2025-05-23 16:33:38 +08:00
|
|
|
services:
|
|
|
|
|
sandbox-executor-manager:
|
|
|
|
|
container_name: sandbox-executor-manager
|
|
|
|
|
build:
|
2025-06-18 12:37:17 +08:00
|
|
|
context: ./executor_manager
|
|
|
|
|
dockerfile: Dockerfile
|
2025-05-23 16:33:38 +08:00
|
|
|
image: sandbox-executor-manager:latest
|
|
|
|
|
runtime: runc
|
|
|
|
|
privileged: true
|
|
|
|
|
ports:
|
|
|
|
|
- "${EXECUTOR_PORT:-9385}:9385"
|
|
|
|
|
volumes:
|
|
|
|
|
- /var/run/docker.sock:/var/run/docker.sock
|
|
|
|
|
networks:
|
|
|
|
|
- sandbox-network
|
|
|
|
|
restart: always
|
|
|
|
|
security_opt:
|
|
|
|
|
- no-new-privileges:true
|
|
|
|
|
environment:
|
|
|
|
|
- SANDBOX_EXECUTOR_MANAGER_POOL_SIZE=${SANDBOX_EXECUTOR_MANAGER_POOL_SIZE:-5}
|
2025-06-18 12:37:17 +08:00
|
|
|
- SANDBOX_BASE_PYTHON_IMAGE=${SANDBOX_BASE_PYTHON_IMAGE-sandbox-base-python:latest}
|
|
|
|
|
- SANDBOX_BASE_NODEJS_IMAGE=${SANDBOX_BASE_NODEJS_IMAGE-sandbox-base-nodejs:latest}
|
2025-05-23 16:33:38 +08:00
|
|
|
- SANDBOX_ENABLE_SECCOMP=${SANDBOX_ENABLE_SECCOMP:-false}
|
2025-06-16 13:41:27 +08:00
|
|
|
- SANDBOX_MAX_MEMORY=${SANDBOX_MAX_MEMORY:-256m} # b, k, m, g
|
|
|
|
|
- SANDBOX_TIMEOUT=${SANDBOX_TIMEOUT:-10s} # s, m, 1m30s
|
2025-05-23 16:33:38 +08:00
|
|
|
healthcheck:
|
|
|
|
|
test: ["CMD-SHELL", "curl --fail http://localhost:9385/healthz || exit 1"]
|
|
|
|
|
interval: 10s
|
|
|
|
|
timeout: 5s
|
|
|
|
|
retries: 5
|
|
|
|
|
networks:
|
|
|
|
|
sandbox-network:
|
|
|
|
|
driver: bridge
|
