architecture

Utiliser lors de la première navigation dans la base de code, de l'ajout d'une nouvelle méthode client, de l'ajout d'un nouveau gestionnaire/service de conteneur, ou de la compréhension du flux d'une requête…

npx skills add https://github.com/cloudflare/sandbox-sdk --skill architecture

Architecture

Three-Layer Architecture

  1. @cloudflare/sandbox (packages/sandbox/) — Public SDK published to npm

    • Sandbox class: Durable Object that manages the container lifecycle
    • Modular HTTP clients per capability (CommandClient, FileClient, ProcessClient, …)
    • CodeInterpreter: high-level API for Python/JS with structured outputs
    • proxyToSandbox(): request handler for preview URL routing
  2. @repo/shared (packages/shared/) — Internal shared utilities

    • Type definitions used by both SDK and container runtime
    • Centralized error classes (packages/shared/src/errors/) and logging
    • Not published to npm
  3. @repo/sandbox-container (packages/sandbox-container/) — Container runtime

    • Bun-based HTTP server running inside the Docker container
    • Dependency-injection container in core/container.ts
    • Route handlers for command execution, file operations, process management
    • Not published to npm (bundled into the Docker image)

Request Flow

Primary control path:

Worker
  → Sandbox DO (packages/sandbox)
    → ContainerControlClient (packages/sandbox/src/container-control/)
      → capnweb over /rpc WebSocket
        → SandboxControlAPI (packages/sandbox-container/src/control-plane/)
          → container services
            → Shell commands / filesystem

Route-based compatibility path:

Worker
  → Sandbox DO (packages/sandbox)
    → SandboxClient / clients/transport
      → Container HTTP API on port 3000 (packages/sandbox-container)
        → Router / handlers
          → container services
            → Shell commands / filesystem

Errors flow back the same path: container → Sandbox DO → Worker, using the custom error classes in packages/shared/src/errors/ keyed by the ErrorCode enum.

Primary Control Path

The primary Sandbox Durable Object to container control path is the container-control/control-plane path:

  • SDK side: packages/sandbox/src/container-control/
  • Container side: packages/sandbox-container/src/control-plane/
  • Current wire implementation: capnweb RPC over the /rpc WebSocket route

Control-channel/transport-layer capabilities belong in this path. Treat capnweb/RPC as the current implementation detail, not the architectural boundary.

The shared @repo/shared SandboxAPI interface remains named SandboxAPI because it defines the current control API contract used by both sides.

Route-Based Compatibility Path (packages/sandbox/src/clients/)

packages/sandbox/src/clients/ and packages/sandbox/src/clients/transport/ implement the HTTP and custom WebSocket route-based compatibility API. Maintain these for compatibility, debugging, local development, fallback behavior, and bug fixes, but do not add new control-plane capabilities there by default.

The route-based client pattern is:

  • BaseHttpClient — abstract route-based HTTP/WebSocket client with shared request/response handling
  • SandboxClient — compatibility aggregator that exposes all specialized route-based clients
  • Specialized clients — one per domain:
    • CommandClient — exec / execStream
    • FileClient — read, write, list, delete
    • ProcessClient — start, stop, list, signal
    • PortClient — port readiness streams
    • GitClient — clone, checkout, status
    • UtilityClient — ping, metadata
    • InterpreterClient — code interpreter sessions

When maintaining route-based compatibility, add or extend specialized clients under packages/sandbox/src/clients/. DO-to-container control capabilities belong in packages/sandbox/src/container-control/ and packages/sandbox-container/src/control-plane/.

Container Runtime (packages/sandbox-container/src/)

  • DI container (core/container.ts) — manages service lifecycle and wiring
  • Router — simple HTTP router with middleware
  • Control plane (control-plane/) — primary container-side API called by the Sandbox DO
  • Handlers (handlers/) — route-based compatibility handlers, thin layer that parses requests
  • Services (services/) — business logic (CommandService, FileService, ProcessService, …)
  • Managers (managers/) — stateful coordinators such as ProcessManager

Entry point: packages/sandbox-container/src/index.ts starts a Bun HTTP server on port 3000.

When adding a new container control operation:

  1. Add/extend a service in services/ for the business logic.
  2. Add the control-plane method in packages/sandbox-container/src/control-plane/.
  3. Mirror the call in packages/sandbox/src/container-control/.
  4. Add unit tests on both sides; add an E2E test if it touches real shell/filesystem behavior.

Only add a route handler in handlers/ and a route-based SDK client in packages/sandbox/src/clients/ when maintaining HTTP/WebSocket compatibility.

Monorepo Structure

Uses npm workspaces + Turbo:

  • packages/sandbox — main SDK package (published)
  • packages/shared — shared types and utilities (internal)
  • packages/sandbox-container — container runtime (internal, bundled into image)
  • examples/ — working example projects
  • tooling/ — shared TypeScript configs

turbo.json orchestrates dependency-aware builds.

Cross-Cutting Patterns

  • Sessions — isolate execution contexts (cwd, env vars). Default session is auto-created; multiple sessions per sandbox are supported.
  • Ports — expose internal services via preview URLs with token auth. Preview URL authorization is Durable Object-owned, while forwarding is active only after exposePort() activates the port for the current runtime. Production preview URLs require a custom domain with wildcard DNS (*.yourdomain.com); .workers.dev does not support the required subdomain patterns.
  • Container isolation — handled at the Cloudflare platform level (VMs), not by SDK code.

Container Base Image

The container runtime uses Ubuntu 22.04 with:

  • Python 3.11 (matplotlib, numpy, pandas, ipython)
  • Node.js 20 LTS
  • Bun 1.x (powers the container HTTP server)
  • Git, curl, wget, jq, and other common utilities

When modifying packages/sandbox/Dockerfile:

  • Keep images lean — every MB affects cold start
  • Pin versions for reproducibility
  • Clean up package manager caches to reduce image size

Plus de skills de cloudflare

workerd-api-review
cloudflare
Optimisation des performances, conception et compatibilité des API, vulnérabilités de sécurité et conformité aux spécifications des normes pour la revue de code workerd. Couvre la prise en compte de tcmalloc…
official
workerd-safety-review
cloudflare
Sécurité mémoire, sécurité des threads, concurrence et motifs de détection critiques pour la revue de code workerd. Couvre les risques liés à la frontière V8/KJ, la gestion de la durée de vie,…
official
module-registry
cloudflare
Charger lorsque vous travaillez avec le registre de modules dans workerd — lecture, modification, débogage ou révision de la résolution, compilation, évaluation ou enregistrement de modules…
official
reproduce
cloudflare
Reproduce a cloudflare/agents GitHub issue by scaffolding a minimal Agents/Worker project and deploying it to a temporary Cloudflare account, then report…
official
local-explorer
cloudflare
How to add products/resources to the local explorer or local API. Use when implementing new local APIs, or UI routes under…
official
commit-categories
cloudflare
Règles de catégorisation des commits pour les journaux de modifications et les résumés "nouveautés". DOIT être chargé avant de catégoriser les commits dans les commandes de journal de modifications ou de nouveautés. Fournit…
official
changesets
cloudflare
À utiliser lors de la création d'un changeset, de la préparation d'une version ou de l'incrémentation des versions. Couvre les packages à référencer, la manière de rédiger les descriptions de changeset destinées aux utilisateurs,…
official
pr
cloudflare
Crée et met à jour les demandes de tirage GitHub pour les modifications cloudflare-docs. Chargez lorsque vous êtes invité à ouvrir, créer, soumettre, mettre à jour, modifier ou rédiger un titre ou une description…
official