Islo Provider
Read when:
- choosing
provider: islo; - configuring the Islo sandbox image, sizing, snapshot, or gateway profile;
- changing
internal/providers/islo.
Islo is a delegated-run provider. Crabbox uses the Islo Go SDK for sandbox lifecycle (create, list, status) and calls the HTTP API directly for delete (an empty-body DELETE), archive upload, shares, and command output — reading a Server-Sent Events stream from the POST /sandboxes/{name}/exec/stream endpoint. Islo owns sandbox state and command transport; Crabbox owns local config, repo claims, sync manifests and guardrails, slugs, timing summaries, and normalized list/status rendering. There is no Crabbox SSH lease and no broker coordinator — the CLI talks to Islo directly.
#When to use
Use Islo when the remote Linux sandbox should be owned by Islo and commands run through Islo's API. Choose AWS, Hetzner, Static SSH, or Daytona instead when you need Crabbox-managed SSH access to the box.
Islo is Linux-only. Desktop, browser, code, Actions hydration, and SSH-based run options are not available.
#Commands
crabbox warmup --provider islo --islo-image docker.io/library/ubuntu:26.04
crabbox run --provider islo -- pnpm test
crabbox run --provider islo --id swift-crab --shell 'pnpm install && pnpm test'
crabbox status --provider islo --id swift-crab --wait
crabbox pause --provider islo swift-crab
crabbox resume --provider islo swift-crab
crabbox stop --provider islo swift-crab
crabbox list --provider islo --json
warmup keeps the sandbox until an explicit stop. The lease ID, slug, or Crabbox-created sandbox name printed by warmup/run can be passed to later commands via --id.
#Auth
export ISLO_API_KEY=ak_...
CRABBOX_ISLO_API_KEY is also accepted and takes precedence over ISLO_API_KEY. Do not pass the key as a command-line argument.
ISLO_BASE_URL (or CRABBOX_ISLO_BASE_URL, or islo.baseUrl) overrides the default API base URL https://api.islo.dev.
#Config
provider: islo
target: linux
islo:
baseUrl: https://api.islo.dev
image: docker.io/library/ubuntu:26.04
workdir: crabbox
gatewayProfile: ""
snapshotName: ""
vcpus: 2
memoryMB: 4096
diskGB: 20
Provider flags (each overrides the matching islo.* config key):
--islo-base-url
--islo-image
--islo-workdir
--islo-gateway-profile
--islo-snapshot-name
--islo-vcpus
--islo-memory-mb
--islo-disk-gb
Every key also reads a CRABBOX_ISLO_* environment variable, which takes precedence over the config file: CRABBOX_ISLO_BASE_URL, CRABBOX_ISLO_IMAGE, CRABBOX_ISLO_WORKDIR, CRABBOX_ISLO_GATEWAY_PROFILE, CRABBOX_ISLO_SNAPSHOT_NAME, CRABBOX_ISLO_VCPUS, CRABBOX_ISLO_MEMORY_MB, and CRABBOX_ISLO_DISK_GB.
The resolved defaults are kept in Crabbox config for display and override compatibility, but the Islo create request omits implicit default image, vcpus, memoryMB, and diskGB values so Islo can use the tenant's current defaults. Values explicitly supplied through config, environment, or flags are still sent, including values equal to the Crabbox defaults.
#Workdir resolution
--islo-workdir / islo.workdir is a relative directory below /workspace (default crabbox, so the workspace is /workspace/crabbox). Crabbox validates this before sandbox creation, then applies it to archive upload and command execution rather than the create request. Absolute paths and .. escapes are rejected before workspace preparation and sync.
#Lifecycle
- Create or resolve a Crabbox-owned Islo sandbox. New sandboxes are named
- Write a local repo claim binding the lease to the current checkout.
- Validate the workdir, build the Crabbox sync manifest, and upload a gzipped
- Execute the command through Islo's streaming exec endpoint in that workdir.
- Require an
exitevent before treating a stream as successful. - Delete the sandbox on release unless the lease is kept.
crabbox-<repo>-<hex>; the local lease ID is the sandbox name prefixed with isb_, paired with a friendly slug.
archive into /workspace/<workdir> through Islo's files-archive API. If that upload fails, Crabbox falls back to a base64 chunked upload over the exec endpoint.
#Capabilities
- SSH: yes for direct login to existing Crabbox-created sandboxes. `crabbox ssh
- Crabbox sync: yes, archive sync through the Islo files-archive API, with a
- URL bridge: yes. Exposed ports become public HTTPS shares through Islo's
- Pause / resume: yes.
crabbox pausesnapshots the sandbox to disk and frees - Bounded run downloads: yes. Safe relative single-file
--require-artifact - Desktop / browser / code: no.
- Actions hydration: no.
- Coordinator (broker): no — always direct from the CLI.
--provider islo --id <slug> renders ssh islo@<sandbox>.islo on port 22 by default. Crabbox still does not use SSH for Islo run` or sync.
base64 exec-upload fallback.
/sandboxes/{name}/shares API, surfaced by --expose and the pond bridge plane. Share creation is idempotent per port.
its CPU/memory via Islo's pause API; crabbox resume restores it. The lease claim is preserved across a pause.
and --download requests are retrieved through Islo exec after command success and capped at 64 KiB per file.
#Gotchas
- Direct SSH requires the authenticated Islo CLI and a one-time `islo ssh
--sync-onlyand--checksumare rejected becauserunstill uses Islo's--full-resync,--force-sync-large,--script,--script-stdin,--keep-on-failurekeeps a newly created failed sandbox until an explicit- Large-sync guardrails still apply. Because
--force-sync-largeis rejected, --shellpasses the raw shell string tobash -lcin the workdir.--idaccepts a Crabbox slug, anisb_<name>lease ID, or a canonical
--setup. The Islo CLI reads islo login state or ISLO_API_KEY; CRABBOX_ISLO_API_KEY` alone only authenticates Crabbox.
delegated archive/exec transport, not Crabbox-managed rsync.
--fresh-pr, --env-helper, local stdout/stderr captures, --capture-on-fail, --artifact-glob, --emit-proof, and --stop-after are rejected because Islo owns sync and command transport in delegated-run mode. Required artifacts and downloads accept only bounded single files, not globs, absolute paths, URLs, .git, or .crabbox paths.
stop or provider-side expiry.
trim the checkout (more .gitignore/sync excludes) when a sync trips the large-archive guardrail.
normalized sandbox name starting with crabbox-. Names that require case, whitespace, or punctuation normalization and non-Crabbox sandboxes are rejected.
Related docs: