@cloudflare/sandbox 0.2.1 → 0.2.3

package/container_src/jupyter-service.ts

@@ -0,0 +1,458 @@
+import { existsSync } from "node:fs";
+import { CircuitBreaker } from "./circuit-breaker";
+import { type CreateContextRequest, JupyterServer } from "./jupyter-server";
+
+interface PoolStats {
+  available: number;
+  inUse: number;
+  total: number;
+  minSize: number;
+  maxSize: number;
+  warming: boolean;
+}
+
+interface CircuitBreakerState {
+  state: string;
+  failures: number;
+  lastFailure: number;
+  isOpen: boolean;
+}
+
+export interface JupyterHealthStatus {
+  ready: boolean;
+  initializing: boolean;
+  error?: string;
+  checks?: {
+    httpApi: boolean;
+    kernelManager: boolean;
+    markerFile: boolean;
+    kernelSpawn?: boolean;
+    websocket?: boolean;
+  };
+  timestamp: number;
+  performance?: {
+    poolStats?: Record<string, PoolStats>;
+    activeContexts?: number;
+    uptime?: number;
+    circuitBreakers?: {
+      contextCreation: CircuitBreakerState;
+      codeExecution: CircuitBreakerState;
+      kernelCommunication: CircuitBreakerState;
+    };
+  };
+}
+
+/**
+ * Wrapper service that provides graceful degradation for Jupyter functionality
+ */
+export class JupyterService {
+  private jupyterServer: JupyterServer;
+  private initPromise: Promise<void> | null = null;
+  private initialized = false;
+  private initError: Error | null = null;
+  private startTime = Date.now();
+  private circuitBreakers: {
+    contextCreation: CircuitBreaker;
+    codeExecution: CircuitBreaker;
+    kernelCommunication: CircuitBreaker;
+  };
+
+  constructor() {
+    this.jupyterServer = new JupyterServer();
+
+    // Initialize circuit breakers for different operations
+    this.circuitBreakers = {
+      contextCreation: new CircuitBreaker({
+        name: "context-creation",
+        threshold: 3,
+        timeout: 60000, // 1 minute
+      }),
+      codeExecution: new CircuitBreaker({
+        name: "code-execution",
+        threshold: 5,
+        timeout: 30000, // 30 seconds
+      }),
+      kernelCommunication: new CircuitBreaker({
+        name: "kernel-communication",
+        threshold: 10,
+        timeout: 20000, // 20 seconds
+      }),
+    };
+  }
+
+  /**
+   * Initialize Jupyter server with retry logic
+   */
+  async initialize(): Promise<void> {
+    if (this.initialized) return;
+
+    if (!this.initPromise) {
+      this.initPromise = this.doInitialize()
+        .then(() => {
+          this.initialized = true;
+          console.log("[JupyterService] Initialization complete");
+        })
+        .catch((err) => {
+          this.initError = err;
+          // Don't null out initPromise on error - keep it so we can return the same error
+          console.error("[JupyterService] Initialization failed:", err);
+          throw err;
+        });
+    }
+
+    return this.initPromise;
+  }
+
+  private async doInitialize(): Promise<void> {
+    // Wait for Jupyter marker file or timeout
+    const markerCheckPromise = this.waitForMarkerFile();
+    const timeoutPromise = new Promise<void>((_, reject) => {
+      setTimeout(
+        () => reject(new Error("Jupyter initialization timeout")),
+        60000
+      );
+    });
+
+    try {
+      await Promise.race([markerCheckPromise, timeoutPromise]);
+      console.log("[JupyterService] Jupyter process detected via marker file");
+    } catch (error) {
+      console.log(
+        "[JupyterService] Marker file not found yet - proceeding with initialization"
+      );
+    }
+
+    // Initialize Jupyter server
+    await this.jupyterServer.initialize();
+
+    // Pre-warm context pools in background after Jupyter is ready
+    this.warmContextPools();
+  }
+
+  /**
+   * Pre-warm context pools for better performance
+   */
+  private async warmContextPools() {
+    // Delay pre-warming to avoid startup rush that triggers Bun WebSocket bug
+    await new Promise((resolve) => setTimeout(resolve, 2000));
+
+    try {
+      console.log(
+        "[JupyterService] Pre-warming context pools for better performance"
+      );
+
+      // Warm one at a time with delay between them
+      await this.jupyterServer.enablePoolWarming("python", 1);
+
+      // Small delay between different language kernels
+      await new Promise((resolve) => setTimeout(resolve, 1000));
+
+      await this.jupyterServer.enablePoolWarming("javascript", 1);
+    } catch (error) {
+      console.error("[JupyterService] Error pre-warming context pools:", error);
+      console.error(
