Reorganize runtime targets for scalable plugin support

.spi.yml

@@ -5,8 +5,9 @@ builder:
       documentation_targets:
         - ContainerAPIService
         - ContainerAPIClient
-        - ContainerSandboxService
-        - ContainerSandboxServiceClient
+        - ContainerRuntimeClient
+        - ContainerRuntimeLinuxClient
+        - ContainerRuntimeLinuxServer
         - ContainerNetworkService
         - ContainerNetworkServiceClient
         - ContainerImagesService

Package.swift

@@ -35,11 +35,13 @@ let package = Package(
         .library(name: "ContainerAPIClient", targets: ["ContainerAPIClient"]),
         .library(name: "ContainerImagesService", targets: ["ContainerImagesService", "ContainerImagesServiceClient"]),
         .library(name: "ContainerNetworkService", targets: ["ContainerNetworkService", "ContainerNetworkServiceClient"]),
-        .library(name: "ContainerSandboxService", targets: ["ContainerSandboxService", "ContainerSandboxServiceClient"]),
         .library(name: "ContainerResource", targets: ["ContainerResource"]),
         .library(name: "ContainerLog", targets: ["ContainerLog"]),
         .library(name: "ContainerPersistence", targets: ["ContainerPersistence"]),
         .library(name: "ContainerPlugin", targets: ["ContainerPlugin"]),
+        .library(name: "ContainerRuntimeClient", targets: ["ContainerRuntimeClient"]),
+        .library(name: "ContainerRuntimeLinuxClient", targets: ["ContainerRuntimeLinuxClient"]),
+        .library(name: "ContainerRuntimeLinuxServer", targets: ["ContainerRuntimeLinuxServer"]),
         .library(name: "ContainerVersion", targets: ["ContainerVersion"]),
         .library(name: "ContainerXPC", targets: ["ContainerXPC"]),
         .library(name: "ContainerOS", targets: ["ContainerOS"]),
@@ -108,7 +110,8 @@ let package = Package(
                 "ContainerPersistence",
                 "ContainerPlugin",
                 "ContainerResource",
-                "ContainerRuntimeLinuxTypes",
+                "ContainerRuntimeClient",
+                "ContainerRuntimeLinuxClient",
                 "ContainerVersion",
                 "ContainerXPC",
                 "TerminalProgress",
@@ -188,7 +191,7 @@ let package = Package(
                 "ContainerPersistence",
                 "ContainerPlugin",
                 "ContainerResource",
-                "ContainerSandboxServiceClient",
+                "ContainerRuntimeClient",
                 "ContainerVersion",
                 "ContainerXPC",
                 "TerminalProgress",
@@ -200,8 +203,8 @@ let package = Package(
             dependencies: [
                 .product(name: "Containerization", package: "containerization"),
                 "ContainerResource",
-                "ContainerRuntimeLinuxTypes",
-                "ContainerSandboxServiceClient",
+                "ContainerRuntimeLinuxClient",
+                "ContainerRuntimeClient",
             ]
         ),
         .target(
@@ -336,9 +339,9 @@ let package = Package(
             path: "Sources/Services/ContainerNetworkService/Client"
         ),
         .target(
-            name: "ContainerRuntimeLinuxTypes",
+            name: "ContainerRuntimeLinuxClient",
             dependencies: [],
-            path: "Sources/Plugins/RuntimeLinux/Types"
+            path: "Sources/Services/RuntimeLinux/Client"
         ),
         .executableTarget(
             name: "container-runtime-linux",
@@ -349,41 +352,43 @@ let package = Package(
                 "ContainerLog",
                 "ContainerPlugin",
                 "ContainerResource",
-                "ContainerRuntimeLinuxTypes",
-                "ContainerSandboxService",
-                "ContainerSandboxServiceClient",
+                "ContainerRuntimeClient",
+                "ContainerRuntimeLinuxClient",
+                "ContainerRuntimeLinuxServer",
                 "ContainerVersion",
                 "ContainerXPC",
             ],
             path: "Sources/Plugins/RuntimeLinux",
-            exclude: ["config.toml", "Types"]
+            exclude: ["config.toml"]
         ),
         .target(
-            name: "ContainerSandboxService",
+            name: "ContainerRuntimeLinuxServer",
             dependencies: [
                 .product(name: "Logging", package: "swift-log"),
                 .product(name: "Containerization", package: "containerization"),
                 .product(name: "ContainerizationExtras", package: "containerization"),
                 .product(name: "ContainerizationOS", package: "containerization"),
                 .product(name: "ArgumentParser", package: "swift-argument-parser"),
+                "ContainerAPIClient",
                 "ContainerNetworkServiceClient",
                 "ContainerOS",
                 "ContainerPersistence",
                 "ContainerResource",
-                "ContainerSandboxServiceClient",
+                "ContainerRuntimeClient",
+                "ContainerRuntimeLinuxClient",
                 "ContainerXPC",
                 "SocketForwarder",
             ],
-            path: "Sources/Services/ContainerSandboxService/Server"
+            path: "Sources/Services/RuntimeLinux/Server"
         ),
         .target(
-            name: "ContainerSandboxServiceClient",
+            name: "ContainerRuntimeClient",
             dependencies: [
                 "ContainerAPIClient",
                 "ContainerResource",
                 "ContainerXPC",
             ],
-            path: "Sources/Services/ContainerSandboxService/Client"
+            path: "Sources/Services/Runtime/RuntimeClient"
         ),
         .target(
             name: "ContainerResource",

