by-step guide on how to write and deploy your own WebAssembly serverless functions on AWS Lambda, Amazon’s serverless computing platform. In our demo, WebAssembly functions are executed with the <a dir="ltr" href="https://github.com/WasmEdge/WasmEdge">WasmEdge </a>runtime. The figure below shows the overall architecture of our solution.

The short answer is that WebAssembly is fast, safe, and portable.

Why WebAssembly?

A <a href="https://www.datadoghq.com/state-of-serverless/">recent survey by DataDog </a>found that most AWS Lambda serverless functions are written in JavaScript and Python.However, it is also well known that those high-level languages are very slow. In fact, <a href="https://science.sciencemag.org/content/368/6495/eaam9744">according to a paper published on Science </a>, up to 60,000 times slower than the same programs written in C or C++.Hence, while JavaScript and Python are great for simple functions, they are not suitable for computational intensive tasks, such as image, video, audio, and natural language processing, which are increasingly common in modern applications.

WebAssembly vs. Python & JavaScript

WebAssembly, on the other hand, achieves performance on par with C/C++ compiled native binaries (NaCl) while still preserving portability, safety, and manageability associated with high-level language runtimes. WasmEdge is one of the fastest WebAssembly runtime on the market today.

Our vision for the future is to <a href="https://www.computer.org/csdl/magazine/so/5555/01/09214403/1nHNGfu2Ypi">run WebAssembly as an alternative lightweight runtime </a>side-by-side with Docker and microVMs in cloud-native infrastructure. WebAssembly offers much higher performance and consumes much fewer resources than Docker-like containers or microVMs. But for now, AWS Lambda and many other platforms only support running WebAssembly inside a microVM. Nonetheless, running WebAssembly functions inside a microVM still offers many advantages over running containerized NaCl programs.

WebAssembly vs. Native Client

For starters, WebAssembly provides fine-grained runtime isolation for individual functions. A microservice could have multiple functions and support services running inside a microVM. WebAssembly can make the microservice more secure and more stable .Second, the WebAssembly bytecode is portable . Even inside a container, NaCl is still dependent on the underlying CPU, OS, and dynamic libraries installed on the OS. WebAssembly bytecode applications are platform-independent. Developers can write once and deploy in any cloud, any container, and any hardware platform.

Third, WebAssembly apps are easy to deploy and manage. They have much fewer platform dependencies and complexities compared with NaCl dynamic libraries and executables. Finally, WebAssembly is polyglot. C/C++, Rust, Swift, Kotlin programs can all be easily compiled into WebAssembly. Even JavaScript is supported on WebAssembly. The <a dir="ltr" href="https://www.secondstate.io/articles/wasi-tensorflow/">WasmEdge Tensorflow API </a>provides the most ergonomic way to execute TensorFlow models in the Rust programming language.

Guest post by Robby Qiu, Developer at Second State and contributor to WasmEdge Serverless functions save developers a ton of trouble managing the backend…

HowTo

WebAssembly serverless functions in AWS Lambda | Cloud Native Computing Foundation

Let’s start with security. It’s at the forefront of many minds these days, with supply chain issues, cryptojacking and data breaches being common news stories. WebAssembly brings some big guns to the security fight in a number of ways, starting with its security sandbox.When WASM is executed, the code is not given access to anything, including the network, file system or anything else out of the box. This is known as a deny-by-default security model. For the code running inside the WASM sandbox to interact with the outside world, it must be explicitly granted access to host functions.

Security

To combat the rise of supply-chain attacks, there are also <a dir="ltr" href="https://github.com/WebAssembly/design/issues/1413" onclick="this.target='_blank';" rel="external">efforts </a>to make cryptographic signing of WebAssembly modules a standard part of the specification. The ability to sign a module with a trusted key and have that signature verified any time a system attempts to run that module will be a big win, and helps cement the “defense in depth” mindset when working with WebAssembly to build applications.

Language portability is the ability for modules written in one language, like Rust, to run inside a system written in another, like Go. Because WASM runtimes can be embedded within other software, they can be used to introduce specialized components that wouldn’t otherwise be possible in your team’s primary language. This concept can also be applied to applications that are built by composing together multiple WASM modules written in different languages to form a single piece of software, such as with the <a href="https://github.com/suborbital/atmo" rel="noopener noreferrer" target="_blank">Atmo </a>framework, which our company, <a href="https://suborbital.dev/" rel="noopener noreferrer" target="_blank">Suborbital </a>maintains.

