Server overview

​

Start server

isol8 serve --port 3000 --key "$ISOL8_API_KEY"

​

What the server provides

• authenticated execution APIs (/execute, /execute/stream)
• optional persistent sessions via sessionId
• file upload/download for active sessions
• global concurrency control via semaphore (maxConcurrent)
• idle session cleanup (cleanup.autoPrune + cleanup.maxContainerAgeMs)
• graceful shutdown cleanup (sessions, containers, and images)

​

Authentication model

• GET /health is public
• all other routes require Authorization: Bearer <api-key>
• missing header -> 401
• invalid token -> 403

​

Execution architecture

​

Request envelope

{
  "request": {
    "code": "print('ok')",
    "runtime": "python"
  },
  "options": {
    "timeoutMs": 30000,
    "network": "none"
  },
  "sessionId": "optional-session-id"
}

​

Behavior rules

• no sessionId: ephemeral execution (fresh engine lifecycle)
• with sessionId: server creates/reuses persistent session
• request options merge over server config defaults
• poolStrategy and poolSize are always taken from server config
• audit settings are applied from server config

​

Pool defaults (isol8 serve)

• poolStrategy (default: fast)
• poolSize (default: { "clean": 1, "dirty": 1 })

{
  "poolStrategy": "fast",
  "poolSize": { "clean": 2, "dirty": 2 }
}

​

Auto-pruning and idle session cleanup

• cleanup sweep runs every 60_000 ms
• sessions idle longer than cleanup.maxContainerAgeMs are stopped and removed
• active sessions are skipped while currently executing
• lastAccessedAt is updated on execute and file upload/download calls

• cleanup.autoPrune: true
• cleanup.maxContainerAgeMs: 3_600_000 (1 hour)

{
  "cleanup": {
    "autoPrune": true,
    "maxContainerAgeMs": 1800000
  }
}

​

Related pages