Love, Death and Robots - with Wasm & K8s on Boston Dynamics Spot

Can containers and Kubernetes run anywhere? Yes, nearly. We have seen in the past fighter jets, fully isolated environments, security critical infrastructure and more with Kubernetes. So it is no wonder that Boston Dynamics Spot, the most advanced mobile quadrupled robot, is running on containers too. But this wasn’t enough for us.

​

How and why we tweaked the (real world) bot a little and what are our lessons learned is part of this talk. We will show you the easy steps to migrate to K8s, the experimental integrations with Wasm and ideas on how to manage Spot like any other Kubernetes.

​

Our targets are to provide a highly reliable, self-healing software infrastructure for industrial great robots that are secure, fast and autonomous.

• Intro
• Us
• Spot
• Containers are everywhere
• Our constructed problem
• Portainer is great but the process around feels clumsy
• Development experience is bad
• Portainer is great BUT poor node control, node status, separation of concerns (groups, SA),
• Look and feel: for an industrial great robot
• Step 1: Why not Kubernetes?
• Step 2: Why not WASM?
• Step 3: The fully autonomous Spot dev process
• Sum up

​

Who are we?

Max Körbächer

Founder and Cloud Native Advisor

​

• CNCF Ambassador
• Co-Chair CNCF TAG Environmental Sustainability
• Contributed to the Kubernetes release team for 3y and related K8s technologies

​

​

Kevin Hawryluk

Head of Technology

​

• Can’t be with us today

Meet Spot

Spot is a mobile robot that can carry around 14kg of equipment.

​

Can go almost anywhere, by controller or autonomously.

​

Is customizable by different mountable hardware, via an SDK and pre build solutions.

Source: BostonDynamics

So containers can run anywhere, huh?

For me, Spot looks like an agile server with cameras, legs and a Nintendo controller.

​

Can I put a containers & Kubernetes on it?

Source: BostonDynamics

Everything starts with a stupid idea

Source: BostonDynamics

Spot Core & Spot Core IO

Spot itself is a black box but extensible

Source: BostonDynamics

Spot Core & Spot Core IO

Spot itself is a black box but extensible

Source: BostonDynamics

Optimization Potential

Surprise!

Containers are already there

On Spot Core + Core I/O we have:

• Ubuntu 18.04
• Portainer on spot Core
• Custom Docker interface on Core I/O
• Different processor architectures
• GPUs
• Accessible and secured storage

​

Core is going to be deprecated in future.

Some downsides of this setup

• No in depth observability given
• No internal security scans possible (yet)
• Health checks are missing
• Node awareness and handling not given
• No custom roles
• Can’t change settings of the cluster

It is a good starting point, but many basic features you most of the time wish to have, are missing.

Current development process

For Spot Core I/O

• No automation possible
• The dev cycle is slowed down dramatically
• Containers are not very secure

Our dirty road of changes

Trigger warning!

What we are doing here is experimental as we try to discover better approaches

Our target setup

Before we were aware of recent changes of Core I/O

• Increase system visibility to all extends (full monitoring & logging of the node, pods and any other actions happening on the core)

​

• Optimize the development cycle by speeding up the process and deployment to spot -> also interesting for field operations & autonomy

​

• Provide a high level of availability and self healing capabilities

​

• Security, security & security

Replacing Portainer

Besides the mentioned downsides we also have:

​

Portainer/Compose is failing when sensors are missing/not connected.

The error handling causes drastical miss behaviour of the entire stack.

​

sudo snap install microk8s --classic --channel=1.27

​

Ubuntu 18.04

microK8s

Observability, Policies, Security

Replacing Core I/O interface

The latest version of Core - I/O got rid of Portainer to, and runs an own container runtime.

​

This solution prevents at the moment running anything then a simple container.

​

soooo….

Ubuntu 18.04

crun

kind

Extending Core I/O with wasm? because we can

Why to do that?

• Different target architectures provide a pain point during development

​

• Having many different versions of containers at the same time eating up space

​

• Increase the security limit

​

Ubuntu 18.04

crun

kind

kwasm

Providing WASM as additional runtime

# Add helm repo

helm repo add kwasm http://kwasm.sh/kwasm-operator/

# Install operator

helm install -n kwasm --create-namespace kwasm-operator kwasm/kwasm-operator

# Annotate single node

kubectl annotate node kind-worker kwasm.sh/kwasm-node=true

# Run example

kubectl apply -f examples/kind/runtimeclass.yaml

kubectl apply -f examples/kind/pod.yaml

​

Issues!

Still WIP

Bringing the different machine learning models into wasmSpot written yet in Python is kinda tricky.

​

Simple apps are no issue, but the complexity of different dependencies are not yet solved.

​

​

GitOps in Spot

What we want to achieve:

• Running ArgoCD in kind looking for new images whenever it has connection (5G/Wifi) or idles (charging station, planned break in a route).
• During development, this speed things up drastically.
• During working in the field and client side, this will allow to reduce the maintenance costs.

The dirty way we took:

• Quick and dirty implementation, no user management, just defaults
• We didn’t evaluate “the right” solution, might be replaced in future
• Have to build a scaling process around it

Newly gained capabilities

What we learned:

Spot is really just a walking server with sensors (and more).

​

It’s almost disappointing how easy Kubernetes & wasm got already.

​

Machine learning is not yet ready for wasm.

Keep in mind, this is experimental, we are not done yet!

Stupid ideas can turn in something relevant, BUT

Our cloud native ecosystem is maturing. To implement stuff getting way to easy.

Feedback & Questions