9. Container Execution¶
Container Execution lets you run Squad agents and scheduled tasks inside isolated containers (Docker or Apple Container), providing strong security boundaries, reproducible environments, and seamless integration with external messaging channels.
Overview¶
When Container Execution is enabled, agents run inside lightweight containers that:
- Isolate the agent from the host filesystem and network
- Proxy credentials so API keys never enter containers
- Mount only approved directories based on a configurable allowlist
- Communicate via file-based IPC for low-latency host-container messaging
Key Sections¶
-
Container Execution Guide — Install Docker or Apple Container, build the agent image, and configure mount allowlists
-
Squad Container Mode — Step-by-step guide for enabling container isolation on individual squad agents
-
Multi-Channel Messaging — Connect Telegram, Slack, Discord, and WhatsApp to your agents
-
Channel-Squad Mapping — Route messages from external channels to specific squad groups
-
Security Model — Credential proxy, mount security, IPC permissions, and the audit log
-
Task Scheduling — Create cron, interval, and one-time scheduled container executions
-
Cowork Container Mode — Use container isolation with Cowork for single-agent tasks
Architecture¶
flowchart TB
subgraph External["External Channels"]
TG[Telegram Bot]
SL[Slack Bot]
DC[Discord Bot]
WA[WhatsApp Business]
end
subgraph Core["Backend.AI GO Core"]
CR[Channel Registry]
MR[Message Router]
NS[Namespace Manager]
CP[Credential Proxy]
MA[Mount Allowlist]
end
subgraph Containers["Isolated Containers"]
C1[Agent Container 1]
C2[Agent Container 2]
C3[Scheduled Container]
end
TG & SL & DC & WA --> CR
CR --> MR
MR --> NS
NS --> C1 & C2 & C3
CP -.->|injects credentials| C1 & C2 & C3
MA -.->|validates mounts| C1 & C2 & C3Requirements¶
| Component | Minimum Version | Notes |
|---|---|---|
| Docker | 24.0 | Windows, Linux, macOS (Intel) |
| Apple Container | 0.2 | macOS Apple Silicon only |
| Backend.AI GO | 1.4.0 | NanoClaw release |