wasm-nginx-module icon indicating copy to clipboard operation
wasm-nginx-module copied to clipboard

Published 20 hours ago verified publisher icon api7

Running untrusted WASM plugin

Open ElvinEfendi opened this issue 3 years ago • 6 comments

Will this WASM support provide better isolation and resource limit enforcement than running Lua code? i.e will we be able to limit CPU/memory usage per plugin or reduce API access?

Exciting project btw, thanks for working on this!

ElvinEfendi avatar Dec 24 '21 14:12 ElvinEfendi

It sounds cool feature ^_^

membphis avatar Dec 25 '21 00:12 membphis

provide better isolation

Yes. Wasm is expected to be a sandbox environment.

limit CPU/memory usage per plugin

The CPU is managed at the process level, and Wasm is embedded inside Nginx, so there is no way to limit CPU per plugin.

Some Wasm runtimes support limiting memory per plugin. Unfortunately, wasmtime only supports limiting memory at VM level yet.

reduce API access

The API is registered per plugin, so we can register fewer APIs for some untrusted plugins.

spacewander avatar Dec 26 '21 12:12 spacewander

We can switch to a VM per plugin model if the memory limit per plugin is critical.

spacewander avatar Dec 26 '21 12:12 spacewander

Thanks for the replies, it'd be great to have a page explaining benefits of writing a plugin in this framework than in Lua.

ElvinEfendi avatar Dec 30 '21 20:12 ElvinEfendi

According to https://github.com/bytecodealliance/wasmtime-go/issues/101, I think the sys resource limit development is still in progress ?

hanf2x avatar Feb 20 '23 04:02 hanf2x

With Wasmtime, you should be able to use ResourceLimitter to limit CPU (with fuel) & Memory (once this PR is released).

This require modification of this nginx plugin, it's not supported out of the box yet. But the Wasmtime C SDK is ready.

LukasForst avatar Feb 20 '23 12:02 LukasForst