+        "[JupyterService] Pre-warming failed but service continues"
+      );
+    }
+  }
+
+  private async waitForMarkerFile(): Promise<void> {
+    const markerPath = "/tmp/jupyter-ready";
+    let attempts = 0;
+    const maxAttempts = 120; // 2 minutes with 1s intervals
+
+    while (attempts < maxAttempts) {
+      if (existsSync(markerPath)) {
+        return;
+      }
+      attempts++;
+      await new Promise((resolve) => setTimeout(resolve, 1000));
+    }
+
+    throw new Error("Marker file not found within timeout");
+  }
+
+  /**
+   * Get current health status
+   */
+  async getHealthStatus(): Promise<JupyterHealthStatus> {
+    const status: JupyterHealthStatus = {
+      ready: this.initialized,
+      initializing: this.initPromise !== null && !this.initialized,
+      timestamp: Date.now(),
+    };
+
+    if (this.initError) {
+      status.error = this.initError.message;
+    }
+
+    // Detailed health checks
+    if (this.initialized || this.initPromise) {
+      status.checks = {
+        httpApi: await this.checkHttpApi(),
+        kernelManager: this.initialized,
+        markerFile: existsSync("/tmp/jupyter-ready"),
+      };
+
+      // Advanced health checks only if fully initialized
+      if (this.initialized) {
+        const advancedChecks = await this.performAdvancedHealthChecks();
+        status.checks.kernelSpawn = advancedChecks.kernelSpawn;
+        status.checks.websocket = advancedChecks.websocket;
+
+        // Performance metrics
+        status.performance = {
+          poolStats: await this.jupyterServer.getPoolStats(),
+          activeContexts: (await this.jupyterServer.listContexts()).length,
+          uptime: Date.now() - this.startTime,
+        };
+      }
+    }
+
+    // Add circuit breaker status
+    if (status.performance) {
+      status.performance.circuitBreakers = {
+        contextCreation: this.circuitBreakers.contextCreation.getState(),
+        codeExecution: this.circuitBreakers.codeExecution.getState(),
+        kernelCommunication:
+          this.circuitBreakers.kernelCommunication.getState(),
+      };
+    }
+
+    return status;
+  }
+
+  private async checkHttpApi(): Promise<boolean> {
+    try {
+      const response = await fetch("http://localhost:8888/api", {
+        signal: AbortSignal.timeout(2000),
+      });
+      return response.ok;
+    } catch {
+      return false;
+    }
+  }
+
+  /**
+   * Perform advanced health checks including kernel spawn and WebSocket
+   */
+  private async performAdvancedHealthChecks(): Promise<{
+    kernelSpawn: boolean;
+    websocket: boolean;
+  }> {
+    const checks = {
+      kernelSpawn: false,
+      websocket: false,
+    };
+
+    try {
+      // Test kernel spawn with timeout
+      const testContext = await Promise.race([
+        this.jupyterServer.createContext({ language: "python" }),
+        new Promise<null>((_, reject) =>
+          setTimeout(() => reject(new Error("Kernel spawn timeout")), 5000)
+        ),
+      ]);
+
+      if (testContext) {
+        checks.kernelSpawn = true;
+
+        // Test WebSocket by executing simple code
+        try {
+          const result = await Promise.race([
+            this.jupyterServer.executeCode(
+              testContext.id,
+              "print('health_check')"
+            ),
+            new Promise<null>((_, reject) =>
+              setTimeout(() => reject(new Error("WebSocket timeout")), 3000)
+            ),
+          ]);
+
+          checks.websocket = result !== null;
+        } catch {
+          // WebSocket test failed
+        }
+
+        // Clean up test context
+        try {
+          await this.jupyterServer.deleteContext(testContext.id);
+        } catch {
+          // Ignore cleanup errors
+        }
+      }
+    } catch (error) {
+      console.log("[JupyterService] Advanced health check failed:", error);
+    }
+
+    return checks;
+  }
+
+  /**
+   * Ensure Jupyter is initialized before proceeding
+   * This will wait for initialization to complete or fail
+   */
+  private async ensureInitialized(timeoutMs: number = 30000): Promise<void> {
+    if (this.initialized) return;
+
+    // Start initialization if not already started
+    if (!this.initPromise) {
+      this.initPromise = this.initialize();
+    }
+
+    // Wait for initialization with timeout
+    try {
+      await Promise.race([
+        this.initPromise,
+        new Promise<never>((_, reject) =>
+          setTimeout(
+            () =>
