Docker on Zewang's Bloghttps://zewang0217.github.io/tags/docker/Recent content in Docker on Zewang's BlogHugo -- gohugo.iozhWed, 15 Apr 2026 00:00:00 +0000DeerFlow Sandbox 系统详解:从抽象接口到容器隔离https://zewang0217.github.io/p/deerflow-sandbox-system/Wed, 15 Apr 2026 00:00:00 +0000https://zewang0217.github.io/p/deerflow-sandbox-system/<h2 id="背景">背景 </h2><p>Sandbox 是 DeerFlow 的&quot;执行引擎&quot;,让 Agent 真能做事——不只是聊天,还能:</p> <ul> <li>执行 bash 命令</li> <li>读写文件</li> <li>搜索文件内容</li> <li>编写代码并运行</li> </ul> <p>核心问题:<strong>如何给 Agent 一个安全、隔离、可重复的执行环境?</strong></p> <p>DeerFlow 的答案是 <strong>Sandbox abstraction + Provider 模式 + 路径映射</strong>:</p> <ul> <li><code>Sandbox</code>:抽象接口,定义能做什么</li> <li><code>SandboxProvider</code>:工厂模式,负责创建和管理 Sandbox 实例</li> <li><code>LocalSandbox</code>:本地模式,直接在宿主机执行</li> <li><code>AioSandbox</code>:容器模式,隔离的 Docker 环境</li> </ul> <hr> <h2 id="架构总览">架构总览 </h2><h3 id="三层设计">三层设计 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span><span class="lnt">14 </span><span class="lnt">15 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-gdscript3" data-lang="gdscript3"><span class="line"><span class="cl"><span class="err">┌─────────────────────────────────────────────┐</span> </span></span><span class="line"><span class="cl"><span class="err">│</span> <span class="n">Sandbox</span> <span class="n">Tools</span> <span class="p">(</span><span class="n">tools</span><span class="o">.</span><span class="n">py</span><span class="p">)</span> <span class="err">│</span> </span></span><span class="line"><span class="cl"><span class="err">│</span> <span class="n">bash</span> <span class="o">/</span> <span class="n">read_file</span> <span class="o">/</span> <span class="n">write_file</span> <span class="o">/</span> <span class="n">grep</span> <span class="o">/</span> <span class="o">...</span> <span class="err">│</span> </span></span><span class="line"><span class="cl"><span class="err">│</span> <span class="err">↑</span> <span class="err">调用</span> <span class="n">Sandbox</span> <span class="err">实例</span> <span class="err">│</span> </span></span><span class="line"><span class="cl"><span class="err">├─────────────────────────────────────────────┤</span> </span></span><span class="line"><span class="cl"><span class="err">│</span> <span class="n">Sandbox</span> <span class="p">(</span><span class="err">抽象基类</span><span class="p">)</span> <span class="err">│</span> </span></span><span class="line"><span class="cl"><span class="err">│</span> <span class="n">execute_command</span> <span class="o">/</span> <span class="n">read_file</span> <span class="o">/</span> <span class="n">write_file</span> <span class="err">│</span> </span></span><span class="line"><span class="cl"><span class="err">│</span> <span class="n">list_dir</span> <span class="o">/</span> <span class="n">glob</span> <span class="o">/</span> <span class="n">grep</span> <span class="err">│</span> </span></span><span class="line"><span class="cl"><span class="err">├─────────────────────────────────────────────┤</span> </span></span><span class="line"><span class="cl"><span class="err">│</span> <span class="n">SandboxProvider</span> <span class="p">(</span><span class="err">抽象工厂</span><span class="p">)</span> <span class="err">│</span> </span></span><span class="line"><span class="cl"><span class="err">│</span> <span class="n">acquire</span><span class="p">()</span> <span class="o">/</span> <span class="n">get</span><span class="p">()</span> <span class="o">/</span> <span class="n">release</span><span class="p">()</span> <span class="err">│</span> </span></span><span class="line"><span class="cl"><span class="err">├──────────┬──────────┬───────────────────────┤</span> </span></span><span class="line"><span class="cl"><span class="err">│</span> <span class="n">Local</span> <span class="err">│</span> <span class="n">Aio</span> <span class="err">│</span> <span class="p">(</span><span class="err">其他实现</span><span class="p">)</span> <span class="err">│</span> </span></span><span class="line"><span class="cl"><span class="err">│</span> <span class="n">Provider</span> <span class="err">│</span> <span class="n">Provider</span> <span class="err">│</span> <span class="n">K8s</span><span class="o">/</span><span class="n">Remote</span><span class="o">...</span> <span class="err">│</span> </span></span><span class="line"><span class="cl"><span class="err">└──────────┴──────────┴───────────────────────┘</span> </span></span></code></pre></td></tr></table> </div> </div><h3 id="核心文件位置">核心文件位置 </h3><table> <thead> <tr> <th>文件</th> <th>路径</th> <th>职责</th> </tr> </thead> <tbody> <tr> <td><code>sandbox.py</code></td> <td><code>deerflow/sandbox/sandbox.py</code></td> <td>Sandbox 抽象基类</td> </tr> <tr> <td><code>sandbox_provider.py</code></td> <td><code>deerflow/sandbox/sandbox_provider.py</code></td> <td>SandboxProvider 抽象工厂</td> </tr> <tr> <td><code>local_sandbox.py</code></td> <td><code>deerflow/sandbox/local/local_sandbox.py</code></td> <td>LocalSandbox 实现</td> </tr> <tr> <td><code>local_sandbox_provider.py</code></td> <td><code>deerflow/sandbox/local/local_sandbox_provider.py</code></td> <td>LocalSandboxProvider 实现</td> </tr> <tr> <td><code>aio_sandbox.py</code></td> <td><code>deerflow/community/aio_sandbox/aio_sandbox.py</code></td> <td>AioSandbox 实现</td> </tr> <tr> <td><code>aio_sandbox_provider.py</code></td> <td><code>deerflow/community/aio_sandbox/aio_sandbox_provider.py</code></td> <td>AioSandboxProvider 实现</td> </tr> <tr> <td><code>tools.py</code></td> <td><code>deerflow/sandbox/tools.py</code></td> <td>7 个 Sandbox Tools</td> </tr> </tbody> </table> <hr> <h2 id="sandbox-抽象基类">Sandbox 抽象基类 </h2><p><code>Sandbox</code> 是抽象基类,定义了所有 Sandbox 必须实现的接口:</p> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span><span class="lnt">14 </span><span class="lnt">15 </span><span class="lnt">16 </span><span class="lnt">17 </span><span class="lnt">18 </span><span class="lnt">19 </span><span class="lnt">20 </span><span class="lnt">21 </span><span class="lnt">22 </span><span class="lnt">23 </span><span class="lnt">24 </span><span class="lnt">25 </span><span class="lnt">26 </span><span class="lnt">27 </span><span class="lnt">28 </span><span class="lnt">29 </span><span class="lnt">30 </span><span class="lnt">31 </span><span class="lnt">32 </span><span class="lnt">33 </span><span class="lnt">34 </span><span class="lnt">35 </span><span class="lnt">36 </span><span class="lnt">37 </span><span class="lnt">38 </span><span class="lnt">39 </span><span class="lnt">40 </span><span class="lnt">41 </span><span class="lnt">42 </span><span class="lnt">43 </span><span class="lnt">44 </span><span class="lnt">45 </span><span class="lnt">46 </span><span class="lnt">47 </span><span class="lnt">48 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-python" data-lang="python"><span class="line"><span class="cl"><span class="k">class</span> <span class="nc">Sandbox</span><span class="p">(</span><span class="n">ABC</span><span class="p">):</span> </span></span><span class="line"><span class="cl"> <span class="s2">&#34;&#34;&#34;Abstract base class for sandbox environments&#34;&#34;&#34;</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="n">_id</span><span class="p">:</span> <span class="nb">str</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="k">def</span> <span class="fm">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="nb">id</span><span class="p">:</span> <span class="nb">str</span><span class="p">):</span> </span></span><span class="line"><span class="cl"> <span class="bp">self</span><span class="o">.</span><span class="n">_id</span> <span class="o">=</span> <span class="nb">id</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="nd">@property</span> </span></span><span class="line"><span class="cl"> <span class="k">def</span> <span class="nf">id</span><span class="p">(</span><span class="bp">self</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">str</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_id</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="c1"># === 7 个抽象方法 ===</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="nd">@abstractmethod</span> </span></span><span class="line"><span class="cl"> <span class="k">def</span> <span class="nf">execute_command</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">command</span><span class="p">:</span> <span class="nb">str</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">str</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="s2">&#34;&#34;&#34;执行 bash 命令&#34;&#34;&#34;</span> </span></span><span class="line"><span class="cl"> <span class="k">pass</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="nd">@abstractmethod</span> </span></span><span class="line"><span class="cl"> <span class="k">def</span> <span class="nf">read_file</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">path</span><span class="p">:</span> <span class="nb">str</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">str</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="s2">&#34;&#34;&#34;读取文件内容&#34;&#34;&#34;</span> </span></span><span class="line"><span class="cl"> <span class="k">pass</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="nd">@abstractmethod</span> </span></span><span class="line"><span class="cl"> <span class="k">def</span> <span class="nf">write_file</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">path</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">content</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">append</span><span class="p">:</span> <span class="nb">bool</span> <span class="o">=</span> <span class="kc">False</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="kc">None</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="s2">&#34;&#34;&#34;写入文件&#34;&#34;&#34;</span> </span></span><span class="line"><span class="cl"> <span class="k">pass</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="nd">@abstractmethod</span> </span></span><span class="line"><span class="cl"> <span class="k">def</span> <span class="nf">list_dir</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">path</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">max_depth</span><span class="o">=</span><span class="mi">2</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">list</span><span class="p">[</span><span class="nb">str</span><span class="p">]:</span> </span></span><span class="line"><span class="cl"> <span class="s2">&#34;&#34;&#34;列出目录内容&#34;&#34;&#34;</span> </span></span><span class="line"><span class="cl"> <span class="k">pass</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="nd">@abstractmethod</span> </span></span><span class="line"><span class="cl"> <span class="k">def</span> <span class="nf">glob</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">path</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">pattern</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="o">...</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">tuple</span><span class="p">[</span><span class="nb">list</span><span class="p">[</span><span class="nb">str</span><span class="p">],</span> <span class="nb">bool</span><span class="p">]:</span> </span></span><span class="line"><span class="cl"> <span class="s2">&#34;&#34;&#34;glob 模式搜索&#34;&#34;&#34;</span> </span></span><span class="line"><span class="cl"> <span class="k">pass</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="nd">@abstractmethod</span> </span></span><span class="line"><span class="cl"> <span class="k">def</span> <span class="nf">grep</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">path</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">pattern</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="o">...</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">tuple</span><span class="p">[</span><span class="nb">list</span><span class="p">[</span><span class="n">GrepMatch</span><span class="p">],</span> <span class="nb">bool</span><span class="p">]:</span> </span></span><span class="line"><span class="cl"> <span class="s2">&#34;&#34;&#34;文件内容搜索&#34;&#34;&#34;</span> </span></span><span class="line"><span class="cl"> <span class="k">pass</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="nd">@abstractmethod</span> </span></span><span class="line"><span class="cl"> <span class="k">def</span> <span class="nf">update_file</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">path</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">content</span><span class="p">:</span> <span class="nb">bytes</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="kc">None</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="s2">&#34;&#34;&#34;更新文件(二进制)&#34;&#34;&#34;</span> </span></span><span class="line"><span class="cl"> <span class="k">pass</span> </span></span></code></pre></td></tr></table> </div> </div><h3 id="7-个核心方法">7 个核心方法 </h3><table> <thead> <tr> <th>方法</th> <th>用途</th> <th>Tool 对应</th> </tr> </thead> <tbody> <tr> <td><code>execute_command</code></td> <td>执行 bash 命令</td> <td><code>bash</code> tool</td> </tr> <tr> <td><code>read_file</code></td> <td>读取文件内容</td> <td><code>read_file</code> tool</td> </tr> <tr> <td><code>write_file</code></td> <td>写入文件</td> <td><code>write_file</code> tool</td> </tr> <tr> <td><code>list_dir</code></td> <td>列出目录结构</td> <td><code>ls</code> tool</td> </tr> <tr> <td><code>glob</code></td> <td>glob 模式匹配</td> <td><code>glob</code> tool</td> </tr> <tr> <td><code>grep</code></td> <td>文件内容搜索</td> <td><code>grep</code> tool</td> </tr> <tr> <td><code>update_file</code></td> <td>二进制写入</td> <td>内部使用</td> </tr> </tbody> </table> <blockquote class="alert alert-note"> <div class="alert-header"> <span class="alert-icon">📝</span> <span class="alert-title">备注</span> </div> <div class="alert-body"> <p>所有方法都是同步的。AioSandbox 通过 HTTP API 调用远程服务,但接口保持同步语义。</p> </div> </blockquote> <hr> <h2 id="sandboxprovider-抽象工厂">SandboxProvider 抽象工厂 </h2><p><code>SandboxProvider</code> 是工厂模式,负责创建和管理 Sandbox 实例:</p> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span><span class="lnt">14 </span><span class="lnt">15 </span><span class="lnt">16 </span><span class="lnt">17 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-python" data-lang="python"><span class="line"><span class="cl"><span class="k">class</span> <span class="nc">SandboxProvider</span><span class="p">(</span><span class="n">ABC</span><span class="p">):</span> </span></span><span class="line"><span class="cl"> <span class="s2">&#34;&#34;&#34;Abstract base class for sandbox providers&#34;&#34;&#34;</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="nd">@abstractmethod</span> </span></span><span class="line"><span class="cl"> <span class="k">def</span> <span class="nf">acquire</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">thread_id</span><span class="p">:</span> <span class="nb">str</span> <span class="o">|</span> <span class="kc">None</span> <span class="o">=</span> <span class="kc">None</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">str</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="s2">&#34;&#34;&#34;获取 sandbox,返回 sandbox_id&#34;&#34;&#34;</span> </span></span><span class="line"><span class="cl"> <span class="k">pass</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="nd">@abstractmethod</span> </span></span><span class="line"><span class="cl"> <span class="k">def</span> <span class="nf">get</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">sandbox_id</span><span class="p">:</span> <span class="nb">str</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="n">Sandbox</span> <span class="o">|</span> <span class="kc">None</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="s2">&#34;&#34;&#34;根据 ID 获取 Sandbox 实例&#34;&#34;&#34;</span> </span></span><span class="line"><span class="cl"> <span class="k">pass</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="nd">@abstractmethod</span> </span></span><span class="line"><span class="cl"> <span class="k">def</span> <span class="nf">release</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">sandbox_id</span><span class="p">:</span> <span class="nb">str</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="kc">None</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="s2">&#34;&#34;&#34;释放 sandbox&#34;&#34;&#34;</span> </span></span><span class="line"><span class="cl"> <span class="k">pass</span> </span></span></code></pre></td></tr></table> </div> </div><h3 id="生命周期">生命周期 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span><span class="lnt">14 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-fallback" data-lang="fallback"><span class="line"><span class="cl">acquire(thread_id) → sandbox_id </span></span><span class="line"><span class="cl"> │ </span></span><span class="line"><span class="cl"> ├─► 如果已存在:返回现有 sandbox_id </span></span><span class="line"><span class="cl"> │ (同一 thread_id 复用) </span></span><span class="line"><span class="cl"> │ </span></span><span class="line"><span class="cl"> └─► 如果不存在:创建新 sandbox </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl">get(sandbox_id) → Sandbox 实例 </span></span><span class="line"><span class="cl"> │ </span></span><span class="line"><span class="cl"> └─► 用于执行具体操作 </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl">release(sandbox_id) </span></span><span class="line"><span class="cl"> │ </span></span><span class="line"><span class="cl"> └─► 释放资源,清理 sandbox </span></span></code></pre></td></tr></table> </div> </div><h3 id="单例模式">单例模式 </h3><p>全局单例 + 配置驱动:</p> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-python" data-lang="python"><span class="line"><span class="cl"><span class="n">_default_sandbox_provider</span><span class="p">:</span> <span class="n">SandboxProvider</span> <span class="o">|</span> <span class="kc">None</span> <span class="o">=</span> <span class="kc">None</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="k">def</span> <span class="nf">get_sandbox_provider</span><span class="p">(</span><span class="o">**</span><span class="n">kwargs</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="n">SandboxProvider</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="k">global</span> <span class="n">_default_sandbox_provider</span> </span></span><span class="line"><span class="cl"> <span class="k">if</span> <span class="n">_default_sandbox_provider</span> <span class="ow">is</span> <span class="kc">None</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="n">config</span> <span class="o">=</span> <span class="n">get_app_config</span><span class="p">()</span> </span></span><span class="line"><span class="cl"> <span class="c1"># 从 config.sandbox.use 解析类名</span> </span></span><span class="line"><span class="cl"> <span class="bp">cls</span> <span class="o">=</span> <span class="n">resolve_class</span><span class="p">(</span><span class="n">config</span><span class="o">.