{"id":45889690,"url":"https://github.com/sandbox0-ai/sandbox0","last_synced_at":"2026-04-12T20:15:52.548Z","repository":{"id":342313525,"uuid":"1153274594","full_name":"sandbox0-ai/sandbox0","owner":"sandbox0-ai","description":"AI agent sandboxes with persistent storage, session continuity, and self-hosted deployment.","archived":false,"fork":false,"pushed_at":"2026-03-31T06:50:52.000Z","size":4626,"stargazers_count":21,"open_issues_count":4,"forks_count":1,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-03-31T08:41:49.019Z","etag":null,"topics":["agent","k8s","sandbox","volume"],"latest_commit_sha":null,"homepage":"https://sandbox0.ai","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sandbox0-ai.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-02-09T05:32:44.000Z","updated_at":"2026-03-31T06:30:34.000Z","dependencies_parsed_at":null,"dependency_job_id":"6d0825cc-79a4-4a26-b0d9-0da815d0d661","html_url":"https://github.com/sandbox0-ai/sandbox0","commit_stats":null,"previous_names":["sandbox0-ai/sandbox0"],"tags_count":34,"template":false,"template_full_name":null,"purl":"pkg:github/sandbox0-ai/sandbox0","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sandbox0-ai%2Fsandbox0","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sandbox0-ai%2Fsandbox0/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sandbox0-ai%2Fsandbox0/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sandbox0-ai%2Fsandbox0/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sandbox0-ai","download_url":"https://codeload.github.com/sandbox0-ai/sandbox0/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sandbox0-ai%2Fsandbox0/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31293155,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-01T21:15:39.731Z","status":"ssl_error","status_checked_at":"2026-04-01T21:15:34.046Z","response_time":53,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["agent","k8s","sandbox","volume"],"created_at":"2026-02-27T17:24:57.381Z","updated_at":"2026-04-12T20:15:52.542Z","avatar_url":"https://github.com/sandbox0-ai.png","language":"Go","funding_links":[],"categories":["Detailed Sandboxes Reference","Sandbox and Containerization"],"sub_categories":["Kubernetes-Native"],"readme":"\u003cp align=\"center\"\u003e\n  \u003cimg src=\"https://sandbox0.ai/sandbox0.png\" alt=\"Sandbox0 logo\" width=\"140\" /\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://sandbox0.ai/docs\"\u003e\u003cimg src=\"https://img.shields.io/badge/docs-sandbox0.ai-0f172a?style=for-the-badge\" alt=\"Docs\" /\u003e\u003c/a\u003e\n  \u003ca href=\"https://sandbox0.ai/docs/self-hosted\"\u003e\u003cimg src=\"https://img.shields.io/badge/self--hosted-supported-0b6bcb?style=for-the-badge\" alt=\"Self-hosted\" /\u003e\u003c/a\u003e\n  \u003ca href=\"./LICENSE\"\u003e\u003cimg src=\"https://img.shields.io/badge/license-Apache_2.0-1f8f5f?style=for-the-badge\" alt=\"License\" /\u003e\u003c/a\u003e\n\u003c/p\u003e\n\n\u003e Note: Sandbox0 is under rapid iteration. Before the SaaS offering launches, backward compatibility is not guaranteed.\n\nSandbox0 is a general-purpose sandbox for building AI Agents. You can set any Docker image as a custom template image.\n\nKey features of Sandbox0:\n- Hot Sandbox Pool: Pre-creates idle Pods for millisecond-level startup times.\n- Persistent Storage: Persistent Volumes based on JuiceFS, supporting snapshot/restore/fork.\n- Network Control: manager applies template-namespace ingress baseline isolation, and netd implements node-level L4/L7 runtime policy enforcement.\n- Egress Auth: outbound credentials can be resolved and injected on the egress path, so raw secret material does not need to live inside the sandbox process.