+              reject(new Error("Timeout waiting for Jupyter initialization")),
+            timeoutMs
+          )
+        ),
+      ]);
+    } catch (error) {
+      // If it's a timeout and Jupyter is still initializing, throw a retryable error
+      if (
+        error instanceof Error &&
+        error.message.includes("Timeout") &&
+        !this.initError
+      ) {
+        throw new JupyterNotReadyError(
+          "Jupyter is taking longer than expected to initialize. Please try again.",
+          {
+            retryAfter: 10,
+            progress: this.getInitializationProgress(),
+          }
+        );
+      }
+      // If initialization actually failed, throw the real error
+      throw new Error(
+        `Jupyter initialization failed: ${
+          error instanceof Error ? error.message : "Unknown error"
+        }`
+      );
+    }
+  }
+
+  /**
+   * Create context - will wait for Jupyter if still initializing
+   */
+  async createContext(req: CreateContextRequest): Promise<any> {
+    if (!this.initialized) {
+      console.log(
+        "[JupyterService] Context creation requested while Jupyter is initializing - waiting..."
+      );
+      const startWait = Date.now();
+      await this.ensureInitialized();
+      const waitTime = Date.now() - startWait;
+      console.log(
+        `[JupyterService] Jupyter ready after ${waitTime}ms wait - proceeding with context creation`
+      );
+    }
+
+    // Use circuit breaker for context creation
+    return await this.circuitBreakers.contextCreation.execute(async () => {
+      return await this.jupyterServer.createContext(req);
+    });
+  }
+
+  /**
+   * Execute code - will wait for Jupyter if still initializing
+   */
+  async executeCode(
+    contextId: string | undefined,
+    code: string,
+    language?: string
+  ): Promise<Response> {
+    if (!this.initialized) {
+      console.log(
+        "[JupyterService] Code execution requested while Jupyter is initializing - waiting..."
+      );
+      const startWait = Date.now();
+      await this.ensureInitialized();
+      const waitTime = Date.now() - startWait;
+      console.log(
+        `[JupyterService] Jupyter ready after ${waitTime}ms wait - proceeding with code execution`
+      );
+    }
+
+    // Use circuit breaker for code execution
+    return await this.circuitBreakers.codeExecution.execute(async () => {
+      return await this.jupyterServer.executeCode(contextId, code, language);
+    });
+  }
+
+  /**
+   * List contexts with graceful degradation
+   */
+  async listContexts(): Promise<any[]> {
+    if (!this.initialized) {
+      return [];
+    }
+    return await this.jupyterServer.listContexts();
+  }
+
+  /**
+   * Delete context - will wait for Jupyter if still initializing
+   */
+  async deleteContext(contextId: string): Promise<void> {
+    if (!this.initialized) {
+      console.log(
+        "[JupyterService] Context deletion requested while Jupyter is initializing - waiting..."
+      );
+      const startWait = Date.now();
+      await this.ensureInitialized();
+      const waitTime = Date.now() - startWait;
+      console.log(
+        `[JupyterService] Jupyter ready after ${waitTime}ms wait - proceeding with context deletion`
+      );
+    }
+
+    // Use circuit breaker for kernel communication
+    return await this.circuitBreakers.kernelCommunication.execute(async () => {
+      return await this.jupyterServer.deleteContext(contextId);
+    });
+  }
+
+  /**
+   * Shutdown the service
+   */
+  async shutdown(): Promise<void> {
+    if (this.initialized) {
+      await this.jupyterServer.shutdown();
+    }
+  }
+
+  /**
+   * Get initialization progress
+   */
+  private getInitializationProgress(): number {
+    if (this.initialized) return 100;
+    if (!this.initPromise) return 0;
+
+    const elapsed = Date.now() - this.startTime;
+    const estimatedTotal = 20000; // 20 seconds estimated
+    return Math.min(95, Math.round((elapsed / estimatedTotal) * 100));
+  }
+}
+
+/**
+ * Error thrown when Jupyter is not ready yet
+ * This matches the interface of the SDK's JupyterNotReadyError
+ */
+export class JupyterNotReadyError extends Error {
+  public readonly retryAfter: number;
+  public readonly progress?: number;
+
+  constructor(
+    message: string,
+    options?: { retryAfter?: number; progress?: number }
+  ) {
+    super(message);
+    this.name = "JupyterNotReadyError";
+    this.retryAfter = options?.retryAfter || 5;
+    this.progress = options?.progress;
+  }
+}

