New Code And Let Live (2026)

The state of the art in agent isolation is a read-only sandbox. At Fly.io, we’ve been selling that story for years, and we’re calling it: ephemeral sandboxes are obsolete. Stop killing your sandboxes every time you use them.

My argument won’t make sense without showing you something new we’ve built. We’re all adults here, this is a company, we talk about what we do. Here goes.

So, I want to run some code. So what I do is, I run sprite create. While it operates, I’ll explain what’s happening behind the—

That’s a root shell on a Linux computer we now own. It came online in about the same amount of time it would take to ssh into a host that already existed. We call these things “Sprites”.

Unlike creating the Sprite in the first place, installing ffmpeg with apt-get is dog slow. Let’s try not to have to do that again:

This completes instantly. Didn’t even bother to measure.

I step away to get coffee. Time passes. The Sprite, noticing my inactivity, goes to sleep. I meet an old friend from high school at the coffee shop. End up spending the day together. More time passes. Days even. Returning later:

Everything’s where I left it. Sprites are durable. 100GB capacity to start, no ceremony. Maybe I’ll keep it around a few more days, maybe a few months, doesn’t matter, just works.

Say I get an application up on its legs. Install more packages. Then: disaster. Maybe an ill-advised global pip3 install . Or rm -rf $HMOE/bin. Or dd if=/dev/random of=/dev/vdb. Whatever it was, everything’s broken. So:

Sprites have first-class checkpoint and restore. You can’t see it in text, but that restore took about one second. It’s fast enough to use casually, interactively. Not an escape hatch. Rather: an intended part of the ordinary course of using a Sprite. Like git, but for the whole system.

Source: HackerNews