Skip to main content

msb run

Create a sandbox and optionally run a command. Without --name, the sandbox is ephemeral and removed when the command finishes. With --name, it persists for later use. 
# Ephemeral: runs and cleans up
msb run python:3.11 -- python -c "print('hello')"

# Named: persists after exit
msb run --name devbox ubuntu:22.04 -- bash

# With volumes, ports, and environment
msb run --name api \
  -v ./src:/app \
  -v pydata:/data \
  -p 8000:8000 \
  -e DEBUG=true \
  -w /app \
  python:3.11

# Detached (runs in background)
msb run -d --name worker python:3.11 -- python worker.py
FlagDescription
--name, -nSandbox name (if omitted, sandbox is ephemeral)
-c, --cpusNumber of vCPUs
-m, --memoryMemory (e.g., 512, 1G, 2G)
-v, --volumeVolume mount (host:guest or name:guest)
-p, --portPort mapping (host:guest)
-e, --envEnvironment variable (KEY=VALUE)
-w, --workdirWorking directory inside the sandbox
--shellDefault shell
-d, --detachRun in background
--rmRemove sandbox on exit (default for unnamed)
--secretBind a secret (NAME reads from env, or NAME=VALUE)
--networkNetwork policy (none, public, allowlist, denylist)
--allowAllow egress to host (use with --network)
--denyDeny egress to host (use with --network)
-q, --quietSuppress non-essential output
When no -- command is given, the image’s entrypoint and cmd are used as the default process. If the image has neither, an interactive shell is started. When a command is given via --, it replaces the image cmd but the entrypoint is preserved. See Image config inheritance for details.

msb create

Create and boot a sandbox without running a command. Takes the same flags as msb run. 
msb create python:3.11 --name worker -c 2 -m 1G
msb create --force python:3.11 --name worker   # Replace existing
FlagDescription
--forceReplace existing sandbox with same name

msb start

Resume a stopped sandbox. 
msb start devbox

msb stop

msb stop devbox           # Graceful shutdown
msb stop --force devbox   # Force kill

msb exec

Execute a command inside a running sandbox. 
msb exec devbox -- python -c "print('hello')"
msb exec devbox -- ls -la /app
FlagDescription
-i, --interactiveKeep stdin open
-t, --ttyAllocate a pseudo-TTY
-e, --envSet environment variables
--workdirOverride working directory

msb shell

Open an interactive shell session. 
msb shell devbox
msb shell devbox --shell /bin/zsh

msb attach

Attach your terminal to the sandbox’s main process. Press Ctrl+] to detach without stopping. 
msb attach devbox
msb attach devbox --detach-keys ctrl-q

msb ls / ps

msb ls                    # All sandboxes (running and stopped)
msb ps                    # Running sandboxes only
msb ls --format json      # JSON output

msb inspect

Show detailed configuration and status. 
msb inspect devbox
msb inspect devbox --format json

msb rm

Remove a stopped sandbox and its associated state. 
msb rm devbox
msb rm --force devbox     # Stop and remove in one step
msb rm worker-1 worker-2  # Remove multiple