Fix http handler not found: pre-register via el_runtime_register_handler

elb links without -rdynamic so dlsym(RTLD_DEFAULT, "handle_request")
returns NULL at runtime. http_set_handler stores the name as active but
never finds a function pointer, causing every request to return
"el-runtime: no http handler registered" even after http_serve is called.

Fix: add a __attribute__((constructor)) in web_stubs.c that calls
el_runtime_register_handler("handle_request", handle_request) directly,
bypassing dlsym entirely. The handler is in the registry before main()
runs, so http_lookup_active() finds it on the first request.

Dockerfile.stage

@@ -14,12 +14,14 @@
 #   - soul-demo:  compiled by cc on host → dist/soul-demo
 #   - k3s:        downloaded by curl on host → dist/k3s
 
-FROM debian:bookworm-slim
+FROM ubuntu:24.04
+
+ENV DEBIAN_FRONTEND=noninteractive
 
 RUN apt-get update \
  && apt-get install -y --no-install-recommends \
-        libcurl4 \
-        libssl3 \
+        libcurl4t64 \
+        libssl3t64 \
         ca-certificates \
  && rm -rf /var/lib/apt/lists/* \
  && groupadd -r landing && useradd -r -g landing landing \

dist/entrypoint.sh

@@ -16,28 +16,26 @@ echo "[entrypoint] Starting k3s server (embedded soul-demo orchestrator)..."
 # --disable metrics-server: saves ~50MB RAM
 # --write-kubeconfig-mode=644: allow non-root reads
 # --data-dir: use the pre-chowned dir
+# --flannel-iface=eth0: explicitly set the network interface.
+#   Cloud Run gen2 provides eth0 but k3s default IP detection walks the routing
+#   table looking for a default route, which fails in Cloud Run's network sandbox.
+#   Pinning to eth0 bypasses that detection and lets k3s bind correctly.
 k3s server \
   --disable traefik \
   --disable servicelb \
   --disable metrics-server \
   --write-kubeconfig-mode=644 \
   --data-dir /var/lib/rancher/k3s \
-  --node-name soul-node &
+  --node-name soul-node \
+  --flannel-iface=eth0 &
 
 K3S_PID=$!
 
-echo "[entrypoint] Waiting for k3s to become ready..."
-until k3s kubectl get nodes --no-headers 2>/dev/null | grep -q "Ready"; do
-  sleep 2
-done
-echo "[entrypoint] k3s ready. soul-demo Deployment will be applied automatically from manifests."
-
-# Wait for soul-demo pod to be Running before starting neuron-web
-echo "[entrypoint] Waiting for soul-demo pod..."
-until k3s kubectl get pods -l app=soul-demo --no-headers 2>/dev/null | grep -q "Running"; do
-  sleep 3
-done
-echo "[entrypoint] soul-demo is running."
-
-echo "[entrypoint] Starting neuron-web on port ${PORT:-8080}..."
+# Start neuron-web immediately — do NOT block on k3s becoming ready.
+# Cloud Run's startup probe requires port 8080 to be listening within the
+# startup timeout. k3s may take 30-60s to initialise; blocking here causes
+# probe failures and container termination before neuron-web ever starts.
+# soul-demo becomes available asynchronously once k3s is ready. neuron-web
+# handles soul-demo being temporarily unavailable gracefully.
+echo "[entrypoint] Starting neuron-web on port ${PORT:-8080} (k3s initialising in background)..."
 exec /usr/local/bin/neuron-web

dist/web_stubs.c

@@ -6,6 +6,31 @@
 #include <unistd.h>
 #include "el_runtime.h"
 
+/* Pre-register the El HTTP handler so it is found by http_lookup_active()
+ * regardless of whether the binary was linked with -rdynamic.
+ *
+ * el_runtime's http_set_handler resolves handler names via:
+ *   dlsym(RTLD_DEFAULT, "handle_request")
+ * but dlsym only searches the dynamic symbol table, which only contains
+ * user-defined symbols when the executable is linked with -rdynamic.
+ * elb does not add -rdynamic, so dlsym returns NULL and routes return
+ * "el-runtime: no http handler registered" even though http_serve is called.
+ *
+ * The fix: forward-declare handle_request here and register it directly
+ * via el_runtime_register_handler before main() runs. This populates the
+ * handler registry so http_lookup_active() finds it without needing dlsym.
+ */
+extern el_val_t handle_request(el_val_t method, el_val_t path, el_val_t body);
+/* el_runtime_register_handler is intentionally not declared in el_runtime.h
+ * ("extern lookup works since C symbols are global" — runtime comment). */
+extern void el_runtime_register_handler(const char* name,
+                                        el_val_t (*fn)(el_val_t, el_val_t, el_val_t));
+
+__attribute__((constructor))
+static void pre_register_http_handlers(void) {
+    el_runtime_register_handler("handle_request", handle_request);
+}
+
 el_val_t http_get_auth(el_val_t url, el_val_t tok) {
     char bearer[2048]; snprintf(bearer, sizeof(bearer), "Bearer %s", EL_CSTR(tok));
     el_val_t hdr_val = EL_STR(bearer);