\n- Process Management: procd acts as the sandbox's PID=1, supporting REPL processes requiring session persistence (e.g., bash, python, node, redis-cli) and one-time Cmd processes.\n- Self-hosting Friendly: Complete private deployment solution.\n- Modular Installation: From a minimal mode with only 2 services to a single-cluster full mode, and multi-cluster horizontal scaling.\n\nIt can serve as an E2B alternative, suitable for general agents, coding agents, browser agents, and other scenarios.\n\n## What Makes It Different\n\n- Warm sandbox pools managed by `manager`, so agent claims can come from pre-created idle pods instead of waiting for a fresh boot on every task.\n- `procd` inside each sandbox pod, giving Sandbox0 a first-class runtime for command execution, stateful contexts, file I/O, directory watches, and webhook-triggered workflows.\n- Sandbox0 REPL contexts are a unified abstraction for interactive runtimes, so the same interface can back shells, language interpreters, database consoles, and custom REPLs, for example `bash`, `python`, `sqlite`, or `redis-cli`.\n- Persistent volumes decoupled from sandbox lifetime through `storage-proxy`, so agent workspaces, caches, checkpoints, and generated artifacts can outlive any single pod.\n- Snapshot, restore, and fork-oriented volume workflows built on JuiceFS plus object storage and PostgreSQL metadata, which is exactly what long-running agent systems need for recovery and reuse.\n- Manager-owned template namespace ingress baselines, so sandbox pods in the same template namespace do not accept peer traffic by default even before runtime egress policy is considered.\n- Node-level network control through `netd`, which watches sandbox policy, transparently redirects traffic, and applies L4/L7 enforcement close to the workload.\n- Egress auth that resolves credential bindings outside the sandbox and injects outbound auth at the network edge, which is a safer fit for untrusted agent code than placing raw API keys or client certificates in the sandbox environment.\n- Runtime-agnostic sandboxing via template `runtimeClassName`, so the same system can run on a standard Kubernetes runtime in development and move to stronger isolation such as gVisor or Kata in production.\n- A deployment model that scales from a simple single-cluster setup to multi-cluster regional routing with `regional-gateway` and `scheduler`.\n- Operator-first lifecycle management, so installation, reconciliation, and upgrades follow a repeatable Kubernetes-native path instead of bespoke scripts.\n\n### Architecture\n\n```mermaid\nflowchart TD\n    client[Client / API SDK] --\u003e igw[cluster-gateway]\n\n    subgraph cluster[Kubernetes Cluster - single cluster full mode]\n        direction TB\n\n        subgraph s0[Sandbox0 Services]\n            direction LR\n            igw --\u003e mgr[manager]\n            igw --\u003e pods[Sandbox Pods - procd inside]\n            mgr --\u003e pods\n            mgr --\u003e netd[netd]\n            mgr --\u003e sp[storage-proxy]\n        end\n\n        subgraph mw[Middleware Dependencies]\n            direction LR\n            pg[(PostgreSQL - metadata and state)]\n            s3[(S3 / OSS - volume data)]\n            reg[(Image Registry - optional)]\n        end\n\n        igw --\u003e pg\n        sp --\u003e pg\n        sp --\u003e s3\n        mgr --\u003e reg\n    end\n```\n\nMost users start with a single-cluster deployment and only move to multi-cluster when they need regional scale-out. For deeper architecture and deployment details, see \u003chttps://sandbox0.ai/docs/self-hosted\u003e.