Show HN: Katakate – Dozens of VMs per node for safe code exec (github.com)
I've built this to make it easy to host your own infra for lightweight VMs at large scale.
Intended for exec of AI-generated code, for CICD runners, or for off-chain AI DApps. Mainly to avoid Docker-in-Docker dangers and mess.
Super easy to use with CLI / Python SDK, friendly to AI engs who usually don't like to mess with VM orchestration and networking too much.
Defense-in-depth philosophy.
Would love to get feedback (and contributors: clear & exciting roadmap!), thx
20 comments
[ 5.3 ms ] story [ 38.9 ms ] threadHey, we built coderunner[1] exactly for this purpose. It's completely local. We use apple containers for this (which are 1:1 mapped to a lightweight VM).
1. Coderunner - https://github.com/instavm/coderunner
It lets you narrow the permission scope of an executable using simple command line wrappers.
Glancing at the readme, is your business model technical support? Or what's your plan with this?
Anything interesting to share around startup time for large artifacts, scaling, passing through persistent storage (or GPUs) to these sandboxes?
Curious what things like 'Multi-node cluster capabilities for distributed workloads' mean exactly? inter-VM networking?
For anyone curious:
– Docs: https://docs.katakate.org
- LangChain Agent tutorial: https://docs.katakate.org/guides/langchain-agent
It's getting late where I am, so I'm heading to bed — looking forward to replying to any new comments tomorrow!
Our native K8s support and exposition of K8s API also makes it friendly to devops.
Finally, our deploy/infra stack is lean and tightly fits in a single Ansible playbook, which makes it easy to understand and contribute to, letting you rapidly gain full understanding and ownership of the stack.
Malicious code just has to resolve <secret>.evil.com and Google/CF will forward that query to evil resolver.
If so, cool! AFAICT E2B is open-source licensed but tricky to setup.