</span><span class="n">sandbox</span><span class="o">.</span><span class="n">use</span><span class="p">,</span> <span class="n">SandboxProvider</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="n">_default_sandbox_provider</span> <span class="o">=</span> <span class="bp">cls</span><span class="p">(</span><span class="o">**</span><span class="n">kwargs</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="n">_default_sandbox_provider</span> </span></span></code></pre></td></tr></table> </div> </div><p><strong>配置示例</strong> (<code>config.yaml</code>):</p> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span><span class="lnt">4 </span><span class="lnt">5 </span><span class="lnt">6 </span><span class="lnt">7 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-yaml" data-lang="yaml"><span class="line"><span class="cl"><span class="nt">sandbox</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">use</span><span class="p">:</span><span class="w"> </span><span class="l">deerflow.community.aio_sandbox:AioSandboxProvider </span><span class="w"> </span><span class="c"># 容器模式</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="c"># use: deerflow.sandbox.local:LocalSandboxProvider # 本地模式</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">image</span><span class="p">:</span><span class="w"> </span><span class="l">enterprise-public-cn-beijing.cr.volces.com/vefaas-public/all-in-one-sandbox:latest</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">port</span><span class="p">:</span><span class="w"> </span><span class="m">8080</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">idle_timeout</span><span class="p">:</span><span class="w"> </span><span class="m">600</span><span class="w"> </span><span class="c"># 10分钟无活动自动清理</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">replicas</span><span class="p">:</span><span class="w"> </span><span class="m">3</span><span class="w"> </span><span class="c"># 最大并发 sandbox 数</span><span class="w"> </span></span></span></code></pre></td></tr></table> </div> </div><h3 id="辅助函数">辅助函数 </h3><table> <thead> <tr> <th>函数</th> <th>用途</th> </tr> </thead> <tbody> <tr> <td><code>get_sandbox_provider()</code></td> <td>获取单例</td> </tr> <tr> <td><code>reset_sandbox_provider()</code></td> <td>重置单例(测试用)</td> </tr> <tr> <td><code>shutdown_sandbox_provider()</code></td> <td>关闭并清理所有 sandbox</td> </tr> <tr> <td><code>set_sandbox_provider(provider)</code></td> <td>注入自定义 provider(测试用)</td> </tr> </tbody> </table> <hr> <h2 id="localsandbox本地模式">LocalSandbox:本地模式 </h2><p>LocalSandbox 直接在宿主机执行,适合开发调试。</p> <h3 id="pathmapping路径映射">PathMapping:路径映射 </h3><p>核心设计是 <strong>虚拟路径 → 本地路径</strong> 的映射:</p> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span><span class="lnt">4 </span><span class="lnt">5 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-python" data-lang="python"><span class="line"><span class="cl"><span class="nd">@dataclass</span><span class="p">(</span><span class="n">frozen</span><span class="o">=</span><span class="kc">True</span><span class="p">)</span> </span></span><span class="line"><span class="cl"><span class="k">class</span> <span class="nc">PathMapping</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="n">container_path</span><span class="p">:</span> <span class="nb">str</span> <span class="c1"># Agent 看到的路径(虚拟)</span> </span></span><span class="line"><span class="cl"> <span class="n">local_path</span><span class="p">:</span> <span class="nb">str</span> <span class="c1"># 实际物理路径</span> </span></span><span class="line"><span class="cl"> <span class="n">read_only</span><span class="p">:</span> <span class="nb">bool</span> <span class="o">=</span> <span class="kc">False</span> </span></span></code></pre></td></tr></table> </div> </div><p><strong>典型映射</strong>:</p> <table> <thead> <tr> <th>虚拟路径</th> <th>本地路径</th> <th>只读</th> </tr> </thead> <tbody> <tr> <td><code>/mnt/skills</code></td> <td><code>deer-flow/skills/</code></td> <td>True</td> </tr> <tr> <td><code>/mnt/user-data/workspace</code></td> <td><code>.deer-flow/threads/{id}/user-data/workspace</code></td> <td>False</td> </tr> <tr> <td><code>/mnt/custom-mount</code></td> <td><code>/home/user/my-data</code></td> <td>自定义</td> </tr> </tbody> </table> <h3 id="双向路径转换">双向路径转换 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span><span class="lnt">14 </span><span class="lnt">15 </span><span class="lnt">16 </span><span class="lnt">17 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-python" data-lang="python"><span class="line"><span class="cl"><span class="k">class</span> <span class="nc">LocalSandbox</span><span class="p">(</span><span class="n">Sandbox</span><span class="p">):</span> </span></span><span class="line"><span class="cl"> <span class="k">def</span> <span class="nf">_resolve_path</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">path</span><span class="p">:</span> <span class="nb">str</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">str</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="s2">&#34;&#34;&#34;虚拟路径 → 本地路径&#34;&#34;&#34;</span> </span></span><span class="line"><span class="cl"> <span class="k">for</span> <span class="n">mapping</span> <span class="ow">in</span> <span class="nb">sorted</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">path_mappings</span><span class="p">,</span> <span class="n">key</span><span class="o">=</span><span class="k">lambda</span> <span class="n">m</span><span class="p">:</span> <span class="nb">len</span><span class="p">(</span><span class="n">m</span><span class="o">.</span><span class="n">container_path</span><span class="p">),</span> <span class="n">reverse</span><span class="o">=</span><span class="kc">True</span><span class="p">):</span> </span></span><span class="line"><span class="cl"> <span class="k">if</span> <span class="n">path</span><span class="o">.</span><span class="n">startswith</span><span class="p">(</span><span class="n">mapping</span><span class="o">.</span><span class="n">container_path</span> <span class="o">+</span> <span class="s2">&#34;/&#34;</span><span class="p">):</span> </span></span><span class="line"><span class="cl"> <span class="n">relative</span> <span class="o">=</span> <span class="n">path</span><span class="p">[</span><span class="nb">len</span><span class="p">(</span><span class="n">mapping</span><span class="o">.</span><span class="n">container_path</span><span class="p">):]</span><span class="o">.</span><span class="n">lstrip</span><span class="p">(</span><span class="s2">&#34;/&#34;</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="nb">str</span><span class="p">(</span><span class="n">Path</span><span class="p">(</span><span class="n">mapping</span><span class="o">.</span><span class="n">local_path</span><span class="p">)</span> <span class="o">/</span> <span class="n">relative</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="n">path</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="k">def</span> <span class="nf">_reverse_resolve_path</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">path</span><span class="p">:</span> <span class="nb">str</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">str</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="s2">&#34;&#34;&#34;本地路径 → 虚拟路径&#34;&#34;&#34;</span> </span></span><span class="line"><span class="cl"> <span class="k">for</span> <span class="n">mapping</span> <span class="ow">in</span> <span class="nb">sorted</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">path_mappings</span><span class="p">,</span> <span class="n">key</span><span class="o">=</span><span class="k">lambda</span> <span class="n">m</span><span class="p">:</span> <span class="nb">len</span><span class="p">(</span><span class="n">m</span><span class="o">.</span><span class="n">local_path</span><span class="p">),</span> <span class="n">reverse</span><span class="o">=</span><span class="kc">True</span><span class="p">):</span> </span></span><span class="line"><span class="cl"> <span class="n">local_resolved</span> <span class="o">=</span> <span class="nb">str</span><span class="p">(</span><span class="n">Path</span><span class="p">(</span><span class="n">mapping</span><span class="o">.</span><span class="n">local_path</span><span class="p">)</span><span class="o">.</span><span class="n">resolve</span><span class="p">())</span> </span></span><span class="line"><span class="cl"> <span class="k">if</span> <span class="n">path</span><span class="o">.</span><span class="n">startswith</span><span class="p">(</span><span class="n">local_resolved</span> <span class="o">+</span> <span class="s2">&#34;/&#34;</span><span class="p">):</span> </span></span><span class="line"><span class="cl"> <span class="n">relative</span> <span class="o">=</span> <span class="n">path</span><span class="p">[</span><span class="nb">len</span><span class="p">(</span><span class="n">local_resolved</span><span class="p">):]</span><span class="o">.</span><span class="n">lstrip</span><span class="p">(</span><span class="s2">&#34;/&#34;</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="sa">f</span><span class="s2">&#34;</span><span class="si">{</span><span class="n">mapping</span><span class="o">.</span><span class="n">container_path</span><span class="si">}</span><span class="s2">/</span><span class="si">{</span><span class="n">relative</span><span class="si">}</span><span class="s2">&#34;</span> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="n">path</span> </span></span></code></pre></td></tr></table> </div> </div><blockquote class="alert alert-tip"> <div class="alert-header"> <span class="alert-icon">💡</span> <span class="alert-title">提示</span> </div> <div class="alert-body"> <p>Agent 看到的是虚拟路径,但实际操作的是本地路径。输出结果再转回虚拟路径,保持一致性。</p> </div> </blockquote> <h3 id="execute_command-实现">execute_command 实现 </h3><p>跨平台 shell 检测 + 路径替换:</p> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span><span class="lnt">14 </span><span class="lnt">15 </span><span class="lnt">16 </span><span class="lnt">17 </span><span class="lnt">18 </span><span class="lnt">19 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-python" data-lang="python"><span class="line"><span class="cl"><span class="k">def</span> <span class="nf">execute_command</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">command</span><span class="p">:</span> <span class="nb">str</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">str</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="c1"># 1. 替换命令中的虚拟路径</span> </span></span><span class="line"><span class="cl"> <span class="n">resolved_command</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_resolve_paths_in_command</span><span class="p">(</span><span class="n">command</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="c1"># 2. 检测可用的 shell</span> </span></span><span class="line"><span class="cl"> <span class="n">shell</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_get_shell</span><span class="p">()</span> <span class="c1"># zsh &gt; bash &gt; sh &gt; PowerShell &gt; cmd</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="c1"># 3. 执行命令</span> </span></span><span class="line"><span class="cl"> <span class="n">result</span> <span class="o">=</span> <span class="n">subprocess</span><span class="o">.</span><span class="n">run</span><span class="p">(</span> </span></span><span class="line"><span class="cl"> <span class="n">resolved_command</span><span class="p">,</span> </span></span><span class="line"><span class="cl"> <span class="n">executable</span><span class="o">=</span><span class="n">shell</span><span class="p">,</span> </span></span><span class="line"><span class="cl"> <span class="n">shell</span><span class="o">=</span><span class="kc">True</span><span class="p">,</span> </span></span><span class="line"><span class="cl"> <span class="n">capture_output</span><span class="o">=</span><span class="kc">True</span><span class="p">,</span> </span></span><span class="line"><span class="cl"> <span class="n">text</span><span class="o">=</span><span class="kc">True</span><span class="p">,</span> </span></span><span class="line"><span class="cl"> <span class="n">timeout</span><span class="o">=</span><span class="mi">600</span><span class="p">,</span> <span class="c1"># 10 分钟超时</span> </span></span><span class="line"><span class="cl"> <span class="p">)</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="c1"># 4. 输出中转回虚拟路径</span> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_reverse_resolve_paths_in_output</span><span class="p">(</span><span class="n">output</span><span class="p">)</span> </span></span></code></pre></td></tr></table> </div> </div><p><strong>路径替换逻辑</strong>:</p> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span><span class="lnt">4 </span><span class="lnt">5 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-python" data-lang="python"><span class="line"><span class="cl"><span class="k">def</span> <span class="nf">_resolve_paths_in_command</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">command</span><span class="p">:</span> <span class="nb">str</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">str</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="s2">&#34;&#34;&#34;用正则替换命令中的虚拟路径&#34;&#34;&#34;</span> </span></span><span class="line"><span class="cl"> <span class="n">patterns</span> <span class="o">=</span> <span class="p">[</span><span class="n">re</span><span class="o">.</span><span class="n">escape</span><span class="p">(</span><span class="n">m</span><span class="o">.</span><span class="n">container_path</span><span class="p">)</span> <span class="o">+</span> <span class="sa">r</span><span class="s2">&#34;(?=/|$|\s)&#34;</span> <span class="k">for</span> <span class="n">m</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">path_mappings</span><span class="p">]</span> </span></span><span class="line"><span class="cl"> <span class="n">pattern</span> <span class="o">=</span> <span class="n">re</span><span class="o">.</span><span class="n">compile</span><span class="p">(</span><span class="s2">&#34;|&#34;</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="sa">f</span><span class="s2">&#34;(</span><span class="si">{</span><span class="n">p</span><span class="si">}</span><span class="s2">)&#34;</span> <span class="k">for</span> <span class="n">p</span> <span class="ow">in</span> <span class="n">patterns</span><span class="p">))</span> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="n">pattern</span><span class="o">.