Language portability

WebAssembly is not tied to any hardware architecture, so it can be executed on several different platforms without needing to re-compile. When a WASM module is executed, it is compiled to machine-native code either ahead-of-time (AOT) or just-in-time (JIT).WASM runtimes such as Chrome’s V8, Wasmtime or Wasmer perform this compilation automatically. I can see this becoming useful in scenarios where your code gets moved automatically from a central cloud instance to an edge compute network when a spike in traffic causes a certain module to be pummeled by incoming requests.

platform portability

WebAssembly is intended to execute code at native or near-native speeds.WebAssembly is a representation of your code that can easily be executed in a high-performance manner by optimizing itself for each platform at runtime. We are still in the early days of WebAssembly, but it is already rivaling the performance of the V8 JavaScript engine, which has been optimized over countless years.

Performance

Contributor Connor Hicks describes three benefits of WebAssembly — security, portability and performance — and why they make WASM powerful.

The Three Pillars of WebAssembly - The New Stack

A Jamstack application consists of a static UI (in HTML and JavaScript) and a set of serverless functions to support dynamic UI elements via JavaScript. There are many benefits to the Jamstack approach. But perhaps one of the most significant benefits is performance. Since the UI is no longer generated at runtime from a central server, there is much less load on the server and we can now deploy the UI via edge networks such as CDNs.

Ui On The CDN

However, the edge CDN only solves the problem of distributing the static UI files. The backend serverless functions could still be slow. In fact, popular serverless platforms have well-known performance issues, such as slow cold start, especially for interactive applications. That’s where WebAssembly could help.With WasmEdge , a cloud-native WebAssembly runtime hosted by the CNCF , developers can write high-performance serverless functions deployed on the public cloud or on edge computing nodes.

Where Does Webassembly Fit In

High-performance functions written in C/C++, Rust, Swift, and other languages can be easily compiled into WebAssembly. Those WebAssembly functions are much faster than JavaScript or Python commonly used in serverless functions.However, if raw performance is the only goal, why not just compile those functions to machine native executables (Native Client or NaCl)? Netlify already runs these functions safely in AWS Lambda with the Firecracker microVM.Our vision for the future is to run WebAssembly as an alternative lightweight runtime side-by-side with Docker and microVMs in the cloud

Why WebAssembly in Netlify Functions?

For starters, WebAssembly provides fine-grained runtime isolation for individual functions . A microservice could have multiple functions and support services running inside a microVM. WebAssembly can make the microservice more secure and more stable.

Second, the WebAssembly bytecode is portable . Developers only need to build it once and do not need to worry about changes or updates to the underlying Netlify serverless runtime. It also allows developers to reuse the same WebAssembly functions in other cloud environments.

Third, WebAssembly apps are easy to deploy and manage. They have much less platform dependencies and complexities compared with NaCl dynamic libraries and executables.

Finally, the <a dir="ltr" href="https://www.secondstate.io/articles/wasi-tensorflow/" rel="noopener">WasmEdge Tensorflow API </a>provides the most ergonomic way to execute Tensorflow models in the Rust programming language. WasmEdge installs the correct combination of Tensorflow dependency libraries, and provides a unified API for developers.

Our first demo application allows users to upload an image and then invoke a serverless function to turn it into black and white. A <a dir="ltr" href="https://60fe22f9ff623f0007656040--reverent-hodgkin-dc1f51.netlify.app/" rel="noopener">live demo </a>deployed on Netlify is available.

Example 1: Image processing

The <a dir="ltr" href="https://60ff7e2d10fe590008db70a9--reverent-hodgkin-dc1f51.netlify.app/" rel="noopener">second demo </a>application allows users to upload an image and then invoke a serverless function to classify the main subject on the image.

Example 2: AI inference

Running WasmEdge from Netlify’s current serverless container is an easy way to add high-performance functions to Netlify applications. Going forward an even better approach is to use WasmEdge as the container itself. There will be no Docker and no Node.JS to bootstrap WasmEdge. This way, we can reach much higher efficiency for running serverless functions. WasmEdge is already compatible with Docker tools .

What’s next

Netlify is a leading platform for developing and hosting Jamstack applications. In fact, the term Jamstack was coined by Netlify founder Mathias Biilmann in 2015. Netlify also hosts the annual…

webassembly

WebAssembly serverless functions in AWS Lambda | Cloud Native Computing Foundation

Security

The Three Pillars of WebAssembly - The New Stack