Add host agent with VM lifecycle, TAP networking, and envd client

Implements Phase 1: boot a Firecracker microVM, execute a command inside
it via envd, and get the output back. Uses raw Firecracker HTTP API via
Unix socket (not the Go SDK) for full control over the VM lifecycle.

- internal/vm: VM manager with create/pause/resume/destroy, Firecracker
  HTTP client, process launcher with unshare + ip netns exec isolation
- internal/network: per-sandbox network namespace with veth pair, TAP
  device, NAT rules, and IP forwarding
- internal/envdclient: Connect RPC client for envd process/filesystem
  services with health check retry
- cmd/host-agent: demo binary that boots a VM, runs "echo hello", prints
  output, and cleans up
- proto/envd: canonical proto files with buf + protoc-gen-connect-go
  code generation
- images/wrenn-init.sh: minimal PID 1 init script for guest VMs
- CLAUDE.md: updated architecture to reflect TAP networking (not vsock)
  and Firecracker HTTP API (not Go SDK)

internal/envdclient/dialer.go

@@ -0,0 +1,21 @@
+package envdclient
+
+import (
+	"fmt"
+	"net/http"
+)
+
+// envdPort is the default port envd listens on inside the guest.
+const envdPort = 49983
+
+// baseURL returns the HTTP base URL for reaching envd at the given host IP.
+func baseURL(hostIP string) string {
+	return fmt.Sprintf("http://%s:%d", hostIP, envdPort)
+}
+
+// newHTTPClient returns an http.Client suitable for talking to envd.
+// No special transport is needed — envd is reachable via the host IP
+// through the veth/TAP network path.
+func newHTTPClient() *http.Client {
+	return &http.Client{}
+}