Embedded micro-VM runtime for AI agents running OCI containers with hardware-level isolation — no daemon required.

BoxLite lets you spin up lightweight VMs ("Boxes") and run OCI containers inside them. It's designed for use cases like AI agent sandboxes and multi-tenant code execution, where Docker alone isn't enough and full VM infrastructure is too heavy.

Why BoxLite

• Hardware isolation: each Box has its own kernel (not just namespaces).
• Embeddable: link a library; no root; no background service to manage.
• OCI compatible: use Docker/OCI images (python:slim, node:alpine, alpine:latest).
• Async-first: run many boxes concurrently; stream stdout/stderr.

pip install boxlite

import asyncio
import boxlite


async def main():
    async with boxlite.SimpleBox(image="python:slim") as box:
        result = await box.exec("python", "-c", "print('Hello from BoxLite!')")
        print(result.stdout)


asyncio.run(main())

npm install @boxlite-ai/boxlite

import { SimpleBox } from '@boxlite-ai/boxlite';

async function main() {
  const box = new SimpleBox({ image: 'python:slim' });
  try {
    const result = await box.exec('python', '-c', "print('Hello from BoxLite!')");
    console.log(result.stdout);
  } finally {
    await box.stop();
  }
}

main();

[dependencies]
boxlite = { git = "https://github.com/boxlite-ai/boxlite" }

use boxlite::{BoxCommand, BoxOptions, BoxliteRuntime, RootfsSpec};
use futures::StreamExt;

#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
    let runtime = BoxliteRuntime::default_runtime();
    let options = BoxOptions {
        rootfs: RootfsSpec::Image("alpine:latest".into()),
        ..Default::default()
    };

    let litebox = runtime.create(options, None).await?;
    let mut execution = litebox
        .exec(BoxCommand::new("echo").arg("Hello from BoxLite!"))
        .await?;

    let mut stdout = execution.stdout().unwrap();
    while let Some(line) = stdout.next().await {
        println!("{}", line);
    }

    Ok(())
}

• Run more real-world scenarios in Examples
• Learn how images, disks, networking, and isolation work in Architecture

• Compute: CPU/memory limits, async-first API, streaming stdout/stderr, metrics
• Storage: volume mounts (ro/rw), persistent disks (QCOW2), copy-on-write
• Networking: outbound internet, port forwarding (TCP/UDP), network metrics
• Images: OCI pull + caching, custom rootfs support
• SDKs: Python (stable), Node.js (v0.1.6); Go coming soon

High-level overview of how BoxLite embeds a runtime and runs OCI containers inside micro-VMs. For details, see Architecture.

┌─────────────────────────────────────────────────────────────┐
│  Your Application                                           │
│  ┌──────────────────────────────────────────────────────┐   │
│  │  BoxLite Runtime (embedded library)                  │   │
│  │  ┌─────────────┐  ┌─────────────┐  ┌─────────────┐   │   │
│  │  │   Box A     │  │   Box B     │  │   Box C     │   │   │
│  │  │  (micro-VM) │  │  (micro-VM) │  │  (micro-VM) │   │   │
│  │  │ ┌─────────┐ │  │ ┌─────────┐ │  │ ┌─────────┐ │   │   │
│  │  │ │Container│ │  │ │Container│ │  │ │Container│ │   │   │
│  │  │ └─────────┘ │  │ └─────────┘ │  │ └─────────┘ │   │   │
│  │  └─────────────┘  └─────────────┘  └─────────────┘   │   │
│  └──────────────────────────────────────────────────────┘   │
└─────────────────────────────────────────────────────────────┘
                              │
                    Hardware Virtualization
                      (KVM / Hypervisor.framework)

• API Reference — Coming soon
• Examples — Sample code for common use cases
• Architecture — How BoxLite works under the hood

• GitHub Issues — Bug reports and feature requests
• Discussions — Questions and community support

We welcome contributions! See CONTRIBUTING.md for guidelines.

Licensed under the Apache License, Version 2.0. See LICENSE for details.