Microsoft’s Deis Labs recently announced an intriguing direction for Kubernetes, one that offers a new, sandboxed environment for our code. Building on the increasingly popular WebAssembly, Krustlet is a tool for delivering Kubernetes-managed workloads to WebAssembly runtimes, with a v0.1.0 release now on GitHub.
The name Krustlet comes from how they’re built and what they’re intended to do. Krustlets are “Kubernetes RUST kubeLETs.” They take a fundamental Kubernetes component, the kubelet, and implement it in a new programming language and on a new platform. Kubelets, like much of Kubernetes, are written in Go; Krustlet has been developed in Mozilla’s type-safe and memory-safe Rust.
It’s interesting to note the choice of Rust. Microsoft has been investigating Rust as a way to reduce the risk of memory-based attacks on systems, using it as a systems programming language where, in the past, you’d have used C or a similar language. Rust is one of the main languages supported in WebAssembly, with both coming out of Mozilla-hosted research, making it a good candidate for applications that run on WebAssembly virtual machines.
From kubelet to Krustlet
A kubelet is a fundamental element of Kubernetes, sitting at the base of a node. Once running, a kubelet registers as a node with a Kubernetes controller, and then receives a PodSpec. This describes the containers that run on the node, and the kubelet manages those containers, ensuring they remain healthy. Without kubelets Kubernetes won’t run. Microsoft’s Virtual Kubelets are an essential part of its Azure Kubernetes implementation, giving Azure and Deis a lot of experience in designing and implementing alternatives to the default Kubernetes kubelet.