</span><span class="n">sub</span><span class="p">(</span><span class="k">lambda</span> <span class="n">m</span><span class="p">:</span> <span class="bp">self</span><span class="o">.</span><span class="n">_resolve_path</span><span class="p">(</span><span class="n">m</span><span class="o">.</span><span class="n">group</span><span class="p">(</span><span class="mi">0</span><span class="p">)),</span> <span class="n">command</span><span class="p">)</span> </span></span></code></pre></td></tr></table> </div> </div><p>例如:<code>ls /mnt/skills/public/</code> → <code>ls /path/to/deer-flow/skills/public/</code></p> <h3 id="文件操作方法">文件操作方法 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span><span class="lnt">14 </span><span class="lnt">15 </span><span class="lnt">16 </span><span class="lnt">17 </span><span class="lnt">18 </span><span class="lnt">19 </span><span class="lnt">20 </span><span class="lnt">21 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-python" data-lang="python"><span class="line"><span class="cl"><span class="k">def</span> <span class="nf">read_file</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">path</span><span class="p">:</span> <span class="nb">str</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">str</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="n">resolved_path</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_resolve_path</span><span class="p">(</span><span class="n">path</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="k">with</span> <span class="nb">open</span><span class="p">(</span><span class="n">resolved_path</span><span class="p">,</span> <span class="n">encoding</span><span class="o">=</span><span class="s2">&#34;utf-8&#34;</span><span class="p">)</span> <span class="k">as</span> <span class="n">f</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="n">f</span><span class="o">.</span><span class="n">read</span><span class="p">()</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="k">def</span> <span class="nf">write_file</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">path</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">content</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">append</span><span class="p">:</span> <span class="nb">bool</span> <span class="o">=</span> <span class="kc">False</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="kc">None</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="n">resolved_path</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_resolve_path</span><span class="p">(</span><span class="n">path</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="c1"># 检查只读路径</span> </span></span><span class="line"><span class="cl"> <span class="k">if</span> <span class="bp">self</span><span class="o">.</span><span class="n">_is_read_only_path</span><span class="p">(</span><span class="n">resolved_path</span><span class="p">):</span> </span></span><span class="line"><span class="cl"> <span class="k">raise</span> <span class="ne">OSError</span><span class="p">(</span><span class="n">errno</span><span class="o">.</span><span class="n">EROFS</span><span class="p">,</span> <span class="s2">&#34;Read-only file system&#34;</span><span class="p">,</span> <span class="n">path</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="n">os</span><span class="o">.</span><span class="n">makedirs</span><span class="p">(</span><span class="n">os</span><span class="o">.</span><span class="n">path</span><span class="o">.</span><span class="n">dirname</span><span class="p">(</span><span class="n">resolved_path</span><span class="p">),</span> <span class="n">exist_ok</span><span class="o">=</span><span class="kc">True</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="k">with</span> <span class="nb">open</span><span class="p">(</span><span class="n">resolved_path</span><span class="p">,</span> <span class="s2">&#34;a&#34;</span> <span class="k">if</span> <span class="n">append</span> <span class="k">else</span> <span class="s2">&#34;w&#34;</span><span class="p">,</span> <span class="n">encoding</span><span class="o">=</span><span class="s2">&#34;utf-8&#34;</span><span class="p">)</span> <span class="k">as</span> <span class="n">f</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="n">f</span><span class="o">.</span><span class="n">write</span><span class="p">(</span><span class="n">content</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="k">def</span> <span class="nf">glob</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">path</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">pattern</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="o">...</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">tuple</span><span class="p">[</span><span class="nb">list</span><span class="p">[</span><span class="nb">str</span><span class="p">],</span> <span class="nb">bool</span><span class="p">]:</span> </span></span><span class="line"><span class="cl"> <span class="n">resolved_path</span> <span class="o">=</span> <span class="n">Path</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">_resolve_path</span><span class="p">(</span><span class="n">path</span><span class="p">))</span> </span></span><span class="line"><span class="cl"> <span class="n">matches</span><span class="p">,</span> <span class="n">truncated</span> <span class="o">=</span> <span class="n">find_glob_matches</span><span class="p">(</span><span class="n">resolved_path</span><span class="p">,</span> <span class="n">pattern</span><span class="p">,</span> <span class="o">...</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="c1"># 转回虚拟路径</span> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="p">[</span><span class="bp">self</span><span class="o">.</span><span class="n">_reverse_resolve_path</span><span class="p">(</span><span class="n">m</span><span class="p">)</span> <span class="k">for</span> <span class="n">m</span> <span class="ow">in</span> <span class="n">matches</span><span class="p">],</span> <span class="n">truncated</span> </span></span></code></pre></td></tr></table> </div> </div><hr> <h2 id="localsandboxprovider单例工厂">LocalSandboxProvider:单例工厂 </h2><p>LocalSandboxProvider 使用<strong>单例模式</strong>,所有 thread 共享同一个 sandbox:</p> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span><span class="lnt">14 </span><span class="lnt">15 </span><span class="lnt">16 </span><span class="lnt">17 </span><span class="lnt">18 </span><span class="lnt">19 </span><span class="lnt">20 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-python" data-lang="python"><span class="line"><span class="cl"><span class="n">_singleton</span><span class="p">:</span> <span class="n">LocalSandbox</span> <span class="o">|</span> <span class="kc">None</span> <span class="o">=</span> <span class="kc">None</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="k">class</span> <span class="nc">LocalSandboxProvider</span><span class="p">(</span><span class="n">SandboxProvider</span><span class="p">):</span> </span></span><span class="line"><span class="cl"> <span class="k">def</span> <span class="fm">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span> </span></span><span class="line"><span class="cl"> <span class="bp">self</span><span class="o">.</span><span class="n">_path_mappings</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_setup_path_mappings</span><span class="p">()</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="k">def</span> <span class="nf">acquire</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">thread_id</span><span class="p">:</span> <span class="nb">str</span> <span class="o">|</span> <span class="kc">None</span> <span class="o">=</span> <span class="kc">None</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">str</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="k">global</span> <span class="n">_singleton</span> </span></span><span class="line"><span class="cl"> <span class="k">if</span> <span class="n">_singleton</span> <span class="ow">is</span> <span class="kc">None</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="n">_singleton</span> <span class="o">=</span> <span class="n">LocalSandbox</span><span class="p">(</span><span class="s2">&#34;local&#34;</span><span class="p">,</span> <span class="n">path_mappings</span><span class="o">=</span><span class="bp">self</span><span class="o">.</span><span class="n">_path_mappings</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="n">_singleton</span><span class="o">.</span><span class="n">id</span> <span class="c1"># 永远返回 &#34;local&#34;</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="k">def</span> <span class="nf">get</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">sandbox_id</span><span class="p">:</span> <span class="nb">str</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="n">Sandbox</span> <span class="o">|</span> <span class="kc">None</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="k">if</span> <span class="n">sandbox_id</span> <span class="o">==</span> <span class="s2">&#34;local&#34;</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="n">_singleton</span> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="kc">None</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="k">def</span> <span class="nf">release</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">sandbox_id</span><span class="p">:</span> <span class="nb">str</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="kc">None</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="c1"># 单例模式,无需清理</span> </span></span><span class="line"><span class="cl"> <span class="k">pass</span> </span></span></code></pre></td></tr></table> </div> </div><h3 id="路径映射配置">路径映射配置 </h3><p>从 <code>config.yaml</code> 加载映射:</p> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span><span class="lnt">14 </span><span class="lnt">15 </span><span class="lnt">16 </span><span class="lnt">17 </span><span class="lnt">18 </span><span class="lnt">19 </span><span class="lnt">20 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-python" data-lang="python"><span class="line"><span class="cl"><span class="k">def</span> <span class="nf">_setup_path_mappings</span><span class="p">(</span><span class="bp">self</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">list</span><span class="p">[</span><span class="n">PathMapping</span><span class="p">]:</span> </span></span><span class="line"><span class="cl"> <span class="n">mappings</span><span class="p">:</span> <span class="nb">list</span><span class="p">[</span><span class="n">PathMapping</span><span class="p">]</span> <span class="o">=</span> <span class="p">[]</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="c1"># 1. Skills 目录(只读)</span> </span></span><span class="line"><span class="cl"> <span class="n">skills_path</span> <span class="o">=</span> <span class="n">config</span><span class="o">.</span><span class="n">skills</span><span class="o">.</span><span class="n">get_skills_path</span><span class="p">()</span> </span></span><span class="line"><span class="cl"> <span class="n">mappings</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="n">PathMapping</span><span class="p">(</span> </span></span><span class="line"><span class="cl"> <span class="n">container_path</span><span class="o">=</span><span class="s2">&#34;/mnt/skills&#34;</span><span class="p">,</span> </span></span><span class="line"><span class="cl"> <span class="n">local_path</span><span class="o">=</span><span class="nb">str</span><span class="p">(</span><span class="n">skills_path</span><span class="p">),</span> </span></span><span class="line"><span class="cl"> <span class="n">read_only</span><span class="o">=</span><span class="kc">True</span><span class="p">,</span> </span></span><span class="line"><span class="cl"> <span class="p">))</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="c1"># 2. 自定义挂载</span> </span></span><span class="line"><span class="cl"> <span class="k">for</span> <span class="n">mount</span> <span class="ow">in</span> <span class="n">config</span><span class="o">.</span><span class="n">sandbox</span><span class="o">.</span><span class="n">mounts</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="n">mappings</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="n">PathMapping</span><span class="p">(</span> </span></span><span class="line"><span class="cl"> <span class="n">container_path</span><span class="o">=</span><span class="n">mount</span><span class="o">.</span><span class="n">container_path</span><span class="p">,</span> </span></span><span class="line"><span class="cl"> <span class="n">local_path</span><span class="o">=</span><span class="n">mount</span><span class="o">.</span><span class="n">host_path</span><span class="p">,</span> </span></span><span class="line"><span class="cl"> <span class="n">read_only</span><span class="o">=</span><span class="n">mount</span><span class="o">.</span><span class="n">read_only</span><span class="p">,</span> </span></span><span class="line"><span class="cl"> <span class="p">))</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="n">mappings</span> </span></span></code></pre></td></tr></table> </div> </div><p><strong>配置示例</strong>:</p> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span><span class="lnt">4 </span><span class="lnt">5 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-yaml" data-lang="yaml"><span class="line"><span class="cl"><span class="nt">sandbox</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">mounts</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span>- <span class="nt">host_path</span><span class="p">:</span><span class="w"> </span><span class="l">/home/user/projects</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">container_path</span><span class="p">:</span><span class="w"> </span><span class="l">/mnt/projects</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">read_only</span><span class="p">:</span><span class="w"> </span><span class="kc">false</span><span class="w"> </span></span></span></code></pre></td></tr></table> </div> </div><blockquote class="alert alert-note"> <div class="alert-header"> <span class="alert-icon">📝</span> <span class="alert-title">备注</span> </div> <div class="alert-body"> <p>LocalSandbox 是单例,所有 thread 共享。适合开发,不适合生产(无隔离)。</p> </div> </blockquote> <hr> <h2 id="aiosandbox容器模式">AioSandbox:容器模式 </h2><p>AioSandbox 通过 HTTP API 连接到 Docker 容器,实现真正的隔离环境。</p> <h3 id="架构">架构 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-fallback" data-lang="fallback"><span class="line"><span class="cl">┌──────────────────────┐ </span></span><span class="line"><span class="cl">│ AioSandbox │ </span></span><span class="line"><span class="cl">│ (Python 客户端) │ </span></span><span class="line"><span class="cl">├──────────────────────┤ </span></span><span class="line"><span class="cl">│ HTTP API 调用 │ </span></span><span class="line"><span class="cl">│ ↓ │ </span></span><span class="line"><span class="cl">├──────────────────────┤ </span></span><span class="line"><span class="cl">│ agent-infra/sandbox │ </span></span><span class="line"><span class="cl">│ (Docker 容器) │ </span></span><span class="line"><span class="cl">│ - Shell 执行 │ </span></span><span class="line"><span class="cl">│ - 文件读写 │ </span></span><span class="line"><span class="cl">│ - 搜索功能 │ </span></span><span class="line"><span class="cl">└──────────────────────┘ </span></span></code></pre></td></tr></table> </div> </div><h3 id="初始化">初始化 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span><span class="lnt">4 </span><span class="lnt">5 </span><span class="lnt">6 </span><span class="lnt">7 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-python" data-lang="python"><span class="line"><span class="cl"><span class="k">class</span> <span class="nc">AioSandbox</span><span class="p">(</span><span class="n">Sandbox</span><span class="p">):</span> </span></span><span class="line"><span class="cl"> <span class="k">def</span> <span class="fm">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="nb">id</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">base_url</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">home_dir</span><span class="p">:</span> <span class="nb">str</span> <span class="o">|</span> <span class="kc">None</span> <span class="o">=</span> <span class="kc">None</span><span class="p">):</span> </span></span><span class="line"><span class="cl"> <span class="nb">super</span><span class="p">()</span><span class="o">.