e2b-dev · 0div · May 17, 2025 · May 17, 2025 · May 19, 2025 · May 19, 2025
@@ -240,14 +240,36 @@ func (c *apiClient) setMachineConfig(
 		Context: ctx,
 		Body:    machineConfig,
 	}
-
 	_, err := c.client.Operations.PutMachineConfiguration(&machineConfigParams)
 	if err != nil {
 		return fmt.Errorf("error setting fc machine config: %w", err)
 	}
 	return nil
 }
 
+// https://github.com/firecracker-microvm/firecracker/blob/main/docs/entropy.md#firecracker-implementation
+func (c *apiClient) setEntropyDevice(ctx context.Context, size int64, oneTimeBurst int64, refillTime int64) error {
+	entropyConfig := operations.PutEntropyDeviceParams{
+		Context: ctx,
+		Body: &models.EntropyDevice{
+			RateLimiter: &models.RateLimiter{
+				Bandwidth: &models.TokenBucket{
+					Size:         &size,
+					OneTimeBurst: &oneTimeBurst,
+					RefillTime:   &refillTime,
+				},
+			},
+		},
+	}
+
+	_, err := c.client.Operations.PutEntropyDevice(&entropyConfig)
+	if err != nil {
+		return fmt.Errorf("error setting fc entropy config: %w", err)
+	}
+
+	return nil
+}
+
 func (c *apiClient) startVM(ctx context.Context) error {
 	start := models.InstanceActionInfoActionTypeInstanceStart
 	startActionParams := operations.CreateSyncActionParams{

@@ -24,14 +24,38 @@ func (c *apiClient) resumeVM(ctx context.Context) error {
 	return nil
 }
 
+func (c *apiClient) pauseVM(ctx context.Context) error {
+	return nil
+}
+
+func (c *apiClient) createSnapshot(ctx context.Context, snapfilePath string, memfilePath string) error {
+	return nil
+}
+
 func (c *apiClient) setMmds(ctx context.Context, metadata *MmdsMetadata) error {
 	return nil
 }
 
-func (c *apiClient) pauseVM(ctx context.Context) error {
+func (c *apiClient) setBootSource(ctx context.Context, kernelArgs string, kernelPath string) error {
 	return nil
 }
 
-func (c *apiClient) createSnapshot(ctx context.Context, snapfilePath string, memfilePath string) error {
+func (c *apiClient) setRootfsDrive(ctx context.Context, rootfsDrivePath string) error {
+	return nil
+}
+
+func (c *apiClient) setNetworkInterface(ctx context.Context, vpeerName string, tapName string, tapMAC string) error {
+	return nil
+}
+
+func (c *apiClient) setMachineConfig(ctx context.Context, vCPUCount int64, memoryMB int64, hugePages bool) error {
+	return nil
+}
+
+func (c *apiClient) setEntropyDevice(ctx context.Context, size int64, oneTimeBurst int64, refillTime int64) error {
+	return nil
+}
+
+func (c *apiClient) startVM(ctx context.Context) error {
 	return nil
 }
@@ -32,6 +32,13 @@ ln -s {{ .rootfsPath }} {{ .buildRootfsPath }} &&
 ln -s {{ .kernelPath }} {{ .buildKernelPath }} &&
 ip netns exec {{ .namespaceID }} {{ .firecrackerPath }} --api-sock {{ .firecrackerSocket }}`
 
+// Default entropy device bandwidth rate limiter config
+const (
+	size         = 1000
+	oneTimeBurst = 0
+	refillTime   = 100
+)
+
 var startScriptTemplate = txtTemplate.Must(txtTemplate.New("fc-start").Parse(startScript))
 
 type Process struct {
@@ -312,6 +319,14 @@ func (p *Process) Create(
 	}
 	telemetry.ReportEvent(childCtx, "set fc machine config")
 
+	err = p.client.setEntropyDevice(childCtx, size, oneTimeBurst, refillTime)
+	if err != nil {
+		fcStopErr := p.Stop()
+
+		return errors.Join(fmt.Errorf("error setting fc entropy config: %w", err), fcStopErr)
+	}
+	telemetry.ReportEvent(childCtx, "set fc entropy config")
+
 	err = p.client.startVM(childCtx)
 	if err != nil {
 		fcStopErr := p.Stop()

@@ -8,15 +8,17 @@ import (
 	"errors"
 	"fmt"
 	"net/http"
-	"sync/atomic"
 	"time"
 
