ragflow/docs/guides/agent/sandbox_quickstart.md

---
sidebar_position: 20
slug: /sandbox_quickstart
---

# Sandbox quickstart

A secure, pluggable code execution backend designed for RAGFlow and other applications requiring isolated code execution environments.

## Features: 

- Seamless RAGFlow Integration — Works out-of-the-box with the code component of RAGFlow.
- High Security — Uses gVisor for syscall-level sandboxing to isolate execution.
- Customisable Sandboxing — Modify seccomp profiles easily to tailor syscall restrictions.
- Pluggable Runtime Support — Extendable to support any programming language runtime.
- Developer Friendly — Quick setup with a convenient Makefile.

## Architecture

The architecture consists of isolated Docker base images for each supported language runtime, managed by the executor manager service. The executor manager orchestrates sandboxed code execution using gVisor for syscall interception and optional seccomp profiles for enhanced syscall filtering.

## Prerequisites

- Linux distribution compatible with gVisor.
- gVisor installed and configured.
- Docker version 24.0.0 or higher.
- Docker Compose version 2.26.1 or higher (similar to RAGFlow requirements).
- uv package and project manager installed.
- (Optional) GNU Make for simplified command-line management.

## Build Docker base images

The sandbox uses isolated base images for secure containerised execution environments.

Build the base images manually:

```bash
docker build -t sandbox-base-python:latest ./sandbox_base_image/python
docker build -t sandbox-base-nodejs:latest ./sandbox_base_image/nodejs
```

Alternatively, build all base images at once using the Makefile:

```bash
make build
```

Next, build the executor manager image:

```bash
docker build -t sandbox-executor-manager:latest ./executor_manager
```

## Running with RAGFlow 

1. Verify that gVisor is properly installed and operational.

2. Configure the .env file located at docker/.env:

- Uncomment sandbox-related environment variables.
- Enable the sandbox profile at the bottom of the file.

3. Add the following entry to your /etc/hosts file to resolve the executor manager service:

```bash
127.0.0.1 es01 infinity mysql minio redis sandbox-executor-manager
```

4. Start the RAGFlow service as usual.

## Running standalone

### Manual setup

1. Initialize the environment variables:

```bash
cp .env.example .env
```

2. Launch the sandbox services with Docker Compose:

```bash
docker compose -f docker-compose.yml up
```

3. Test the sandbox setup:

```bash
source .venv/bin/activate
export PYTHONPATH=$(pwd)
uv pip install -r executor_manager/requirements.txt
uv run tests/sandbox_security_tests_full.py
```

### Using Makefile

Run all setup, build, launch, and tests with a single command:

```bash
make
```

### Monitoring

To follow logs of the executor manager container:

```bash
docker logs -f sandbox-executor-manager
```

Or use the Makefile shortcut:

```bash
make logs
```
Docs: Sandbox quickstart (#8264) ### What problem does this PR solve? ### Type of change - [x] Documentation Update 2025-06-16 09:33:01 +08:00			`---`
			`sidebar_position: 20`
			`slug: /sandbox_quickstart`
			`---`

			`# Sandbox quickstart`

			`A secure, pluggable code execution backend designed for RAGFlow and other applications requiring isolated code execution environments.`

			`## Features:`

			`- Seamless RAGFlow Integration — Works out-of-the-box with the code component of RAGFlow.`
			`- High Security — Uses gVisor for syscall-level sandboxing to isolate execution.`
			`- Customisable Sandboxing — Modify seccomp profiles easily to tailor syscall restrictions.`
			`- Pluggable Runtime Support — Extendable to support any programming language runtime.`
			`- Developer Friendly — Quick setup with a convenient Makefile.`

			`## Architecture`

			`The architecture consists of isolated Docker base images for each supported language runtime, managed by the executor manager service. The executor manager orchestrates sandboxed code execution using gVisor for syscall interception and optional seccomp profiles for enhanced syscall filtering.`

			`## Prerequisites`

			`- Linux distribution compatible with gVisor.`
			`- gVisor installed and configured.`
			`- Docker version 24.0.0 or higher.`
			`- Docker Compose version 2.26.1 or higher (similar to RAGFlow requirements).`
			`- uv package and project manager installed.`
			`- (Optional) GNU Make for simplified command-line management.`

			`## Build Docker base images`

			`The sandbox uses isolated base images for secure containerised execution environments.`

			`Build the base images manually:`

			```bash
			`docker build -t sandbox-base-python:latest ./sandbox_base_image/python`
			`docker build -t sandbox-base-nodejs:latest ./sandbox_base_image/nodejs`
			```

			`Alternatively, build all base images at once using the Makefile:`

			```bash
			`make build`
			```

			`Next, build the executor manager image:`

			```bash
			`docker build -t sandbox-executor-manager:latest ./executor_manager`
			```

			`## Running with RAGFlow`

			`1. Verify that gVisor is properly installed and operational.`

			`2. Configure the .env file located at docker/.env:`

			`- Uncomment sandbox-related environment variables.`
			`- Enable the sandbox profile at the bottom of the file.`

			`3. Add the following entry to your /etc/hosts file to resolve the executor manager service:`

			```bash
docs(sandbox): update /etc/hosts entry to include required services (#9144) Fixes an issue where running the sandbox (code component) fails due to unresolved hostnames. Added missing service names (es01, infinity, mysql, minio, redis) to 127.0.0.1 in the /etc/hosts example. Reference: https://github.com/infiniflow/ragflow/issues/8226 ## What this PR does Updates the sandbox quickstart documentation to fix a known issue where the sandbox fails to resolve required service hostnames. ## Why Following the original instruction leads to a `Failed to resolve 'none'` error, as discussed in issue #8226. Adding the missing service names to `127.0.0.1` resolves the problem. ## Related issue https://github.com/infiniflow/ragflow/issues/8226 ## Note It might be better to add `127.0.0.1 es01 infinity mysql minio redis` to docs/quickstart.mdx, but since no issues appeared at the time without adding this line—and the problem occurred while working with the code component—I added it here. ### Type of change - [X] Documentation Update 2025-08-11 12:48:56 +03:30			`127.0.0.1 es01 infinity mysql minio redis sandbox-executor-manager`
Docs: Sandbox quickstart (#8264) ### What problem does this PR solve? ### Type of change - [x] Documentation Update 2025-06-16 09:33:01 +08:00			```

			`4. Start the RAGFlow service as usual.`

			`## Running standalone`

			`### Manual setup`

			`1. Initialize the environment variables:`

			```bash
			`cp .env.example .env`
			```

			`2. Launch the sandbox services with Docker Compose:`

			```bash
			`docker compose -f docker-compose.yml up`
			```

			`3. Test the sandbox setup:`

			```bash
			`source .venv/bin/activate`
			`export PYTHONPATH=$(pwd)`
			`uv pip install -r executor_manager/requirements.txt`
			`uv run tests/sandbox_security_tests_full.py`
			```

			`### Using Makefile`

			`Run all setup, build, launch, and tests with a single command:`

			```bash
			`make`
			```

			`### Monitoring`

			`To follow logs of the executor manager container:`

			```bash
			`docker logs -f sandbox-executor-manager`
			```

			`Or use the Makefile shortcut:`

			```bash
			`make logs`
			```