rpool/ROOT could have a reservation

[wesolows]

Currently the root filesystem is still used for some things that can reasonably grow over time. Ideally all of these will eventually be removed, and we will be able to mount the root filesystem read-only (#122). In the meantime, the root filesystem also competes with the switch zone for space on the root ramdisk (see oxidecomputer/omicron#2278, which is seemingly intended to address this). We can protect the OS by creating either a refreservation or a reservation (depending on whether we want/expect to ever have children of rpool/ROOT). While this may cause processes in the switch zone to stop working if they fill up their filesystem, the same would happen if we merely applied a quota to it. Having a reservation means that regardless of how many other filesystems might exist in rpool or what quotas they have or don't have, the OS will always have a fixed amount of space available to it. That in turn will allow things like configd to continue working properly, in turn making recovery possible even if this takes out the switch zone. Note that this same approach can and probably should be taken by sled-agent any time it allocates storage space that can be used by system processes (e.g., log files written by system services).