</span><span class="fm">__init__</span><span class="p">(</span><span class="nb">id</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="bp">self</span><span class="o">.</span><span class="n">_base_url</span> <span class="o">=</span> <span class="n">base_url</span> </span></span><span class="line"><span class="cl"> <span class="bp">self</span><span class="o">.</span><span class="n">_client</span> <span class="o">=</span> <span class="n">AioSandboxClient</span><span class="p">(</span><span class="n">base_url</span><span class="o">=</span><span class="n">base_url</span><span class="p">,</span> <span class="n">timeout</span><span class="o">=</span><span class="mi">600</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="bp">self</span><span class="o">.</span><span class="n">_home_dir</span> <span class="o">=</span> <span class="n">home_dir</span> </span></span><span class="line"><span class="cl"> <span class="bp">self</span><span class="o">.</span><span class="n">_lock</span> <span class="o">=</span> <span class="n">threading</span><span class="o">.</span><span class="n">Lock</span><span class="p">()</span> <span class="c1"># 序列化并发请求</span> </span></span></code></pre></td></tr></table> </div> </div><blockquote class="alert alert-warning"> <div class="alert-header"> <span class="alert-icon">⚠️</span> <span class="alert-title">警告</span> </div> <div class="alert-body"> <p>容器内只有一个持久 shell session。并发请求会互相干扰,需要用 <code>threading.Lock</code> 序列化。</p> </div> </blockquote> <h3 id="execute_command-实现-1">execute_command 实现 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span><span class="lnt">14 </span><span class="lnt">15 </span><span class="lnt">16 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-python" data-lang="python"><span class="line"><span class="cl"><span class="k">def</span> <span class="nf">execute_command</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">command</span><span class="p">:</span> <span class="nb">str</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">str</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="k">with</span> <span class="bp">self</span><span class="o">.</span><span class="n">_lock</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="k">try</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="n">result</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_client</span><span class="o">.</span><span class="n">shell</span><span class="o">.</span><span class="n">exec_command</span><span class="p">(</span><span class="n">command</span><span class="o">=</span><span class="n">command</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="n">output</span> <span class="o">=</span> <span class="n">result</span><span class="o">.</span><span class="n">data</span><span class="o">.</span><span class="n">output</span> <span class="k">if</span> <span class="n">result</span><span class="o">.</span><span class="n">data</span> <span class="k">else</span> <span class="s2">&#34;&#34;</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="c1"># 检测错误签名(并发干扰导致的 ErrorObservation)</span> </span></span><span class="line"><span class="cl"> <span class="k">if</span> <span class="s2">&#34;ErrorObservation&#34;</span> <span class="ow">in</span> <span class="n">output</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="n">logger</span><span class="o">.</span><span class="n">warning</span><span class="p">(</span><span class="s2">&#34;Session corrupted, retrying with fresh session&#34;</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="n">fresh_id</span> <span class="o">=</span> <span class="nb">str</span><span class="p">(</span><span class="n">uuid</span><span class="o">.</span><span class="n">uuid4</span><span class="p">())</span> </span></span><span class="line"><span class="cl"> <span class="n">result</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_client</span><span class="o">.</span><span class="n">shell</span><span class="o">.</span><span class="n">exec_command</span><span class="p">(</span><span class="n">command</span><span class="o">=</span><span class="n">command</span><span class="p">,</span> <span class="nb">id</span><span class="o">=</span><span class="n">fresh_id</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="n">output</span> <span class="o">=</span> <span class="n">result</span><span class="o">.</span><span class="n">data</span><span class="o">.</span><span class="n">output</span> <span class="k">if</span> <span class="n">result</span><span class="o">.</span><span class="n">data</span> <span class="k">else</span> <span class="s2">&#34;&#34;</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="n">output</span> <span class="k">if</span> <span class="n">output</span> <span class="k">else</span> <span class="s2">&#34;(no output)&#34;</span> </span></span><span class="line"><span class="cl"> <span class="k">except</span> <span class="ne">Exception</span> <span class="k">as</span> <span class="n">e</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="sa">f</span><span class="s2">&#34;Error: </span><span class="si">{</span><span class="n">e</span><span class="si">}</span><span class="s2">&#34;</span> </span></span></code></pre></td></tr></table> </div> </div><h3 id="文件操作">文件操作 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-python" data-lang="python"><span class="line"><span class="cl"><span class="k">def</span> <span class="nf">read_file</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">path</span><span class="p">:</span> <span class="nb">str</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">str</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="n">result</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_client</span><span class="o">.</span><span class="n">file</span><span class="o">.</span><span class="n">read_file</span><span class="p">(</span><span class="n">file</span><span class="o">=</span><span class="n">path</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="n">result</span><span class="o">.</span><span class="n">data</span><span class="o">.</span><span class="n">content</span> <span class="k">if</span> <span class="n">result</span><span class="o">.</span><span class="n">data</span> <span class="k">else</span> <span class="s2">&#34;&#34;</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="k">def</span> <span class="nf">write_file</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">path</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">content</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">append</span><span class="p">:</span> <span class="nb">bool</span> <span class="o">=</span> <span class="kc">False</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="kc">None</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="k">with</span> <span class="bp">self</span><span class="o">.</span><span class="n">_lock</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="k">if</span> <span class="n">append</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="n">existing</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">read_file</span><span class="p">(</span><span class="n">path</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="n">content</span> <span class="o">=</span> <span class="n">existing</span> <span class="o">+</span> <span class="n">content</span> </span></span><span class="line"><span class="cl"> <span class="bp">self</span><span class="o">.</span><span class="n">_client</span><span class="o">.</span><span class="n">file</span><span class="o">.</span><span class="n">write_file</span><span class="p">(</span><span class="n">file</span><span class="o">=</span><span class="n">path</span><span class="p">,</span> <span class="n">content</span><span class="o">=</span><span class="n">content</span><span class="p">)</span> </span></span></code></pre></td></tr></table> </div> </div><h3 id="glob--grep-实现">glob / grep 实现 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-python" data-lang="python"><span class="line"><span class="cl"><span class="k">def</span> <span class="nf">glob</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">path</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">pattern</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="o">...</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">tuple</span><span class="p">[</span><span class="nb">list</span><span class="p">[</span><span class="nb">str</span><span class="p">],</span> <span class="nb">bool</span><span class="p">]:</span> </span></span><span class="line"><span class="cl"> <span class="n">result</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_client</span><span class="o">.</span><span class="n">file</span><span class="o">.</span><span class="n">find_files</span><span class="p">(</span><span class="n">path</span><span class="o">=</span><span class="n">path</span><span class="p">,</span> <span class="n">glob</span><span class="o">=</span><span class="n">pattern</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="n">files</span> <span class="o">=</span> <span class="n">result</span><span class="o">.</span><span class="n">data</span><span class="o">.</span><span class="n">files</span> <span class="ow">or</span> <span class="p">[]</span> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="n">files</span><span class="p">[:</span><span class="n">max_results</span><span class="p">],</span> <span class="nb">len</span><span class="p">(</span><span class="n">files</span><span class="p">)</span> <span class="o">&gt;</span> <span class="n">max_results</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="k">def</span> <span class="nf">grep</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">path</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">pattern</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="o">...</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">tuple</span><span class="p">[</span><span class="nb">list</span><span class="p">[</span><span class="n">GrepMatch</span><span class="p">],</span> <span class="nb">bool</span><span class="p">]:</span> </span></span><span class="line"><span class="cl"> <span class="n">regex</span> <span class="o">=</span> <span class="sa">f</span><span class="s2">&#34;(?i)</span><span class="si">{</span><span class="n">pattern</span><span class="si">}</span><span class="s2">&#34;</span> <span class="k">if</span> <span class="ow">not</span> <span class="n">case_sensitive</span> <span class="k">else</span> <span class="n">pattern</span> </span></span><span class="line"><span class="cl"> <span class="c1"># 1. 先找候选文件(glob 或 list_path)</span> </span></span><span class="line"><span class="cl"> <span class="c1"># 2. 逐文件调用 search_in_file</span> </span></span><span class="line"><span class="cl"> <span class="k">for</span> <span class="n">file_path</span> <span class="ow">in</span> <span class="n">candidate_paths</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="n">result</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_client</span><span class="o">.</span><span class="n">file</span><span class="o">.</span><span class="n">search_in_file</span><span class="p">(</span><span class="n">file</span><span class="o">=</span><span class="n">file_path</span><span class="p">,</span> <span class="n">regex</span><span class="o">=</span><span class="n">regex</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="c1"># 构建 GrepMatch...</span> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="n">matches</span><span class="p">,</span> <span class="n">truncated</span> </span></span></code></pre></td></tr></table> </div> </div><hr> <h2 id="aiosandboxprovider容器池管理">AioSandboxProvider:容器池管理 </h2><p>AioSandboxProvider 是复杂的容器生命周期管理器,核心特性:</p> <ol> <li><strong>多层缓存</strong>:in-process → warm pool → backend discovery</li> <li><strong>确定性 ID</strong>:同一 thread_id 总是得到相同 sandbox_id</li> <li><strong>Warm pool</strong>:release 不销毁容器,下次可快速复用</li> <li><strong>Idle timeout</strong>:后台线程定期清理空闲容器</li> <li><strong>Backend 抽象</strong>:支持本地 Docker 和远程 K8s</li> </ol> <h3 id="缓存层次">缓存层次 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-fallback" data-lang="fallback"><span class="line"><span class="cl">acquire(thread_id) </span></span><span class="line"><span class="cl"> │ </span></span><span class="line"><span class="cl"> ├─► Layer 1: in-process cache(最快) </span></span><span class="line"><span class="cl"> │ _thread_sandboxes[thread_id] → sandbox_id </span></span><span class="line"><span class="cl"> │ </span></span><span class="line"><span class="cl"> ├─► Layer 1.5: warm pool(容器还在运行) </span></span><span class="line"><span class="cl"> │ _warm_pool[sandbox_id] → (info, release_ts) </span></span><span class="line"><span class="cl"> │ </span></span><span class="line"><span class="cl"> └─► Layer 2: backend discovery + create </span></span><span class="line"><span class="cl"> │ 跨进程文件锁保护 </span></span><span class="line"><span class="cl"> │ _backend.discover() 或 _backend.create() </span></span></code></pre></td></tr></table> </div> </div><h3 id="确定性-sandbox_id">确定性 sandbox_id </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span><span class="lnt">4 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-python" data-lang="python"><span class="line"><span class="cl"><span class="nd">@staticmethod</span> </span></span><span class="line"><span class="cl"><span class="k">def</span> <span class="nf">_deterministic_sandbox_id</span><span class="p">(</span><span class="n">thread_id</span><span class="p">:</span> <span class="nb">str</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">str</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="s2">&#34;&#34;&#34;从 thread_id 生成确定性 sandbox_id&#34;&#34;&#34;</span> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="n">hashlib</span><span class="o">.</span><span class="n">sha256</span><span class="p">(</span><span class="n">thread_id</span><span class="o">.</span><span class="n">encode</span><span class="p">())</span><span class="o">.</span><span class="n">hexdigest</span><span class="p">()[:</span><span class="mi">8</span><span class="p">]</span> </span></span></code></pre></td></tr></table> </div> </div><p><strong>意义</strong>:多个进程访问同一 thread_id 时,生成的 sandbox_id 相同,可以发现对方创建的容器。</p> <h3 id="warm-pool-机制">Warm Pool 机制 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span><span class="lnt">14 </span><span class="lnt">15 </span><span class="lnt">16 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-python" data-lang="python"><span class="line"><span class="cl"><span class="k">def</span> <span class="nf">release</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">sandbox_id</span><span class="p">:</span> <span class="nb">str</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="kc">None</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="s2">&#34;&#34;&#34;释放 sandbox 到 warm pool(容器继续运行)&#34;&#34;&#34;</span> </span></span><span class="line"><span class="cl"> <span class="n">info</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_sandbox_infos</span><span class="o">.</span><span class="n">pop</span><span class="p">(</span><span class="n">sandbox_id</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="bp">self</span><span class="o">.</span><span class="n">_sandboxes</span><span class="o">.</span><span class="n">pop</span><span class="p">(</span><span class="n">sandbox_id</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="c1"># 不销毁容器,放入 warm pool</span> </span></span><span class="line"><span class="cl"> <span class="k">if</span> <span class="n">info</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="bp">self</span><span class="o">.</span><span class="n">_warm_pool</span><span class="p">[</span><span class="n">sandbox_id</span><span class="p">]</span> <span class="o">=</span> <span class="p">(</span><span class="n">info</span><span class="p">,</span> <span class="n">time</span><span class="o">.</span><span class="n">time</span><span class="p">())</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="k">def</span> <span class="nf">acquire</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">thread_id</span><span class="p">:</span> <span class="nb">str</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">str</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="c1"># 先检查 warm pool</span> </span></span><span class="line"><span class="cl"> <span class="k">if</span> <span class="n">sandbox_id</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">_warm_pool</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="n">info</span><span class="p">,</span> <span class="n">_</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_warm_pool</span><span class="o">.