github TencentCloud/CubeSandbox v0.3.0-rc1
on GitHub

pre-release5 hours ago

v0.3.0-rc1 Release Notes

Release Date: 2026-05-28

We are excited to announce the v0.3.0-rc1 pre-release of CubeSandbox! This release introduces several major new capabilities including the Copy-on-Write (CoW) snapshot engine, a Web UI, a Go SDK, and incremental memory snapshots. A total of 65 commits from 21 contributors went into this release since v0.2.2 (2026-05-18).

Major Features

Copy-on-Write Snapshot Engine (cubecow)

  • Introduced cubecow, a full-lifecycle Copy-on-Write snapshot engine supporting reflink-based volume snapshots (PR [#360])
  • Efficient block-level snapshot operations for sandbox volume management

Soft-Dirty Incremental Memory Snapshots

  • Added per-cycle incremental memory snapshots using the soft-dirty page tracking mechanism (PR [#389])
  • Dramatically reduces snapshot time and storage for repeated snapshot cycles

Web UI

  • Added a comprehensive WebUI for sandbox, template, and node management, along with a template store (PR [#299])
  • Built-in management interface accessible from the browser

Go SDK

  • Added a complete Go SDK for CubeSandbox, enabling Go applications to interact with the platform programmatically
  • Includes sandbox lifecycle management and typed API bindings

Python SDK: Template Creation API

  • Added template creation API to the Python SDK (PR [#365])
  • Python SDK bumped to v0.2.0 (PR [#373])

Features

  • CubeProxy: Path-based sandbox routing and shared backend resolution (PR [#334])
  • Cubelet: Report allocated node resources to CubeMaster (PR [#382])
  • Cubelet: Expose scheduler metrics as Prometheus gauges on /v1/metrics (PR [#326])
  • CubeMaster/DAO: Centralized schema migration with goose (PR [#385])
  • Guest Image: Shrink ext4 image after creation and optimize Dockerfile (PR [#347])
  • Deploy: Migrate one-click deployment to systemd management (PR [#331])
  • Deploy: Implement early pre-download checks for online installer (PR [#288])
  • Deploy: Add cgroup v2 CPU controller preflight check (PR [#367])
  • Deploy: Add one-click health check and diagnostic scripts (PR [#305])
  • Docs: Add blog system with local search and maintainer guide (PR [#306])
  • Docs: Add brand logo and favicon to documentation site (PR [#329])

Refactoring

  • One-click deployment: Drive container lifecycle through Docker Compose (PR [#386])

Bug Fixes

  • Network: Resolve network resource leak during sandbox creation (PR [#314])
  • Cubelet: Cleanup host-mount directories after sandbox destroy (PR [#333])
  • Cubelet: Use correct Cloud Hypervisor disk API endpoint (PR [#337])
  • Cubelet: Validate inputs at command-execution call sites (PR [#344])
  • Cubelet: Register metric plugin to enable /v1/metrics/scheduler endpoint (PR [#301])
  • Cubelet: Write kernel version for refreshed pmem artifacts (PR [#297])
  • Cubelet: Fix CI compile error (PR [#368])
  • Deploy: Tolerate concurrent DNS dummy link creation (PR [#363])
  • Deploy: Align shrunk guest images to pmem boundary (PR [#351])
  • Deploy: Wait for quickcheck containers to be ready (PR [#349])
  • Deploy: Bind MySQL/Redis to localhost and switch CubeProxy to host networking (PR [#269])
  • Deploy: Order cube-proxy.service after cube-sandbox-dns.service (PR [#346])
  • Deploy: Fix collect-logs.sh output directory and cube-proxy log collection (PR [#319])
  • Template Commit: Enforce requestID uniqueness and add idempotent commit reuse (PR [#336])
  • TemplateCenter: Strip canonical prefix from image digest (PR [#303])
  • CubeAPI: Fix paused state in sandbox list response (PR [#270])
  • Build: Inject version info via ldflags for cubelet and cubemaster (PR [#327])
  • Network-agent: Make tap fd timeout configurable
  • Python SDK: Handle envd process exit edge cases
  • Python SDK: Run commands through envd process API
  • One-click: Force 4K block size when building guest rootfs
  • One-click: Wait for network-agent readiness (PR [#304])
  • Host-mount: Fix pause snapshot restore

Security & Dependency Updates

  • agent: Upgrade Prometheus to 0.14.0 to drop vulnerable protobuf 2.28.0 (PR [#328])
  • CubeAPI: Upgrade reqwest to 0.12 to fix rustls-webpki CVE (PR [#323])
  • agent: Upgrade libseccomp to 0.3.0 to fix GHSA-2r23-gqr7-wr4h (PR [#321])
  • Cubelet: Bump github.com/go-jose/go-jose to v4 (PR [#320])
  • CubeMaster: Bump google.golang.org/grpc (PR [#316])
  • hypervisor: Bump crossbeam-channel from 0.5.13 to 0.5.15

CI Improvements

  • Enable auto review for external PRs (PR [#338])
  • Add docs build check workflow on pull request (PR [#330])
  • Fix CR workflow (PR [#335])

