wasmCloud · lxfontes · Nov 25, 2025 · Nov 25, 2025 · Nov 25, 2025
@@ -15,3 +15,30 @@ proto-format:
 .PHONY: proto-lint
 proto-lint:
 	docker run --volume "$(PWD):/workspace" --workdir /workspace bufbuild/buf lint
+
+# Local Dev
+.PHONY: kind-setup
+kind-setup:
+	kind create cluster --name wasmcloud --config "kind-config.yaml"
+
+.PHONY: kind-nuke
+kind-nuke:
+	kind delete cluster --name wasmcloud
+
+# Helm
+.PHONY: helm-build
+helm-build:
+	helm dependency build charts/runtime-operator
+
+.PHONY: helm-render
+helm-render:
+	helm template -n example-ns example-name charts/runtime-operator
+
+.PHONY: helm-install
+helm-install:
+	helm upgrade --install --create-namespace -n wasmcloud-system -f charts/runtime-operator/values.local.yaml operator-dev charts/runtime-operator
+
+.PHONY: helm-uninstall
+helm-uninstall:
+	helm delete -n wasmcloud-system --ignore-not-found --cascade foreground operator-dev
+
@@ -178,6 +178,38 @@ wash is built with the following key principles:
 - **Extensible**: Plugin system allows integration with different platforms and workflows
 - **Developer Experience**: Hot-reload development loops and comprehensive tooling
 
+## Wash & Kubernetes
+
+Start kind cluster:
+
+```sh
+make kind-setup
+```
+
+Install chart with pre-configured values:
+
+```sh
+make helm-install
+```
+
+Wait for all pods to come online.
+
+Check if hosts registered correctly:
+
+```sh
+❯ kubectl get host
+NAME                    HOSTID                                 HOSTGROUP         READY   AGE
+near-jam-0148           a67300ea-558b-4bb7-b126-253e66d997ae   public-ingress    True    2m10s
+nonchalant-crown-3127   8cf2c415-409f-4dd8-b334-8a9dbb2d4aa4   default           True    2m10s
+obscene-thunder-6047    2f5aa990-c06a-4d1c-9dcf-edc4a8535fd5   private-ingress   True    2m9s
+```
+
+- `public-ingress`: Hostgroup with HTTP enabled and bound to localhost port 80, simulating a load-balancer
+- `private-ingress`: Hostgroup with HTTP enabled and cluster-only access, simulating an internal load-balancer ( Kubernetes Service Name `hostgroup-private-ingress` )
+- `default`: Hostgroup with no incoming HTTP, for `wasmcloud:messaging` handlers & Services
+
+In this setup, HTTP workloads usually go to `public-ingress`.
+
 ## Documentation
 
 - [WebAssembly Component Model](https://component-model.bytecodealliance.org/) - Learn about the component model

@@ -70,7 +70,7 @@ test: manifests generate fmt vet envtest ## Run tests.
 # - CERT_MANAGER_INSTALL_SKIP=true
 .PHONY: test-e2e
 test-e2e: manifests generate fmt vet ## Run the e2e tests. Expected an isolated environment using Kind.
-	@go tool kind get clusters | grep -q 'kind' || { \
+	@kind get clusters | grep -q 'kind' || { \
 		echo "No Kind cluster is running. Please start a Kind cluster before running the e2e tests."; \
 		exit 1; \
 	}
@@ -96,7 +96,7 @@ run: manifests generate fmt vet ## Run a controller from your host.
 
 .PHONY: devlog
 devlog:
-	$(MAKE) run 2>&1 | jq -R -r ". as \$$line | try fromjson catch \$$line"
+	go tool air 2>&1 | jq -R -r ". as \$$line | try fromjson catch \$$line"
 
 .PHONY: runtime-operator
 runtime-operator:
@@ -216,28 +216,3 @@ mv $(1) $(1)-$(3) ;\
 ln -sf $(1)-$(3) $(1)
 endef
 
-# Helm
-.PHONY: helm-build
-helm-build:
-	helm dependency build charts/runtime-operator
-
-.PHONY: helm-render
-helm-render:
-	helm template -n example-ns example-name charts/runtime-operator
-
-.PHONY: helm-install
-helm-install:
-	helm upgrade --install --create-namespace -n wasmcloud-system -f charts/runtime-operator/values.local.yaml operator-dev charts/runtime-operator
-
-.PHONY: helm-uninstall
-helm-uninstall:
-	helm delete -n wasmcloud-system --ignore-not-found --cascade foreground operator-dev
-
-# Local Dev
-.PHONY: kind-setup
-kind-setup:
-	go tool kind create cluster --name wasmcloud --config "kind-config.yaml"
-
-.PHONY: kind-nuke
-kind-nuke:
-	go tool kind delete cluster --name wasmcloud
@@ -1,134 +1,73 @@
-### To Deploy locally
+# Runtime Operator
 
-Start kind cluster
+## Development
 
-```sh
-go tool kind create cluster
-```
+You will need a local Kind cluster, NATS, and a Wash host.
 
