Docker Sandboxes explained
Docker Sandboxes use what is called a “microVM” to isolate containers. A microVM is a virtual machine that runs on the native hypervisor of the host operating system for isolation. The “micro” comes from the design of the VM, which is specifically for running workloads that need to start up quickly, tear down quickly, and not gobble too many system resources.
The microVM itself is a custom-built, cross-platform project for Docker, designed to run directly on the hypervisor architecture for all three major platforms: Linux (KVM), macOS (Hypervisor.framework), and Microsoft Windows (Windows Hypervisor Platform). The behavior of the microVM is intended to be the same across the board, with native support for each hypervisor.
Normally, the Docker daemon runs directly on the host. Containers run with minimal overhead, but also with less isolation compared to the full isolation of a VM. With microVMs, each container has its own isolated instance of the Docker daemon, along with its own kernel. No persistent state is kept in the microVM, so they can be killed and restarted as needed.
Docker Sandboxes and agentic AI
The combination of nimbleness, light weight, and full isolation is designed to make Docker Sandboxes a better environment for AI agents than regular containers or full VMs. Regular containers don’t provide enough isolation from the host to keep an AI agent from causing problems, and full VMs have too much overhead to work well with the ad hoc nature of agentic workloads.