From adbe2e11784d80c929974ff2ed51b33d8b002162 Mon Sep 17 00:00:00 2001 From: Alex Zenla Date: Fri, 19 Dec 2025 13:26:32 -0800 Subject: [PATCH 1/4] feat(control): implement control api access over idm --- protect/control/v1/common.proto | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/protect/control/v1/common.proto b/protect/control/v1/common.proto index 7d5db29..b413916 100644 --- a/protect/control/v1/common.proto +++ b/protect/control/v1/common.proto @@ -25,6 +25,16 @@ message ZoneSpec { ZoneVirtualizationOptionsSpec virtualization_options = 9; ZoneScratchDiskSpec scratch_disk = 10; repeated OciImageSpec addons = 11; + ZoneControlApiSpec control_api = 12; +} + +enum ZoneControlApiAccess { + ZONE_CONTROL_API_ACCESS_DENY = 0; + ZONE_CONTROL_API_ACCESS_ALLOW = 1; +} + +message ZoneControlApiSpec { + ZoneControlApiAccess access = 1; } enum ZoneResourceAdjustmentPolicy { From 4b8dc0883616c396f159a87523a2f022b8ca4864 Mon Sep 17 00:00:00 2001 From: Alex Zenla Date: Tue, 23 Dec 2025 15:22:08 -0800 Subject: [PATCH 2/4] feat(control): introduce resource origin apis --- protect/control/v1/common.proto | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/protect/control/v1/common.proto b/protect/control/v1/common.proto index b413916..ba79f1e 100644 --- a/protect/control/v1/common.proto +++ b/protect/control/v1/common.proto @@ -5,10 +5,16 @@ package protect.control.v1; import "google/protobuf/struct.proto"; import "google/protobuf/timestamp.proto"; +message ResourceOrigin { + string zone_id = 1; + string workload_id = 2; +} + message Zone { string id = 1; ZoneSpec spec = 2; ZoneStatus status = 3; + ResourceOrigin origin = 4; } message ZoneSpec { @@ -396,6 +402,7 @@ message Workload { string id = 1; WorkloadSpec spec = 2; WorkloadStatus status = 3; + ResourceOrigin origin = 4; } enum HostCpuTopologyClass { From bfb1bdb993693310aed86982c53cf8f91376e673 Mon Sep 17 00:00:00 2001 From: Alex Zenla Date: Wed, 24 Dec 2025 20:49:10 -0800 Subject: [PATCH 3/4] implement basic control snoop support --- protect/control/v1/control.proto | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/protect/control/v1/control.proto b/protect/control/v1/control.proto index ce92150..bc958db 100644 --- a/protect/control/v1/control.proto +++ b/protect/control/v1/control.proto @@ -7,6 +7,7 @@ import "protect/control/v1/common.proto"; service ControlService { rpc GetHostStatus(GetHostStatusRequest) returns (GetHostStatusReply); rpc SnoopIdm(SnoopIdmRequest) returns (stream SnoopIdmReply); + rpc SnoopControl(SnoopControlRequest) returns (stream SnoopControlReply); rpc GetHostCpuTopology(GetHostCpuTopologyRequest) returns (GetHostCpuTopologyReply); rpc ListDevices(ListDevicesRequest) returns (ListDevicesReply); @@ -426,6 +427,30 @@ message SnoopIdmPacket { bytes packet = 3; } +message SnoopControlRequest {} + +message SnoopControlReply { + repeated SnoopControlPacket packets = 1; + uint64 skipped = 2; +} + +enum SnoopControlPacketForm { + SNOOP_CONTROL_PACKET_FORM_UNKNOWN = 0; + SNOOP_CONTROL_PACKET_FORM_REQUEST = 1; + SNOOP_CONTROL_PACKET_FORM_ERROR = 2; + SNOOP_CONTROL_PACKET_FORM_RESPONSE = 3; +} + +message SnoopControlPacket { + uint64 id = 1; + ResourceOrigin origin = 2; + string service = 3; + string method = 4; + SnoopControlPacketForm form = 5; + string payload = 6; + bool closed = 7; +} + message PullImageRequest { string image = 1; OciImageFormat format = 2; From 99f7886cd5efd292c56fe06487aff53bffb99836 Mon Sep 17 00:00:00 2001 From: Alex Zenla Date: Wed, 24 Dec 2025 23:19:48 -0800 Subject: [PATCH 4/4] add user agent field to ResourceOrigin --- protect/control/v1/common.proto | 1 + 1 file changed, 1 insertion(+) diff --git a/protect/control/v1/common.proto b/protect/control/v1/common.proto index ba79f1e..bf4debd 100644 --- a/protect/control/v1/common.proto +++ b/protect/control/v1/common.proto @@ -8,6 +8,7 @@ import "google/protobuf/timestamp.proto"; message ResourceOrigin { string zone_id = 1; string workload_id = 2; + string user_agent = 3; } message Zone {