Sources/Plugins/RuntimeLinux/RuntimeLinuxHelper+Start.swift

@@ -18,8 +18,8 @@ import ArgumentParser
 import ContainerLog
 import ContainerPlugin
 import ContainerResource
-import ContainerSandboxService
-import ContainerSandboxServiceClient
+import ContainerRuntimeClient
+import ContainerRuntimeLinuxServer
 import ContainerXPC
 import Foundation
 import Logging
@@ -74,7 +74,7 @@ extension RuntimeLinuxHelper {
                 log.info("configuring XPC server")
                 nonisolated(unsafe) let anonymousConnection = xpc_connection_create(nil, nil)
 
-                let server = SandboxService(
+                let server = RuntimeService(
                     root: .init(fileURLWithPath: root),
                     interfaceStrategies: interfaceStrategies,
                     eventLoopGroup: eventLoopGroup,
@@ -85,27 +85,27 @@ extension RuntimeLinuxHelper {
                 let endpointServer = XPCServer(
                     identifier: machServiceLabel,
                     routes: [
-                        SandboxRoutes.createEndpoint.rawValue: XPCServer.route(server.createEndpoint)
+                        RuntimeRoutes.createEndpoint.rawValue: XPCServer.route(server.createEndpoint)
                     ],
                     log: log
                 )
 
                 let mainServer = XPCServer(
                     connection: anonymousConnection,
                     routes: [
-                        SandboxRoutes.bootstrap.rawValue: XPCServer.route(server.bootstrap),
-                        SandboxRoutes.createProcess.rawValue: XPCServer.route(server.createProcess),
-                        SandboxRoutes.state.rawValue: XPCServer.route(server.state),
-                        SandboxRoutes.stop.rawValue: XPCServer.route(server.stop),
-                        SandboxRoutes.kill.rawValue: XPCServer.route(server.kill),
-                        SandboxRoutes.resize.rawValue: XPCServer.route(server.resize),
-                        SandboxRoutes.wait.rawValue: XPCServer.route(server.wait),
-                        SandboxRoutes.start.rawValue: XPCServer.route(server.startProcess),
-                        SandboxRoutes.dial.rawValue: XPCServer.route(server.dial),
-                        SandboxRoutes.shutdown.rawValue: XPCServer.route(server.shutdown),
-                        SandboxRoutes.statistics.rawValue: XPCServer.route(server.statistics),
-                        SandboxRoutes.copyIn.rawValue: XPCServer.route(server.copyIn),
-                        SandboxRoutes.copyOut.rawValue: XPCServer.route(server.copyOut),
+                        RuntimeRoutes.bootstrap.rawValue: XPCServer.route(server.bootstrap),
+                        RuntimeRoutes.createProcess.rawValue: XPCServer.route(server.createProcess),
+                        RuntimeRoutes.state.rawValue: XPCServer.route(server.state),
+                        RuntimeRoutes.stop.rawValue: XPCServer.route(server.stop),
+                        RuntimeRoutes.kill.rawValue: XPCServer.route(server.kill),
+                        RuntimeRoutes.resize.rawValue: XPCServer.route(server.resize),
+                        RuntimeRoutes.wait.rawValue: XPCServer.route(server.wait),
+                        RuntimeRoutes.start.rawValue: XPCServer.route(server.startProcess),
+                        RuntimeRoutes.dial.rawValue: XPCServer.route(server.dial),
+                        RuntimeRoutes.shutdown.rawValue: XPCServer.route(server.shutdown),
+                        RuntimeRoutes.statistics.rawValue: XPCServer.route(server.statistics),
+                        RuntimeRoutes.copyIn.rawValue: XPCServer.route(server.copyIn),
+                        RuntimeRoutes.copyOut.rawValue: XPCServer.route(server.copyOut),
                     ],
                     log: log
                 )

