Products
Edge AI
AI Training
GPU Cloud
GPU CloudBoost AI/ML training with servers powered by NVIDIA
AI Inference
Inference at the Edge
Inference at the EdgeAccelerate your ML model inference for fast global performance
AI Applications
Image Generator
Image GeneratorCreate realistic and stunning images with ease
Speech-to-Text Translator
Speech-to-Text TranslatorTranslate from English to Luxembourgish seamlessly
Edge Cloud
Compute
Basic VMs
Basic VMsManage workloads on affordable shared virtual servers
Virtual Machines
Virtual MachinesRun apps on customizable dedicated virtual servers
Bare Metal
Bare MetalDeploy apps on powerful dedicated physical servers
Containers
Managed Kubernetes
Managed KubernetesDeploy, manage, and scale Kubernetes clusters easily
Container as a Service
Container as a ServiceRun containerized apps without server provisioning
Function as a Service
Function as a ServiceExecute serverless code functions efficiently
Networking
Load Balancer
Load BalancerRoute traffic optimally to improve app performance
5G Network
5G NetworkDeploy apps and securely connect mobile devices via 5G
Virtual Private Cloud
Virtual Private CloudManage resources in a secure isolated private cloud
Hosting
Virtual Servers
Virtual ServersHost on virtual servers with no traffic restrictions
Dedicated Servers
Dedicated ServersHost on physical servers with worldwide availability
Storage
Object Storage
Object StorageStore data in fast and scalable S3-compatible storage
File Shares
File SharesShare files across servers easily using NFS protocol
Databases
Managed PostgreSQL
Managed PostgreSQLProvision fully managed PostgreSQL databases with ease
Monitoring
Managed Logging
Managed LoggingCollect, store, and analyze application logs
About Edge Cloud
Edge Network
Application Performance
CDN
CDNAccelerate dynamic and static content delivery
FastEdge
FastEdgeDeploy serverless apps with low-latency edge computing
Media Delivery
Video Streaming
Video StreamingDeliver high-quality live and on-demand video at scale
DNS
Managed DNS
Managed DNSEnsure application availability with authoritative DNS
Public DNS
Public DNSProtect online privacy with a free DNS resolver
About Edge Network
Edge Security
Network Security
DDoS Protection
DDoS ProtectionProtect your infrastructure from evolving DDoS attacks
Application Security
Web Application Security
Web Application SecuritySafeguard web resources against attacks and threats
WAAP
WAAPSecure apps and APIs from DDoS, bots and OWASP attacks
Solutions
By Industry
Gaming
CDN for Gaming
Game Server Protection
Game Development
Retail
CDN for E-commerce
Media & Entertainment
CDN for Video
Metaverse Streaming
TV & Online Broadcasters
Sport Broadcasting
Online Events
Financial Services
Cloud for Financial Services
Technology
Image Optimization
Web Acceleration
Wordpress CDN
Education
Online Education
By Need
Web Acceleration
Web Acceleration
Image Optimization
Wordpress CDN
Security
Game Server Protection
Video Streaming
CDN for Video
Video Hosting
Live Streaming
Availability
Multi-CDN
Cloud
Web Service
Game Development
Online Store
Migration to the Cloud
ERP in the Cloud
Pricing
Resources
Resources
Blog
Case Studies
White Papers
Events
Documentation
Docs
API
Product Roadmap
Help Center
Gcore Status
Tools
Looking Glass
Speed Test
Developer Tools
Partners
Partners
Intel
Intel | New CPU Generation
Intel | Ice Lakes
Hesp
Equinix
InData Labs
Ampere
Unum
Programs
White Label Solutions
Referral Program
Why Gcore
Company
About Gcore
Press
Awards
Careers
Legal Information
Platform
Network
Infrastructure
Internet Peering Points
Compliance
Under attack?Under attack?
en
Contact usContact us
Contact us

Select the Gcore Platform

Recommended
Gcore Edge Solutions Go to Gcore Platform → Go to Gcore Platform →

Products:

  • Edge Delivery (CDN)
  • DNS with failover
  • Virtual Machines
  • Bare Metal
  • Cloud Load Balancers
  • Managed Kubernetes
  • AI Infrastructure
  • Edge Security (DDOS+WAF)
  • FaaS
  • Streaming
  • Object Storage
  • ImageStack (Optimize and Resize)
  • Edge Compute (Coming soon)
Show full list
Gcore Hosting Go to Gcore Hosting →
  1. Home
  2. Insights
  3. Why We Chose Wasm for Our Edge Runtime

Why We Chose Wasm for Our Edge Runtime

July 11, 2024 6 min read
Why We Chose Wasm for Our Edge Runtime

This article was originally published on The New Stack. It’s written by Bogdan Kurnosov, Head of Edge Network Backend Development at Gcore.

Edge computing enables organizations to distribute workloads, move them closer to their users, and customize outputs more delicately for personalized user experience. However, deploying containers, let alone virtual machines (VMs) with all their operating system (OS) overhead, is unfeasible at the edge due to resource limitations.

WebAssembly (Wasm), an open binary format for executables, promises a lightweight and secure alternative better suited for the constrained environments at the edge. In this article, I’ll explain why we chose Wasm as the runtime for our latest edge computing solution, FastEdge. I’ll also share what inspired us to build FastEdge in the first place.

FastEdge: Satisfying the Demand for Edge Computing

Routing traffic in and out of data centers is a time and money drain. Paired with the rising demand for increasingly personalized web experiences, we needed to explore a new approach to cloud computing. Fortunately, we’d already built a network of edge PoPs with our content delivery network (CDN). Adding computation capabilities to our CDN nodes was the next logical step.

To build FastEdge, we first added a Wasm runtime to our CDN nodes and built edge applications for common web application tasks like image resizing, file uploads, or content conversion. These apps are closely related to the tasks our CDN performs. They give our customers the benefits of edge computing without needing to code, and let us test and polish our edge platform with real use cases before opening it for custom applications.

We released FastEdge to the public earlier this year, allowing our customers to build their own edge-powered applications with our SDKs.

Why Wasm?

Wasm is the technology powering FastEdge. It’s an open standard for executables and runtimes similar to Java. However, as the “assembly” aspect of its name implies, Wasm is more low-level as it’s binary encoded, doesn’t include garbage collection, and enables near-native performance. Wasm offers three benefits that make it particularly suitable for our goal of providing secure and performant edge computing with FastEdge: inherently isolated modules, fast module start, and ease of distribution and deployment.

Inherently Isolated Modules

Wasm enables browsers to run applications with high-performance demands, like 3D games. However, running software written in low-level programming languages—like Rust or C/C++—on every smartphone and PC on the web has grave security implications, as these languages usually have direct access to system resources.

That’s why Wasm has sandboxed modules, which have to define their function calls at load time so that it’s not possible to dynamically inject new calls. Additionally, each module gets its own heap memory that comes with buffer overflow protection.

It turns out that isolated modules aren’t just good for client software. Cloud providers frequently run third-party applications on their infrastructure, so the providers also benefit from isolation that protects their systems from malicious code. Other solutions based directly on a JavaScript runtime, like V8, require customization to achieve this isolation level.

Fast Module Start

Wasm modules can start under a millisecond, making Wasm a great candidate for applying the modern serverless computing approach to the edge. Again, executing demanding applications in a browser has similar requirements as running them in cloud environments. Users don’t want to wait multiple seconds for a website to render, and serverless applications also suffer from long cold-start times. Compared to container- or VM-based solutions, a Wasm module’s cold start is significantly shorter.

Easy to Distribute and Deploy

Wasm is loaded and executed by browsers without requiring a restart of the client or the whole machine. App creators can host a Wasm file on a web server, and the browser takes care of the rest.

As Wasm already allows loading modules from remote servers via HTTP, we simply reused this deployment model for FastEdge to simplify module distribution and unburden edge systems administrators.

Open Standard, Open Runtime

Unlike other runtime standards, such as JVM and .NET, Wasm has been an open standard created and maintained by multiple organizations since its inception. This intrinsically open approach allows any individual or organization to contribute features and bug fixes that improve the overall quality of the project, making Wasm an appealing choice for cloud applications.