\n\nIn multi-region deployments backed by `global-gateway`, every team creation path must provide an explicit `home_region_id` so the team's routing target is unambiguous from the start.\n\n## Claim A Sandbox\n\nAll examples below assume:\n\n- `SANDBOX0_TOKEN` contains a valid API token\n- `SANDBOX0_BASE_URL` optionally overrides the default endpoint for self-hosted deployments\n\n### Python\n\nInstall:\n\n```bash\npip install sandbox0\n```\n\n```python\nimport os\n\nfrom sandbox0 import Client\nfrom sandbox0.apispec.models.sandbox_config import SandboxConfig\n\nclient = Client(\n    token=os.environ[\"SANDBOX0_TOKEN\"],\n    base_url=os.environ.get(\"SANDBOX0_BASE_URL\", \"http://localhost:30080\"),\n)\n\nwith client.sandboxes.open(\n    \"default\",\n    config=SandboxConfig(ttl=300, hard_ttl=3600),\n) as sandbox:\n    print(f\"Sandbox ID: {sandbox.id}\")\n    print(f\"Status: {sandbox.status}\")\n```\n\nFor Go, TypeScript, CLI, and full getting-started guides, see \u003chttps://sandbox0.ai/docs/get-started\u003e.\n\n## Self-Hosted Quickstart\n\nThe example below is a minimal `kind` installation for local evaluation.\n\nPrerequisites:\n\n- `kind`\n- `kubectl`\n- `helm`\n\nCreate a local cluster with the same Kind config used by `infra/tests/e2e`:\n\n```bash\nkind create cluster --config kind-config.yaml\n```\n\n`kind-config.yaml`:\n\n```yaml\nkind: Cluster\napiVersion: kind.x-k8s.io/v1alpha4\nname: sandbox0\nnodes:\n- role: control-plane\n  image: kindest/node:v1.35.0\n  kubeadmConfigPatches:\n  - |\n    kind: ClusterConfiguration\n    apiServer:\n      extraArgs:\n        enable-aggregator-routing: \"true\"\n  extraPortMappings:\n  # cluster-gateway HTTP port\n  - containerPort: 30080\n    hostPort: 30080\n  # registry port for template image push\n  - containerPort: 30500\n    hostPort: 30500\n```\n\nInstall `infra-operator`:\n\n```bash\nhelm repo add sandbox0 https://charts.sandbox0.ai\nhelm repo update\n\nhelm install infra-operator sandbox0/infra-operator \\\n    --namespace sandbox0-system \\\n    --create-namespace\n```\n\nApply the minimal single-cluster sample:\n\nIt does not include `netd` or `storage-proxy`, so it does not provide netd-backed egress enforcement or volume capabilities. Template-namespace ingress baselines still depend on Kubernetes `NetworkPolicy` support in your CNI.\n\n```bash\nkubectl apply -f https://raw.githubusercontent.com/sandbox0-ai/sandbox0/main/infra-operator/chart/samples/single-cluster/minimal.yaml\nkubectl get sandbox0infra -n sandbox0-system -w\n```\n\nGet the initial admin credentials:\n\n```bash\nADMIN_PASSWORD=\"$(kubectl get secret admin-password -n sandbox0-system -o jsonpath='{.data.password}' | base64 -d)\"\nprintf 'username: %s\\npassword: %s\\n' 'admin@example.com' \"$ADMIN_PASSWORD\"\n```\n\nConfigure the local API URL and create a token:\n\nThe local `kind` setup above exposes `cluster-gateway` at `http://localhost:30080`.\n\n```bash\nexport SANDBOX0_BASE_URL=\"http://localhost:30080\"\n\ns0 auth login\n\nunset SANDBOX0_TOKEN \u0026\u0026 export SANDBOX0_TOKEN=\"$(s0 apikey create --name test-apikey --role admin --expires-in 30d --raw)\"\n```\n\n## Production Notes\n\n- `kind` is for evaluation only and is not a production deployment shape.\n- Most teams should start with the operator-managed single-cluster setup.\n- Full architecture, configuration, and production deployment guidance live in the self-hosted docs.\n\nFor full deployment guidance, see \u003chttps://sandbox0.ai/docs/self-hosted\u003e.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsandbox0-ai%2Fsandbox0","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsandbox0-ai%2Fsandbox0","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsandbox0-ai%2Fsandbox0/lists"}