zlei6/ragflow
1
0
Fork 0
mirror of https://github.com/infiniflow/ragflow.git synced 2026-06-29 15:31:05 +08:00
Code Issues Packages Projects Releases Wiki Activity

Feat: add local & ssh provider in admin panel (#15039)

Browse Source 
### What problem does this PR solve?

Feat: add local & ssh provider in admin panel

### Type of change

- [x] New Feature (non-breaking change which adds functionality)
This commit is contained in:
Magicbook1108
2026-05-20 16:56:20 +08:00
committed by GitHub
parent 6499bce2a6
commit b28e134944
19 changed files with 1836 additions and 408 deletions
Download Patch File Download Diff File Expand all files Collapse all files

82
docs/guides/agent/agent_quickstarts/sandbox_quickstart.md
View File

@@ -7,28 +7,37 @@ sidebar_custom_props: {
---
# Sandbox quickstart
A secure, pluggable code execution backend designed for RAGFlow and other applications requiring isolated code execution environments.
RAGFlow's `CodeExec` agent component needs a sandbox provider to run Python and JavaScript code.
RAGFlow's `CodeExec` agent component depends on a sandbox provider to run Python and JavaScript code. Configure one of the providers below before using `CodeExec`.
The simplest setup flow is:
## Features:
1. Start the required sandbox services.
2. Open the RAGFlow admin page.
3. Go to **Admin > Sandbox Settings**.
4. Choose a provider and save the configuration.
5. Test the connection in the same page.
- Seamless RAGFlow Integration — Works out-of-the-box with the code component of RAGFlow.
- High Security — Uses gVisor for syscall-level sandboxing to isolate execution.
- Customisable Sandboxing — Modify seccomp profiles easily to tailor syscall restrictions.
- Pluggable Runtime Support — Extendable to support any programming language runtime.
- Developer Friendly — Quick setup with a convenient Makefile.
## Admin page
## Architecture
Configure sandbox providers from the admin page:
The architecture consists of isolated Docker base images for each supported language runtime, managed by the executor manager service. The executor manager orchestrates sandboxed code execution using gVisor for syscall interception and optional seccomp profiles for enhanced syscall filtering.
- `self_managed`: Uses the executor manager service.
- `local`: Runs code on the current machine.
- `ssh`: Runs code on a remote machine over SSH.
- `aliyun_codeinterpreter` and `e2b`: Cloud providers.
<img width="2547" height="1475" alt="admin-sandbox-settings" src="https://github.com/user-attachments/assets/59ab948e-b98a-45a8-9db4-f1afbf6c3685" />
## Provider options
RAGFlow supports two sandbox provider types:
- `self_managed`: Runs code inside Docker-managed sandbox containers. Use this for the standard RAGFlow sandbox deployment.
RAGFlow supports multiple sandbox providers. Configure the active provider in
Admin > Sandbox Settings after the services are up.
- `self_managed`: Runs code inside Docker-managed sandbox containers. This is the default provider.
- `local`: Runs code as local Python or Node.js subprocesses. Use this only in trusted development environments.
- `ssh`: Runs code on a remote machine over SSH.
- `aliyun_codeinterpreter` and `e2b`: Cloud-hosted providers that remain available in the admin provider list.
## Prerequisites
@@ -94,9 +103,11 @@ docker compose -f docker-compose.yml up -d
2. Configure the .env file located at docker/.env:
- Set `SANDBOX_ENABLED=1`.
- Set `SANDBOX_PROVIDER_TYPE=self_managed` or `SANDBOX_PROVIDER_TYPE=local`.
- For `self_managed`, include `sandbox` in `COMPOSE_PROFILES`.
- For `local`, uncomment and adjust the `SANDBOX_LOCAL_*` variables.
