"Google is launching Agent Sandbox, a new Kubernetes primitive built for AI agents. The technology provides kernel-level isolation and can run thousands of sandboxes in parallel. Google built Agent Sandbox as an open-source project within the Cloud Native Computing Foundation. The technology is based on gVisor, with additional support for Kata Containers. This provides kernel-level isolation that counteracts vulnerabilities. Each agent task is assigned its own isolated sandbox."
"For AI developers, the build provides a Python SDK that enables them to manage the lifecycle of sandboxes without requiring infrastructure knowledge. A simple context manager is all that is needed to set up a sandbox and execute commands. Agent Sandbox achieves extra performance on Google Kubernetes Engine. By configuring pre-warmed pools with sandboxes, latency drops to less than a second. That is 90 percent faster than cold starts."
"In addition, Google is introducing Pod Snapshots, exclusively for GKE. This feature enables checkpointing and recovery of running pods. Sandboxes can start up from snapshots, reducing startup time from minutes to seconds. GPU workloads are also supported. Idle sandboxes can be snapped and suspended. This saves compute cycles without disrupting end users. This optimizes the use of scarce resources. Agent Sandbox is now available as an open-source project and can be deployed directly on GKE."
Agent Sandbox is a Kubernetes primitive providing kernel-level isolation for AI agents, built on gVisor with optional Kata Containers support and released as an open-source CNCF project. Each agent task runs in its own isolated sandbox, enabling thousands of sandboxes to operate in parallel for scalable agent workloads. A Python SDK with a simple context manager lets developers manage sandbox lifecycles without infrastructure expertise. On GKE, pre-warmed sandbox pools reduce startup latency to under a second, about 90% faster than cold starts. Pod Snapshots for GKE enable checkpoint and recovery, speeding sandbox startup from minutes to seconds and supporting GPU workloads. Idle sandboxes can be suspended to save compute.
Read at Techzine Global
Unable to calculate read time
Collection
[
|
...
]