docker-compose.example.yaml
1 configs: 2 opensandbox-config: 3 content: | 4 [server] 5 host = "0.0.0.0" 6 port = 8090 7 8 [log] 9 level = "INFO" 10 11 [runtime] 12 type = "docker" 13 # execd_image = "opensandbox/execd:v1.0.13" 14 execd_image = "sandbox-registry.cn-zhangjiakou.cr.aliyuncs.com/opensandbox/execd:v1.0.13" 15 16 [egress] 17 image = "opensandbox/egress:v1.0.8" 18 # image = "sandbox-registry.cn-zhangjiakou.cr.aliyuncs.com/opensandbox/egress:v1.0.8" 19 20 [docker] 21 network_mode = "bridge" 22 # When server runs in a container, set host_ip to the host's IP or hostname so bridge-mode endpoints are reachable (e.g. host.docker.internal or the host LAN IP). 23 # It's required when server deployed with docker container under host. 24 host_ip = "host.docker.internal" 25 drop_capabilities = ["AUDIT_WRITE", "MKNOD", "NET_ADMIN", "NET_RAW", "SYS_ADMIN", "SYS_MODULE", "SYS_PTRACE", "SYS_TIME", "SYS_TTY_CONFIG"] 26 no_new_privileges = true 27 # TODO: For production environments, it is recommended to set this to '4096' or higher to avoid 28 # "can't start new thread" errors when multiple sandboxes are running concurrently. 29 # See: https://github.com/alibaba/OpenSandbox/issues/447 30 pids_limit = 4096 31 32 [ingress] 33 mode = "direct" 34 35 version: '3.8' 36 37 services: 38 opensandbox-server: 39 image: opensandbox/server:latest 40 container_name: opensandbox-server 41 networks: 42 - opensandbox-net 43 ports: 44 - "8090:8090" 45 volumes: 46 - /var/run/docker.sock:/var/run/docker.sock 47 configs: 48 - source: opensandbox-config 49 target: /etc/opensandbox/config.toml 50 environment: 51 - SANDBOX_CONFIG_PATH=/etc/opensandbox/config.toml 52 53 sdk-client: 54 image: python:3.11-slim 55 container_name: sdk-client 56 networks: 57 - opensandbox-net 58 command: > 59 sh -c "pip install opensandbox && tail -f /dev/null" 60 environment: 61 - OPENSANDBOX_SERVER_URL=http://opensandbox-server:8090 62 63 networks: 64 opensandbox-net: 65 driver: bridge