package/container_src/jupyter_config.py

@@ -0,0 +1,48 @@
+"""
+Minimal Jupyter configuration focused on kernel-only usage
+"""
+
+c = get_config()  # noqa
+
+# Disable all authentication - we handle security at container level
+c.ServerApp.token = ''
+c.ServerApp.password = ''
+c.IdentityProvider.token = ''
+c.ServerApp.allow_origin = '*'
+c.ServerApp.allow_remote_access = True
+c.ServerApp.disable_check_xsrf = True
+c.ServerApp.allow_root = True
+c.ServerApp.allow_credentials = True
+
+# Also set NotebookApp settings for compatibility
+c.NotebookApp.token = ''
+c.NotebookApp.password = ''
+c.NotebookApp.allow_origin = '*'
+c.NotebookApp.allow_remote_access = True
+c.NotebookApp.disable_check_xsrf = True
+c.NotebookApp.allow_credentials = True
+
+# Performance settings
+c.ServerApp.iopub_data_rate_limit = 1000000000  # E2B uses 1GB/s
+
+# Minimal logging
+c.Application.log_level = 'ERROR'
+
+# Disable browser
+c.ServerApp.open_browser = False
+
+# Optimize for container environment
+c.ServerApp.ip = '0.0.0.0'
+c.ServerApp.port = 8888
+
+# Kernel optimizations
+c.KernelManager.shutdown_wait_time = 0.0
+c.MappingKernelManager.cull_idle_timeout = 0
+c.MappingKernelManager.cull_interval = 0
+
+# Disable terminals
+c.ServerApp.terminals_enabled = False
+
+# Disable all extensions to speed up startup
+c.ServerApp.jpserver_extensions = {}
+c.ServerApp.nbserver_extensions = {}

package/container_src/startup.sh

@@ -1,52 +1,84 @@
 #!/bin/bash
 
-# Start Jupyter notebook server in background
+# Function to check if Jupyter is ready
+check_jupyter_ready() {
+  # Check if API is responsive and kernelspecs are available
+  curl -s http://localhost:8888/api/kernelspecs > /dev/null 2>&1
+}
+
+# Function to notify Bun server that Jupyter is ready
+notify_jupyter_ready() {
+  # Create a marker file that the Bun server can check
+  touch /tmp/jupyter-ready
+  echo "[Startup] Jupyter is ready, notified Bun server"
+}
+
+# Start Jupyter server in background
 echo "[Startup] Starting Jupyter server..."
-jupyter notebook \
-  --ip=0.0.0.0 \
-  --port=8888 \
-  --no-browser \
-  --allow-root \
-  --NotebookApp.token='' \
-  --NotebookApp.password='' \
-  --NotebookApp.allow_origin='*' \
-  --NotebookApp.disable_check_xsrf=True \
-  --NotebookApp.allow_remote_access=True \
-  --NotebookApp.allow_credentials=True \
+jupyter server \
+  --config=/container-server/jupyter_config.py \
   > /tmp/jupyter.log 2>&1 &
 
 JUPYTER_PID=$!
 
-# Wait for Jupyter to be ready
-echo "[Startup] Waiting for Jupyter to become ready..."
-MAX_ATTEMPTS=30
-ATTEMPT=0
+# Start Bun server immediately (parallel startup)
+echo "[Startup] Starting Bun server..."
+bun index.ts &
+BUN_PID=$!
 
