feat: add start-from-snapshot API for fast cold starts

Add the ability to start an instance by restoring from a snapshot
instead of cold booting. This is the foundation for sub-100ms cold
starts for AI sandbox workloads.

New API endpoint:
- POST /instances/{id}/start-from-snapshot

The implementation:
- Copies snapshot from global storage to the jail
- Calls CloudHypervisor restore instead of create+boot
- Resumes the VM

Known limitation: CloudHypervisor snapshots contain hardcoded device
paths (rootfs, etc.), so restoring to a different instance requires
the same device paths. This will be addressed in a follow-up.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

Author: alexisbouchez

core/daemon/daemon.go

@@ -46,6 +46,8 @@ type Daemon interface {
 	ListInstances(ctx context.Context) ([]instance.Instance, error)
 	DestroyInstance(ctx context.Context, id string) error
 	StartInstance(ctx context.Context, id string) error
+	// StartInstanceFromSnapshot starts an instance by restoring from a snapshot (fast cold start)
+	StartInstanceFromSnapshot(ctx context.Context, id string, globalSnapshotPath, jailSnapshotPath string) error
 	StopInstance(ctx context.Context, id string, opt *api.StopConfig) error
 	InstanceExec(ctx context.Context, id string, cmd []string, timeout time.Duration) (*api.ExecResult, error)
 	GetInstanceLogs(ctx context.Context, id string) ([]*api.LogEntry, error)

core/daemon/images.go

@@ -22,6 +22,8 @@ type Runtime interface {
 	GetInstance(id string) (*instance.Instance, error)
 	ListInstances() []instance.Instance
 	StartInstance(ctx context.Context, id string) error
+	// StartInstanceFromSnapshot starts an instance by restoring from a snapshot (fast cold start)
+	StartInstanceFromSnapshot(ctx context.Context, id string, globalSnapshotPath, jailSnapshotPath string) error
 	StopInstance(ctx context.Context, id string, opt *api.StopConfig) error
 	GetInstanceLogs(id string) ([]*api.LogEntry, error)
 	SubscribeToInstanceLogs(ctx context.Context, id string) ([]*api.LogEntry, <-chan *api.LogEntry, error)

raveld/client/daemon.go

@@ -7,6 +7,7 @@ import (
 	"net"
 	"net/http"
 	"net/url"
+	"strings"
 	"time"
 
 	"github.com/valyentdev/ravel/api"
@@ -94,6 +95,19 @@ func (a *DaemonClient) StartInstance(ctx context.Context, id string) error {
 	return nil
 }
 
+// StartInstanceFromSnapshot starts an instance by restoring from a snapshot.
+// This enables sub-100ms cold starts for AI sandbox workloads.
+// Note: The API only needs snapshotId, the server calculates the paths
+func (a *DaemonClient) StartInstanceFromSnapshot(ctx context.Context, id string, globalSnapshotPath, jailSnapshotPath string) error {
+	// Extract snapshot ID from the path (last component)
+	parts := strings.Split(globalSnapshotPath, "/")
+	snapshotId := parts[len(parts)-1]
+	body := struct {
+		SnapshotId string `json:"snapshot_id"`
+	}{SnapshotId: snapshotId}
+	return a.client.Post(ctx, "/instances/"+id+"/start-from-snapshot", nil, httpclient.WithJSONBody(&body))
+}
+
 func (a *DaemonClient) StopInstance(ctx context.Context, id string, opt *api.StopConfig) error {
 	err := a.client.Post(ctx, "/instances/"+id+"/stop", nil, httpclient.WithJSONBody(opt))
 	if err != nil {

raveld/runtime.go

@@ -47,6 +47,12 @@ func (s *Daemon) StartInstance(ctx context.Context, id string) error {
 	return s.runtime.StartInstance(ctx, id)
 }
 
