Summary
The DiagTasks RPC in the ShimDiag service currently returns all tasks running in the UVM across all pods, with no way for callers to filter by sandbox/pod. This is a holdover from when the LCOW shim only supported a single pod per UVM. Now that the shims (V1 and V2) support multiple pods sharing a single UVM, diagnostic callers need a way to scope task listings to a specific sandbox.
Relevant Discussion: #2685 (comment)
// Originally this method was intended to be used in a single pod setup and therefore,
// we do not specify a TaskID in the request. Since this shim can support multiple pods,
// we will return all tasks running in the UVM, regardless of which pod they belong to.
Proposed Changes
- Add a
sandbox_id field to TasksRequest
Update internal/shimdiag/shimdiag.proto:
message TasksRequest {
bool execs = 1;
// Optional. If set, only tasks belonging to the specified sandbox/pod
// will be returned. If empty, all tasks across all pods are returned
// (preserves current behavior for backward compatibility).
string sandbox_id = 2;
}Update diagTasks to look up the specific podController by sandbox_id when provided, instead of iterating over all s.podControllers. Return a NotFound error if the sandbox ID does not exist.
- Add a new
ListSandboxes RPC
Allow callers to enumerate the sandboxes/pods currently hosted in the UVM, so they can then make targeted DiagTasks calls.
service ShimDiag {
// ...existing rpcs...
rpc ListSandboxes(SandboxesRequest) returns (SandboxesResponse);
}
message ListSandboxesRequest {
}
message Sandbox {
string id = 1;
// Optional future fields: created_at, task_count, state, etc.
}
message ListSandboxesResponse {
repeated Sandbox sandboxes = 1;
}Implementation would iterate s.podControllers under the existing service lock and return their IDs.
Backward Compatibility
Adding sandbox_id as an optional field is wire-compatible; existing clients that omit it continue to receive the all-pods listing.
DiagSandboxes is purely additive.
Summary
The
DiagTasksRPC in theShimDiagservice currently returns all tasks running in the UVM across all pods, with no way for callers to filter by sandbox/pod. This is a holdover from when the LCOW shim only supported a single pod per UVM. Now that the shims (V1 and V2) support multiple pods sharing a single UVM, diagnostic callers need a way to scope task listings to a specific sandbox.Relevant Discussion: #2685 (comment)
Proposed Changes
sandbox_id field to TasksRequestUpdate
internal/shimdiag/shimdiag.proto:Update
diagTasksto look up the specificpodControllerbysandbox_idwhen provided, instead of iterating over alls.podControllers. Return aNotFounderror if the sandbox ID does not exist.ListSandboxesRPCAllow callers to enumerate the
sandboxes/podscurrently hosted in the UVM, so they can then make targetedDiagTaskscalls.Implementation would iterate s.podControllers under the existing service lock and return their IDs.
Backward Compatibility
Adding sandbox_id as an optional field is wire-compatible; existing clients that omit it continue to receive the all-pods listing.
DiagSandboxes is purely additive.