Documentation

  • Add snapshot/rollback/clone demo suite and guide (PR [#374])
  • Blog: "From Serverless to Agent" post and external PVM walkthrough (PR [#340])
  • Add deployment and templates troubleshooting subpages with navigation (PR [#313])
  • Troubleshooting: Template creation timeout when sandbox CIDR overlaps LAN (PR [#325])
  • Fix clone state description — include memory, not just filesystem (PR [#377])
  • Update PVM kernel download link to cnb.cool (zh docs) (PR [#371])
  • Abandoned XDP program: drop references to filter_from_cube (PR [#197])
  • Add external link to AWS nested-virt deployment community post (PR [#309])
  • Add missing .md extension to cross-file references (PR [#372])
  • Remove License section from cubecow README (PR [#369])

Chores

  • Python SDK: bump version to 0.2.0 (PR [#373])
  • Remove deprecated rand.Seed calls (PR [#339])

Contributors

Thanks to the following 21 contributors for their work since v0.2.2:

@LoGin, @ls, @tinklone, @kami-lu, @chenggui53, @cherrycao, @hengqi Chen, @novahe, @MaxLong, @yi Wang, @liciazhu, @nemo, @feng King, @songqian Li, @joohwan., @Stary, @xiongxz, @Yangjie, @YangYuS8, @wangchenglong-hj, and @dependabot[bot].

Full Change Log

62e0d56d feat(snapshot): add soft-dirty per-cycle incremental memory snapshots (#389)
6f722953 virtio-devices: vsock: RST vsocks on snapshot restore (#388)
bda4a699 feat(cubelet): report allocated node resources to cubemaster (#382)
8b33d9c9 refactor(one-click): drive container lifecycle through docker compose (#386)
e8d24c5a feat(CubeMaster/dao): introduce centralized schema migration with goose (#385)
cecec745 feat: introduce cubecow Copy-on-Write snapshot engine with full lifecycle management (#360)
6a97ee5a feat(web): add WebUI with sandbox/template/node management and template store (#299)
5de861ac Add Go SDK
5d90479a feat(python-sdk): add template creation API (#365)
53dd243d feat(cubeproxy): add path-based sandbox routing and shared backend resolution (#334)
0032a33e feat(Cubelet): expose scheduler metrics as Prometheus gauges on /v1/metrics (#326)
6323ec22 feat(deploy): migrate one-click deployment to systemd management (#331)
75f0c17d feat(guest-image): shrink ext4 image after creation and optimize Dockerfile (#347)
a4ff1b94 feat(deploy): add cgroup v2 CPU controller preflight check (#367)
243e0142 feat(deploy): implement early pre-download checks for online installer (#288)
949f7b6f feat(docs): add blog system with local search and maintainer guide (#306)
e18e1ec8 feat(docs): add brand logo and favicon to documentation site (#329)
f71a55f0 fix: resolve network resource leak during sandbox creation (#314)
5d27a125 fix(Cubelet): cleanup host-mount dirs after sandbox destroy (#333)
5f8d81a1 fix(Cubelet): use correct Cloud Hypervisor disk API endpoint (#337)
508f1edd fix(cubelet): validate inputs at command-execution call sites (#344)
6874acc1 fix(cubelet): register metric plugin to enable /v1/metrics/scheduler endpoint (#301)
46424e74 fix(cubelet): write kernel version for refreshed pmem artifacts (#297)
2e35abbb fix: fix cubelet ci compile error (#368)
18e0af8c fix(deploy): tolerate concurrent DNS dummy link creation (#363)
9718bcdb fix(deploy): align shrunk guest images to pmem boundary (#351)
6b8f7740 fix(deploy): wait for quickcheck containers to be ready (#349)
deec9016 fix(deploy): bind MySQL/Redis to localhost and switch CubeProxy to host networking (#269)
49066d18 fix(deploy): order cube-proxy.service after cube-sandbox-dns.service (#346)
9006a04c deploy: fix collect-logs.sh output directory and cube-proxy log collection (#319)
1a0654d5 fix(template-commit): enforce requestID uniqueness and add idempotent commit resue (#336)
0c09191e fix(templatecenter): strip canonical prefix from image digest (#303)
8e4d0822 cubeapi: fix paused state in sandbox list response (#270)
ba58684e fix(build): inject version info via ldflags for cubelet and cubemaster (#327)
b4812469 agent: upgrade prometheus to 0.14.0 to drop vulnerable protobuf 2.28.0 (#328)
e29453ba CubeAPI: upgrade reqwest to 0.12 to fix rustls-webpki CVE (#323)
6c931fcd agent: upgrade libseccomp to 0.3.0 to fix GHSA-2r23-gqr7-wr4h (#321)
ffe8349b ci: allow auto review for external PRs (#338)
75aac8f0 ci: add docs build check workflow on pull request (#330)
097903ea ci: fix CR workflow (#335)
Check out latest releases or
releases around TencentCloud/CubeSandbox v0.3.0-rc1

Don't miss a new CubeSandbox release

NewReleases is sending notifications on new releases.

Get notifications