+// StartInstanceFromSnapshot starts an instance by restoring from a snapshot.
+// This enables sub-100ms cold starts for AI sandbox workloads.
+func (s *Daemon) StartInstanceFromSnapshot(ctx context.Context, id string, globalSnapshotPath, jailSnapshotPath string) error {
+	return s.runtime.StartInstanceFromSnapshot(ctx, id, globalSnapshotPath, jailSnapshotPath)
+}
+
 func (s *Daemon) DestroyInstance(ctx context.Context, id string) error {
 	instance, err := s.runtime.GetInstance(id)
 	if err != nil {

raveld/server/instances.go

@@ -93,6 +93,29 @@ func (s *DaemonServer) startInstance(ctx context.Context, req *StartInstanceRequ
 	return &StartInstanceResponse{}, nil
 }
 
+// StartInstanceFromSnapshotRequest is the request for starting an instance from a snapshot
+type StartInstanceFromSnapshotRequest struct {
+	Id   string `path:"id"`
+	Body struct {
+		SnapshotId string `json:"snapshot_id" required:"true" doc:"Snapshot ID to restore from"`
+	}
+}
+
+type StartInstanceFromSnapshotResponse struct {
+}
+
+func (s *DaemonServer) startInstanceFromSnapshot(ctx context.Context, req *StartInstanceFromSnapshotRequest) (*StartInstanceFromSnapshotResponse, error) {
+	// Global snapshot path and jail-relative path
+	globalSnapshotPath := "/var/lib/ravel/global-snapshots/" + req.Id + "/" + req.Body.SnapshotId
+	jailSnapshotPath := "/snapshots/" + req.Body.SnapshotId
+	err := s.daemon.StartInstanceFromSnapshot(ctx, req.Id, globalSnapshotPath, jailSnapshotPath)
+	if err != nil {
+		s.log("Failed to start instance from snapshot", err)
+		return nil, err
+	}
+	return &StartInstanceFromSnapshotResponse{}, nil
+}
+
 type StopInstanceRequest struct {
 	Id   string          `path:"id"`
 	Body *api.StopConfig `required:"false"`

raveld/server/routes.go

@@ -61,6 +61,14 @@ func (s DaemonServer) registerEndpoints(mux humago.Mux) {
 		Method:      http.MethodPost,
 	}, s.startInstance)
 
+	huma.Register(api, huma.Operation{
+		OperationID:   "startInstanceFromSnapshot",
+		Path:          "/instances/{id}/start-from-snapshot",
+		Method:        http.MethodPost,
+		Summary:       "Start an instance by restoring from a snapshot (fast cold start)",
+		Tags:          []string{"sandbox"},
+	}, s.startInstanceFromSnapshot)
+
 	huma.Register(api, huma.Operation{
 		OperationID: "stopInstance",
 		Path:        "/instances/{id}/stop",

runtime/drivers/driver.go

@@ -11,6 +11,9 @@ import (
 
 type InstanceTask interface {
 	Start(ctx context.Context) error
+	// StartFromSnapshot starts the VM by restoring from a snapshot instead of cold booting
+	// globalSnapshotPath is the source on the host, jailSnapshotPath is the jail-relative destination
+	StartFromSnapshot(ctx context.Context, globalSnapshotPath, jailSnapshotPath string) error
 	Exec(ctx context.Context, cmd []string, timeout time.Duration) (*api.ExecResult, error)
 	Run() instance.ExitResult
 	WaitExit(ctx context.Context) bool

runtime/drivers/vm/vm.go

@@ -6,6 +6,7 @@ import (
 	"log/slog"
 	"os"
 	"os/exec"
+	"path/filepath"
 	"sync/atomic"
 	"time"
 
