0:56 Introduction

0:56 Hello. Welcome to this video slash livestream depending on when you're watching. Where we are gonna take a look at building our own WebAssembly cloud using the Fermion platform. So first, welcome back to the Rawkode Academy. I'm your host, David Flanagan, although I go by the handle Rawkode across the Internet. This course is kindly sponsored by Fermion. Spin is a really cool framework for writing microservices and fill application composed of microservices using WebAssembly technologies. And Fermion are at the forefront of that and this is gonna be fun. So in order to get started, we'll pop up my screen share. And I

1:16 What is Spin and Fermion Cloud (Context)

1:37 wanna set just a small little bit of context into Fermion cloud. And then we'll look at hosting our own. So I've kind of prepared a very simple spin application. And in fact, when I say prepared, I used spend new to generate the template that gives us a hello world application. Let me bump that font size up because I was coding earlier, which is quite smaller, which is print hello world. I've already ran, spend build, but we can do it one more time. And we can use spend deploy to push this to Fermion cloud, which for

2:03 Demo: Deploying to Hosted Fermion Cloud

2:21 now is free. So you get to deploy up to five applications on Fermion cloud, kick the tires on it, doesn't cost you a single penny. Now because this is already deployed, we don't really need to wait for this. Instead, I can just come back to here and I can see that the app the URL for this demo application gives us an internal server, which is probably because I just redeployed it. But if we refresh it, we get hello fermion. And that's it. Spend you Rust code or JavaScript code, maybe some go code, maybe some dot net, maybe some Python.

2:58 You know what? With web assembly, doesn't matter. Right? In a language that you enjoy writing in. We build it, we deploy it, all good. But what if we want to run it ourselves? And this is where I think fermion gets really interesting. Is that nothing fermion are doing is closed source, Everything is available and they open. And in fact, even Fermion Cloud is just a collection of components, which are also open source. And you can go to github.com/fermion/installer, where you will find Terraform automation to run your own little fermion cloud on Amazon, Azure, Civo, Digital Ocean, GCP,

3:07 Why Self-Host? Introducing the Fermion Installer

3:42 and come in soon, and you'll see the demo on Tuesday, Equinix Medal. Because well, I wanted to do some hacking and I've got a cool demo for you next week. So we're gonna take this automation and I'm gonna use the newest one, which I know is a bit risky, but, you know, Siam who we all know in the cloud data space, who also works for SIVO, put together the Terraform to deploy the Fermion platform to SIVO Cloud. So I have this cloned locally and you'll see that I'm inside the civil directory which has a read me

4:11 Using Terraform to Deploy the Platform

4:19 if you really want to read it. Or you can just do what I like to do, Which is go straight into the Terraform directory and run Terraform edit. This will pull down all the Terraform plugins that we need to do this deployment. I have already exported my SIBO token and to this environment hopefully. So I should be able to run terraform apply, which is going to spin up a instance. We can just quickly run through some of this. Yep. We shall spin up a firewall first allowing some ports pretty everything's pretty available. I don't look at it.

4:59 A stable instance, which we have some custom user data, which we may or may not go through. And then we have the IP assignment, the network, the reserved IP and SSH key pair around the password blah blah blah blah. Pretty much for a position where we just wanna hit yes and say go. So while this spends up because it will take probably around one to two minutes, We'll take a look at that automation. Probably should pop this open. Watch approval. Thank you. And actually, we need a few directories up. So let's do a code. Now

5:46 each of these implementations for AWS, GCP, Digital Ocean, etcetera, really just handle the provisioning of the the instance, the network, the firewalls, and then also use the data is provided at this top level directory called share and then Terraform. We have a VM assets folder, which the file provisioner will actually just SCP onto the machine for you, which contains a bunch of nomad jobs. But before it gets to that, it runs the startup script. No, I guess now is a good time to understand which components make up the fermion cloud or fermion platform. One, there's HEPL from Dezlabs.

6:03 Key Components of the Fermion Platform (HEPL, Bundle, Nomad, etc.)

