Configuration
Sandbox providers
Daytona vs docker — what each does and when to pick which.
Full reference is being written.
Quick comparison
daytona | docker | |
|---|---|---|
| Where it runs | Daytona cloud | Container per sandbox on the worker host |
| Setup | Daytona API key, snapshot image | docker daemon + one-time sinatra-agent image build |
| LLM credentials | Per-tenant tenantModelCredential row, decrypted via KMS | Worker shells out to host claude CLI for the dev tenant; host claude/opencode credentials copied into the container at create time |
| Isolation | Full container isolation, fully managed | Container per sandbox, labeled sinatra=true |
| Best for | Production, multi-tenant | Development, single-machine demos |
Set the provider with SANDBOX_PROVIDER=daytona (default) or SANDBOX_PROVIDER=docker.