Since Wasm is an open standard, several organizations have implemented runtimes for it. For FastEdge, we chose Wasmtime as our runtime; its creator, the Bytecode Alliance, is a joint effort by multiple organizations. Selecting a runtime for a platform is a serious long-term business investment, and we expect Wasmtime’s collaborative approach to yield quality software. Multiple organizations keep the project up to date and maintain high standards — and that’s protected even if a single contributor or contributing organization leaves, making Wasmtime a solid long-term solution.

Finally, the open-source approach also brings the benefit of multiple programming languages to the browser and the edge. It’s possible to compile Rust, C/C++, Go, Zig, and other languages to Wasm, so in the long run, FastEdge has the potential to support numerous languages. We currently offer a Rust software development kit (SDK) and plan to release a JavaScript/TypeScript SDK soon.

Integrating Wasm into Our Existing Edge Network

Choosing Wasmtime as our Wasm runtime allowed us to deliver a proof of concept for FastEdge in only three months, as Wasmtime already offered features like isolation and host communication. Still, Wasmtime is just a runtime, so we needed to make some additions to make it work with our existing CDN nodes.

We implement host functions for request data like headers and body to allow FastEdge apps access to data outside the runtime. We plan to add more host functions for SQL and NoSQL databases, key-value stores such as Redis, queues and streaming services.

Opting for open-source software accelerated the creation of our observability stack. Projects like Prometheus, Grafana and OpenSearch power the monitoring systems we provide developers so that they can inspect logs from the edge. Additionally, we’re creating a tool to enable testing edge applications locally.

Finally, we ensured tight integration of FastEdge with our CDN, so edge applications hook into every step of the CDN lifecycle. This way, you can check authorization for downloads, provide authentication for uploads, or modify the body and headers depending on attributes like image size or geographical location.

FastEdge in Action

We offer two approaches for building and deploying applications with FastEdge:

  • A traditional approach with SDKs and tooling that allows developers to build applications.
  • A template approach that allows non-technical people to deploy common applications from templates.

For the template approach, we created applications that solve common website tasks, like a Markdown-to-HTML converter and an S3 uploader.

We also experimented with AI at the edge and built a website demonstrating FastEdge’s capabilities, using image classification as a use case. Figure 1 shows an image classifier running on FastEdge. Our white paper explains more about our vision of AI at the edge.

Image classification at the edge
Figure 1: Image classification at the edge

We also deployed a low-latency word prediction engine on FastEdge.

Word prediction at the edge
Figure 2: Word prediction at the edge

Turning to the traditional approach, we encourage developers to build their own apps on FastEdge with our Rust SDK. The following code defines a simple anonymous proxy that extracts a URL parameter at the edge and fetches a website.

use anyhow::{anyhow, Error, Result};
use fastedge::body::Body;
use fastedge::http::{Method, Request, Response, StatusCode};

#[allow(dead_code)]
#[fastedge::http]
fn main(req: Request<Body>) -> Result<Response<Body>> {
    let (parts, body) = req.into_parts();
    let query = parts
        .uri
        .query()
        .ok_or(anyhow!("missing uri query parameter"))?;
    let params = querystring::querify(query);
    let url = params
        .iter()
        .find(|(k, _)| k == &"url")
        .ok_or(anyhow!("missing url parameter"))?;
    let url = urlencoding::decode(url.1)?.to_string();
    println!("url = {:?}", url);
    let request = Request::builder().uri(url).method(Method::GET).body(body)?;

    let response = fastedge::send_request(request).map_err(Error::msg)?;

    Response::builder()
        .status(StatusCode::OK)
        .body(Body::from(format!(
            "len = {}, content-type = {:?}",
            response.body().len(),
            response.headers().get("Content-Type")
        )))
        .map_err(Error::msg)
}

This example illustrates how you can use our custom host functions to access request data from the client and send your own requests to any API on the web without revealing the client information to that API. Find the full example on GitHub.

