Add unikernel runtime: run services as Nanos VMs under QEMU/KVM

Implements the hypervisor design's Phase 1: a second runtime.Runtime backend (QEMU) that runs each service component as a Nanos unikernel VM instead of a podman container, selected per-component via a new runtime = "unikernel" service-def field. - internal/runtime/qemu.go: QEMURuntime. Pull extracts the ELF from the OCI image; Run does `ops build` + boots qemu-system-x86_64 with KVM, user-mode net port-forwards, QMP control socket and serial console log; Stop/Remove/Inspect/List/Logs map onto VM lifecycle + state dir. - proto/registry/servicedef: add runtime, memory_mb, vcpus fields (registry migration 5). - agent: holds both runtimes; runtimeFor() selects per component; listAllContainers() merges containers + VMs so drift/status see both. Unikernel runtime auto-enables on nodes with /dev/kvm + ops. Validated end-to-end on straylight: a test service deploys via `mcp deploy --direct`, boots as a Nanos unikernel, serves HTTP through the agent port-forward, and reports running via `mcp status`/`mcp logs`. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-11 00:54:49 -07:00
parent 3b08caaa0a
commit d56f224359
30 changed files with 949 additions and 152 deletions
--- a/internal/servicedef/servicedef.go
+++ b/internal/servicedef/servicedef.go
@@ -53,6 +53,9 @@ type ComponentDef struct {
 	Cmd     []string   `toml:"cmd,omitempty"`
 	Routes  []RouteDef `toml:"routes,omitempty"`
 	Env     []string   `toml:"env,omitempty"`
+	Runtime string     `toml:"runtime,omitempty"` // "container" (default) or "unikernel"
+	Memory  int        `toml:"memory,omitempty"`  // unikernel guest memory in MB
+	VCPUs   int        `toml:"vcpus,omitempty"`   // unikernel guest vCPUs
 }

 // Load reads and parses a TOML service definition file. If the active field
@@ -204,15 +207,18 @@ func ToProto(def *ServiceDef) *mcpv1.ServiceSpec {

 	for _, c := range def.Components {
 		cs := &mcpv1.ComponentSpec{
-			Name:    c.Name,
-			Image:   c.Image,
-			Network: c.Network,
-			User:    c.User,
-			Restart: c.Restart,
-			Ports:   c.Ports,
-			Volumes: c.Volumes,
-			Cmd:     c.Cmd,
-			Env:     c.Env,
+			Name:     c.Name,
+			Image:    c.Image,
+			Network:  c.Network,
+			User:     c.User,
+			Restart:  c.Restart,
+			Ports:    c.Ports,
+			Volumes:  c.Volumes,
+			Cmd:      c.Cmd,
+			Env:      c.Env,
+			Runtime:  c.Runtime,
+			MemoryMb: int32(c.Memory), //nolint:gosec // small config value
+			Vcpus:    int32(c.VCPUs),  //nolint:gosec // small config value
 		}
 		for _, r := range c.Routes {
 			cs.Routes = append(cs.Routes, &mcpv1.RouteSpec{