6:30 Dezlabs. Thanks, Hugh. This is a project for running web assembly. It's open source. It's still actively maintained. It's being worked on as experimental warning, but of course all the best projects do. Right? So you can run HEPL and you can ask it to run WebAssembly binaries for you. Another part of the platform is Bundle also by Daislabs. And Bundle is an object store for WebAssembly modules. Now will we still be using Bundle in three months, six months, nine months? I'm not entirely sure. Why? Well, go check out the Spin watch new 0.8 video that I released last week.

7:22 Fermion have added support for OCI registry for WebAssembly and Spin applications. So you can now just do a spin OCI push and your spin application will be available via gapp container registry, docker registry, Google container registry and so forth. So where is Bendel in this? I'm not sure. It may be that it takes a backseat for something that is more generic and something that we're already using for our container applications. This opens up a really cool potential for having our WASM and our container Linux based applications running side by side. The bundle and HEPL make up the main

8:04 chunk of what we need to build a WebAssembly platform. However, we still need to schedule these workloads. Now there is some really cool work happening to run web assembly binaries on container D. And I'm not gonna talk about it right now or show you anything with regards to that because it's early and it's not how Fermion platform works right now or maybe ever to be honest. I'm not entirely sure. But it uses Nomad. A Nomad is a HashiCorp project that doesn't have this assumption about the workloads that's going to schedule an orchestrate that works really well for WebAssembly binaries and

8:41 in fact an interview I did with the CTO of Fermion was talking about how they were able to reduce the amount of code that they wrote to make web assembly and Crestlet work within like the hundreds of thousands of lines of code but the web assembly support for Nomad was dozens to hundreds of lanes of code. Much easier to reason about and work with. It's not just Nomad that is console issues for service discovery and for making sure the URLs work to browse to it because traffic sits in the front as a proxy, speaks to console as a

9:19 discovery mechanism for all the web assembly applications that are available, sets up all the routing for you and any secrets that are required come from vault. So essentially this is a full hashi stack with a little bit of glue on the top to make it work for web assembly. Okay. Let's see where we are with our deployment. If you have any questions, feel free to drop them into the comment section. So I just realized I don't even have open. Where are my comments? Let's turn off. No. It's not hiding up there. When was the last time I streamed?

10:10 Nope. No comment, man. Where are you? But he's behind here. I'm not gonna look for any longer because I'm just gonna look silly. I have no idea where that went. Okay, let's check where we are. Okay. Cool. So the TerraForm has completed. We know that because we have all of the outputs. So we have the bundle address, which we'll need in just a moment for pushing our spin application to. We have a generated SSH key, which will allow us to get onto the machine. We have the DNS host. So by default, if you don't provide a DNS name, it

10:33 Deployment Complete and Accessing Outputs

11:04 uses a slip, which is really just you put an IP address on as a the prefix, the sub the sub domains of the main domain and it resolves for you. There are loads of services like this these days. SLEP is just the one that is used as part of this automation. We have a Hippo admin username and password which we can use to actually browse the Hippo instance. Why don't we start there? Why don't we copy this and what should happen is when we open this as we get our own little money UI for Fermion Cloud.

11:22 Accessing the Self-Hosted UI (Hippo)

11:40 Isn't that neat? So we could put in that our password is admin. We could pop back over here and we could do terraform output JSON j q dot hippo admin password dot value. And this gives us our password. And now we can log in. We don't have any applications. We haven't deployed anything yet, but you know, this is very similar to just bare me on cloud. Next, what do we need to do? Well, we need to push the application. So we can just spin login with a URL parameter. And this actually oh, that's still the password.

12:20 Deploying a Spin Application to Your Cloud

12:32 This takes the Hippo URL. So we can do HEPL.212.24417slip.io. From here we can see whether everyone to log in with GitHub or whether username and password. We do not have any configuration clients set up for GitHub. So we're just going to use the same username and password that we use to get into the UI. And next we need to bundle URL, which is the same as the HEPL URL only with bundle instead of HEPL. So we can just do a slip dot IO and that's where we'll need a slash v one on the end. And bundle will be running publicly and unauthenticated.

