Introduction

vmsan is a Firecracker microVM sandbox toolkit that lets you create, manage, and connect to isolated microVMs from the command line.

What is vmsan?

vmsan wraps Firecracker to provide a simple CLI for spinning up lightweight, security-isolated virtual machines. Each VM runs inside a jailer with its own network namespace, seccomp filters, and cgroup resource limits. A Go-based agent inside the VM exposes an HTTP API for shell access, file operations, and command execution.

What you can do

• Manage the full VM lifecycle - Create, start, stop, and remove microVMs with simple commands
• Isolate network access - Use allow-all, deny-all, or custom policies with domain and CIDR allowlists
• Connect interactively - Open a shell to any running VM via WebSocket PTY
• Transfer files - Upload and download files without SSH
• Use Docker images - Build root filesystems from any Docker or OCI image with --from-image
• Choose your runtime - Pick from base, node22, or python3.13
• Script everything - Get structured JSON output with the --json flag

When to use vmsan

Use vmsan when you need to:

• Run untrusted code in an isolated sandbox
• Create disposable development environments
• Test software across different runtimes
• Provide isolated compute environments for CI/CD or multi-tenant workloads