@@ -93,6 +94,134 @@ func (vm *vm) Start(ctx context.Context) error {
 
 }
 
+// StartFromSnapshot starts the VM by restoring from a snapshot instead of cold booting.
+// This enables sub-100ms cold starts for AI sandbox workloads.
+// globalSnapshotPath is the source path on the host (e.g., /var/lib/ravel/global-snapshots/instance-id/snap-1)
+// jailSnapshotPath is the jail-relative path (e.g., /snapshots/snap-1)
+func (vm *vm) StartFromSnapshot(ctx context.Context, globalSnapshotPath, jailSnapshotPath string) error {
+	bootStart := time.Now()
+
+	// Copy snapshot from global storage into the jail
+	jailHostPath := getInstanceDir(vm.id) + jailSnapshotPath
+	if err := copyDir(globalSnapshotPath, jailHostPath); err != nil {
+		return fmt.Errorf("failed to copy snapshot to jail: %w", err)
+	}
+
+	// Chown to ravel-jailer user so CloudHypervisor can read
+	jailerUid, jailerGid, err := setupRavelJailerUser()
+	if err != nil {
+		return fmt.Errorf("failed to get jailer user: %w", err)
+	}
+	if err := chownRecursive(jailHostPath, jailerUid, jailerGid); err != nil {
+		return fmt.Errorf("failed to chown snapshot directory: %w", err)
+	}
+
+	slog.Debug("snapshot copied to jail", "from", globalSnapshotPath, "to", jailHostPath)
+
+	err = vm.cmd.Start()
+	if err != nil {
+		metrics.VMBootsTotal.WithLabelValues("failure").Inc()
+		return fmt.Errorf("failed to start vmm for machine %q: %w", vm.Id(), err)
+	}
+	defer func() {
+		if err != nil {
+			vm.vmm.ShutdownVMM(ctx)
+		}
+	}()
+
+	err = vm.vmm.WaitReady(ctx)
+	if err != nil {
+		metrics.VMBootsTotal.WithLabelValues("failure").Inc()
+		return fmt.Errorf("failed to wait for vmm to be ready for machine %q: %w", vm.Id(), err)
+	}
+
+	// Restore from snapshot instead of create+boot
+	snapshotUrl := "file://" + jailSnapshotPath
+	prefault := true
+	_, err = vm.vmm.PutVmRestore(ctx, cloudhypervisor.RestoreConfig{
+		SourceUrl: snapshotUrl,
+		Prefault:  &prefault,
+	})
+	if err != nil {
+		metrics.VMBootsTotal.WithLabelValues("failure").Inc()
+		return fmt.Errorf("failed to restore vm from snapshot for machine %q: %w", vm.Id(), err)
+	}
+
+	// Resume the restored VM
+	_, err = vm.vmm.ResumeVM(ctx)
+	if err != nil {
+		metrics.VMBootsTotal.WithLabelValues("failure").Inc()
+		return fmt.Errorf("failed to resume vm after restore for machine %q: %w", vm.Id(), err)
+	}
+
+	// Record successful boot metrics
+	bootDuration := time.Since(bootStart).Seconds()
+	metrics.VMBootDuration.Observe(bootDuration)
+	metrics.VMBootsTotal.WithLabelValues("success").Inc()
+
+	slog.Info("VM restored from snapshot", "id", vm.id, "duration_ms", bootDuration*1000)
+
+	go vm.run()
+
+	return nil
+}
+
+// copyDir copies a directory from src to dst
+func copyDir(src, dst string) error {
+	if err := os.MkdirAll(dst, 0755); err != nil {
+		return err
+	}
+
+	entries, err := os.ReadDir(src)
+	if err != nil {
+		return err
+	}
+
+	for _, entry := range entries {
+		srcPath := src + "/" + entry.Name()
+		dstPath := dst + "/" + entry.Name()
+
+		if entry.IsDir() {
+			if err := copyDir(srcPath, dstPath); err != nil {
+				return err
+			}
+		} else {
+			if err := copyFile(srcPath, dstPath); err != nil {
+				return err
+			}
+		}
+	}
+	return nil
+}
+
+// copyFile copies a file from src to dst
+func copyFile(src, dst string) error {
+	srcFile, err := os.Open(src)
+	if err != nil {
+		return err
+	}
+	defer srcFile.Close()
+
+	dstFile, err := os.Create(dst)
+	if err != nil {
+		return err
+	}
+	defer dstFile.Close()
+
+	_, err = dstFile.ReadFrom(srcFile)
+	return err
+}
+
+// chownRecursive changes ownership of a directory and all its contents
+func chownRecursive(path string, uid, gid int) error {
+	return filepath.Walk(path, func(name string, info os.FileInfo, err error) error {
+		if err != nil {
+			return err
+		}
+		return os.Chown(name, uid, gid)
+	})
+}
+
 func (vm *vm) Signal(ctx context.Context, signal string) error {
 	sig := syscallSignal(signal)
 

