- CLI flags (
isol8 run,isol8 setup,isol8 serve) - Config (
isol8.config.json) - API payloads (
POST /execute,POST /execute/stream) - Library calls (
new DockerIsol8(...),execute(...),start(...))
Precedence rules
Local CLI (isol8 run)
- CLI flags
isol8.config.jsondefaults- built-in defaults
Library (DockerIsol8)
- request-level values (
execute({ ... })) for request fields - constructor-level options (
new DockerIsol8({ ... })) for engine defaults - built-in defaults
Server API (isol8 serve)
- request
options(where allowed) - server config (
isol8.config.jsonloaded by server) - built-in defaults
For
POST /execute, sessionId forces persistent behavior on the server (mode is derived from sessionId there).Same execution across interfaces
- CLI
- API
- Library
Execution request fields (ExecutionRequest)
CLI:
-e, --eval, file argument, or piped stdin source.Config: not configurable in isol8.config.json.API: request.code.Library: execute({ code }).CLI:
--url, --github, --gist.Config policy: controlled by remoteCode.* (must allow URL fetches).API: request.codeUrl.Library: execute({ codeUrl }).CLI:
--hash.Config policy: remoteCode.requireHash can make hash mandatory.API: request.codeHash.Library: execute({ codeHash }).CLI:
--allow-insecure-code-url.Config policy: still constrained by remoteCode.allowedSchemes.API: request.allowInsecureCodeUrl.Library: execute({ allowInsecureCodeUrl: true }).CLI:
-r, --runtime or extension auto-detection.Config: not set via config.API: request.runtime.Library: execute({ runtime }).CLI:
--timeout <ms>.Config fallback: defaults.timeoutMs.API: request.timeoutMs.Library: execute({ timeoutMs }).CLI: no generic env map flag on
run (only --secret KEY=VALUE).Config: not set via config.API: request.env.Library: execute({ env }).CLI: no direct override flag.API:
request.fileExtension.Library: execute({ fileExtension }).CLI:
--stdin <data> or shell pipe.API: request.stdin.Library: execute({ stdin }).CLI: not exposed as a
run flag.API: request.files.Library: execute({ files }).CLI: not exposed as a
run flag.API: request.outputPaths.Library: execute({ outputPaths }).CLI:
--install <package> (repeatable).API: request.installPackages.Library: execute({ installPackages }).CLI: not exposed as a
run flag.API: request.metadata.Library: execute({ metadata }).Execution option fields (Isol8Options)
These are engine/runtime behavior options (constructor options locally, options in API requests).
CLI:
--persistent (for local run behavior).Config: no mode key.API: server derives mode from sessionId on /execute.Library: new DockerIsol8({ mode }).CLI:
--net <mode>.Config fallback: defaults.network.API: options.network.Library: network.CLI:
--allow <regex>, --deny <regex> (for filtered mode).Config fallback: network.whitelist, network.blacklist.API: options.networkFilter.Library: networkFilter.CLI:
--cpu <n>.Config fallback: defaults.cpuLimit.API: options.cpuLimit.Library: cpuLimit.CLI:
--memory <size>.Config fallback: defaults.memoryLimit.API: options.memoryLimit.Library: memoryLimit.CLI:
--pids-limit <n>.Config: no direct key.API: options.pidsLimit.Library: pidsLimit.CLI: no direct
run flag.Config: no direct key.API: options.readonlyRootFs.Library: readonlyRootFs.CLI:
--max-output <bytes>.Config: no direct key.API: options.maxOutputSize.Library: maxOutputSize.CLI:
--secret KEY=VALUE (repeatable).Config: no direct key.API: options.secrets.Library: secrets.CLI: engine default from
--timeout per run; config fallback still applies.Config fallback: defaults.timeoutMs.API: options.timeoutMs (engine default for request if request.timeoutMs is omitted).Library: constructor timeoutMs.CLI:
--image <name>.Config: no direct key.API: options.image.Library: image.CLI:
--sandbox-size <size>.Config fallback: defaults.sandboxSize.API: options.sandboxSize.Library: sandboxSize.CLI:
--tmp-size <size>.Config fallback: defaults.tmpSize.API: options.tmpSize.Library: tmpSize.CLI: global
--debug.Config fallback: top-level debug.API: options.debug.Library: debug.CLI:
--persist.Config: no direct key.API: options.persist.Library: persist.CLI:
--log-network.Config: no direct key.API: options.logNetwork.Library: logNetwork.CLI: no
run flag.Config: security.seccomp, security.customProfilePath.API: options.security.Library: security.CLI: no
run flag.Config: audit.*.API: options.audit.Library: audit.CLI: no direct policy flag (only per-request URL flags).Config:
remoteCode.*.API: options.remoteCode.Library: constructor remoteCode.CLI: not exposed as a
run flag.Config: top-level poolStrategy (applies to isol8 serve defaults only).API: not configurable per request (server uses config default).Library: poolStrategy.CLI: not exposed as a
run flag.Config: top-level poolSize (applies to isol8 serve defaults only).API: not configurable per request (server uses config default).Library: poolSize.CLI: set through
isol8 setup inputs (or config), then used at runtime for custom image resolution.Config: dependencies.*.API: options.dependencies.Library: constructor dependencies.Top-level
poolStrategy and poolSize in isol8.config.json define defaults for server-created engines (isol8 serve). Library engine options can override them, but API requests cannot.Startup options (start(options?))
CLI: not exposed directly.API: not exposed as request field.Library:
await engine.start({ prewarm: true }) or await engine.start({ prewarm: { runtimes: ["python"] } }).Config-only operational keys (isol8.config.json)
These keys are config concerns, not per-execution request fields.
Server/global concurrency cap.CLI: no dedicated
run flag.Config: top-level maxConcurrent.API: not a request body field; applied by server.Library: second constructor arg (new DockerIsol8(options, maxConcurrent)).Idle session pruning in server mode.
Idle threshold for server-side pruning.
Global defaults used when filtered networking is active.
Default pool strategy for engines created by
isol8 serve.Default pool size for engines created by
isol8 serve.isol8 setup dependency mapping
CLI:
isol8 setup --python numpy,pandasConfig: dependencies.pythonCLI:
isol8 setup --node lodash,axiosConfig: dependencies.nodeCLI:
isol8 setup --bun zodConfig: dependencies.bunCLI:
isol8 setup --deno https://deno.land/std@...Config: dependencies.denoCLI:
isol8 setup --bash jq,curlConfig: dependencies.bashCLI:
isol8 setup --forceConfig: no equivalent keyFAQ
Can I set global pool defaults for `isol8 serve`?
Can I set global pool defaults for `isol8 serve`?
Yes. Set top-level
poolStrategy and poolSize in isol8.config.json. They apply as server defaults for API execution.What wins if both request timeout and option timeout are set?
What wins if both request timeout and option timeout are set?
request.timeoutMs wins for that call. options.timeoutMs is the fallback default for requests that omit timeout.How do I force persistent behavior on the server API?
How do I force persistent behavior on the server API?
Send a
sessionId on POST /execute. The server uses that to set persistent mode for the session.Can I use `codeUrl` without changing config?
Can I use `codeUrl` without changing config?
Only if remote code policy allows it. If
remoteCode.enabled is false, URL-based execution is rejected.Troubleshooting quick checks
- Request rejected for URL execution: verify
remoteCode.enabled, host/scheme policy, and hash requirements in/remote-code. - Unexpected runtime settings: run
isol8 config --jsonand confirm effective defaults. - Filter rules not taking effect: check both request-level
networkFilterand globalnetwork.*defaults. - Persistent session not behaving as expected over API: confirm
sessionIdis present and stable across calls.
Related pages
Configuration reference
Full schema, defaults, and merge behavior for
isol8.config.json.How to CLI
Flag-level behavior for
run, setup, serve, config, and cleanup.Library reference
Complete TypeScript API contracts and lifecycle methods.
Remote code URLs
URL execution policy, hash verification, and SSRF controls.