-while [ $ATTEMPT -lt $MAX_ATTEMPTS ]; do
-  if curl -s http://localhost:8888/api > /dev/null 2>&1; then
-    echo "[Startup] Jupyter server is ready!"
-    break
-  fi
-  
-  # Check if Jupyter process is still running
-  if ! kill -0 $JUPYTER_PID 2>/dev/null; then
-    echo "[Startup] ERROR: Jupyter process died. Check /tmp/jupyter.log for details"
+# Monitor Jupyter readiness in background
+(
+  echo "[Startup] Monitoring Jupyter readiness in background..."
+  MAX_ATTEMPTS=60
+  ATTEMPT=0
+
+  # Track start time for reporting
+  START_TIME=$(date +%s.%N)
+
+  while [ $ATTEMPT -lt $MAX_ATTEMPTS ]; do
+    if check_jupyter_ready; then
+      notify_jupyter_ready
+      END_TIME=$(date +%s.%N)
+      ELAPSED=$(awk "BEGIN {printf \"%.2f\", $END_TIME - $START_TIME}")
+      echo "[Startup] Jupyter server is ready after $ELAPSED seconds ($ATTEMPT attempts)"
+      break
+    fi
+
+    # Check if Jupyter process is still running
+    if ! kill -0 $JUPYTER_PID 2>/dev/null; then
+      echo "[Startup] WARNING: Jupyter process died. Check /tmp/jupyter.log for details"
+      cat /tmp/jupyter.log
+      # Don't exit - let Bun server continue running in degraded mode
+      break
+    fi
+
+    ATTEMPT=$((ATTEMPT + 1))
+
+    # Start with faster checks
+    if [ $ATTEMPT -eq 1 ]; then
+      DELAY=0.5  # Start at 0.5s
+    else
+      # Exponential backoff with 1.3x multiplier (less aggressive than 1.5x)
+      DELAY=$(awk "BEGIN {printf \"%.2f\", $DELAY * 1.3}")
+      # Cap at 2s max (instead of 5s)
+      if [ $(awk "BEGIN {print ($DELAY > 2)}") -eq 1 ]; then
+        DELAY=2
+      fi
+    fi
+
+    # Log with current delay for transparency
+    echo "[Startup] Jupyter not ready yet (attempt $ATTEMPT/$MAX_ATTEMPTS, next check in ${DELAY}s)"
+
+    sleep $DELAY
+  done
+
+  if [ $ATTEMPT -eq $MAX_ATTEMPTS ]; then
+    echo "[Startup] WARNING: Jupyter failed to become ready within attempts"
+    echo "[Startup] Jupyter logs:"
     cat /tmp/jupyter.log
-    exit 1
+    # Don't exit - let Bun server continue in degraded mode
   fi
-  
-  ATTEMPT=$((ATTEMPT + 1))
-  echo "[Startup] Waiting for Jupyter... (attempt $ATTEMPT/$MAX_ATTEMPTS)"
-  sleep 1
-done
-
-if [ $ATTEMPT -eq $MAX_ATTEMPTS ]; then
-  echo "[Startup] ERROR: Jupyter failed to start within 30 seconds"
-  echo "[Startup] Jupyter logs:"
-  cat /tmp/jupyter.log
-  exit 1
-fi
-
-# Start the main Bun server
-echo "[Startup] Starting Bun server..."
-exec bun index.ts
+) &
+
+# Wait for Bun server (main process)
+wait $BUN_PID

package/dist/{chunk-IATLC32Y.js → chunk-4KELYYKS.js}

@@ -1,3 +1,9 @@
+import {
+  SecurityError,
+  logSecurityEvent,
+  sanitizeSandboxId,
+  validatePort
+} from "./chunk-6UAWTJ5S.js";
 import {
   parseSSEStream
 } from "./chunk-NNGBXDMY.js";
@@ -10,13 +16,7 @@ import {
 } from "./chunk-FKBV7CZS.js";
 import {
   JupyterClient
-} from "./chunk-SYMWNYWA.js";
-import {
-  SecurityError,
-  logSecurityEvent,
-  sanitizeSandboxId,
-  validatePort
-} from "./chunk-6UAWTJ5S.js";
+} from "./chunk-VTKZL632.js";
 
 // src/sandbox.ts
 import { Container, getContainer } from "@cloudflare/containers";
@@ -129,8 +129,8 @@ function getSandbox(ns, id) {
 var Sandbox = class extends Container {
   defaultPort = 3e3;
   // Default port for the container's Bun server
-  sleepAfter = "3m";
-  // Sleep the sandbox if no requests are made in this timeframe
+  sleepAfter = "20m";
+  // Keep container warm for 20 minutes to avoid cold starts
   client;
   sandboxName = null;
   codeInterpreter;
@@ -687,4 +687,4 @@ export {
   proxyToSandbox,
   isLocalhostPattern
 };
-//# sourceMappingURL=chunk-IATLC32Y.js.map
+//# sourceMappingURL=chunk-4KELYYKS.js.map