DocsGitHub Get Started

Self-hosted sandbox orchestrator.

Each sandbox is a Firecracker microVM with its own kernel, filesystem, and network. Idle VMs pause automatically and resume in microseconds. Runs on any Linux machine with KVM.

curl -fsSL bhatti.sh/install | sh
GitHub →
CORE.PRIMITIVES

Isolation without the overhead.

01

Real VMs. Not containers.

Every sandbox runs its own Linux kernel in a Firecracker microVM. Process isolation, filesystem isolation, network isolation. Not a namespace trick — a separate machine.

02

Memory snapshots. Not just filesystem.

When bhatti snapshots a VM, it captures everything: running processes, open file descriptors, TCP connections, in-memory state. Resume picks up exactly where it left off.

03

Three thermal states. Invisible to you.

Idle 30 seconds → warm (vCPUs paused, ~400µs resume). Idle 30 minutes → cold (snapshotted to disk, memory freed, ~50ms resume). Any API request transparently wakes it.

SYS.PERFORMANCE // LATENCY
Operation p50 p95 p99
Run a command 1.22ms 1.66ms 1.79ms
Read a file (1KB) 583µs 757µs 821µs
Write a file (1KB) 1.06ms 1.25ms 1.48ms
Command on paused sandbox 2.08ms 5.85ms 5.85ms
Command on cold sandbox 40.6ms 46.3ms 46.3ms
10 commands at once 11.4ms 18.6ms 18.6ms
Create a sandbox 1.44s 1.45s 1.45s
Diff snapshot 32.0ms 38.1ms 38.1ms

Measured on Hetzner AX102 (AMD Ryzen 9, x86_64, NVMe). Pi 5 numbers in the repo README.

SYS.ARCHITECTURE

How it works

Click any component to explore.

Host Machine
bhatti daemon :8080
REST / WS API
routes, proxy, NDJSON streaming
Thermal Manager
hot → warm → cold lifecycle
Firecracker Engine
create, exec, snapshot, restore
SQLite + age
state, secrets, users
Binary wire protocol · TCP :1024
daemon ⇌ lohar
Firecracker microVM ×N
kernel 6.1 · ubuntu 24.04
hot warm cold
lohar PID 1
exec / shell
PTY sessions
file ops
port forward
eth0 (kernel ip=)
Host Storage virtio-blk
rootfs.ext4
config.ext4
vol-*.ext4
/var/lib/bhatti/sandboxes/
↕ virtio-net
Host Networking
brbhatti0 bridge
TAP device
iptables NAT

SYS.APPLICATIONS

Built for

AI Coding Agents

Give LLMs a real, stateful environment to execute code, install packages, and run tests — with full VM isolation between tenants.

# REST API — what your agent calls
$ curl -X POST /sandboxes \
    -d '{"name":"agent","cpus":2}'

# Streaming exec (NDJSON)
$ curl -N \
    -H "Accept: application/x-ndjson" \
    -d '{"cmd":["npm","test"]}' \
    /sandboxes/$ID/exec

# Atomic file writes
$ curl -X PUT \
    /sandboxes/$ID/files?path=/app.js \
    --data-binary @app.js

# Truncated reads (offset/limit)
$ curl /sandboxes/$ID/files \
    ?path=/app.log\&limit=100

Disposable Dev Environments

Spin up isolated Linux VMs with Node 22, git, and common tools pre-installed. Snapshot and resume across sessions.

# Shell with session persistence
$ bhatti create --name project \
    --cpus 2 --memory 1024

$ bhatti shell project
lohar@project:~$ npm install
lohar@project:~$ npm run dev
# Ctrl+\ to detach — keeps running

# Reconnect later, scrollback replayed
$ bhatti shell project

Multi-Tenant Sandboxing

Each user gets isolated API keys, network segments, resource caps, and rate limits. VMs from different users cannot communicate.

# Per-user isolation at every layer
$ sudo bhatti user create --name alice \
    --max-sandboxes 5

$ sudo bhatti user create --name bob \
    --max-sandboxes 10 \
    --max-cpus 4 --max-memory 4096

# Each user gets:
# - Dedicated bridge + /24 subnet
# - Scoped API key (SHA-256 auth)
# - Per-user rate limits
# - Encrypted secrets (age)
DEPLOY.SELF_HOST

Run it on your hardware.

Clone, install, serve. Any Linux machine with KVM. Builds both binaries from source, downloads a kernel, and creates an Ubuntu 24.04 rootfs. No Docker, no containers, no orchestration layer.

Requirements

  • Linux (x86_64 or ARM64)
  • Hardware virtualization (/dev/kvm)
  • Root access for daemon (Firecracker requirement)

Tested on: Raspberry Pi 5, Hetzner AX-series, AWS Graviton metal. 

# 1. Clone and install (builds from source, ~10 min first time)
$ git clone https://github.com/sahil-shubham/bhatti.git
$ cd bhatti && sudo ./scripts/install.sh

# 2. Start the daemon (requires root for kvm/network)
$ cd /var/lib/bhatti && sudo bhatti serve
[INFO] Starting bhatti daemon v0.1.0
[INFO] Listening on :8080

# 3. Create a user (API key shown once)
$ sudo bhatti user create --name alice
bht_live_abc123def456...

# 4. Install CLI on your laptop (macOS or Linux)
$ curl -fsSL bhatti.sh/install | sh
$ bhatti setup
API endpoint: https://your-server:8080
API key: ****
Testing connection... ✓ connected
SYS.DOCUMENTATION

Documentation

Quickstart

CLI install, server setup, user management

Architecture

System design, data flow, concurrency model

Wire Protocol

Binary framing, connection lifecycle, auth

Guest Agent

PID 1 init, PTY sessions, process management

Thermal Management

Hot/warm/cold states, diff snapshots

Networking

Per-user bridges, iptables isolation

API Reference

REST/WebSocket endpoints

CLI Reference

All commands and flags

Testing

11K lines of tests, zero mocks for VM tests