Add unikernel runtime: run services as Nanos VMs under QEMU/KVM

Implements the hypervisor design's Phase 1: a second runtime.Runtime backend (QEMU) that runs each service component as a Nanos unikernel VM instead of a podman container, selected per-component via a new runtime = "unikernel" service-def field. - internal/runtime/qemu.go: QEMURuntime. Pull extracts the ELF from the OCI image; Run does `ops build` + boots qemu-system-x86_64 with KVM, user-mode net port-forwards, QMP control socket and serial console log; Stop/Remove/Inspect/List/Logs map onto VM lifecycle + state dir. - proto/registry/servicedef: add runtime, memory_mb, vcpus fields (registry migration 5). - agent: holds both runtimes; runtimeFor() selects per component; listAllContainers() merges containers + VMs so drift/status see both. Unikernel runtime auto-enables on nodes with /dev/kvm + ops. Validated end-to-end on straylight: a test service deploys via `mcp deploy --direct`, boots as a Nanos unikernel, serves HTTP through the agent port-forward, and reports running via `mcp status`/`mcp logs`. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-11 00:54:49 -07:00
parent 3b08caaa0a
commit d56f224359
30 changed files with 949 additions and 152 deletions
--- a/internal/registry/components.go
+++ b/internal/registry/components.go
@@ -30,10 +30,22 @@ type Component struct {
 	Volumes       []string
 	Cmd           []string
 	Routes        []Route
+	Runtime       string // "container" (default) or "unikernel"
+	MemoryMB      int    // unikernel guest memory in MB
+	VCPUs         int    // unikernel guest vCPUs
 	CreatedAt     time.Time
 	UpdatedAt     time.Time
 }

+// defaultRuntime normalizes an empty runtime to "container" so the
+// components.runtime column is never empty.
+func defaultRuntime(r string) string {
+	if r == "" {
+		return "container"
+	}
+	return r
+}
+
 // CreateComponent creates a new component in the registry.
 func CreateComponent(db *sql.DB, c *Component) error {
 	tx, err := db.Begin()
@@ -43,10 +55,10 @@ func CreateComponent(db *sql.DB, c *Component) error {
 	defer tx.Rollback() //nolint:errcheck

 	_, err = tx.Exec(`
-		INSERT INTO components (name, service, image, network, user_spec, restart, desired_state, observed_state, version)
-		VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)`,
+		INSERT INTO components (name, service, image, network, user_spec, restart, desired_state, observed_state, version, runtime, memory_mb, vcpus)
+		VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`,
 		c.Name, c.Service, c.Image, c.Network, c.UserSpec, c.Restart,
-		c.DesiredState, c.ObservedState, c.Version,
+		c.DesiredState, c.ObservedState, c.Version, defaultRuntime(c.Runtime), c.MemoryMB, c.VCPUs,
 	)
 	if err != nil {
 		return fmt.Errorf("insert component %q/%q: %w", c.Service, c.Name, err)
@@ -74,11 +86,11 @@ func GetComponent(db *sql.DB, service, name string) (*Component, error) {
 	var createdAt, updatedAt string
 	err := db.QueryRow(`
 		SELECT name, service, image, network, user_spec, restart,
-		       desired_state, observed_state, version, created_at, updated_at
+		       desired_state, observed_state, version, runtime, memory_mb, vcpus, created_at, updated_at
 		FROM components WHERE service = ? AND name = ?`,
 		service, name,
 	).Scan(&c.Name, &c.Service, &c.Image, &c.Network, &c.UserSpec, &c.Restart,
-		&c.DesiredState, &c.ObservedState, &c.Version, &createdAt, &updatedAt)
+		&c.DesiredState, &c.ObservedState, &c.Version, &c.Runtime, &c.MemoryMB, &c.VCPUs, &createdAt, &updatedAt)
 	if err != nil {
 		return nil, fmt.Errorf("get component %q/%q: %w", service, name, err)
 	}
@@ -109,7 +121,7 @@ func GetComponent(db *sql.DB, service, name string) (*Component, error) {
 func ListComponents(db *sql.DB, service string) ([]Component, error) {
 	rows, err := db.Query(`
 		SELECT name, service, image, network, user_spec, restart,
-		       desired_state, observed_state, version, created_at, updated_at
+		       desired_state, observed_state, version, runtime, memory_mb, vcpus, created_at, updated_at
 		FROM components WHERE service = ? ORDER BY name`,
 		service,
 	)
@@ -123,7 +135,7 @@ func ListComponents(db *sql.DB, service string) ([]Component, error) {
 		var c Component
 		var createdAt, updatedAt string
 		if err := rows.Scan(&c.Name, &c.Service, &c.Image, &c.Network, &c.UserSpec, &c.Restart,
-			&c.DesiredState, &c.ObservedState, &c.Version, &createdAt, &updatedAt); err != nil {
+			&c.DesiredState, &c.ObservedState, &c.Version, &c.Runtime, &c.MemoryMB, &c.VCPUs, &createdAt, &updatedAt); err != nil {
 			return nil, fmt.Errorf("scan component: %w", err)
 		}
 		c.CreatedAt, _ = time.Parse("2006-01-02 15:04:05", createdAt)
@@ -169,9 +181,11 @@ func UpdateComponentSpec(db *sql.DB, c *Component) error {

 	_, err = tx.Exec(`
 		UPDATE components
-		SET image = ?, network = ?, user_spec = ?, restart = ?, version = ?, updated_at = datetime('now')
+		SET image = ?, network = ?, user_spec = ?, restart = ?, version = ?,
+		    runtime = ?, memory_mb = ?, vcpus = ?, updated_at = datetime('now')
 		WHERE service = ? AND name = ?`,
-		c.Image, c.Network, c.UserSpec, c.Restart, c.Version, c.Service, c.Name,
+		c.Image, c.Network, c.UserSpec, c.Restart, c.Version,
+		defaultRuntime(c.Runtime), c.MemoryMB, c.VCPUs, c.Service, c.Name,
 	)
 	if err != nil {
 		return fmt.Errorf("update component %q/%q: %w", c.Service, c.Name, err)