src/, src/types.ts, and schema/isol8.config.schema.json).
Core behavior and defaults
What are the default execution settings if I do not configure anything?
What are the default execution settings if I do not configure anything?
timeoutMs: 30000memoryLimit: "512m"cpuLimit: 1network: "none"sandboxSize: "512m"tmpSize: "256m"maxConcurrent: 10
Where does isol8 load config from?
Where does isol8 load config from?
./isol8.config.jsonin current working directory~/.isol8/config.json- built-in defaults
Does my config fully replace defaults?
Does my config fully replace defaults?
How can I inspect the effective configuration?
How can I inspect the effective configuration?
What wins if the same setting is provided in config and request/CLI?
What wins if the same setting is provided in config and request/CLI?
Does isol8 require Bun to run CLI and remote server?
Does isol8 require Bun to run CLI and remote server?
isol8 serve in built mode downloads a standalone server binary that embeds Bun.Setup and build behavior
What does `isol8 setup` actually do?
What does `isol8 setup` actually do?
When should I rebuild images with `--force`?
When should I rebuild images with `--force`?
--force after Dockerfile/runtime dependency changes, or when troubleshooting stale image behavior.Why does `isol8 serve` ask about updating binaries?
Why does `isol8 serve` ask about updating binaries?
Can I force standalone server binary refresh?
Can I force standalone server binary refresh?
What if my platform is unsupported for standalone server binary?
What if my platform is unsupported for standalone server binary?
Execution modes, lifecycle, and persistence
What is the difference between `--persistent` and `--persist`?
What is the difference between `--persistent` and `--persist`?
--persistent: selects persistent execution mode (reuse one container state for that engine/session).--persist: keep container(s) running after execution for inspection/debugging. They control different concerns and can be combined.
Does `--persistent` on CLI keep state across multiple separate `isol8 run` commands?
Does `--persistent` on CLI keep state across multiple separate `isol8 run` commands?
finally.
For true cross-call persistence, use remote API/library with a stable sessionId.Can I switch runtime inside one persistent container (Python -> Node)?
Can I switch runtime inside one persistent container (Python -> Node)?
When does a persistent session get deleted on remote server?
When does a persistent session get deleted on remote server?
- explicit
DELETE /session/:id - auto-prune if enabled and session is idle past
cleanup.maxContainerAgeMs
Does auto-prune delete active sessions mid-execution?
Does auto-prune delete active sessions mid-execution?
isActive check).Streaming and output behavior
Is streaming enabled by default in CLI?
Is streaming enabled by default in CLI?
isol8 run streams output by default. Use --no-stream to wait for final result.What event types are emitted in streaming mode?
What event types are emitted in streaming mode?
stdout, stderr, exit, error.Can I stream and still save final stdout to `--out` file in one command?
Can I stream and still save final stdout to `--out` file in one command?
--out writing is part of non-streaming result handling path. If you need predictable captured output file, use --no-stream.Why was my output truncated?
Why was my output truncated?
maxOutputSize (default 1MB). If exceeded, output is truncated and marked.Does secret masking apply in streamed output too?
Does secret masking apply in streamed output too?
Are file contents also auto-masked like stdout/stderr?
Are file contents also auto-masked like stdout/stderr?
Networking and security
What is the difference between `none`, `filtered`, and `host` network modes?
What is the difference between `none`, `filtered`, and `host` network modes?
none: outbound network blocked (default, safest)filtered: proxy + hostname policy + iptables enforcementhost: unrestricted host networking (use only for trusted workloads)
In filtered mode, which wins: allowlist or denylist?
In filtered mode, which wins: allowlist or denylist?
Why do my filtered requests get blocked even with an allow pattern?
Why do my filtered requests get blocked even with an allow pattern?
- regex mismatch against actual hostname
- blacklist also matches
- request host differs from what you expected
Does filtered mode rely only on proxy env vars?
Does filtered mode rely only on proxy env vars?
What does seccomp `strict`/`unconfined`/`custom` mean?
What does seccomp `strict`/`unconfined`/`custom` mean?
strict: apply the default built-in seccomp profileunconfined: no seccomp filtercustom: use profile fromsecurity.customProfilePath
What happens if the default seccomp profile cannot be loaded?
What happens if the default seccomp profile cannot be loaded?
Can I configure seccomp from `isol8 run` flags directly?
Can I configure seccomp from `isol8 run` flags directly?
run seccomp flag currently. Use config (security.*) or API/library options.security.Why do I not see network logs even with `--log-network`?
Why do I not see network logs even with `--log-network`?
--log-network only works when network mode is filtered.What happens when I use `--install` without `--net`?
What happens when I use `--install` without `--net`?
filtered networking for that run and adds runtime-default package registry hosts to the allowlist (for example PyPI or npm registry hosts).If I pass `--net` explicitly with `--install`, is it overridden?
If I pass `--net` explicitly with `--install`, is it overridden?
