# Agent Sandbox — Run Agents Safely on Kubernetes > Agent Sandbox provides Kubernetes-first guardrails for agent workloads: resource limits, isolation, and repeatable environments so failures stay contained. ## Install Save as a script file and run: ## Quick Use 1. Install / run: ```bash git clone https://github.com/kubernetes-sigs/agent-sandbox && cd agent-sandbox ``` 2. Start / smoke test: ```bash sed -n '1,260p' README.md ``` 3. Verify: - Deploy the smallest example, then confirm: (1) CPU/memory limits are enforced, (2) network/credentials are scoped, (3) logs capture every run. ## Intro Agent Sandbox provides Kubernetes-first guardrails for agent workloads: resource limits, isolation, and repeatable environments so failures stay contained. - **Best for:** Teams running untrusted agent code who need isolation, quotas, and an auditable execution surface - **Works with:** Kubernetes clusters + CI; pair with policy-as-code and least-privilege service accounts - **Setup time:** 30 minutes ## Practical Notes - Setup time ~30 minutes (apply manifests + run one sandboxed job) - Three hard checks: limits enforced, egress scoped, run logs retained - GitHub stars + forks (verified): see Source & Thanks Agents get dangerous when they can run arbitrary code with long-lived credentials. A Kubernetes sandbox lets you bound blast radius: small quotas, short-lived identities, and auditable logs. Use it to make ‘agent execution’ an infrastructure primitive rather than an ad-hoc local script. ### FAQ **Q: Do I need Kubernetes for agents?** A: Not always—but it’s a strong default if you must isolate untrusted execution. **Q: What’s the first guardrail to add?** A: Resource limits + restricted service accounts; then add egress controls. **Q: How do I make runs reproducible?** A: Pin images/versions and treat manifests as code reviewed like any PR. ## Source & Thanks > Source: https://github.com/kubernetes-sigs/agent-sandbox > License: Apache-2.0 > GitHub stars: 2,125 · forks: 253 --- ## 快速使用 1. 安装 / 运行: ```bash git clone https://github.com/kubernetes-sigs/agent-sandbox && cd agent-sandbox ``` 2. 启动 / 冒烟测试: ```bash sed -n '1,260p' README.md ``` 3. 验证: - 部署最小示例后,验收三点:① CPU/内存限额生效;② 网络/凭证被收紧;③ 日志能完整记录每次运行。 ## 简介 Agent Sandbox 提供 Kubernetes 优先的运行模式:通过资源限额、隔离与可复现环境,把 agent 工作负载关进“可控沙箱”,并用配额、策略与审计把失败影响面压到最小,长期可持续。 - **适合谁:** 要跑不完全可信的 agent 代码,并需要隔离/配额/可审计执行面的团队 - **可搭配:** Kubernetes 集群 + CI;适合配合策略即代码与最小权限账号 - **准备时间:** 30 分钟 ## 实战建议 - 上手约 30 分钟(apply 清单 + 跑一个沙箱任务) - 三项硬性验收:限额生效、外联受控、运行日志留存 - GitHub stars + forks(已核验):见「来源与感谢」 当 agent 能拿着长期凭证执行任意代码时,风险会指数级上升。Kubernetes 沙箱能把爆炸半径变小:小配额、短期身份、可审计日志。把“agent 执行”做成基础设施能力,而不是临时脚本。 ### FAQ **跑 agent 一定要上 Kubernetes 吗?** A: 不一定,但当你需要隔离不可信执行时,它是很强的默认方案。 **第一道护栏应该加什么?** A: 资源限额 + 限制 service account;然后再加外联控制。 **如何保证可复现?** A: 固定镜像/版本,把清单当代码走 PR 审核。 ## 来源与感谢 > Source: https://github.com/kubernetes-sigs/agent-sandbox > License: Apache-2.0 > GitHub stars: 2,125 · forks: 253 --- Source: https://tokrepo.com/en/workflows/agent-sandbox-run-agents-safely-on-kubernetes Author: AI Open Source