-**Install the CRDs into the cluster:**
+For NATS, use:
 
 ```sh
-make install
+docker run --rm --name wasmcloud-nats -p 4222:4222 nats -js
 ```
 
-**Run the Manager:**
+For Wash Host, use:
 
 ```sh
-make devlog
+wash host --http-addr 127.0.0.1:8000
 ```
 
-You can apply the samples (examples) from the config/sample:
-
-```sh
-kubectl apply -k config/samples/dev
-```
-
-### To Deploy on remote cluster
-
-**Build and push your image to the location specified by `IMG`:**
+or from the top git directory:
 
 ```sh
-make docker-build docker-push IMG=<some-registry>/operator:tag
+cargo run -- host --http-addr 127.0.0.1:8000
 ```
 
-**NOTE:** This image ought to be published in the personal registry you specified.
-And it is required to have access to pull the image from the working environment.
-Make sure you have the proper permission to the registry if the above commands don’t work.
+For local kind cluster, refer to [wash/README.md](../README.md).
 
-**Install the CRDs into the cluster:**
+Install the CRDs into the cluster:
 
 ```sh
 make install
 ```
 
-**Deploy the Manager to the cluster with the image specified by `IMG`:**
+Run the Builder / Watcher:
 
 ```sh
-make deploy IMG=<some-registry>/operator:tag
+make devlog
 ```
 
-> **NOTE**: If you encounter RBAC errors, you may need to grant yourself cluster-admin
-> privileges or be logged in as admin.
-
-### To Uninstall
-
-**Delete the APIs(CRDs) from the cluster:**
+You can apply development samples from the config/sample:
 
 ```sh
-make uninstall
+kubectl apply -f config/samples
 ```
 
-**UnDeploy the controller from the cluster:**
+Verify the Wash Host registered correctly with:
 
 ```sh
-make undeploy
+kubectl get host
 ```
 
-Or ...... delete the kind cluster.
+Example:
 
-```sh
-kind delete cluster
 ```
-
-## Project Distribution
-
-Following are the steps to build the installer and distribute this project to users.
-
-1. Build the installer for the image built and published in the registry:
-
-```sh
-make build-installer IMG=<some-registry>/operator:tag
+❯ kubectl get host
+NAME               HOSTID                                 HOSTGROUP   READY   AGE
+exotic-toes-5866   14b0a1df-3f91-441c-b304-2aa56e9bef6e   default     True    52s
 ```
 
-NOTE: The makefile target mentioned above generates an 'install.yaml'
-file in the dist directory. This file contains all the resources built
-with Kustomize, which are necessary to install this project without
-its dependencies.
-
-2. Using the installer
+If you applied the samples, check if they deployed correctly:
 
-Users can just run kubectl apply -f <URL for YAML BUNDLE> to install the project, i.e.:
-
-```sh
-kubectl apply -f https://raw.githubusercontent.com/<org>/operator/<tag or branch>/dist/install.yaml
 ```
+❯ kubectl get workloaddeployment
+NAME     REPLICAS   READY
+blobby   1          True
+hello    1          True
 
-# FAQ
+❯ curl -i hello.localhost.direct:8000
+HTTP/1.1 200 OK
+transfer-encoding: chunked
+date: Tue, 25 Nov 2025 15:30:32 GMT
 
-## How to use Private Registry Image Pulls?
-
-Create a secret named `ghcr`:
-
-```sh
-kubectl create secret docker-registry ghcr --docker-server=https://ghcr.io --docker-username=<your-user> --docker-password=<your-token> --docker-email=<your-email>
+Hello from Rust!
 ```
-
-then use it as imagePullSecret.
-
-## What permissions does the Operator need on Kubernetes Core Resources?
-
-Full RBAC definition [can be found here](./config/rbac/role.yaml)
-
-### CRUD Cluster Wide ( Create Update Delete on any deployable namespace )
-
-- apps
-  - Deployment
-  - Statefulset
-- core
-  - Service
-  - ServiceAccount
-  - ConfigMap
-  - Secret
-  - PersistentVolumeClaim
-  - Event
-
-### CRUD Operator namespace ( Create Update Delete specifically on `wasmcloud-system` )
-
-- coordination.k8s.io
-  - Lease
-
-### Create Only
-
-- authentication.k8s.io
-  - SubjectAccessReview
@@ -12,7 +12,8 @@ spec:
           interfaces:
             - incoming-handler
           config:
-            host: localhost
+            # public dns alias for 127.0.0.1
+            host: blobby.localhost.direct:8000
         - namespace: wasi
           package: blobstore
           version: 0.2.0-draft

@@ -6,15 +6,14 @@ spec:
   replicas: 1
   template:
     spec:
-      hostSelector:
-        hostgroup: public-ingress
       hostInterfaces:
         - namespace: wasi
           package: http
           interfaces:
             - incoming-handler
           config:
-            host: localhost
+            # public dns alias for 127.0.0.1
+            host: hello.localhost.direct:8000
       components:
         - name: hello-world
           image: ghcr.io/wasmcloud/components/http-hello-world-rust:0.1.0