--net is preserved. Only the allowlist is merged when effective mode is filtered.Does `--timeout` include package install time when using `--install`?
Does `--timeout` include package install time when using `--install`?
Runtimes, files, and package installs
How is runtime auto-detected from filename?
How is runtime auto-detected from filename?
.py-> python.mjs/.js/.cjs-> node.ts-> bun.mts-> deno.sh-> bash
Why does `.ts` default to Bun and not Deno?
Why does `.ts` default to Bun and not Deno?
.ts. Deno uses .mts to avoid extension collisions.Can Deno run inline `-e` code in current adapter?
Can Deno run inline `-e` code in current adapter?
How do I choose ESM vs CJS for Node?
How do I choose ESM vs CJS for Node?
fileExtension (library/API) or file suffix in CLI input:.mjsfor ESM.cjsfor CJS Node adapter supports both.
Where are runtime package installs written?
Where are runtime package installs written?
/sandbox user directories (e.g. Python user base, npm/bun globals), not /tmp.Can I inject files and retrieve files in one execution?
Can I inject files and retrieve files in one execution?
files and outputPaths. CLI currently does not expose full generic files/outputPaths request fields.Why does `putFile`/`getFile` fail with 'No active container' in local engine?
Why does `putFile`/`getFile` fail with 'No active container' in local engine?
Why not install packages in `/tmp`?
Why not install packages in `/tmp`?
/tmp is mounted noexec. Native extensions often require executable paths, so /sandbox is used.Why do package names sometimes fail validation?
Why do package names sometimes fail validation?
Resource limits and performance
What does `cpuLimit: 1` mean?
What does `cpuLimit: 1` mean?
NanoCpus mapping inside Docker host config).What happens on timeout?
What happens on timeout?
What memory format is accepted for limits?
What memory format is accepted for limits?
512m, 1g, 256k, or raw bytes are accepted. Invalid format throws a parse error.How should I choose sandbox and tmp sizes?
How should I choose sandbox and tmp sizes?
- increase
sandboxSizefor larger user files/package footprints - keep
tmpSizesufficient for temporary build/runtime caches
What do `poolStrategy` and `poolSize` control?
What do `poolStrategy` and `poolSize` control?
poolStrategy: "fast"(default): clean/dirty pools with background cleanuppoolStrategy: "secure": cleanup in acquire pathpoolSize: warm pool capacity
How does `poolSize` relate to `maxConcurrent`?
How does `poolSize` relate to `maxConcurrent`?
maxConcurrentlimits total parallel executions (semaphore).poolSizecontrols warm container availability per runtime image.- If concurrency exceeds warm capacity for a runtime, requests can still run but may pay cold create/start latency.
Does background pool cleanup matter for one-shot CLI runs?
Does background pool cleanup matter for one-shot CLI runs?
engine.stop(), which drains/removes pool containers. Background cleaning is most useful for long-lived processes (serve, long-running app instance).Remote server and API
Why do I get 401 vs 403 from remote server?
Why do I get 401 vs 403 from remote server?
401: missingAuthorizationheader403: header present but API key invalid
Does `/health` require auth?
Does `/health` require auth?
/health is intentionally unauthenticated for liveness checks.Do file upload/download APIs require sessionId?
Do file upload/download APIs require sessionId?
sessionId, they fail.Does `/execute/stream` support persistent sessions?
Does `/execute/stream` support persistent sessions?
Can I override server defaults per request in remote mode?
Can I override server defaults per request in remote mode?
options in request envelope; they are merged over server defaults for that execution.What does `RemoteIsol8.start()` do?
What does `RemoteIsol8.start()` do?
/health to verify remote server reachability.What does `RemoteIsol8.stop()` do?
What does `RemoteIsol8.stop()` do?
sessionId is configured, it calls DELETE /session/{id}. Without sessionId it is effectively a no-op cleanup.Audit logging and observability
When are audit logs written?
When are audit logs written?
audit.enabled is true.What audit destinations are supported?
What audit destinations are supported?
filesystem (or file) and stdout are implemented.Can I keep audit logs but exclude sensitive fields?
Can I keep audit logs but exclude sensitive fields?
audit.includeCode: falseaudit.includeOutput: falseand keep metadata/codeHash/duration-level provenance.
Can I run custom automation after each audit entry?
Can I run custom automation after each audit entry?
audit.postLogScript executes after writes and receives audit file path.When do network logs appear in execution result?
When do network logs appear in execution result?
- network mode is
filtered logNetworkis enabled
How do I reduce audit data retention risk?
How do I reduce audit data retention risk?
audit.includeCode=false and audit.includeOutput=false, and set reasonable retentionDays.Troubleshooting quick map
- Runtime detection errors: see
/runtimesand pass explicit runtime. - Session/file 404s: verify stable
sessionIdand that session was created. - Unexpected network blocks: verify allow/deny regex and network mode.
- Missing logs/metrics: verify feature flags (
audit.enabled,logNetwork, etc).