Sources/Services/ContainerAPIService/Server/Containers/ContainersService.swift

@@ -19,7 +19,7 @@ import ContainerAPIClient
 import ContainerPersistence
 import ContainerPlugin
 import ContainerResource
-import ContainerSandboxServiceClient
+import ContainerRuntimeClient
 import ContainerXPC
 import Containerization
 import ContainerizationEXT4
@@ -34,11 +34,11 @@ import SystemPackage
 public actor ContainersService {
     struct ContainerState {
         var snapshot: ContainerSnapshot
-        var client: SandboxClient? = nil
+        var client: RuntimeClient? = nil
 
-        func getClient() throws -> SandboxClient {
+        func getClient() throws -> RuntimeClient {
             guard let client else {
-                var message = "no sandbox client exists"
+                var message = "no runtime client exists"
                 if snapshot.status == .stopped {
                     message += ": container is stopped"
                 }
@@ -335,7 +335,7 @@ public actor ContainersService {
             // to boot. We can go lower, but this is a somewhat safe threshold. Containerization
             // also gives a little bit extra than the user asked for to account for guest agent overhead.
             //
-            // NOTE: We could potentially leave this validation to the sandbox service(s), as
+            // NOTE: We could potentially leave this validation to the runtime service(s), as
             // it's possible there could be an implementation that can get away with a lower
             // amount and be perfectly safe.
             let minimumMemory: UInt64 = 200.mib()
@@ -451,18 +451,18 @@ public actor ContainersService {
                 )
 
                 let runtime = state.snapshot.configuration.runtimeHandler
-                let sandboxClient = try await SandboxClient.create(
+                let runtimeClient = try await RuntimeClient.create(
                     id: id,
                     runtime: runtime
                 )
-                try await sandboxClient.bootstrap(stdio: stdio, networkBootstrapInfos: networkBootstrapInfos, dynamicEnv: dynamicEnv)
+                try await runtimeClient.bootstrap(stdio: stdio, networkBootstrapInfos: networkBootstrapInfos, dynamicEnv: dynamicEnv)
 
                 try await self.exitMonitor.registerProcess(
                     id: id,
                     onExit: self.handleContainerExit
                 )
 
-                state.client = sandboxClient
+                state.client = runtimeClient
                 await self.setContainerState(id, state, context: context)
             } catch {
                 let label = Self.fullLaunchdServiceLabel(
@@ -629,7 +629,7 @@ public actor ContainersService {
         let state = try self._getContainerState(id: id)
 
         // Stop should be idempotent.
-        let client: SandboxClient
+        let client: RuntimeClient
         do {
             client = try state.getClient()
         } catch {
@@ -941,8 +941,8 @@ public actor ContainersService {
 
         await self.exitMonitor.stopTracking(id: id)
 
-        // Shutdown and deregister the sandbox service
-        self.log.info("shutting down sandbox service", metadata: ["id": "\(id)"])
+        // Shutdown and deregister the runtime service
+        self.log.info("shutting down runtime service", metadata: ["id": "\(id)"])
 
         let path = self.containerRoot.appendingPathComponent(id)
         let bundle = ContainerResource.Bundle(path: path)
@@ -952,15 +952,15 @@ public actor ContainersService {
             instanceId: id
         )
 
-        // Try to shutdown the client gracefully, but if the sandbox service
+        // Try to shutdown the client gracefully, but if the runtime service
         // is already dead (e.g., killed externally), we should still continue
         // with state cleanup.
         if let client = state.client {
             do {
                 try await client.shutdown()
             } catch {
                 self.log.error(
-                    "failed to shutdown sandbox service",
+                    "failed to shutdown runtime service",
                     metadata: [
                         "id": "\(id)",
                         "error": "\(error)",
@@ -973,10 +973,10 @@ public actor ContainersService {
         // the process was killed externally.
         do {
             try ServiceManager.deregister(fullServiceLabel: label)
-            self.log.info("deregistered sandbox service", metadata: ["id": "\(id)"])
+            self.log.info("deregistered runtime service", metadata: ["id": "\(id)"])
         } catch {
             self.log.error(
-                "failed to deregister sandbox service",
+                "failed to deregister runtime service",
                 metadata: [
                     "id": "\(id)",
                     "error": "\(error)",