WebAssembly vs Linux Container

Comparison

WebAssembly

VS

Linux container

Brought to you by

https://github.com/WasmEdge/WasmEdge

A container emulates a private operating system.

A WebAssembly instance emulates a process.

⚊ Taylor McMullen, CTO, Fastly

Wasm	Performance	Container
Several MBs	Disk Footprint	Several GBs
milliseconds	Startup Performance	seconds
AOT is within 10% of native client	Runtime Performance	10% to 20% loss to native client

Wasm	Host OS and Apps	Container
Linux, Mac OS X, Windows, RTOS	Host OS	Linux, Mac OS X, Windows
Yes	Microkernel as host	No
Yes	Embedded or real-time OS as host	No
C, Rust, GO, Python, Java etc.	Embed in host applications	Not embeddable at language SDK level
Access via imported functions from shared libraries	Access host OS resources	Must be supported by Docker itself
Through host functions in shared libraries in the host OS	GPU, TPU, and specialized hardware	Specialized Docker version
In progress	Runs in a secure enclave	No
Widely used as a runtime for both node software and smart contracts	Blockchain	N/A
Yes	Runs in web browser	No

Wasm	Guest Apps	Container
High	Cross-platform portability	NOT portable across CPUs
C/C++, Rust, Swift, AssemblyScript, TinyGO, Grain, JavaScript	Requires additional developer tools	Just standard toolchain on Linux
No, but it supports async apps -- same as node.js	Multi-thread apps	Yes
Yes	Single app binary on both client and server	No
Possible	Formal verification	Very hard
N/A	Guest OS	Linux, Mac OS X, Windows

Wasm	Safety, Security and Isolation	Container
cgroupfs, systemd, statically allocated memory, gas fees	Resource isolation and allocation	cgroupfs, systemd
Capability-based security	Security	Depends on the host OS's user privilege
Sandbox with protected memory	Safety	Could be breached
Minimized	Attack surface	Wide
Signed modules	Software supplychain security

Wasm	Management and Orchestration	Container
Bindle, OCI repo (eg. Docker Hub)	Artifact repos	OCI repo (eg. Docker Hub)
Yes	Works with kubernetes	Yes
Yes	Managed by container tools	Yes

Wasm	Ecosystem	Container
W3C and OCI	Standards	OCI
WasmEdge, wasmtime, WAMR, wasmi, wasm3	Implementations	Docker, containerd, CRI-O

WebAssembly on the server is the future of computing

Solomon Hykes

If WASM+WASI existed in 2008, we wouldn't have needed to created Docker. That's how important it is. Webassembly on the server is the future of computing. A standardized system interface was the missing link. Let's hope WASI is up to the task!

WebAssembly will run side by side with Docker

Solomon Hykes

"So will wasm replace Docker?" No, but imagine a future where Docker runs linux containers, windows containers and wasm containers side by side. Over time wasm might become the most popular container type. Docker will love them all equally, and run it all :)