fix: seed mmds data via --metadata flag at boot, eliminates race with guest init

internal/firecracker/runtime.go

@@ -125,7 +125,13 @@ func (r *Runtime) Boot(ctx context.Context, spec MachineSpec, usedNetworks []Net
 		return nil, fmt.Errorf("write config file: %w", err)
 	}
 
-	command, err := launchJailedFirecracker(paths, spec.ID, r.firecrackerBinaryPath, r.jailerBinaryPath, r.enablePCI, configFilePath)
+	metadataFilePath, err := writeMetadataFile(paths.ChrootRootDir, spec)
+	if err != nil {
+		cleanup(network, paths, nil, 0)
+		return nil, fmt.Errorf("write metadata file: %w", err)
+	}
+
+	command, err := launchJailedFirecracker(paths, spec.ID, r.firecrackerBinaryPath, r.jailerBinaryPath, r.enablePCI, configFilePath, metadataFilePath)
 	if err != nil {
 		cleanup(network, paths, nil, 0)
 		return nil, err
@@ -137,18 +143,6 @@ func (r *Runtime) Boot(ctx context.Context, spec MachineSpec, usedNetworks []Net
 	}
 	socketPath := procSocketPath(firecrackerPID)
 
-	if spec.MMDS != nil && spec.MMDS.Data != nil {
-		client := newAPIClient(socketPath)
-		if err := waitForSocket(ctx, client, socketPath); err != nil {
-			cleanup(network, paths, command, firecrackerPID)
-			return nil, fmt.Errorf("wait for firecracker socket: %w", err)
-		}
-		if err := client.PutMMDS(ctx, spec.MMDS.Data); err != nil {
-			cleanup(network, paths, command, firecrackerPID)
-			return nil, fmt.Errorf("put mmds data: %w", err)
-		}
-	}
-
 	now := time.Now().UTC()
 	state := MachineState{
 		ID:          spec.ID,
@@ -288,7 +282,7 @@ func (r *Runtime) RestoreBoot(ctx context.Context, loadSpec SnapshotLoadSpec, us
 		return nil, err
 	}
 
-	command, err := launchJailedFirecracker(paths, loadSpec.ID, r.firecrackerBinaryPath, r.jailerBinaryPath, r.enablePCI, "")
+	command, err := launchJailedFirecracker(paths, loadSpec.ID, r.firecrackerBinaryPath, r.jailerBinaryPath, r.enablePCI, "", "")
 	if err != nil {
 		cleanup(network, paths, nil, 0)
 		return nil, err