WASM will replace containers

Original Article ↗ Hacker News Discussion ↗

Scope: what WASM solves vs what containers solve

  • Many argue containers and WASM address different problems:
    • Containers: bundle app + full environment (deps, config, tools, OS view) for reproducibility and deployment.
    • WASM: sandboxed, portable execution of code (a VM/bytecode target), closer to JVM/CLR than to Docker.
  • Several comments say “WASM might run inside containers and VMs,” not replace them, yielding stacks like VM → container → WASM.

Kubernetes vs WASM

  • Multiple replies note the article conflates Kubernetes and containers:
    • Kubernetes: orchestration of workloads, networking, storage, rollout, policy.
    • Containers/WASM: workload format/runtime.
  • If WASM gains traction for workloads, many expect Kubernetes (or similar) to just add WASM runtimes, not disappear.

Encapsulation, system interfaces, and WASI

  • Strong theme: containers encapsulate environment (files, env vars, tools) as well as code; WASM currently mostly encapsulates computation.
  • Lack of standardized system interfaces (files, networking, TLS, threading) is widely cited as a blocker; WASI and WASIX are mentioned as emerging solutions.
  • Debate over security:
    • Pro‑WASM: capability-based WASI, deny-by-default, fast startup, strong memory sandboxing; good for untrusted plugins/FaaS.
    • Skeptics: once full FS/network are exposed, you face OS‑like complexity and attack surface, at which point containers/VMs reappear as isolation.

Performance and practicality

  • Several reports of WASM being slower than native or even JS in real apps (e.g., SQLite in WASM, Rust/Go async limitations).
  • Concerns about adding another JIT/translation layer versus running native code in containers.
  • Others counter that for many sandboxed or FaaS scenarios, reduced cold‑start and higher density outweigh raw throughput.

Tooling, maturity, and adoption

  • Complaints that WASM still feels immature: fragmented runtimes, tricky async, limited language/library support, rough DX outside a few ecosystems.
  • Some real‑world uses are cited (Cloudflare Workers, American Express FaaS, Figma, 1Password, browser plugins), but commenters say this is niche versus container ubiquity.

Promising niches vs “replace everything” claims

  • Strong support for WASM as:
    • Secure plugin/mod system across languages.
    • FaaS/edge compute unit with fast cold starts.
    • Cross‑language packaging/FFI mechanism.
  • Strong skepticism that it will replace containers or Kubernetes; many compare the hype to past “write once, run anywhere” waves (Java, CORBA, ActiveX, applets, unikernels) and expect coexistence rather than displacement.