For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
  • About NVIDIA OpenShell
    • Overview
    • How It Works
    • Installation
    • Container Gateway
    • Supported Agents
    • Release Notes
  • Get Started
    • Quickstart
    • Tutorials
  • Manage OpenShell
    • Sandboxes
    • Gateways
    • Providers
    • Providers v2
    • Policies
    • Policy Advisor
    • Inference Routing
  • Observability
    • Accessing Logs
    • Logging
    • OCSF JSON Export
  • Kubernetes
    • Setup
    • Managing Certificates
    • Ingress
    • Access Control
    • OpenShift
  • Reference
    • Gateway Auth
    • Default Policy
    • Policy Schema
    • Compute Drivers
    • Gateway Config
    • Support Matrix
  • Security
    • Security Best Practices
  • Resources
    • License
NVIDIANVIDIA
Developer-friendly docs for your API
Privacy Policy | Manage My Privacy | Do Not Sell or Share My Data | Terms of Service | Accessibility | Corporate Policies | Product Security | Contact

Copyright © 2026, NVIDIA Corporation.

LogoLogoOpenShell
On this page
  • Supported Platforms
  • Standalone Gateway Binary
  • Compute Drivers
  • Software Prerequisites
  • Sandbox Runtime Versions
  • Container Images
  • Kernel Requirements
  • Agent Compatibility
Reference

Support Matrix

||View as Markdown|
Previous

Gateway Configuration File

Next

OpenShell Security Best Practices for Controls, Risks, and Configuration Guidance

This page lists the host platform, compute driver, software, runtime, and kernel requirements for running OpenShell.

Supported Platforms

OpenShell publishes multi-architecture gateway images for linux/amd64 and linux/arm64. The CLI, package-managed gateway, and standalone gateway binary are supported on the following host platforms:

PlatformArchitectureStatus
Linux (Debian/Ubuntu)x86_64 (amd64)Supported
Linux (Debian/Ubuntu)aarch64 (arm64)Supported
macOS (Docker Desktop)Apple Silicon (arm64)Supported
Windows (WSL 2 + Docker Desktop)x86_64Experimental

On Linux, the openshell CLI is a static musl binary and does not require glibc at runtime.

Standalone Gateway Binary

OpenShell publishes standalone openshell-gateway release assets for manual download on these platforms:

PlatformArtifact pattern
Linux x86_64 (amd64)openshell-gateway-x86_64-unknown-linux-gnu
Linux aarch64 (arm64)openshell-gateway-aarch64-unknown-linux-gnu
macOS Apple Siliconopenshell-gateway-aarch64-apple-darwin

These artifacts are attached to GitHub releases. Kubernetes deployments should use the Helm chart and the published gateway image.

On Linux, openshell-gateway requires glibc 2.31 or newer. Compatible systems include, for example, Ubuntu 20.04+, RHEL 9+, Amazon Linux 2023+, and Fedora 32+.

Compute Drivers

The gateway can manage sandboxes through several compute drivers.

Compute DriverStatusNotes
DockerSupported for local development and single-machine gateways.Requires Docker Desktop or Docker Engine on the gateway host.
PodmanSupported for rootless local and workstation workflows.Requires a Podman-compatible socket and rootless networking setup.
KubernetesSupported through the OpenShell Helm chart.Requires a Kubernetes cluster supplied by the operator.
MicroVMSupported for VM-backed sandboxes.Uses the VM compute driver and libkrun-based runtime.

Software Prerequisites

Install the software for the compute driver you use:

ComponentMinimum VersionNotes
Docker Desktop or Docker Engine28.04Required for Docker-backed gateways, local image builds, and Docker development workflows.
Podman5.xRequired for Podman-backed gateways.
Kubernetes1.29Required for Helm deployments and Kubernetes sandbox scheduling.
Helm3.xRequired to install deploy/helm/openshell.
kubectlCompatible with your clusterRequired for Kubernetes operational inspection and secret creation.
Host virtualizationHost dependentRequired for MicroVM-backed gateways. MicroVM uses Hypervisor.framework on macOS and KVM on Linux.

Sandbox Runtime Versions

Sandbox container images are maintained in the openshell-community repository. Refer to that repository for the current list of installed components and their versions.

Container Images

OpenShell publishes the gateway image for linux/amd64 and linux/arm64.

ImageReferencePulled When
Gatewayghcr.io/nvidia/openshell/gateway:latestHelm chart install or upgrade, or standalone container deployment

The Helm chart in deploy/helm/openshell deploys the gateway StatefulSet, service account, service, persistent storage, and network policy for Kubernetes.

Sandbox images are maintained separately in the openshell-community repository.

To override the default image references, use Helm values:

Helm valuePurpose
image.repository / image.tagOverride the gateway image reference.
server.sandboxImageOverride the default sandbox image.

Kernel Requirements

OpenShell enforces sandbox isolation through two Linux kernel security modules:

ModuleRequirementDetails
Landlock LSMRecommendedEnforces filesystem access restrictions at the kernel level. The best_effort compatibility mode uses the highest Landlock ABI the host kernel supports. The hard_requirement mode fails sandbox creation if the required ABI is unavailable.
seccompRequiredFilters dangerous system calls. Available on all modern Linux kernels (3.17+).

On macOS, these kernel modules run inside the Docker Desktop Linux VM, not on the host kernel.

Agent Compatibility

For the full list of supported agents and their default policy coverage, refer to the Supported Agents page.