</span><span class="n">pop</span><span class="p">(</span><span class="n">sandbox_id</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="n">sandbox</span> <span class="o">=</span> <span class="n">AioSandbox</span><span class="p">(</span><span class="nb">id</span><span class="o">=</span><span class="n">sandbox_id</span><span class="p">,</span> <span class="n">base_url</span><span class="o">=</span><span class="n">info</span><span class="o">.</span><span class="n">sandbox_url</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="bp">self</span><span class="o">.</span><span class="n">_sandboxes</span><span class="p">[</span><span class="n">sandbox_id</span><span class="p">]</span> <span class="o">=</span> <span class="n">sandbox</span> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="n">sandbox_id</span> <span class="c1"># 无冷启动</span> </span></span></code></pre></td></tr></table> </div> </div><p><strong>效果</strong>:下次访问同一 thread 时,直接从 warm pool 取回,无需创建新容器。</p> <h3 id="跨进程文件锁">跨进程文件锁 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-python" data-lang="python"><span class="line"><span class="cl"><span class="k">def</span> <span class="nf">_discover_or_create_with_lock</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">thread_id</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">sandbox_id</span><span class="p">:</span> <span class="nb">str</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">str</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="n">lock_path</span> <span class="o">=</span> <span class="n">paths</span><span class="o">.</span><span class="n">thread_dir</span><span class="p">(</span><span class="n">thread_id</span><span class="p">)</span> <span class="o">/</span> <span class="sa">f</span><span class="s2">&#34;</span><span class="si">{</span><span class="n">sandbox_id</span><span class="si">}</span><span class="s2">.lock&#34;</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="k">with</span> <span class="nb">open</span><span class="p">(</span><span class="n">lock_path</span><span class="p">,</span> <span class="s2">&#34;a&#34;</span><span class="p">)</span> <span class="k">as</span> <span class="n">lock_file</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="n">fcntl</span><span class="o">.</span><span class="n">flock</span><span class="p">(</span><span class="n">lock_file</span><span class="p">,</span> <span class="n">fcntl</span><span class="o">.</span><span class="n">LOCK_EX</span><span class="p">)</span> <span class="c1"># 跨进程锁</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="c1"># 再次检查缓存(可能其他进程刚创建)</span> </span></span><span class="line"><span class="cl"> <span class="n">discovered</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_backend</span><span class="o">.</span><span class="n">discover</span><span class="p">(</span><span class="n">sandbox_id</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="k">if</span> <span class="n">discovered</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="n">discovered</span><span class="o">.</span><span class="n">sandbox_id</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="c1"># 确实需要创建</span> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_create_sandbox</span><span class="p">(</span><span class="n">thread_id</span><span class="p">,</span> <span class="n">sandbox_id</span><span class="p">)</span> </span></span></code></pre></td></tr></table> </div> </div><h3 id="idle-timeout-管理">Idle Timeout 管理 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span><span class="lnt">14 </span><span class="lnt">15 </span><span class="lnt">16 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-python" data-lang="python"><span class="line"><span class="cl"><span class="k">def</span> <span class="nf">_idle_checker_loop</span><span class="p">(</span><span class="bp">self</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="kc">None</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="k">while</span> <span class="ow">not</span> <span class="bp">self</span><span class="o">.</span><span class="n">_idle_checker_stop</span><span class="o">.</span><span class="n">wait</span><span class="p">(</span><span class="n">timeout</span><span class="o">=</span><span class="mi">60</span><span class="p">):</span> </span></span><span class="line"><span class="cl"> <span class="bp">self</span><span class="o">.</span><span class="n">_cleanup_idle_sandboxes</span><span class="p">(</span><span class="n">idle_timeout</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="k">def</span> <span class="nf">_cleanup_idle_sandboxes</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">idle_timeout</span><span class="p">:</span> <span class="nb">float</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="kc">None</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="n">current_time</span> <span class="o">=</span> <span class="n">time</span><span class="o">.</span><span class="n">time</span><span class="p">()</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="c1"># 检查 active sandboxes</span> </span></span><span class="line"><span class="cl"> <span class="k">for</span> <span class="n">sandbox_id</span><span class="p">,</span> <span class="n">last_activity</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">_last_activity</span><span class="o">.</span><span class="n">items</span><span class="p">():</span> </span></span><span class="line"><span class="cl"> <span class="k">if</span> <span class="n">current_time</span> <span class="o">-</span> <span class="n">last_activity</span> <span class="o">&gt;</span> <span class="n">idle_timeout</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="bp">self</span><span class="o">.</span><span class="n">destroy</span><span class="p">(</span><span class="n">sandbox_id</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="c1"># 检查 warm pool</span> </span></span><span class="line"><span class="cl"> <span class="k">for</span> <span class="n">sandbox_id</span><span class="p">,</span> <span class="p">(</span><span class="n">info</span><span class="p">,</span> <span class="n">release_ts</span><span class="p">)</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">_warm_pool</span><span class="o">.</span><span class="n">items</span><span class="p">():</span> </span></span><span class="line"><span class="cl"> <span class="k">if</span> <span class="n">current_time</span> <span class="o">-</span> <span class="n">release_ts</span> <span class="o">&gt;</span> <span class="n">idle_timeout</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="bp">self</span><span class="o">.</span><span class="n">_backend</span><span class="o">.</span><span class="n">destroy</span><span class="p">(</span><span class="n">info</span><span class="p">)</span> </span></span></code></pre></td></tr></table> </div> </div><h3 id="backend-抽象">Backend 抽象 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-python" data-lang="python"><span class="line"><span class="cl"><span class="k">def</span> <span class="nf">_create_backend</span><span class="p">(</span><span class="bp">self</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="n">SandboxBackend</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="n">provisioner_url</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_config</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s2">&#34;provisioner_url&#34;</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="k">if</span> <span class="n">provisioner_url</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="c1"># 远程模式:K8s Provisioner 动态创建 Pod</span> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="n">RemoteSandboxBackend</span><span class="p">(</span><span class="n">provisioner_url</span><span class="o">=</span><span class="n">provisioner_url</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="c1"># 本地模式:直接管理 Docker 容器</span> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="n">LocalContainerBackend</span><span class="p">(</span> </span></span><span class="line"><span class="cl"> <span class="n">image</span><span class="o">=</span><span class="bp">self</span><span class="o">.</span><span class="n">_config</span><span class="p">[</span><span class="s2">&#34;image&#34;</span><span class="p">],</span> </span></span><span class="line"><span class="cl"> <span class="n">base_port</span><span class="o">=</span><span class="bp">self</span><span class="o">.</span><span class="n">_config</span><span class="p">[</span><span class="s2">&#34;port&#34;</span><span class="p">],</span> </span></span><span class="line"><span class="cl"> <span class="n">container_prefix</span><span class="o">=</span><span class="bp">self</span><span class="o">.</span><span class="n">_config</span><span class="p">[</span><span class="s2">&#34;container_prefix&#34;</span><span class="p">],</span> </span></span><span class="line"><span class="cl"> <span class="p">)</span> </span></span></code></pre></td></tr></table> </div> </div><p><strong>两种 Backend</strong>:</p> <table> <thead> <tr> <th>Backend</th> <th>场景</th> <th>实现方式</th> </tr> </thead> <tbody> <tr> <td>LocalContainerBackend</td> <td>本地开发</td> <td><code>docker run</code> 启动容器</td> </tr> <tr> <td>RemoteSandboxBackend</td> <td>生产部署</td> <td>Provisioner API 创建 K8s Pod</td> </tr> </tbody> </table> <h3 id="配置示例">配置示例 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span><span class="lnt">14 </span><span class="lnt">15 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-yaml" data-lang="yaml"><span class="line"><span class="cl"><span class="nt">sandbox</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">use</span><span class="p">:</span><span class="w"> </span><span class="l">deerflow.community.aio_sandbox:AioSandboxProvider</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">image</span><span class="p">:</span><span class="w"> </span><span class="l">enterprise-public-cn-beijing.cr.volces.com/vefaas-public/all-in-one-sandbox:latest</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">port</span><span class="p">:</span><span class="w"> </span><span class="m">8080</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">container_prefix</span><span class="p">:</span><span class="w"> </span><span class="l">deer-flow-sandbox</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">idle_timeout</span><span class="p">:</span><span class="w"> </span><span class="m">600</span><span class="w"> </span><span class="c"># 10 分钟无活动自动清理</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">replicas</span><span class="p">:</span><span class="w"> </span><span class="m">3</span><span class="w"> </span><span class="c"># 最大并发容器数(LRU 淘汰)</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">mounts</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span>- <span class="nt">host_path</span><span class="p">:</span><span class="w"> </span><span class="l">/home/user/projects</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">container_path</span><span class="p">:</span><span class="w"> </span><span class="l">/mnt/projects</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">read_only</span><span class="p">:</span><span class="w"> </span><span class="kc">false</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">environment</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">NODE_ENV</span><span class="p">:</span><span class="w"> </span><span class="l">production</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">API_KEY</span><span class="p">:</span><span class="w"> </span><span class="l">$MY_API_KEY </span><span class="w"> </span><span class="c"># 支持环境变量引用</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">provisioner_url</span><span class="p">:</span><span class="w"> </span><span class="s2">&#34;&#34;</span><span class="w"> </span><span class="c"># 留空用本地模式</span><span class="w"> </span></span></span></code></pre></td></tr></table> </div> </div><hr> <h2 id="sandbox-toolsagent-可调用的工具">Sandbox Tools:Agent 可调用的工具 </h2><p>Agent 通过 7 个工具与 Sandbox 交互:</p> <table> <thead> <tr> <th>工具</th> <th>功能</th> <th>核心参数</th> </tr> </thead> <tbody> <tr> <td><code>bash</code></td> <td>执行命令</td> <td><code>command</code></td> </tr> <tr> <td><code>ls</code></td> <td>列出目录</td> <td><code>path</code></td> </tr> <tr> <td><code>glob</code></td> <td>搜索文件</td> <td><code>pattern</code>, <code>path</code></td> </tr> <tr> <td><code>grep</code></td> <td>搜索内容</td> <td><code>pattern</code>, <code>path</code></td> </tr> <tr> <td><code>read_file</code></td> <td>读取文件</td> <td><code>path</code>, <code>start_line</code>, <code>end_line</code></td> </tr> <tr> <td><code>write_file</code></td> <td>写入文件</td> <td><code>path</code>, <code>content</code>, <code>append</code></td> </tr> <tr> <td><code>str_replace</code></td> <td>替换内容</td> <td><code>path</code>, <code>old_str</code>, <code>new_str</code></td> </tr> </tbody> </table> <h3 id="bash-工具">bash 工具 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span><span class="lnt">14 </span><span class="lnt">15 </span><span class="lnt">16 </span><span class="lnt">17 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-python" data-lang="python"><span class="line"><span class="cl"><span class="nd">@tool</span><span class="p">(</span><span class="s2">&#34;bash&#34;</span><span class="p">,</span> <span class="n">parse_docstring</span><span class="o">=</span><span class="kc">True</span><span class="p">)</span> </span></span><span class="line"><span class="cl"><span class="k">def</span> <span class="nf">bash_tool</span><span class="p">(</span><span class="n">runtime</span><span class="p">,</span> <span class="n">description</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">command</span><span class="p">:</span> <span class="nb">str</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">str</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="s2">&#34;&#34;&#34;Execute a bash command in a Linux environment.&#34;&#34;&#34;</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="n">sandbox</span> <span class="o">=</span> <span class="n">ensure_sandbox_initialized</span><span class="p">(</span><span class="n">runtime</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="k">if</span> <span class="n">is_local_sandbox</span><span class="p">(</span><span class="n">runtime</span><span class="p">):</span> </span></span><span class="line"><span class="cl"> <span class="c1"># 1. 验证路径权限</span> </span></span><span class="line"><span class="cl"> <span class="n">validate_local_bash_command_paths</span><span class="p">(</span><span class="n">command</span><span class="p">,</span> <span class="n">thread_data</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="c1"># 2. 替换虚拟路径</span> </span></span><span class="line"><span class="cl"> <span class="n">command</span> <span class="o">=</span> <span class="n">replace_virtual_paths_in_command</span><span class="p">(</span><span class="n">command</span><span class="p">,</span> <span class="n">thread_data</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="c1"># 3. 执行并遮蔽真实路径</span> </span></span><span class="line"><span class="cl"> <span class="n">output</span> <span class="o">=</span> <span class="n">sandbox</span><span class="o">.</span><span class="n">execute_command</span><span class="p">(</span><span class="n">command</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="n">mask_local_paths_in_output</span><span class="p">(</span><span class="n">output</span><span class="p">,</span> <span class="n">thread_data</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="c1"># 容器模式:直接执行</span> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="n">sandbox</span><span class="o">.