13:18 So if you are going to play around with running your own web assembly platform, just remember that it's not secure by default and there are plenty of warnings and the read me to say the same thing too. Now we can do is spin deploy. And because we're authenticated against this new Hippo server, it's gonna push it to there. I logged us in the wrong place. So we could do a CD demo spin deploy. We could just give us a few seconds, but what's gonna happen is we'll be able to refresh this. In fact, we can already see it here.

14:01 Verifying the Application Deployment

14:07 We see that we have our demo application here. Now we can get logs, we can set environment variables, We can tweak some settings although that aren't really at this point in time and we can see that it's still publishing. So it's actually not going to be available on this URL just yet. We pop back to the CLI. Looks like it's finished. We have a link. It's the same one as here and I'll open this in a split and we can see we have hello fermion. So most of that was just me waffle chatting away, terraform and terraform apply and we have a

14:45 web assembly client. That's pretty much it. Have our logs there's not really anything there right now because we don't have any logging in the default application. If we want to add an environment variable, we could say name equals David. We could click save and this becomes available to our application. So you can kinda just do whatever you want from this point forward. I am just gonna point out one or two more things before we wrap up the session. You already know the bundle is running on this machine and it is available publicly, but so is console.

15:14 Exploring Installed Components via SSH and UI

15:21 Well, let's click on the link for that. You know what? I think it's just available on the IP address. So let's try. No. Alright. Let's get on this machine. So we need terraform output dash JSON back at directory terraform dash JSON and we want to grab the private key, which is civo private key. We can j q this only this time we want a raw value that just means without quotes. We want the value of this which is our key and we'll write this to print. Now because SSH can be a bit funny, we'll check modus to be print.

16:21 I'm gonna do a BSH which is just an alias that removes host key checking. Really handy for ephemeral instances where you don't actually care. We wanna grab the IP address here. And lastly, we wanna specify a private key. And we're in. We're now on the machine where the Fairmount platform is deployed. So we can run nomad status, which will show us that we have our application that we deployed. That's the UUID that's sitting there. We have Bundle, we have Heppel and we have traffic. Now if you're not familiar with cloud computing and cloud and how all this works is

17:06 when we push the user data to this machine, it's pretty standard that you're going to find the logs and bar log cloud in it output dot log. From here you'll get to a public IP address for the console, the nomad, the vault. So some of these are private which means you probably need to set up an SSH tunnel but I'm gonna try the IP address on 8500 just to see if it works. It does. Cool. I worked on my Equinix mental test. I'm glad it worked on my SQL test. Yeah. So this is public too.

17:49 So just caveat be aware. This could be a bad thing. Hey, I sent my comments. There we go. Hey, Shupam. Thanks for joining. Hector JS. Thanks for joining. So console is here and from here, you can actually see all of the workloads that are running too. So you can see that we have console bundle, hippo, etcetera. If you do need to debug this at any point, you can kind of get in and take a look and see everything as you can. But just a word of warning is public. Please do not use the installer for any

18:27 production based stuff. You're really gonna have to tie down those firewall rules and make sure that nothing. This is dangerous and it shouldn't be made available. And that's the that's our demo for today. So we'll check out the Fairmount installer, run your own web assembly platform on any major cloud provider that is supported. If there's a cloud provider that you want to support, the repo is open source. Please feel free to open a pull request. Just need to write a little bit of Terraform. The great part is all the user data is global. It works on all of these providers

18:38 Recap and Contributing to the Installer

19:02 provided to use the right version of the Bintu. So as far as the Terraform contribution goes, you only really need to spin up an instance on the cloud with some firewall rules and it just works. So go check it out. I'll be back on Tuesday. We'll be doing that the Equinix metal demo which I've been working on. This is going to be a show us how we can run multiple fermion platforms and multiple locations and use my favorite web technology or at least networking technology BGP that is dynamic written based on where you are in the world for super low latency

19:14 Preview: Upcoming Equinix Metal Demo

19:36 web assembly workloads. So until then, thank you for joining me. Have a wonderful day and we'll be back again soon with more spin videos as part of the complete spin, the complete guide to spin course. Have a great weekend. I'll see you all soon.