Introduction
qbox is a self-hosted platform for running untrusted and AI-generated code in isolated Firecracker microVMs — on your own hardware.
qbox runs untrusted and AI-generated code in real Firecracker microVMs — each sandbox is a full VM with its own kernel, not a shared-kernel container — on infrastructure you operate. You get a control plane, an operator dashboard, a REST + WebSocket API, and SDKs, all behind your own network perimeter.
How it fits together
- Control plane — the API + scheduler. Validates requests, schedules sandboxes onto hosts, and brokers the data plane (exec, files, logs, shell).
- Host agent — runs on each KVM host and drives Firecracker microVMs.
- Builder — turns any OCI image into a warm, reproducible template snapshot.
- Dashboard — the operator UI for templates, sandboxes, and hosts.
- SDKs + CLI — drive everything from your app or terminal.
You self-host all of it. Nothing phones home; no data leaves your perimeter.
Get started
The fastest path is the single-host installer on a Linux box with /dev/kvm:
curl -fsSL https://qbox.sh/install.sh | shIt checks your host (Docker, KVM, TUN), fetches the Firecracker/jailer/guest
assets, writes a docker-compose.yml + .env, and brings the stack up over
HTTPS. Full walkthrough: Self-hosting.
Then drive it from code:
import qbox
qbox.configure(api_key="qbox_...", base_url="https://qbox.your-company.internal")
with qbox.Sandbox.create(template="python-3.12") as sandbox:
result = sandbox.run_code("print(6 * 7)")
print(result.text) # 42Where to go next
- Self-hosting — install, run, update, and put TLS in front.
- Configuration — every environment variable you can set.
- Python SDK — spawn sandboxes, run code, move files.
- API reference — the underlying REST + WebSocket API.
- CLI — the
qboxcommand for operators and scripts.