runtime/instancerunner/start.go

@@ -45,3 +45,44 @@ func (ir *InstanceRunner) Start(ctx context.Context) error {
 
 	return err
 }
+
+// StartFromSnapshot starts the instance by restoring from a snapshot instead of cold booting.
+// This enables sub-100ms cold starts for AI sandbox workloads.
+// globalSnapshotPath is the path to the global snapshot storage
+// jailSnapshotPath is the jail-relative path where the snapshot will be placed
+func (ir *InstanceRunner) StartFromSnapshot(ctx context.Context, globalSnapshotPath, jailSnapshotPath string) error {
+	ir.lock()
+	defer ir.unlock()
+	slog.Debug("starting instance from snapshot", "id", ir.Instance().Id, "globalPath", globalSnapshotPath, "jailPath", jailSnapshotPath)
+
+	if ir.Status() != instance.InstanceStatusStopped && ir.Status() != instance.InstanceStatusCreated {
+		return errdefs.NewFailedPrecondition(fmt.Sprintf("instance is in %s status", ir.Status()))
+	}
+
+	err := ir.updateInstanceState(instance.State{
+		Status: instance.InstanceStatusStarting,
+	})
+	if err != nil {
+		return err
+	}
+
+	defer func() {
+		if err != nil {
+			ir.updateInstanceState(instance.State{Status: instance.InstanceStatusStopped})
+		}
+	}()
+
+	runner := ir.newVMRunner()
+	ir.setVMRunner(runner)
+
+	err = runner.StartFromSnapshot(globalSnapshotPath, jailSnapshotPath)
+	if err != nil {
+		return err
+	}
+
+	ir.updateInstanceState(instance.State{Status: instance.InstanceStatusRunning})
+
+	go ir.run()
+
+	return err
+}

runtime/instancerunner/vmrunner.go

@@ -129,6 +129,39 @@ func (r *vmRunner) Start() error {
 	return nil
 }
 
+// StartFromSnapshot starts the VM by restoring from a snapshot instead of cold booting.
+// globalSnapshotPath is the path to the global snapshot storage (e.g., /var/lib/ravel/global-snapshots/instance-id/snap-1)
+// jailSnapshotPath is the jail-relative path where the snapshot will be placed (e.g., /snapshots/snap-1)
+func (r *vmRunner) StartFromSnapshot(globalSnapshotPath, jailSnapshotPath string) error {
+	ctx := context.Background()
+	vm, err := r.driver.BuildInstanceTask(ctx, &r.i, r.disks)
+	if err != nil {
+		slog.Error("failed to build vm", "error", err)
+		return err
+	}
+	defer func() {
+		if err != nil {
+			err := r.driver.CleanupInstanceTask(ctx, &r.i)
+			if err != nil {
+				slog.Error("failed to cleanup vm", "error", err)
+			}
+		}
+	}()
+
+	r.vm = vm
+
+	slog.Debug("starting vm from snapshot", "globalPath", globalSnapshotPath, "jailPath", jailSnapshotPath)
+	err = vm.StartFromSnapshot(ctx, globalSnapshotPath, jailSnapshotPath)
+	if err != nil {
+		return err
+	}
+
+	r.hasStarted.Store(true)
+
+	go r.run()
+	return nil
+}
+
 func getLogFile(id string) string {
 	return fmt.Sprintf("/var/lib/ravel/instances/%s/vm.logs", id)
 }