 	"go.opentelemetry.io/otel/trace"
 
 	"github.com/e2b-dev/infra/packages/orchestrator/internal/sandbox/build"
+	"github.com/e2b-dev/infra/packages/orchestrator/internal/sandbox/fc"
 	"github.com/e2b-dev/infra/packages/orchestrator/internal/sandbox/nbd"
 	"github.com/e2b-dev/infra/packages/orchestrator/internal/sandbox/network"
+	"github.com/e2b-dev/infra/packages/orchestrator/internal/sandbox/rootfs"
 	"github.com/e2b-dev/infra/packages/orchestrator/internal/sandbox/template"
+	"github.com/e2b-dev/infra/packages/orchestrator/internal/sandbox/uffd"
 	"github.com/e2b-dev/infra/packages/shared/pkg/chdb"
 	"github.com/e2b-dev/infra/packages/shared/pkg/grpc/orchestrator"
 	sbxlogger "github.com/e2b-dev/infra/packages/shared/pkg/logger/sandbox"
@@ -39,26 +41,38 @@ func (m *NoOpCleanup) Run(ctx context.Context) error {
 	return errors.New("platform does not support sandbox")
 }
 
+type Resources struct {
+	Slot     network.Slot
+	rootfs   *rootfs.CowDevice
+	memory   uffd.MemoryBackend
+	uffdExit chan error
+}
+
+type Metadata struct {
+	Config    *orchestrator.SandboxConfig
+	StartedAt time.Time
+	EndAt     time.Time
+	StartID   string
+}
+
 type Sandbox struct {
 
 	// YOU ARE IN SANDBOX_OTHER.GO
 	// YOU PROBABLY WANT TO BE IN SANDBOX_LINUX.GO
 
-	Config          *orchestrator.SandboxConfig
-	process         NoOpProcess
-	uffdExit        chan error
-	cleanup         NoOpCleanup
-	healthy         atomic.Bool
-	Slot            network.Slot
-	EndAt           time.Time
-	StartedAt       time.Time
-	ClickhouseStore chdb.Store
+	*Resources
+	*Metadata
+
+	files   *storage.SandboxFiles
+	cleanup *Cleanup
+
+	process *fc.Process
 
-	useLokiMetrics       string
-	useClickhouseMetrics string
+	template template.Template
 
-	// Unique ID for the sandbox start.
-	StartID string
+	ClickhouseStore chdb.Store
+
+	Checks *Checks
 }
 
 func (s *Sandbox) LoggerMetadata() sbxlogger.SandboxMetadata {
@@ -111,6 +125,57 @@ func (s *Sandbox) Snapshot(
 	return nil, errors.New("platform does not support snapshot")
 }
 
+func (s *Sandbox) Close(ctx context.Context, tracer trace.Tracer) error {
+	return errors.New("platform does not support sandbox")
+}
+
+func (s *Sandbox) Pause(
+	ctx context.Context,
+	tracer trace.Tracer,
+	snapshotTemplateFiles *storage.TemplateCacheFiles,
+) (*Snapshot, error) {
+	return nil, errors.New("platform does not support sandbox")
+}
+
+func (s *Sandbox) waitForStart(
+	ctx context.Context,
+	tracer trace.Tracer,
+) error {
+	return errors.New("platform does not support sandbox")
+}
+
+func CreateSandbox(
+	ctx context.Context,
+
+	tracer trace.Tracer,
+	networkPool *network.Pool,
+	devicePool *nbd.DevicePool,
+	config *orchestrator.SandboxConfig,
+	template template.Template,
+	sandboxTimeout time.Duration,
+	rootfsCOWCachePath string,
+) (*Sandbox, *Cleanup, error) {
+	return nil, nil, errors.New("platform does not support sandbox")
+}
+
+func ResumeSandbox(
+	ctx context.Context,
+	tracer trace.Tracer,
+	networkPool *network.Pool,
+	templateCache *template.Cache,
+	config *orchestrator.SandboxConfig,
+	traceID string,
+	startedAt time.Time,
+	endAt time.Time,
+	baseTemplateID string,
+	devicePool *nbd.DevicePool,
+	clickhouseStore chdb.Store,
+	useLokiMetrics string,
+	useClickhouseMetrics string,
+) (*Sandbox, *Cleanup, error) {
+	return nil, nil, errors.New("platform does not support sandbox")
+}
+
 type Snapshot struct {
 	MemfileDiff       build.Diff
 	MemfileDiffHeader *header.Header