How to spin up a secure code sandbox & microVM in seconds with Northflank
Running secure, isolated workloads at scale has never been easier. With Northflank, you can spin up microVM-backed containers in seconds, combining the performance and compatibility of containers with the strong isolation of virtual machines.
In this guide, we’ll walk you through how to:
- Create a secure, multi-tenant project on Northflank
- Deploy any container image using microVMs
- Build and deploy from Dockerfiles or OCI-compliant containers
- Launch services in seconds with strong network and runtime isolation
💡 Northflank operates over 2 million microVMs every month and has been in production since 2021. Northflank’s engineering team is active in the OSS community, maintaining and contributing to Kata Containers, QEMU, containerd, Cloud Hypervisor, and more.
We operate microVMs on our own infrastructure and for our enterprise customers with our bring your own cloud offering. Northflank’s platform can operate workloads in your own Virtual Private Cloud (VPC).
Building a secure sandboxing platform with Firecracker and Kubernetes isn’t a weekend project. It can take a team months or longer, and the complexity doesn’t go away, it becomes something you have to operate and maintain every day.
Northflank already did the hard part. You can start running secure microVMs in seconds, without any heavy lifting required.
Companies like Writer, Sentry, and others have leveraged Northflank’s secure runtime to run multi-tenant customer deployments for untrusted code at scale.
It’s proven in production and you get to partner closely with the Northflank infrastructure engineering team.
Let’s dive in.
microVMs (like those powered by Kata Containers) offer VM-level isolation with container startup speed. They’re ideal for:
- Running untrusted code inside a secure sandbox
- Isolating multi-tenant workloads in a secure runtime
- Securing AI inference, CI jobs, or backend functions
- Minimizing kernel attack surface per container
Northflank natively supports microVM-backed workloads with seamless orchestration, startup, and monitoring.
Northflank sandboxes are powered by microVMs or gVisor. Technologies like Firecracker, Kata, gVisor, and Cloud Hypervisor (CLH), giving you flexibility in your secure compute stack wherever you need it: AWS, GCP, Azure, bare-metal.
To enable secure isolation between end-users or workloads, start by creating a dedicated project:
- Head to your Northflank dashboard
- Click “Create Project”
- Choose:
- Region for running workloads close to your users
- or Bring your own cloud to run workloads in your own VPC or customers VPC for data privacy and locality
Each project acts as a namespace, giving you strict runtime and network separation, perfect for SaaS platforms, API execution environments, or internal tooling.
Here is a code snippet example of initializing the Northflank SDK and creating a project:
import {
ApiClient,
ApiClientInMemoryContextProvider,
} from "@northflank/js-client";
const contextProvider = new ApiClientInMemoryContextProvider();
await contextProvider.addContext({
name: "context",
token: process.env.NORTHFLANK_TOKEN,
});
const apiClient = new ApiClient(contextProvider, {
throwErrorOnHttpErrorCode: true,
});
const project = await apiClient.create.project({
data: {
name: "sandbox-project",
region: "europe-west",
}
});Next, create a service backed by microVMs:
- In your project, click “Create Service”
- Select “Job or Backend Service” depending on the use case
- Choose your container image:
- Public (e.g.
ubuntu,python,ghcr.io/...) - Private (via credentials)
- Public (e.g.
- Choose CPU, memory, disk — your microVM will be provisioned accordingly
- Hit “Deploy”
Northflank provisions the microVM, pulls your image, and runs it within seconds inside a secure sandbox.
💡 Pro tip: Enable persistent or ephemeral disk storage depending on workload needs (e.g. build caching, temporary compute jobs, etc.)
Here is an example of using the Northflank SDK to provision a secure sandbox that will boot in a few seconds:
const service = await apiClient.create.service.deployment({
parameters: {
projectId: project.data.id,
},
data: {
name: "sandbox-service",
billing: {
deploymentPlan: "nf-compute-20", // 2 vCPU, 4GB RAM
},
deployment: {
instances: 1,
external: {
imagePath: "alpine:latest",
},
},
},
});Need to build your image from source?
- Create a new Build in the same project
- Connect a Git repository or upload a Dockerfile
- Configure:
- Build context
- Dockerfile path
- Build arguments or secrets
- Northflank will use fast, ephemeral builds to produce an OCI image
- Deploy that image to any service — including microVMs — with a single click
Every microVM on Northflank runs:
- In its own secure runtime with a sandboxed kernel
- With configurable CPU and memory limits
- With no shared namespaces unless explicitly enabled
- Over isolated, per-service networking
The secure sandboxing model prevents container breakout and ensures tenant isolation, even for untrusted workloads.
You can scale vertically (larger instances) or horizontally (replica count) and even autoscale based on resource usage.
Here are just a few things you can build with Northflank microVM services:
| Use case | Benefits |
|---|---|
| Untrusted code runners | VM-grade isolation, no risk of container breakout — run in a secure sandbox using Northflank secure runtime |
| Multi-tenant API hosting | Isolated execution per customer or request, protected by a Northflank’s hardened secure runtime |
| AI model inference | Combine with GPUs and secure tenant-level execution using Northflank’s gVisor or microVMs |
| Serverless backends | Fast boot times, strong tenancy and network isolation |
| Build sandboxes | Run npm install, cargo build, or docker build safely inside a hardened, using Northflank ephemeral microVMs |
If you're looking to run secure, high-performance workloads with full tenancy isolation,
Northflank microVMs offer the best of both worlds: speed and safety.
Try it now → Sign up at northflank.com