</span><span class="n">execute_command</span><span class="p">(</span><span class="n">command</span><span class="p">)</span> </span></span></code></pre></td></tr></table> </div> </div><p><strong>路径替换逻辑</strong>:</p> <p>Agent 写的命令:<code>ls /mnt/user-data/workspace/</code> 实际执行:<code>ls /path/to/.deer-flow/threads/{id}/user-data/workspace/</code></p> <p><strong>安全限制</strong>:</p> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span><span class="lnt">4 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-python" data-lang="python"><span class="line"><span class="cl"><span class="c1"># 检查路径是否在允许范围内</span> </span></span><span class="line"><span class="cl"><span class="k">def</span> <span class="nf">validate_local_bash_command_paths</span><span class="p">(</span><span class="n">command</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">thread_data</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="kc">None</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="k">for</span> <span class="n">path</span> <span class="ow">in</span> <span class="n">extract_absolute_paths</span><span class="p">(</span><span class="n">command</span><span class="p">):</span> </span></span><span class="line"><span class="cl"> <span class="n">validate_local_tool_path</span><span class="p">(</span><span class="n">path</span><span class="p">,</span> <span class="n">thread_data</span><span class="p">)</span> </span></span></code></pre></td></tr></table> </div> </div><h3 id="glob--grep-工具">glob / grep 工具 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span><span class="lnt">14 </span><span class="lnt">15 </span><span class="lnt">16 </span><span class="lnt">17 </span><span class="lnt">18 </span><span class="lnt">19 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-python" data-lang="python"><span class="line"><span class="cl"><span class="nd">@tool</span><span class="p">(</span><span class="s2">&#34;glob&#34;</span><span class="p">,</span> <span class="n">parse_docstring</span><span class="o">=</span><span class="kc">True</span><span class="p">)</span> </span></span><span class="line"><span class="cl"><span class="k">def</span> <span class="nf">glob_tool</span><span class="p">(</span><span class="n">runtime</span><span class="p">,</span> <span class="n">description</span><span class="p">,</span> <span class="n">pattern</span><span class="p">,</span> <span class="n">path</span><span class="p">,</span> <span class="n">include_dirs</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span> <span class="n">max_results</span><span class="o">=</span><span class="mi">200</span><span class="p">):</span> </span></span><span class="line"><span class="cl"> <span class="n">sandbox</span> <span class="o">=</span> <span class="n">ensure_sandbox_initialized</span><span class="p">(</span><span class="n">runtime</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="k">if</span> <span class="n">is_local_sandbox</span><span class="p">(</span><span class="n">runtime</span><span class="p">):</span> </span></span><span class="line"><span class="cl"> <span class="n">path</span> <span class="o">=</span> <span class="n">_resolve_local_read_path</span><span class="p">(</span><span class="n">path</span><span class="p">,</span> <span class="n">thread_data</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="n">matches</span><span class="p">,</span> <span class="n">truncated</span> <span class="o">=</span> <span class="n">sandbox</span><span class="o">.</span><span class="n">glob</span><span class="p">(</span><span class="n">path</span><span class="p">,</span> <span class="n">pattern</span><span class="p">,</span> <span class="n">max_results</span><span class="o">=</span><span class="n">max_results</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="c1"># 遮蔽真实路径</span> </span></span><span class="line"><span class="cl"> <span class="k">if</span> <span class="n">thread_data</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="n">matches</span> <span class="o">=</span> <span class="p">[</span><span class="n">mask_local_paths_in_output</span><span class="p">(</span><span class="n">m</span><span class="p">,</span> <span class="n">thread_data</span><span class="p">)</span> <span class="k">for</span> <span class="n">m</span> <span class="ow">in</span> <span class="n">matches</span><span class="p">]</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="n">_format_glob_results</span><span class="p">(</span><span class="n">requested_path</span><span class="p">,</span> <span class="n">matches</span><span class="p">,</span> <span class="n">truncated</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="nd">@tool</span><span class="p">(</span><span class="s2">&#34;grep&#34;</span><span class="p">,</span> <span class="n">parse_docstring</span><span class="o">=</span><span class="kc">True</span><span class="p">)</span> </span></span><span class="line"><span class="cl"><span class="k">def</span> <span class="nf">grep_tool</span><span class="p">(</span><span class="n">runtime</span><span class="p">,</span> <span class="n">description</span><span class="p">,</span> <span class="n">pattern</span><span class="p">,</span> <span class="n">path</span><span class="p">,</span> <span class="n">glob</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">literal</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span> <span class="o">...</span><span class="p">):</span> </span></span><span class="line"><span class="cl"> <span class="n">matches</span><span class="p">,</span> <span class="n">truncated</span> <span class="o">=</span> <span class="n">sandbox</span><span class="o">.</span><span class="n">grep</span><span class="p">(</span><span class="n">path</span><span class="p">,</span> <span class="n">pattern</span><span class="p">,</span> <span class="n">glob</span><span class="o">=</span><span class="n">glob</span><span class="p">,</span> <span class="o">...</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="n">_format_grep_results</span><span class="p">(</span><span class="n">requested_path</span><span class="p">,</span> <span class="n">matches</span><span class="p">,</span> <span class="n">truncated</span><span class="p">)</span> </span></span></code></pre></td></tr></table> </div> </div><p><strong>输出格式</strong>:</p> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span><span class="lnt">4 </span><span class="lnt">5 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-fallback" data-lang="fallback"><span class="line"><span class="cl">Found 5 paths under /mnt/user-data/workspace </span></span><span class="line"><span class="cl">1. /mnt/user-data/workspace/main.py </span></span><span class="line"><span class="cl">2. /mnt/user-data/workspace/utils.py </span></span><span class="line"><span class="cl">... </span></span><span class="line"><span class="cl">Results truncated. Narrow the path or pattern to see fewer matches. </span></span></code></pre></td></tr></table> </div> </div><h3 id="read_file--write_file-工具">read_file / write_file 工具 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span><span class="lnt">14 </span><span class="lnt">15 </span><span class="lnt">16 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-python" data-lang="python"><span class="line"><span class="cl"><span class="nd">@tool</span><span class="p">(</span><span class="s2">&#34;read_file&#34;</span><span class="p">,</span> <span class="n">parse_docstring</span><span class="o">=</span><span class="kc">True</span><span class="p">)</span> </span></span><span class="line"><span class="cl"><span class="k">def</span> <span class="nf">read_file_tool</span><span class="p">(</span><span class="n">runtime</span><span class="p">,</span> <span class="n">description</span><span class="p">,</span> <span class="n">path</span><span class="p">,</span> <span class="n">start_line</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">end_line</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span> </span></span><span class="line"><span class="cl"> <span class="n">content</span> <span class="o">=</span> <span class="n">sandbox</span><span class="o">.</span><span class="n">read_file</span><span class="p">(</span><span class="n">path</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="c1"># 支持行范围读取</span> </span></span><span class="line"><span class="cl"> <span class="k">if</span> <span class="n">start_line</span> <span class="ow">and</span> <span class="n">end_line</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="n">content</span> <span class="o">=</span> <span class="n">content</span><span class="o">.</span><span class="n">splitlines</span><span class="p">()[</span><span class="n">start_line</span><span class="o">-</span><span class="mi">1</span><span class="p">:</span><span class="n">end_line</span><span class="p">]</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="n">_truncate_read_file_output</span><span class="p">(</span><span class="n">content</span><span class="p">,</span> <span class="n">max_chars</span><span class="o">=</span><span class="mi">50000</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="nd">@tool</span><span class="p">(</span><span class="s2">&#34;write_file&#34;</span><span class="p">,</span> <span class="n">parse_docstring</span><span class="o">=</span><span class="kc">True</span><span class="p">)</span> </span></span><span class="line"><span class="cl"><span class="k">def</span> <span class="nf">write_file_tool</span><span class="p">(</span><span class="n">runtime</span><span class="p">,</span> <span class="n">description</span><span class="p">,</span> <span class="n">path</span><span class="p">,</span> <span class="n">content</span><span class="p">,</span> <span class="n">append</span><span class="o">=</span><span class="kc">False</span><span class="p">):</span> </span></span><span class="line"><span class="cl"> <span class="c1"># 文件操作锁(防止并发写入冲突)</span> </span></span><span class="line"><span class="cl"> <span class="k">with</span> <span class="n">get_file_operation_lock</span><span class="p">(</span><span class="n">sandbox</span><span class="p">,</span> <span class="n">path</span><span class="p">):</span> </span></span><span class="line"><span class="cl"> <span class="n">sandbox</span><span class="o">.</span><span class="n">write_file</span><span class="p">(</span><span class="n">path</span><span class="p">,</span> <span class="n">content</span><span class="p">,</span> <span class="n">append</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="s2">&#34;OK&#34;</span> </span></span></code></pre></td></tr></table> </div> </div><h3 id="str_replace-工具">str_replace 工具 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span><span class="lnt">14 </span><span class="lnt">15 </span><span class="lnt">16 </span><span class="lnt">17 </span><span class="lnt">18 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-python" data-lang="python"><span class="line"><span class="cl"><span class="nd">@tool</span><span class="p">(</span><span class="s2">&#34;str_replace&#34;</span><span class="p">,</span> <span class="n">parse_docstring</span><span class="o">=</span><span class="kc">True</span><span class="p">)</span> </span></span><span class="line"><span class="cl"><span class="k">def</span> <span class="nf">str_replace_tool</span><span class="p">(</span><span class="n">runtime</span><span class="p">,</span> <span class="n">description</span><span class="p">,</span> <span class="n">path</span><span class="p">,</span> <span class="n">old_str</span><span class="p">,</span> <span class="n">new_str</span><span class="p">,</span> <span class="n">replace_all</span><span class="o">=</span><span class="kc">False</span><span class="p">):</span> </span></span><span class="line"><span class="cl"> <span class="s2">&#34;&#34;&#34;Replace a substring in a file with another substring.&#34;&#34;&#34;</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="k">with</span> <span class="n">get_file_operation_lock</span><span class="p">(</span><span class="n">sandbox</span><span class="p">,</span> <span class="n">path</span><span class="p">):</span> </span></span><span class="line"><span class="cl"> <span class="n">content</span> <span class="o">=</span> <span class="n">sandbox</span><span class="o">.</span><span class="n">read_file</span><span class="p">(</span><span class="n">path</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="k">if</span> <span class="n">old_str</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">content</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="sa">f</span><span class="s2">&#34;Error: String to replace not found in file: </span><span class="si">{</span><span class="n">path</span><span class="si">}</span><span class="s2">&#34;</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="k">if</span> <span class="n">replace_all</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="n">content</span> <span class="o">=</span> <span class="n">content</span><span class="o">.</span><span class="n">replace</span><span class="p">(</span><span class="n">old_str</span><span class="p">,</span> <span class="n">new_str</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="k">else</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="n">content</span> <span class="o">=</span> <span class="n">content</span><span class="o">.</span><span class="n">replace</span><span class="p">(</span><span class="n">old_str</span><span class="p">,</span> <span class="n">new_str</span><span class="p">,</span> <span class="mi">1</span><span class="p">)</span> <span class="c1"># 只替换第一个</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="n">sandbox</span><span class="o">.</span><span class="n">write_file</span><span class="p">(</span><span class="n">path</span><span class="p">,</span> <span class="n">content</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="s2">&#34;OK&#34;</span> </span></span></code></pre></td></tr></table> </div> </div><blockquote class="alert alert-note"> <div class="alert-header"> <span class="alert-icon">📝</span> <span class="alert-title">备注</span> </div> <div class="alert-body"> <p><code>replace_all=False</code> 时,<code>old_str</code> 必须在文件中<strong>唯一</strong>出现。否则可能误改其他位置。</p> </div> </blockquote> <hr> <h2 id="路径遮蔽防止泄露宿主机信息">路径遮蔽:防止泄露宿主机信息 </h2><p>Local Sandbox 模式下,Agent 看到的路径与实际路径不同:</p> <table> <thead> <tr> <th>Agent 看到的</th> <th>实际路径</th> </tr> </thead> <tbody> <tr> <td><code>/mnt/user-data/workspace</code></td> <td><code>.deer-flow/threads/{id}/user-data/workspace</code></td> </tr> <tr> <td><code>/mnt/skills/public</code></td> <td><code>deer-flow/skills/public</code></td> </tr> <tr> <td><code>/mnt/acp-workspace</code></td> <td><code>.deer-flow/acp-workspace</code></td> </tr> </tbody> </table> <h3 id="双向遮蔽">双向遮蔽 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-python" data-lang="python"><span class="line"><span class="cl"><span class="k">def</span> <span class="nf">mask_local_paths_in_output</span><span class="p">(</span><span class="n">output</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">thread_data</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">str</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="s2">&#34;&#34;&#34;将输出中的真实路径替换为虚拟路径&#34;&#34;&#34;</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="c1"># 1. 遮蔽 skills 路径</span> </span></span><span class="line"><span class="cl"> <span class="n">skills_host</span> <span class="o">=</span> <span class="s2">&#34;/path/to/deer-flow/skills&#34;</span> </span></span><span class="line"><span class="cl"> <span class="n">skills_container</span> <span class="o">=</span> <span class="s2">&#34;/mnt/skills&#34;</span> </span></span><span class="line"><span class="cl"> <span class="n">output</span> <span class="o">=</span> <span class="n">re</span><span class="o">.</span><span class="n">sub</span><span class="p">(</span><span class="n">skills_host</span><span class="p">,</span> <span class="n">skills_container</span><span class="p">,</span> <span class="n">output</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="c1"># 2. 遮蔽 user-data 路径</span> </span></span><span class="line"><span class="cl"> <span class="k">for</span> <span class="n">virtual</span><span class="p">,</span> <span class="n">actual</span> <span class="ow">in</span> <span class="n">thread_mappings</span><span class="o">.</span><span class="n">items</span><span class="p">():</span> </span></span><span class="line"><span class="cl"> <span class="n">output</span> <span class="o">=</span> <span class="n">re</span><span class="o">.</span><span class="n">sub</span><span class="p">(</span><span class="n">actual</span><span class="p">,</span> <span class="n">virtual</span><span class="p">,</span> <span class="n">output</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="n">output</span> </span></span></code></pre></td></tr></table> </div> </div><p><strong>效果</strong>:</p> <ul> <li>Agent 执行 <code>ls /mnt/user-data/workspace/</code></li> <li>输出:<code>/mnt/user-data/workspace/main.py</code>(而非 <code>/home/user/.deer-flow/...</code>)</li> </ul> <hr> <h2 id="文件操作锁防止并发冲突">文件操作锁:防止并发冲突 </h2><p>多个 Agent 同时写入同一文件时,需要锁机制:</p> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-python" data-lang="python"><span class="line"><span class="cl"><span class="c1">#deerflow/sandbox/file_operation_lock.py</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="n">_locks</span><span class="p">:</span> <span class="nb">dict</span><span class="p">[</span><span class="nb">str</span><span class="p">,</span> <span class="n">threading</span><span class="o">.