Embedded micro-VM runtime for AI agents running OCI containers with hardware-level isolation — no daemon required.
BoxLite lets you spin up lightweight VMs ("Boxes") and run OCI containers inside them. It's designed for use cases like AI agent sandboxes and multi-tenant code execution, where Docker alone isn't enough and full VM infrastructure is too heavy.
Why BoxLite
- Hardware isolation: each Box has its own kernel (not just namespaces).
- Embeddable: link a library; no root; no background service to manage.
- OCI compatible: use Docker/OCI images (
python:slim,node:alpine,alpine:latest). - Async-first: run many boxes concurrently; stream stdout/stderr.
pip install boxliteRequires Python 3.10+.
import asyncio
import boxlite
async def main():
async with boxlite.SimpleBox(image="python:slim") as box:
result = await box.exec("python", "-c", "print('Hello from BoxLite!')")
print(result.stdout)
asyncio.run(main())[dependencies]
boxlite = { git = "https://github.com/boxlite-ai/boxlite" }use boxlite::{BoxCommand, BoxOptions, BoxliteRuntime, RootfsSpec};
use futures::StreamExt;
#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
let runtime = BoxliteRuntime::default_runtime();
let options = BoxOptions {
rootfs: RootfsSpec::Image("alpine:latest".into()),
..Default::default()
};
let (_, litebox) = runtime.create(options)?;
let mut execution = litebox
.exec(BoxCommand::new("echo").arg("Hello from BoxLite!"))
.await?;
let mut stdout = execution.stdout().unwrap();
while let Some(line) = stdout.next().await {
println!("{}", line);
}
Ok(())
}- Run more real-world scenarios in Examples
- Learn how images, disks, networking, and isolation work in Architecture
- Compute: CPU/memory limits, async-first API, streaming stdout/stderr, metrics
- Storage: volume mounts (ro/rw), persistent disks (QCOW2), copy-on-write
- Networking: outbound internet, port forwarding (TCP/UDP), network metrics
- Images: OCI pull + caching, custom rootfs support
- SDKs: Python available; Node.js / Go coming soon
High-level overview of how BoxLite embeds a runtime and runs OCI containers inside micro-VMs. For details, see Architecture.
Show diagram
┌─────────────────────────────────────────────────────────────┐
│ Your Application │
│ ┌──────────────────────────────────────────────────────┐ │
│ │ BoxLite Runtime (embedded library) │ │
│ │ ┌─────────────┐ ┌─────────────┐ ┌─────────────┐ │ │
│ │ │ Box A │ │ Box B │ │ Box C │ │ │
│ │ │ (micro-VM) │ │ (micro-VM) │ │ (micro-VM) │ │ │
│ │ │ ┌─────────┐ │ │ ┌─────────┐ │ │ ┌─────────┐ │ │ │
│ │ │ │Container│ │ │ │Container│ │ │ │Container│ │ │ │
│ │ │ └─────────┘ │ │ └─────────┘ │ │ └─────────┘ │ │ │
│ │ └─────────────┘ └─────────────┘ └─────────────┘ │ │
│ └──────────────────────────────────────────────────────┘ │
└─────────────────────────────────────────────────────────────┘
│
Hardware Virtualization
(KVM / Hypervisor.framework)
- API Reference — Coming soon
- Examples — Sample code for common use cases
- Architecture — How BoxLite works under the hood
| Platform | Architecture | Status |
|---|---|---|
| macOS | Apple Silicon (ARM64) | ✅ Supported |
| Linux | x86_64 | ✅ Supported |
| Linux | ARM64 | ✅ Supported |
| macOS | Intel (x86_64) | ❌ Not supported |
| Windows | — | ❌ Not supported |
| Platform | Requirements |
|---|---|
| macOS | Apple Silicon, macOS 12+ |
| Linux | KVM enabled (/dev/kvm accessible) |
| Python | 3.10+ |
- GitHub Issues — Bug reports and feature requests
- Discussions — Questions and community support
We welcome contributions! See CONTRIBUTING.md for guidelines.
Licensed under the Apache License, Version 2.0. See LICENSE for details.