A lightweight K8s sandbox system inspired by e2b, designed to run on k3s.
- Sandbox lifecycle management (create, list, get, delete)
- Command execution in sandboxes
- File upload/download
- Automatic TTL-based cleanup
- Web UI for easy management
- Network isolation with Cilium (ingress and egress control)
- Token-based sandbox access via gateway service
- Configurable internet access per template
| Sandbox List | Template Management |
|---|---|
 |
 |
| Template | Description | Location |
|---|---|---|
| code-interpreter | Multi-language code execution environment with session and file operations | templates/code-interpreter.yml |
| nginx | Nginx web server sandbox | templates/nginx.yml |
cd backend && go mod tidy
Deploy K3s and Cilium on a separate machine, and ensure this host can access the cluster. Do not install K3s inside a Docker container.
See: https://docs.cilium.io/en/stable/installation/k3s/
Copy the kubeconfig from the remote machine to this host and set the environment variable:
export KUBECONFIG=~/.kube/config
make run-backend
The API server will start on http://localhost:8080.
make run-gateway
The gateway server will start on http://localhost:8081.
make run-frontend
The web UI will be available at http://localhost:3000.
Run all services:
make run-all
Tip: Run
make helpto see all available commands. See also: Network Access Guide for network feature documentation.
- Privilege escalation is disabled
- Resource limits prevent resource exhaustion
- All sandboxes run in dedicated namespace
- Seccomp profile enabled
- Default-deny network policies (Cilium)
- Token-based authentication for sandbox access
- Sandbox isolation from K8s API Server