top | item 47042912

(no title)

buremba | 13 days ago

Neat! I wasn’t aware that Docker has an embedded microVM option.

I use Kata Containers on Kubernetes (Firecrackers) and restrict network access with a proxy that supports you to block/allow domain access. Also swap secrets at runtime so agents don’t see any secrets (similar to Deno sandboxes)

If anybody is interested in running agents ok K8S, here is my shameless plug: https://github.com/lobu-ai/lobu

discuss

debarshri|13 days ago

Kata containers are the right way to go about doing sandboxing on K8s. It is very underappreciated and, timing-wise, very good. With ec2 supporting nested virtualization, my guess is there is going to be wide adoption.

FourSigma|13 days ago

I am pretty sure Apple containers on MacOS Tahoe are Kata containers

TheTaytay|13 days ago

Woah, that looks great. I’ve been looking for something like this. Neither thr readme or the security doc go into detail on the credential handling in the gateway. Is it using tokens to represent the secrets, or is the client just trusting that the connection will be authenticated? I’m trying to figure out how similar this is to something like Fly’s tokenizer proxy.

buremba|13 days ago

I’m working on the documentation right now but I had to build 3 prototypes to get here. :)

After seeing Deno and Fly, I rewrote the proxy being inspired by them. I integrates nicely with existing MCP proxy so agent doesn’t see any MCP secrets either.

bavell|12 days ago

I'm still not that interested in setting up openclaw, but this implementation actually looks/sounds pretty good.

Thanks for sharing!