Experience Wasm on Edge with Gcore

While not originally created for backend applications, many Wasm features are perfectly suited for use at the edge. They allow the delivery of smaller and faster applications than container-based solutions and aren’t bound to one programming language. Using Wasm as the core technology for our edge computing platform made it possible to deliver FastEdge quickly with a small team, while allowing us to stay flexible and adaptable regarding FastEdge’s future.

With tight CDN integration and application templates, FastEdge does things differently than other edge computing solutions. If you want to personalize your content for a globally distributed customer base or empower your non-technical teams, give FastEdge a try.

Table of contents

Try Gcore CDN

Why We Chose Wasm for Our Edge Runtime

Related articles

Local Data for Global Operations in the Age of AI
Local Data for Global Operations in the Age of AI
The location where customer data is stored and processed has long been a critical consideration for businesses. Traditionally, data location was about optimizing latency and performance—the nearer the data is to the end user, the faster they get it. However, with the introduction of new AI regulations in the US […]
September 6, 2024 3 min read
Where Is Your Cloud and Why Does It Matter?
Where Is Your Cloud and Why Does It Matter?
Traditional cloud providers use a centralized deployment approach to save costs. While they usually offer multiple regions, companies usually choose one region in the country where they are incorporated. Often, this choice is just a matter of convenience based on a factor like getting the lowest latency for the business […]
August 26, 2024 4 min read
APIs: A Crucial but Hidden Security Threat
APIs: A Crucial but Hidden Security Threat
APIs (Application Programming Interfaces) are an intrinsic part of the modern digital landscape. They allow different systems to communicate and exchange data, enabling a range of functionalities from simple data retrieval to complex interactions across platforms. As we grow increasingly reliant on complex digital interactions for our day-to-day operations, API […]
August 15, 2024 5 min read
DDoS Attack Trends for Q1–Q2 2024: Insights from Gcore Radar Report
DDoS Attack Trends for Q1–Q2 2024: Insights from Gcore Radar Report
Staying ahead of evolving trends in DDoS (distributed denial-of-service) attacks is essential for maintaining robust cybersecurity defenses. Unless you know what threats are out there and how they’re changing, it’s impossible to assess your business’ security posture and make informed provider choices. The Gcore Radar Report for the first half […]
August 14, 2024 3 min read
The Role of WAAP in Data Privacy and Protection
The Role of WAAP in Data Privacy and Protection
Are traditional security solutions enough to keep sensitive data secure? As cyber threats continue to advance and organizations race to keep up, it’s time to reassess whether conventional methods that once proved effective are still an adequate solution for protecting sensitive information. Traditional security measures fall short in addressing the […]
August 8, 2024 5 min read
5 Reasons to Use Kubernetes for AI Inference
5 Reasons to Use Kubernetes for AI Inference
This article is written by Zulyar Ilakhunov, a Gcore DevOps Engineer. It originally appeared on The New Stack. Kubernetes is suitable for a wide range of cloud-native applications with dynamic loads. This includes applications related to AI inference, whether AI-enabled microservices or ML models. Many of the key features of […]
August 5, 2024 4 min read
Cybersecurity Beyond WAF: Why Your Apps and APIs Need WAAP
Cybersecurity Beyond WAF: Why Your Apps and APIs Need WAAP
As cyberattacks become more sophisticated, the demand for advanced cybersecurity solutions intensifies. Traditional web application firewalls (WAFs) can no longer keep pace with the ever-shifting threat landscape. In this article, we explore why businesses must adopt web application and API protection (WAAP) to stay ahead of cybercriminals and safeguard their […]
July 30, 2024 4 min read
Introducing Security to Your Applications from Day One: A Practical Guide
Introducing Security to Your Applications from Day One: A Practical Guide
This article originally appeared on The New Stack. The landscape of threats and security products is constantly evolving—think of a cat-and-mouse game whereby providers are constantly chasing the latest threat actors. Securing online systems has to be an ongoing process, not a set-it-and-forget-it scheme. Add to that the fact that […]
July 9, 2024 4 min read

Subscribe
to our newsletter

Get the latest industry trends, exclusive insights, and Gcore
updates delivered straight to your inbox.
Subscribe