A client library to interact with the Agentic Sandbox on Kubernetes.

Navigation

Verified details

These details have been verified by PyPI
Project links
Owner
GitHub Statistics

Unverified details

These details have not been verified by PyPI
Meta
  • License: Apache Software License
  • Requires: Python >=3.10
  • Provides-Extra: test , tracing
Classifiers
Report project as malware

Project description

Agentic Sandbox Client Python

This Python client provides a simple, high-level interface for creating and interacting with sandboxes managed by the Agent Sandbox controller. It's designed to be used as a context manager, ensuring that sandbox resources are properly created and cleaned up.

It supports a scalable, cloud-native architecture using Kubernetes Gateways and a specialized Router, while maintaining a convenient Developer Mode for local testing.

Architecture

The client operates in two modes:

  1. Production (Gateway Mode): Traffic flows from the Client -> Cloud Load Balancer (Gateway) -> Router Service -> Sandbox Pod. This supports high-scale deployments.
  2. Development (Tunnel Mode): Traffic flows from Localhost -> kubectl port-forward -> Router Service -> Sandbox Pod. This requires no public IP and works on Kind/Minikube.
  3. Advanced / Internal Mode: The client connects directly to a provided api_url, bypassing discovery. This is useful for in-cluster communication or when connecting through a custom domain.

Prerequisites

  • A running Kubernetes cluster.
  • The Agent Sandbox Controller installed.
  • kubectl installed and configured locally.

Setup: Deploying the Router

Before using the client, you must deploy the sandbox-router. This is a one-time setup.

  1. Build and Push the Router Image:

    For both Gateway Mode and Tunnel mode, follow the instructions in sandbox-router to build, push, and apply the router image and resources.

  2. Create a Sandbox Template:

    Ensure a SandboxTemplate exists in your target namespace. The test_client.py uses the python-runtime-sandbox image.

    kubectl apply -f python-sandbox-template.yaml

Installation

  1. Create a virtual environment:

    python3 -m venv .venv
source .venv/bin/activate

  2. Option 1: Install from source via git:

    # Replace "main" with a specific version tag (e.g., "v0.1.0") from
# https://github.com/kubernetes-sigs/agent-sandbox/releases to pin a version tag.
export VERSION="main"

pip install "git+https://github.com/kubernetes-sigs/agent-sandbox.git@${VERSION}#subdirectory=clients/python/agentic-sandbox-client"

  3. Option 2: Install from source in editable mode:

    If you have not already done so, first clone this repository:

    cd ~
git clone https://github.com/kubernetes-sigs/agent-sandbox.git
cd agent-sandbox/clients/python/agentic-sandbox-client

    And then install the agentic-sandbox-client into your activated .venv:

    pip install -e .

    If you are using tracing with GCP, install with the optional tracing dependencies:

    pip install -e ".[tracing]"

Usage Examples

1. Production Mode (GKE Gateway)

Use this when running against a real cluster with a public Gateway IP. The client automatically discovers the Gateway.

from agentic_sandbox import SandboxClient

# Connect via the GKE Gateway
with SandboxClient(
    template_name="python-sandbox-template",
    gateway_name="external-http-gateway",  # Name of the Gateway resource
    namespace="default"
) as sandbox:
    print(sandbox.run("echo 'Hello from Cloud!'").stdout)

2. Developer Mode (Local Tunnel)

Use this for local development or CI. If you omit gateway_name, the client automatically opens a secure tunnel to the Router Service using kubectl.

from agentic_sandbox import SandboxClient

# Automatically tunnels to svc/sandbox-router-svc
with SandboxClient(
    template_name="python-sandbox-template",
    namespace="default"
) as sandbox:
    print(sandbox.run("echo 'Hello from Local!'").stdout)

3. Advanced / Internal Mode

Use api_url to bypass discovery entirely. Useful for:

  • Internal Agents: Running inside the cluster (connect via K8s DNS).
  • Custom Domains: Connecting via HTTPS (e.g., https://sandbox.example.com).
with SandboxClient(
    template_name="python-sandbox-template",
    # Connect directly to a URL
    api_url="http://sandbox-router-svc.default.svc.cluster.local:8080",
    namespace="default"
) as sandbox:
    sandbox.run("ls -la")

4. Custom Ports

If your sandbox runtime listens on a port other than 8888 (e.g., a Node.js app on 3000), specify server_port.

with SandboxClient(
    template_name="node-sandbox-template",
    server_port=3000
) as sandbox:
    # ...

Testing

A test script is included to verify the full lifecycle (Creation -> Execution -> File I/O -> Cleanup).

Run in Dev Mode:

python test_client.py --namespace default

Run in Production Mode:

python test_client.py --gateway-name external-http-gateway

Project details

Verified details

These details have been verified by PyPI
Project links
Owner
GitHub Statistics

Unverified details

These details have not been verified by PyPI
Meta
  • License: Apache Software License
  • Requires: Python >=3.10
  • Provides-Extra: test , tracing
Classifiers

Release history Release notifications | RSS feed

0.3.10

0.2.1

0.1.1.post3

This version

0.1.1.post2

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

k8s_agent_sandbox-0.1.1.post2.tar.gz (13.0 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

k8s_agent_sandbox-0.1.1.post2-py3-none-any.whl (12.3 kB view details)

Uploaded Python 3

File details

Details for the file k8s_agent_sandbox-0.1.1.post2.tar.gz.

File metadata

  • Download URL: k8s_agent_sandbox-0.1.1.post2.tar.gz
  • Upload date:
  • Size: 13.0 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for k8s_agent_sandbox-0.1.1.post2.tar.gz
Algorithm Hash digest
SHA256 cfd3de20c7e7b3ead912ef95322f5c3feff3f6c52719002b05f72776e524ee63
MD5 f189239d61e6d4a03d766b94cd48caae
BLAKE2b-256 f8d1ffb478748a82d1d764e1bb2c6b20f72710584247fe1c3c7e997d04acfe2a

See more details on using hashes here.

Provenance

The following attestation bundles were made for k8s_agent_sandbox-0.1.1.post2.tar.gz:

Publisher: pypi-publish.yml on kubernetes-sigs/agent-sandbox

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file k8s_agent_sandbox-0.1.1.post2-py3-none-any.whl.

File metadata

File hashes

Hashes for k8s_agent_sandbox-0.1.1.post2-py3-none-any.whl
Algorithm Hash digest
SHA256 681100322657f001f75398371ac43ba65535f7df9da3f86606f9145e942fe16b
MD5 d1f302d9e6e732fcc19457a0387b22d4
BLAKE2b-256 29aa96213c2aba427a1846103640ab72c85e94b7c810065ebdc9afb12991bd1f

See more details on using hashes here.

Provenance

The following attestation bundles were made for k8s_agent_sandbox-0.1.1.post2-py3-none-any.whl:

Publisher: pypi-publish.yml on kubernetes-sigs/agent-sandbox

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page