- Include `sandbox` in `COMPOSE_PROFILES` if you want the default
`self_managed` executor-manager service.
- Keep the self-managed deployment defaults in `.env` if you need to change the
sandbox-executor-manager image, pool size, base images, seccomp, memory, or
timeout.
3. Add the following entry to your /etc/hosts file to resolve the executor manager service:
@@ -105,26 +116,30 @@ docker compose -f docker-compose.yml up -d
```
4. Start the RAGFlow service as usual.
5. Open **Admin > Sandbox Settings**.
6. Select a provider.
7. Fill in the required fields.
8. Click **Save**.
9. Click **Test Connection** if needed.
## Environment variables
The variables in `docker/.env` are grouped by scope.
### Shared variables
### System-level variables
These variables apply to sandbox support in general:
- `SANDBOX_ENABLED`: Enables sandbox support in RAGFlow.
- `SANDBOX_PROVIDER_TYPE`: Selects the active provider. Supported values are `self_managed` and `local`.
- `SANDBOX_HOST`: The executor manager host used by the self-managed provider and the legacy HTTP fallback.
- `COMPOSE_PROFILES`: Include `sandbox` to start the default self-managed executor-manager service.
- `SANDBOX_ARTIFACT_BUCKET`: MinIO bucket used for files generated by sandbox code.
- `SANDBOX_ARTIFACT_EXPIRE_DAYS`: Number of days before sandbox artifacts expire.
### Self-managed variables
### Self-managed deployment defaults
These variables apply when `SANDBOX_PROVIDER_TYPE=self_managed`:
These variables are shown in Admin as deployment defaults for `self_managed`.
Changing them requires restarting `sandbox-executor-manager`.
- `COMPOSE_PROFILES`: Must include `sandbox` to start `sandbox-executor-manager` with RAGFlow.
- `SANDBOX_EXECUTOR_MANAGER_IMAGE`: Docker image for the executor manager service.
- `SANDBOX_EXECUTOR_MANAGER_POOL_SIZE`: Number of Python and Node.js sandbox containers kept in the pool.
- `SANDBOX_BASE_PYTHON_IMAGE`: Python runtime image used by executor-managed containers.
@@ -134,20 +149,21 @@ These variables apply when `SANDBOX_PROVIDER_TYPE=self_managed`:
- `SANDBOX_MAX_MEMORY`: Memory limit for each sandbox runtime container.
- `SANDBOX_TIMEOUT`: Default execution timeout.
### Local variables
### Admin-managed runtime settings
These variables apply when `SANDBOX_PROVIDER_TYPE=local`:
Provider selection and runtime settings are configured in **Admin > Sandbox Settings**.
- `SANDBOX_LOCAL_ENABLED`: Explicitly enables local code execution.
- `SANDBOX_LOCAL_PYTHON_BIN`: Python executable used by local execution.
- `SANDBOX_LOCAL_NODE_BIN`: Node.js executable used by local execution.
- `SANDBOX_LOCAL_WORK_DIR`: Working directory for local execution files and artifacts.
- `SANDBOX_LOCAL_TIMEOUT`: Maximum local execution time in seconds.
- `SANDBOX_LOCAL_MAX_MEMORY_MB`: Address-space memory limit for local child processes.
- `SANDBOX_LOCAL_MAX_OUTPUT_BYTES`: Maximum stdout and stderr size.
- `SANDBOX_LOCAL_MAX_ARTIFACTS`: Maximum number of artifacts collected after execution.
- `SANDBOX_LOCAL_MAX_ARTIFACT_BYTES`: Maximum size for each artifact.
- `OPENBLAS_NUM_THREADS`, `OMP_NUM_THREADS`, `MKL_NUM_THREADS`, `NUMEXPR_NUM_THREADS`, `BLIS_NUM_THREADS`, `VECLIB_MAXIMUM_THREADS`: Optional native math library thread limits for local Python subprocesses.
Examples:
- Choose the active provider
- Configure `self_managed` runtime settings
- Configure all `local` settings
- Configure all `ssh` settings
For `self_managed`:
- Runtime settings are editable in Admin
- Deployment defaults come from `.env` and are shown as read-only values
## Running standalone