</span><span class="n">Lock</span><span class="p">]</span> <span class="o">=</span> <span class="p">{}</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="k">def</span> <span class="nf">get_file_operation_lock</span><span class="p">(</span><span class="n">sandbox</span><span class="p">:</span> <span class="n">Sandbox</span><span class="p">,</span> <span class="n">path</span><span class="p">:</span> <span class="nb">str</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="n">threading</span><span class="o">.</span><span class="n">Lock</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="s2">&#34;&#34;&#34;获取文件级别的操作锁&#34;&#34;&#34;</span> </span></span><span class="line"><span class="cl"> <span class="n">lock_key</span> <span class="o">=</span> <span class="sa">f</span><span class="s2">&#34;</span><span class="si">{</span><span class="n">sandbox</span><span class="o">.</span><span class="n">id</span><span class="si">}</span><span class="s2">:</span><span class="si">{</span><span class="n">path</span><span class="si">}</span><span class="s2">&#34;</span> </span></span><span class="line"><span class="cl"> <span class="k">if</span> <span class="n">lock_key</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">_locks</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="n">_locks</span><span class="p">[</span><span class="n">lock_key</span><span class="p">]</span> <span class="o">=</span> <span class="n">threading</span><span class="o">.</span><span class="n">Lock</span><span class="p">()</span> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="n">_locks</span><span class="p">[</span><span class="n">lock_key</span><span class="p">]</span> </span></span></code></pre></td></tr></table> </div> </div><p><strong>使用方式</strong>:</p> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span><span class="lnt">4 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-python" data-lang="python"><span class="line"><span class="cl"><span class="k">with</span> <span class="n">get_file_operation_lock</span><span class="p">(</span><span class="n">sandbox</span><span class="p">,</span> <span class="n">path</span><span class="p">):</span> </span></span><span class="line"><span class="cl"> <span class="n">content</span> <span class="o">=</span> <span class="n">sandbox</span><span class="o">.</span><span class="n">read_file</span><span class="p">(</span><span class="n">path</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="n">content</span> <span class="o">=</span> <span class="n">content</span><span class="o">.</span><span class="n">replace</span><span class="p">(</span><span class="n">old_str</span><span class="p">,</span> <span class="n">new_str</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="n">sandbox</span><span class="o">.</span><span class="n">write_file</span><span class="p">(</span><span class="n">path</span><span class="p">,</span> <span class="n">content</span><span class="p">)</span> </span></span></code></pre></td></tr></table> </div> </div><hr> <h2 id="输出截断防止超大输出">输出截断:防止超大输出 </h2><p>所有工具都有输出截断机制,防止 Agent 崩溃:</p> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span><span class="lnt">4 </span><span class="lnt">5 </span><span class="lnt">6 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-python" data-lang="python"><span class="line"><span class="cl"><span class="k">def</span> <span class="nf">_truncate_bash_output</span><span class="p">(</span><span class="n">output</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">max_chars</span><span class="p">:</span> <span class="nb">int</span> <span class="o">=</span> <span class="mi">20000</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">str</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">output</span><span class="p">)</span> <span class="o">&lt;=</span> <span class="n">max_chars</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="n">output</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="n">kept</span> <span class="o">=</span> <span class="n">max_chars</span> <span class="o">-</span> <span class="mi">200</span> <span class="c1"># 留空间给提示信息</span> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="sa">f</span><span class="s2">&#34;</span><span class="si">{</span><span class="n">output</span><span class="p">[:</span><span class="n">kept</span><span class="p">]</span><span class="si">}</span><span class="se">\n</span><span class="s2">... [truncated: showing first </span><span class="si">{</span><span class="n">kept</span><span class="si">}</span><span class="s2"> of </span><span class="si">{</span><span class="nb">len</span><span class="p">(</span><span class="n">output</span><span class="p">)</span><span class="si">}</span><span class="s2"> chars] ...&#34;</span> </span></span></code></pre></td></tr></table> </div> </div><p><strong>默认限制</strong>:</p> <table> <thead> <tr> <th>工具</th> <th>默认最大输出</th> </tr> </thead> <tbody> <tr> <td><code>bash</code></td> <td>20000 字符</td> </tr> <tr> <td><code>ls</code></td> <td>20000 字符</td> </tr> <tr> <td><code>read_file</code></td> <td>50000 字符</td> </tr> <tr> <td><code>glob</code></td> <td>200 条结果</td> </tr> <tr> <td><code>grep</code></td> <td>100 条结果</td> </tr> </tbody> </table> <hr> <h2 id="总结">总结 </h2><h3 id="架构总览-1">架构总览 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span><span class="lnt">14 </span><span class="lnt">15 </span><span class="lnt">16 </span><span class="lnt">17 </span><span class="lnt">18 </span><span class="lnt">19 </span><span class="lnt">20 </span><span class="lnt">21 </span><span class="lnt">22 </span><span class="lnt">23 </span><span class="lnt">24 </span><span class="lnt">25 </span><span class="lnt">26 </span><span class="lnt">27 </span><span class="lnt">28 </span><span class="lnt">29 </span><span class="lnt">30 </span><span class="lnt">31 </span><span class="lnt">32 </span><span class="lnt">33 </span><span class="lnt">34 </span><span class="lnt">35 </span><span class="lnt">36 </span><span class="lnt">37 </span><span class="lnt">38 </span><span class="lnt">39 </span><span class="lnt">40 </span><span class="lnt">41 </span><span class="lnt">42 </span><span class="lnt">43 </span><span class="lnt">44 </span><span class="lnt">45 </span><span class="lnt">46 </span><span class="lnt">47 </span><span class="lnt">48 </span><span class="lnt">49 </span><span class="lnt">50 </span><span class="lnt">51 </span><span class="lnt">52 </span><span class="lnt">53 </span><span class="lnt">54 </span><span class="lnt">55 </span><span class="lnt">56 </span><span class="lnt">57 </span><span class="lnt">58 </span><span class="lnt">59 </span><span class="lnt">60 </span><span class="lnt">61 </span><span class="lnt">62 </span><span class="lnt">63 </span><span class="lnt">64 </span><span class="lnt">65 </span><span class="lnt">66 </span><span class="lnt">67 </span><span class="lnt">68 </span><span class="lnt">69 </span><span class="lnt">70 </span><span class="lnt">71 </span><span class="lnt">72 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-fallback" data-lang="fallback"><span class="line"><span class="cl">┌─────────────────────────────────────────────────────────────────┐ </span></span><span class="line"><span class="cl">│ Agent Layer │ </span></span><span class="line"><span class="cl">│ ┌──────────┐ ┌──────────┐ ┌──────────┐ ┌──────────┐ │ </span></span><span class="line"><span class="cl">│ │ bash │ │ glob │ │ grep │ │read_file │ ... │ </span></span><span class="line"><span class="cl">│ └──────────┘ └──────────┘ └──────────┘ └──────────┘ │ </span></span><span class="line"><span class="cl">│ │ │ </span></span><span class="line"><span class="cl">│ Tool Runtime │ </span></span><span class="line"><span class="cl">│ │ │ </span></span><span class="line"><span class="cl">│ ensure_sandbox_initialized() │ </span></span><span class="line"><span class="cl">│ │ │ </span></span><span class="line"><span class="cl">├─────────────────────────────────────────────────────────────────┤ </span></span><span class="line"><span class="cl">│ Provider Layer │ </span></span><span class="line"><span class="cl">│ ┌──────────────────────────────────────────────────────────┐ │ </span></span><span class="line"><span class="cl">│ │ SandboxProvider (抽象) │ │ </span></span><span class="line"><span class="cl">│ │ - acquire(thread_id) → sandbox_id │ │ </span></span><span class="line"><span class="cl">│ │ - get(sandbox_id) → Sandbox │ │ </span></span><span class="line"><span class="cl">│ │ - release(sandbox_id) │ │ </span></span><span class="line"><span class="cl">│ └──────────────────────────────────────────────────────────┘ │ </span></span><span class="line"><span class="cl">│ │ │ │ </span></span><span class="line"><span class="cl">│ │ │ │ </span></span><span class="line"><span class="cl">│ ┌────────────────┐ ┌────────────────────────────┐ │ </span></span><span class="line"><span class="cl">│ │LocalSandboxProv│ │ AioSandboxProvider │ │ </span></span><span class="line"><span class="cl">│ │ (单例模式) │ │ (容器池管理) │ │ </span></span><span class="line"><span class="cl">│ │ │ │ - Warm Pool │ │ </span></span><span class="line"><span class="cl">│ │ │ │ - Idle Timeout │ │ </span></span><span class="line"><span class="cl">│ │ │ │ - Backend 抽象 │ │ </span></span><span class="line"><span class="cl">│ └────────────────┘ └────────────────────────────┘ │ </span></span><span class="line"><span class="cl">│ │ │ │ </span></span><span class="line"><span class="cl">├─────────────────────────────────────────────────────────────────┤ </span></span><span class="line"><span class="cl">│ Sandbox Layer │ </span></span><span class="line"><span class="cl">│ ┌──────────────────────────────────────────────────────────┐ │ </span></span><span class="line"><span class="cl">│ │ Sandbox (抽象接口) │ │ </span></span><span class="line"><span class="cl">│ │ - execute_command(command) → output │ │ </span></span><span class="line"><span class="cl">│ │ - read_file(path) → content │ │ </span></span><span class="line"><span class="cl">│ │ - write_file(path, content) │ │ </span></span><span class="line"><span class="cl">│ │ - glob(path, pattern) → matches │ │ </span></span><span class="line"><span class="cl">│ │ - grep(path, pattern) → matches │ │ </span></span><span class="line"><span class="cl">│ └──────────────────────────────────────────────────────────┘ │ </span></span><span class="line"><span class="cl">│ │ │ │ </span></span><span class="line"><span class="cl">│ ┌────────────────┐ ┌────────────────────────────┐ │ </span></span><span class="line"><span class="cl">│ │ LocalSandbox │ │ AioSandbox │ │ </span></span><span class="line"><span class="cl">│ │ (宿主机执行) │ │ (HTTP API → 容器) │ │ </span></span><span class="line"><span class="cl">│ │ │ │ │ │ </span></span><span class="line"><span class="cl">│ │ PathMapping │ │ threading.Lock │ │ </span></span><span class="line"><span class="cl">│ │ 虚拟路径映射 │ │ (序列化并发请求) │ │ </span></span><span class="line"><span class="cl">│ └────────────────┘ └────────────────────────────┘ │ </span></span><span class="line"><span class="cl">│ │ │ </span></span><span class="line"><span class="cl">├─────────────────────────────────────────────────────────────────┤ </span></span><span class="line"><span class="cl">│ Backend Layer │ </span></span><span class="line"><span class="cl">│ │ │ </span></span><span class="line"><span class="cl">│ ┌────────────────────────────────────────────────────────────┐ │ </span></span><span class="line"><span class="cl">│ │ SandboxBackend (抽象) │ │ </span></span><span class="line"><span class="cl">│ │ - create(thread_id, sandbox_id) → SandboxInfo │ │ </span></span><span class="line"><span class="cl">│ │ - discover(sandbox_id) → SandboxInfo | None │ │ </span></span><span class="line"><span class="cl">│ │ - destroy(info) │ │ </span></span><span class="line"><span class="cl">│ └────────────────────────────────────────────────────────────┘ │ </span></span><span class="line"><span class="cl">│ │ │ │ </span></span><span class="line"><span class="cl">│ ┌────────────────┐ ┌────────────────────────────┐ │ </span></span><span class="line"><span class="cl">│ │LocalContainer │ │ RemoteSandboxBackend │ │ </span></span><span class="line"><span class="cl">│ │ Backend │ │ (Provisioner API) │ │ </span></span><span class="line"><span class="cl">│ │ (docker run) │ │ (K8s Pod 动态创建) │ │ </span></span><span class="line"><span class="cl">│ └────────────────┘ └────────────────────────────┘ │ </span></span><span class="line"><span class="cl">│ │ │ </span></span><span class="line"><span class="cl">│ ▼ │ </span></span><span class="line"><span class="cl">│ ┌─────────────────────┐ │ </span></span><span class="line"><span class="cl">│ │ Docker Container │ │ </span></span><span class="line"><span class="cl">│ │ (agent-infra/ │ │ </span></span><span class="line"><span class="cl">│ │ sandbox) │ │ </span></span><span class="line"><span class="cl">│ │ - Shell 执行 │ │ </span></span><span class="line"><span class="cl">│ │ - 文件操作 │ │ </span></span><span class="line"><span class="cl">│ └─────────────────────┘ │ </span></span><span class="line"><span class="cl">└─────────────────────────────────────────────────────────────────┘ </span></span></code></pre></td></tr></table> </div> </div><h3 id="核心设计亮点">核心设计亮点 </h3><ol> <li> <p><strong>抽象分层</strong>:Sandbox → Provider → Backend,三层解耦,易于扩展</p> </li> <li> <p><strong>双模式支持</strong>:</p> <ul> <li>LocalSandbox:开发调试,零依赖,单例模式</li> <li>AioSandbox:生产部署,容器隔离,池化管理</li> </ul> </li> <li> <p><strong>Warm Pool 机制</strong>:release 不销毁容器,下次可快速复用,减少冷启动</p> </li> <li> <p><strong>确定性 ID</strong>:<code>sha256(thread_id)[:8]</code>,跨进程发现同一容器</p> </li> <li> <p><strong>路径遮蔽</strong>:Agent 只看到虚拟路径,不知道宿主机布局</p> </li> <li> <p><strong>输出截断</strong>:防止超大输出导致 Agent 崩溃</p> </li> <li> <p><strong>文件操作锁</strong>:防止并发写入冲突</p> </li> </ol> <h3 id="两种-provider-对比">两种 Provider 对比 </h3><table> <thead> <tr> <th>特性</th> <th>LocalSandboxProvider</th> <th>AioSandboxProvider</th> </tr> </thead> <tbody> <tr> <td>执行环境</td> <td>宿主机</td> <td>Docker 容器</td> </tr> <tr> <td>隔离性</td> <td>无</td> <td>完全隔离</td> </tr> <tr> <td>冷启动</td> <td>无</td> <td>约 60 秒</td> </tr> <tr> <td>Warm Pool</td> <td>不支持</td> <td>支持</td> </tr> <tr> <td>Idle Timeout</td> <td>不支持</td> <td>支持</td> </tr> <tr> <td>跨进程共享</td> <td>单例(同一进程)</td> <td>确定性 ID</td> </tr> <tr> <td>适用场景</td> <td>开发调试</td> <td>生产部署</td> </tr> </tbody> </table> <h3 id="扩展新-sandbox">扩展新 Sandbox </h3><p>只需实现 Sandbox 接口和对应 Provider:</p> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span><span class="lnt">14 </span><span class="lnt">15 </span><span class="lnt">16 </span><span class="lnt">17 </span><span class="lnt">18 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-python" data-lang="python"><span class="line"><span class="cl"><span class="k">class</span> <span class="nc">MySandbox</span><span class="p">(</span><span class="n">Sandbox</span><span class="p">):</span> </span></span><span class="line"><span class="cl"> <span class="k">def</span> <span class="nf">execute_command</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">command</span><span class="p">:</span> <span class="nb">str</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">str</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="c1"># 自定义实现...</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="k">def</span> <span class="nf">read_file</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">path</span><span class="p">:</span> <span class="nb">str</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">str</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="c1"># ...</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="c1"># 其他方法...</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="k">class</span> <span class="nc">MySandboxProvider</span><span class="p">(</span><span class="n">SandboxProvider</span><span class="p">):</span> </span></span><span class="line"><span class="cl"> <span class="k">def</span> <span class="nf">acquire</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">thread_id</span><span class="p">:</span> <span class="nb">str</span> <span class="o">|</span> <span class="kc">None</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">str</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="c1"># 创建/获取 sandbox...</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="k">def</span> <span class="nf">get</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">sandbox_id</span><span class="p">:</span> <span class="nb">str</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="n">Sandbox</span> <span class="o">|</span> <span class="kc">None</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="c1"># ...</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="k">def</span> <span class="nf">release</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">sandbox_id</span><span class="p">:</span> <span class="nb">str</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="kc">None</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="c1"># ...