feat: in-sandbox boost channel (HTTP-over-Unix-socket)#15
Merged
Conversation
…Request; StartBoostOpts.Source
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…resolution Add EnableBoostChannel *bool to CreateSandboxOpts (nil = use daemon default) and defaultBoostChannel bool to SandboxService / NewSandboxService. Both Create and CreateFromSnapshot resolve the option at create time and persist it onto domain.Sandbox; handleCreate threads EnableBoostChannel and SandboxID through to domain.CreateSandboxRequest so the provider can bind the boost socket. All NewSandboxService call sites updated to pass false for now; Task 11 will swap cmd/navarisd/main.go to cfg.boostChannelEnabled.
Default Source to "external" when empty; propagate to EventBoostStarted, EventBoostExpired, and EventBoostRevertFailed payloads. Pass Source: "external" explicitly from the operator HTTP handler. Tests cover both explicit in_sandbox and default-external paths.
Implements BoostHTTPHandler which serves a minimal HTTP/1.1 API over per-sandbox connections (net.Conn). Reads one request via http.ReadRequest, dispatches to BoostService (POST/GET/DELETE /boost) or SandboxStore (GET /sandbox), writes one response, closes the conn. Rate-limits per sandbox via the token-bucket RateLimiter from Task 6 with flat per-conn accounting. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Add a per-VM unix-socket listener that accepts guest-initiated vsock connections on <vmDir>/vsock_1025 (or <vmDir>/root/vsock_1025 with jailer) and dispatches each connection to the BoostHTTPHandler via the boostServer interface. The interface decouples the firecracker package from internal/api to avoid cyclic imports. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…er wiring Add --boost-channel-enabled (default true) and --boost-channel-dir flags to navarisd; swap the hardcoded false in NewSandboxService to cfg.boostChannelEnabled; pass cfg.boostChannelDir into incus.Config.BoostChannelDir. Introduce provider.BoostServer exported interface in internal/provider/boost.go so both the firecracker and incus providers can expose SetBoostHandler(provider.BoostServer) without importing internal/api (which would violate layering). After boostSvc and BoostHTTPHandler are constructed, main.go walks the builtProviders slice and calls SetBoostHandler via a local boostHandlerSetter interface assertion. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Add RestartBoostListeners (FC) and RestartBoostChannel (Incus) to replay boost listeners for surviving VMs/containers after a daemon restart. Wire both replay calls in main.go after SetBoostHandler is wired, fixing the silent no-op that would occur if called inside recover(). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…k 502 not file presence The agent's RunBoostProxy always creates /var/run/navaris-guest.sock inside the guest regardless of host-side opt-out, so the file-existence assertion was wrong. With EnableBoostChannel=false the host-side vsock_1025 listener isn't created, the proxy's vsock.Dial fails, and the proxy returns 502 — that's the right behavioral indicator.
Previous commit edited the wrong Dockerfile — Dockerfile.navarisd is for Incus paths; FC compose uses Dockerfile.navarisd-firecracker. Adding curl to both the alpine and debian rootfs builds so the boost-channel tests can POST via curl --unix-socket from inside the guest.
erans
added a commit
that referenced
this pull request
Apr 27, 2026
Implementation merged in #15. The spec was committed locally before the worktree was created (commit 8c3fe98), but never pushed; the plan was authored as an untracked file. GitHub's squash-merge treated 8c3fe98 as part of the merge base and excluded it from the squash, so neither doc landed on main. Adding both retroactively to keep the docs/specs and docs/plans directories complete for future reference.
7 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Implementation per spec and plan. 15 commits, one per task.
Notable decisions
Daemon flags
Test plan
🤖 Generated with Claude Code