OpenSandbox Provider

View as Markdown

The opensandbox provider creates sandboxes through the OpenSandbox SDK and server API. It is the Kubernetes-backed provider used by agentic software engineering environments such as mini_swe_agent_2.

Setup

Install the sandbox extra in the runtime image or virtual environment that creates sandboxes:

$uv sync --extra sandbox

For package installs, use:

$pip install "nemo-gym[sandbox]"

Set connection values through the provider config. The shipped config reads these environment variables:

VariablePurpose
OPENSANDBOX_DOMAINOpenSandbox server domain. Defaults to the in-cluster service name in the shipped config.
OPENSANDBOX_API_KEYAPI key passed to the OpenSandbox SDK connection config.

Provider Config

NeMo Gym ships an OpenSandbox provider config at nemo_gym/sandbox/providers/opensandbox/configs/opensandbox.yaml. It defines a top-level sandbox block that agents reference with sandbox_provider: sandbox.

1sandbox:
2 default_metadata:
3 sandbox-api: opensandbox-sdk
4 opensandbox:
5 connection:
6 domain: ${oc.env:OPENSANDBOX_DOMAIN,opensandbox-server.opensandbox-system.svc.cluster.local}
7 api_key: ${oc.env:OPENSANDBOX_API_KEY}
8 protocol: http
9 request_timeout_s: 300
10 use_server_proxy: true
11 create:
12 request_timeout_s: 1200
13 timeout_s: 1200
14 skip_health_check: true
15 retries: 10
16 retry_delay_s: 5.0
17 retry_max_delay_s: 90.0
18 probe:
19 timeout_s: 60
20 deadline_s: 180
21 stable_count: 2
22 stable_delay_s: 1.0
23 operations:
24 retries: 5
25 retry_delay_s: 1.0
26 retry_max_delay_s: 45.0
27 command_retries: 0
28 close_timeout_s: 30

Run an agent with the provider config by passing it alongside the agent and model configs:

$gym env start \
> --config responses_api_agents/mini_swe_agent_2/configs/mini_swe_agent_2.yaml \
> --config nemo_gym/sandbox/providers/opensandbox/configs/opensandbox.yaml \
> --config responses_api_models/vllm_model/configs/vllm_model.yaml

The provider constructor accepts four optional config sections:

SectionPurpose
connectionOpenSandbox SDK connection settings: domain, API key, protocol, request timeout, and server proxy mode.
createSandbox create timeout, retry, image pull policy, and health-check behavior.
probePost-create command probe used to verify command execution before the sandbox is returned.
operationsRetry and timeout behavior for SDK operations after create, including command retries and close timeout.

SandboxSpec Provider Options

Set OpenSandbox-specific create options under SandboxSpec.provider_options, or under sandbox_spec.provider_options in an agent config:

1sandbox_spec:
2 provider_options:
3 platform:
4 os: linux
5 arch: amd64
6 skip_health_check: false
7 extensions:
8 imagePullPolicy: IfNotPresent

Supported options are:

OptionPurpose
platformMapping passed to the OpenSandbox SDK PlatformSpec, such as os and arch.
snapshot_idOpenSandbox snapshot ID to create from instead of only an image.
volumesList of mappings passed to the OpenSandbox SDK Volume model.
skip_health_checkPer-sandbox override for SDK create health checking unless the provider config forces it on.
extensionsString map passed to OpenSandbox create extensions.

Unknown provider option keys raise ValueError; values with the wrong type raise TypeError. This catches config drift before a sandbox allocation is attempted.

Relevant SandboxSpec Fields

FieldOpenSandbox behavior
imageContainer image passed to OpenSandbox create.
ttl_sConverted to an OpenSandbox sandbox timeout.
ready_timeout_sConverted to an OpenSandbox ready timeout.
envPassed to OpenSandbox create and command execution.
filesSeed files uploaded before the first command.
metadataPassed to OpenSandbox create after provider-specific normalization.
resourcesMapped to OpenSandbox resource quantities.
entrypointPassed to OpenSandbox create when set.
provider_optionsPer-sandbox OpenSandbox options such as platform, snapshot_id, volumes, skip_health_check, and extensions.

Resource Mapping

SandboxResources is translated into OpenSandbox resource quantities:

SandboxResources fieldOpenSandbox resource key
cpucpu
memory_mibmemory, formatted as <value>Mi
disk_gibephemeral-storage, formatted as <value>Gi
gpugpu
gpu_typegpu_type

The provider also normalizes metadata values for backend labels by replacing unsupported characters and truncating values to the provider limit.

Lifecycle

The provider creates one OpenSandbox sandbox per Gym sandbox:

OperationOpenSandbox behavior
Createopensandbox.Sandbox.create(...) with normalized SandboxSpec fields.
Exechandle.raw.commands.run(...) with command options derived from exec() arguments.
Statushandle.raw.get_info() mapped onto SandboxStatus.
Closehandle.raw.kill() followed by local SDK handle cleanup.

If create.skip_health_check is enabled, the provider reconnects to the sandbox before running the NeMo Gym readiness probe so follow-up operations use a fresh SDK handle.

File Transfer

The provider uses the OpenSandbox SDK file API for uploads and downloads:

  • upload() reads the local file and writes bytes to the target sandbox path.
  • download() reads bytes from the sandbox path and writes them to the local target path.

Startup files from SandboxSpec.files use the same provider file path semantics before the first command runs.

User and Runtime Notes

The neutral user argument to exec() maps onto OpenSandbox command options:

user valueBehavior
NoneUse the sandbox default user.
"root"Run the command as provided.
Integer uidPass the uid through the OpenSandbox command options.
Other stringWrap the command with su -s /bin/sh -c ... <user>.

Command failures return SandboxExecResult with the command’s exit code. If OpenSandbox reports an execution error without an exit code, the provider returns code 125 with error_type="sandbox".

The provider’s create.image_pull_policy defaults to IfNotPresent. Valid values are Always, IfNotPresent, and Never. The resolved policy is written into OpenSandbox create extensions as both imagePullPolicy and opensandbox.extensions.image-pull-policy unless those keys are already present in provider_options.extensions.

Create retries handle transient allocation, connection, image pull, and server-side errors. Command retries are controlled separately by operations.command_retries.