</span> </span></span></code></pre></td></tr></table> </div> </div><p>然后在配置中启用:</p> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-yaml" data-lang="yaml"><span class="line"><span class="cl"><span class="nt">sandbox</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">use</span><span class="p">:</span><span class="w"> </span><span class="l">my_package:MySandboxProvider</span><span class="w"> </span></span></span></code></pre></td></tr></table> </div> </div><hr> <h2 id="补充sandbox-生命周期管理">补充:Sandbox 生命周期管理 </h2><h3 id="tool-注册-vs-sandbox-创建">Tool 注册 vs Sandbox 创建 </h3><p>Tool 是静态注册的,Sandbox 是动态创建的:</p> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span><span class="lnt">4 </span><span class="lnt">5 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-python" data-lang="python"><span class="line"><span class="cl"><span class="c1"># Tool 注册:Agent 启动时就存在</span> </span></span><span class="line"><span class="cl"><span class="nd">@tool</span><span class="p">(</span><span class="s2">&#34;bash&#34;</span><span class="p">,</span> <span class="n">parse_docstring</span><span class="o">=</span><span class="kc">True</span><span class="p">)</span> </span></span><span class="line"><span class="cl"><span class="k">def</span> <span class="nf">bash_tool</span><span class="p">(</span><span class="n">runtime</span><span class="p">,</span> <span class="n">description</span><span class="p">,</span> <span class="n">command</span><span class="p">):</span> </span></span><span class="line"><span class="cl"> <span class="n">sandbox</span> <span class="o">=</span> <span class="n">ensure_sandbox_initialized</span><span class="p">(</span><span class="n">runtime</span><span class="p">)</span> <span class="c1"># ← 这里才创建 Sandbox</span> </span></span><span class="line"><span class="cl"> <span class="o">...</span> </span></span></code></pre></td></tr></table> </div> </div><p><strong>惰性初始化</strong>:第一次调用任何 tool 时才创建容器,而不是预先创建。</p> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-python" data-lang="python"><span class="line"><span class="cl"><span class="k">def</span> <span class="nf">ensure_sandbox_initialized</span><span class="p">(</span><span class="n">runtime</span><span class="p">):</span> </span></span><span class="line"><span class="cl"> <span class="n">sandbox_id</span> <span class="o">=</span> <span class="n">runtime</span><span class="o">.</span><span class="n">state</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s2">&#34;sandbox_id&#34;</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="k">if</span> <span class="n">sandbox_id</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="c1"># 已存在 → 直接获取</span> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="n">provider</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="n">sandbox_id</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="c1"># 不存在 → 创建新的</span> </span></span><span class="line"><span class="cl"> <span class="n">sandbox_id</span> <span class="o">=</span> <span class="n">provider</span><span class="o">.</span><span class="n">acquire</span><span class="p">(</span><span class="n">thread_id</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="n">runtime</span><span class="o">.</span><span class="n">state</span><span class="p">[</span><span class="s2">&#34;sandbox_id&#34;</span><span class="p">]</span> <span class="o">=</span> <span class="n">sandbox_id</span> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="n">provider</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="n">sandbox_id</span><span class="p">)</span> </span></span></code></pre></td></tr></table> </div> </div><hr> <h3 id="容器生命周期流程图">容器生命周期流程图 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span><span class="lnt">14 </span><span class="lnt">15 </span><span class="lnt">16 </span><span class="lnt">17 </span><span class="lnt">18 </span><span class="lnt">19 </span><span class="lnt">20 </span><span class="lnt">21 </span><span class="lnt">22 </span><span class="lnt">23 </span><span class="lnt">24 </span><span class="lnt">25 </span><span class="lnt">26 </span><span class="lnt">27 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-gdscript3" data-lang="gdscript3"><span class="line"><span class="cl"><span class="err">┌─────────────────────────────────────────────────────┐</span> </span></span><span class="line"><span class="cl"><span class="err">│</span> <span class="ne">Thread</span><span class="o">/</span><span class="n">Session</span> <span class="err">│</span> </span></span><span class="line"><span class="cl"><span class="err">│</span> <span class="err">│</span> </span></span><span class="line"><span class="cl"><span class="err">│</span> <span class="mf">1.</span> <span class="err">用户发起对话</span> <span class="err">│</span> </span></span><span class="line"><span class="cl"><span class="err">│</span> <span class="err">↓</span> <span class="err">│</span> </span></span><span class="line"><span class="cl"><span class="err">│</span> <span class="mf">2.</span> <span class="n">Agent</span> <span class="err">第一次调用</span> <span class="k">tool</span> <span class="err">│</span> </span></span><span class="line"><span class="cl"><span class="err">│</span> <span class="err">↓</span> <span class="err">│</span> </span></span><span class="line"><span class="cl"><span class="err">│</span> <span class="mf">3.</span> <span class="n">ensure_sandbox_initialized</span><span class="p">()</span> <span class="err">│</span> </span></span><span class="line"><span class="cl"><span class="err">│</span> <span class="err">→</span> <span class="n">provider</span><span class="o">.</span><span class="n">acquire</span><span class="p">(</span><span class="n">thread_id</span><span class="p">)</span> <span class="err">│</span> </span></span><span class="line"><span class="cl"><span class="err">│</span> <span class="err">→</span> <span class="err">创建容器(或从</span> <span class="n">Warm</span> <span class="n">Pool</span> <span class="err">取)</span> <span class="err">│</span> </span></span><span class="line"><span class="cl"><span class="err">│</span> <span class="err">↓</span> <span class="err">│</span> </span></span><span class="line"><span class="cl"><span class="err">│</span> <span class="mf">4.</span> <span class="err">执行</span> <span class="k">tool</span> <span class="err">操作</span><span class="o">...</span> <span class="err">│</span> </span></span><span class="line"><span class="cl"><span class="err">│</span> <span class="err">↓</span> <span class="err">│</span> </span></span><span class="line"><span class="cl"><span class="err">│</span> <span class="mf">5.</span> <span class="err">继续调用其他</span> <span class="k">tool</span> <span class="err">│</span> </span></span><span class="line"><span class="cl"><span class="err">│</span> <span class="err">→</span> <span class="n">provider</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="n">sandbox_id</span><span class="p">)</span> <span class="err">←</span> <span class="err">直接返回已有容器</span> <span class="err">│</span> </span></span><span class="line"><span class="cl"><span class="err">│</span> <span class="err">↓</span> <span class="err">│</span> </span></span><span class="line"><span class="cl"><span class="err">│</span> <span class="mf">6.</span> <span class="n">Session</span> <span class="err">结束</span> <span class="err">│</span> </span></span><span class="line"><span class="cl"><span class="err">│</span> <span class="err">→</span> <span class="n">provider</span><span class="o">.</span><span class="n">release</span><span class="p">(</span><span class="n">sandbox_id</span><span class="p">)</span> <span class="err">│</span> </span></span><span class="line"><span class="cl"><span class="err">│</span> <span class="err">→</span> <span class="err">放回</span> <span class="n">Warm</span> <span class="n">Pool</span><span class="err">(不删除)</span> <span class="err">│</span> </span></span><span class="line"><span class="cl"><span class="err">│</span> <span class="err">│</span> </span></span><span class="line"><span class="cl"><span class="err">│</span> <span class="err">─────────────────────────────────────────────────</span> <span class="err">│</span> </span></span><span class="line"><span class="cl"><span class="err">│</span> <span class="err">│</span> </span></span><span class="line"><span class="cl"><span class="err">│</span> <span class="n">Warm</span> <span class="n">Pool</span> <span class="err">中的容器:</span> <span class="err">│</span> </span></span><span class="line"><span class="cl"><span class="err">│</span> <span class="o">-</span> <span class="err">等待</span> <span class="n">idle_timeout</span><span class="err">(如</span> <span class="mi">30</span> <span class="err">分钟)</span> <span class="err">│</span> </span></span><span class="line"><span class="cl"><span class="err">│</span> <span class="o">-</span> <span class="err">超时</span> <span class="err">→</span> <span class="n">backend</span><span class="o">.</span><span class="n">destroy</span><span class="p">()</span> <span class="err">→</span> <span class="err">删除容器</span> <span class="err">│</span> </span></span><span class="line"><span class="cl"><span class="err">│</span> <span class="o">-</span> <span class="err">下次</span> <span class="n">acquire</span> <span class="err">→</span> <span class="err">直接从池中取出(快速复用)</span> <span class="err">│</span> </span></span><span class="line"><span class="cl"><span class="err">└─────────────────────────────────────────────────────┘</span> </span></span></code></pre></td></tr></table> </div> </div><hr> <h3 id="aiosandboxprovider-的管理逻辑">AioSandboxProvider 的管理逻辑 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span><span class="lnt">14 </span><span class="lnt">15 </span><span class="lnt">16 </span><span class="lnt">17 </span><span class="lnt">18 </span><span class="lnt">19 </span><span class="lnt">20 </span><span class="lnt">21 </span><span class="lnt">22 </span><span class="lnt">23 </span><span class="lnt">24 </span><span class="lnt">25 </span><span class="lnt">26 </span><span class="lnt">27 </span><span class="lnt">28 </span><span class="lnt">29 </span><span class="lnt">30 </span><span class="lnt">31 </span><span class="lnt">32 </span><span class="lnt">33 </span><span class="lnt">34 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-python" data-lang="python"><span class="line"><span class="cl"><span class="k">class</span> <span class="nc">AioSandboxProvider</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="n">_sandboxes</span><span class="p">:</span> <span class="nb">dict</span><span class="p">[</span><span class="nb">str</span><span class="p">,</span> <span class="n">AioSandbox</span><span class="p">]</span> <span class="o">=</span> <span class="p">{}</span> <span class="c1"># 活跃的 sandbox</span> </span></span><span class="line"><span class="cl"> <span class="n">_last_used</span><span class="p">:</span> <span class="nb">dict</span><span class="p">[</span><span class="nb">str</span><span class="p">,</span> <span class="nb">float</span><span class="p">]</span> <span class="o">=</span> <span class="p">{}</span> <span class="c1"># 最后使用时间</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="k">def</span> <span class="nf">acquire</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">thread_id</span><span class="p">):</span> </span></span><span class="line"><span class="cl"> <span class="n">sandbox_id</span> <span class="o">=</span> <span class="n">deterministic_id</span><span class="p">(</span><span class="n">thread_id</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="c1"># 1. 检查是否已有活跃的</span> </span></span><span class="line"><span class="cl"> <span class="k">if</span> <span class="n">sandbox_id</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">_sandboxes</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="n">sandbox_id</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="c1"># 2. 尝试从 Warm Pool 恢复(容器可能还在运行)</span> </span></span><span class="line"><span class="cl"> <span class="n">info</span> <span class="o">=</span> <span class="n">backend</span><span class="o">.</span><span class="n">discover</span><span class="p">(</span><span class="n">sandbox_id</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="k">if</span> <span class="n">info</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="c1"># 容器还在,直接复用</span> </span></span><span class="line"><span class="cl"> <span class="bp">self</span><span class="o">.</span><span class="n">_sandboxes</span><span class="p">[</span><span class="n">sandbox_id</span><span class="p">]</span> <span class="o">=</span> <span class="n">AioSandbox</span><span class="p">(</span><span class="n">info</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="n">sandbox_id</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="c1"># 3. 真正创建新容器</span> </span></span><span class="line"><span class="cl"> <span class="n">info</span> <span class="o">=</span> <span class="n">backend</span><span class="o">.</span><span class="n">create</span><span class="p">(</span><span class="n">thread_id</span><span class="p">,</span> <span class="n">sandbox_id</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="bp">self</span><span class="o">.</span><span class="n">_sandboxes</span><span class="p">[</span><span class="n">sandbox_id</span><span class="p">]</span> <span class="o">=</span> <span class="n">AioSandbox</span><span class="p">(</span><span class="n">info</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="n">sandbox_id</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="k">def</span> <span class="nf">release</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">sandbox_id</span><span class="p">):</span> </span></span><span class="line"><span class="cl"> <span class="c1"># 不删除,只是记录时间,等待下次复用</span> </span></span><span class="line"><span class="cl"> <span class="bp">self</span><span class="o">.</span><span class="n">_last_used</span><span class="p">[</span><span class="n">sandbox_id</span><span class="p">]</span> <span class="o">=</span> <span class="n">time</span><span class="o">.</span><span class="n">now</span><span class="p">()</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="k">def</span> <span class="nf">cleanup_idle</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span> </span></span><span class="line"><span class="cl"> <span class="c1"># 定期清理超时的容器</span> </span></span><span class="line"><span class="cl"> <span class="k">for</span> <span class="n">sandbox_id</span><span class="p">,</span> <span class="n">last_used</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">_last_used</span><span class="o">.</span><span class="n">items</span><span class="p">():</span> </span></span><span class="line"><span class="cl"> <span class="k">if</span> <span class="n">time</span><span class="o">.</span><span class="n">now</span><span class="p">()</span> <span class="o">-</span> <span class="n">last_used</span> <span class="o">&gt;</span> <span class="n">idle_timeout</span><span class="p">:</span> </span></span><span class="line"><span class="cl"> <span class="n">backend</span><span class="o">.</span><span class="n">destroy</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">_sandboxes</span><span class="p">[</span><span class="n">sandbox_id</span><span class="p">]</span><span class="o">.</span><span class="n">info</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="k">del</span> <span class="bp">self</span><span class="o">.</span><span class="n">_sandboxes</span><span class="p">[</span><span class="n">sandbox_id</span><span class="p">]</span> </span></span><span class="line"><span class="cl"> <span class="k">del</span> <span class="bp">self</span><span class="o">.</span><span class="n">_last_used</span><span class="p">[</span><span class="n">sandbox_id</span><span class="p">]</span> </span></span></code></pre></td></tr></table> </div> </div><hr> <h3 id="生命周期关键时机">生命周期关键时机 </h3><table> <thead> <tr> <th>时机</th> <th>操作</th> <th>说明</th> </tr> </thead> <tbody> <tr> <td>第一次调用 tool</td> <td><code>acquire</code></td> <td>创建容器(或从 Warm Pool 取)</td> </tr> <tr> <td>后续调用 tool</td> <td><code>get</code></td> <td>返回已有容器</td> </tr> <tr> <td>Session 结束</td> <td><code>release</code></td> <td>放回 Warm Pool,不删除</td> </tr> <tr> <td>idle_timeout 超时</td> <td><code>destroy</code></td> <td>真正删除容器</td> </tr> </tbody> </table> <p><strong>核心设计思想</strong>:</p> <ol> <li><strong>惰性创建</strong>:不预先创建,第一次用才创建,节省资源</li> <li><strong>Warm Pool</strong>:release 不删,保留复用,减少下次的冷启动时间</li> <li><strong>确定性 ID</strong>:<code>sha256(thread_id)[:8]</code>,即使跨进程也能找到同一容器</li> </ol>