image= when creating sandboxes.
The usual flow is:
- Choose a base image.
- Define the setup steps with a Dockerfile or
Imageobject. - Build and register the image name in your project.
- Create sandboxes from that registered name.
Base Images
Tensorlake ships preconfigured base images that boot quickly and are tuned for common sandbox workloads:tensorlake/ubuntu-minimal(default sandbox image): Minimal Ubuntu without systemd. Use this when you want the fastest cold starts.tensorlake/ubuntu-systemd: Ubuntu with systemd. Use this when you need services such as Docker or Kubernetes inside the sandbox.tensorlake/debian-minimal: Minimal Debian 13.
tensorlake/ubuntu-vnc: Desktop-enabled Ubuntu based ontensorlake/ubuntu-systemd, with XFCE, TigerVNC, and Firefox preinstalled. Use it for browser automation and computer-use workloads. See Computer Use.
Build and Register an Image
You can define the same image with a Dockerfile, Python, or TypeScript. The build runs the setup steps and registers the result under the image name in your project.- CLI
- Python SDK
- TypeScript SDK
Dockerfile
context_dir (contextDir in TypeScript) is optional and works like the build context in docker build <context>. Pass it when the Image reads host files — through copy(), add(), or a RUN --mount=type=bind — so those sources resolve relative to it. Omit it otherwise.
Build from an OCI Base
The build base can be any standard OCI image reference, not justtensorlake/*, for example python:3.12-slim, debian:bookworm-slim, node:22-alpine, ghcr.io/..., or public.ecr.aws/....
Dockerfile
Private Registries
If you candocker pull an image from a private registry, you can use it as a base or dependency in your sandbox image’s Dockerfile. Authenticate with docker login, then run the build:
docker login works with all private registries, including Docker Hub, GHCR, ECR, GCR, Quay, and self-hosted. During the build, the Tensorlake CLI and SDKs read registry credentials from ~/.docker/config.json (or $DOCKER_CONFIG/config.json if DOCKER_CONFIG is set) and use them to pull private base images and dependencies. If the credentials are missing or expired, the build fails when it tries to pull from the private registry.
This also works in CI. For example, if you authenticate to ECR with amazon-ecr-login in a GitHub Actions workflow, tl sbx image create and SDK calls in the same workflow pick up those credentials.
Import an Image from a Registry
To use an existing registry image as a sandbox image without adding any build steps, import it directly. There is no Dockerfile and no build context, and the reference is always pulled fresh from the registry. Use this when you want a published image (ubuntu:24.04, pytorch/pytorch:2.4.1-cuda12.1-cudnn9-runtime, ghcr.io/org/app:v1) as-is. If you need to layer extra packages, files, or environment on top, write a Dockerfile that uses it as a FROM base instead — see Build from an OCI Base.
- CLI
- Python SDK
- TypeScript SDK
pytorch/pytorch:2.4.1 → pytorch, ghcr.io/org/app@sha256:... → app).
Imports use the same docker login credentials as Dockerfile builds, so private references work the same way (see Private Registries). The same CPU, memory, disk, and visibility options apply as for builds (see Build Resources and Public Images).
Launch Sandboxes from an Image
Create a sandbox from the registered image name. You can still override CPU, memory, disk, timeout, and entrypoint when the sandbox starts.- CLI
- Python
- TypeScript
You can’t launch a sandbox directly from a Docker/registry image reference — it has to be registered as a Tensorlake image first. The quickest way to do that for an unmodified image is Import an Image from a Registry, which registers it in one step with no Dockerfile. We are working on launching public registry images directly without a separate registration step.
Python Packages
The Tensorlake Ubuntu and Debian base images ship a PEP 668-managed system Python, sopip install requires --break-system-packages unless you create a virtual environment. Without it, pip exits with error: externally-managed-environment.
For one-off installs in a running sandbox:
- Python
- TypeScript
requirements.txt and install them during the image build, as shown in Build and Register an Image.
Build Resources
Builds run in a temporary builder sandbox. You can allocate more CPU, memory, or disk for the builder, and separately set the root disk size of the resulting image.- CLI
- Python SDK
- TypeScript SDK
disk_mb / diskMb sets the root disk size for sandboxes created from the registered image. builder_disk_mb / builderDiskMb only affects the temporary builder sandbox.
Build defaults are cpus=2.0, memory=4096 MB, and a generated root disk of 10240 MiB (10 GiB).
Docker Compatibility Mode
--docker_compat runs the build or import with standard Docker/BuildKit instead of Tensorlake’s default builder. Turn it on if a build or import fails or produces an unexpected result under the default builder, it trades speed and disk for maximum compatibility. Budget at least 3× the builder disk and memory (via the resource flags above). The flag works on both builds and imports; leave it off unless you need it.
- CLI
- Python SDK
- TypeScript SDK
Register an Existing Snapshot as an Image
If you already have a completed filesystem snapshot, you can give it a reusable image name without rebuilding:--dockerfile is stored alongside the image so tl sbx image describe can show how it was built. Add --public to make the name resolvable from any namespace (see Public Images).
The snapshot must be in Completed status with a durable snapshot_uri; tl sbx image register rejects snapshots that haven’t finished uploading.
Inspect and List Registered Images
List the images registered in your project, or look one up by name, from the CLI or the SDKs.- CLI
- Python SDK
- TypeScript SDK
describe accepts either the registered image name or the underlying sandbox-template ID.TENSORLAKE_ORGANIZATION_ID and TENSORLAKE_PROJECT_ID).
Public Images
By default a registered image is namespace-scoped. Pass--public, is_public=True, or isPublic: true to make the image name resolvable from any namespace. This is how the tensorlake/* base images work.
- CLI
- Python SDK
- TypeScript SDK
Examples
Skills Image
This variant preloads the Tensorlake skills repo so coding agents can auto-discover it at startup:Dockerfile
Dockerfile, the registered name defaults to the parent directory name. Otherwise it defaults to the file stem. Registered image names must be unique within a project.
Supported Build Operations and Limitations
Sandbox image builds support most of the standard Dockerfile commands and features, but with some limitations:- Dockerfile
$VARand environment variable substitution is not working inFROMcommands - Dockerfile
ONBUILDcommands are ignored and do not run during child image builds - The following Dockerfile commands work as expected during image builds but do not have any effect when running sandboxes from the images:
ONBUILDSHELLEXPOSEHEALTHCHECKLABELSTOPSIGNALVOLUME
See Also
Snapshots
Understand the underlying snapshot primitive used to save and restore sandbox state.
Lifecycle
Learn which sandbox settings you can still override when launching from an image.
Skills in Sandboxes
Ship Tensorlake SDK docs inside sandbox images for agents and tools.