Skip to content

feat(examples): add LangGraph integration with CubeSandbox via E2B SDK#710

Open
FAUST-BENCHOU wants to merge 1 commit into
TencentCloud:masterfrom
FAUST-BENCHOU:feat/langgraph-example
Open

feat(examples): add LangGraph integration with CubeSandbox via E2B SDK#710
FAUST-BENCHOU wants to merge 1 commit into
TencentCloud:masterfrom
FAUST-BENCHOU:feat/langgraph-example

Conversation

@FAUST-BENCHOU

@FAUST-BENCHOU FAUST-BENCHOU commented Jul 2, 2026

Copy link
Copy Markdown

part of #645

Adds a minimal example under examples/langgraph-integration showing how to run a LangGraph agent (via Deep Agents) against CubeSandbox using the E2B-compatible API.

  • Uses e2b + langchain-e2b as the sandbox backend; tool execution runs inside CubeSandbox MicroVMs
  • Includes a sandbox-only connectivity check and a full agent demo with an OpenAI-compatible LLM (e.g. DeepSeek)
  • Adds Cube envd compatibility patches (root user, stdin) and follows the same SSL setup as openai-agents-example (CUBE_SSL_CERT_FILE → SSL_CERT_FILE)
  • Isolates LLM HTTPS from sandbox SSL via certifi + trust_env=False.

Test in a cloud machine
OS/Kernel: OpenCloudOS 9.4, Linux kernel 6.6.69-1.1.cubesandbox.oc9.x86_64
CPU: AMD EPYC 9K65 (reported model), 2 vCPUs (1 socket, 2 cores, 1 thread/core), KVM virtualized

My env

OPENAI_API_KEY="sk-***"
OPENAI_BASE_URL="https://api.deepseek.com/v1"

E2B_API_URL="http://127.0.0.1:3000"
E2B_API_KEY="e2b_000000"
CUBE_API_URL="http://127.0.0.1:3000"
CUBE_TEMPLATE_ID="tpl-b99d79c3f5ca422a8b3d2787"
CUBE_SSL_CERT_FILE="/etc/pki/ca-trust/source/anchors/mkcert_development_CA_60105739546307673323659108215573903552.pem"

The result is

[root@VM-0-4-opencloudos langgraph-integration]# env .venv/bin/python e2b_demo.py --model deepseek-chat
[ssl] SSL_CERT_FILE=/etc/pki/ca-trust/source/anchors/mkcert_development_CA_60105739546307673323659108215573903552.pem (for E2B data-plane HTTPS)
Backend:  E2B SDK -> CubeAPI
Model:    deepseek-chat
CubeAPI:  http://127.0.0.1:3000
Question: What OS is running? Show uname and the first 3 lines of /etc/os-release.

[sandbox] sandbox_id=a5da2232c69d4866bfe9208ff50ad4ab
[ssl] LLM client: certifi CA bundle, trust_env=False
langchain-openai injected a custom httpx transport to apply `http_socket_options`, which disables httpx's proxy auto-detection (HTTP_PROXY, HTTPS_PROXY, ALL_PROXY, http_proxy, https_proxy, all_proxy set in environment). Set `LANGCHAIN_OPENAI_TCP_KEEPALIVE=0` or pass `http_socket_options=()` to restore default proxy behavior, or supply `openai_proxy` / your own `http_client` / `http_async_client` to take full control.
[agent] running LangGraph agent (Deep Agents harness) ...

============================================================
The sandbox is running **Debian GNU/Linux 12 (bookworm)** on an **x86_64** kernel:

- **uname**: `Linux 6.6.69-opencloudos9` (PVM guest, x86_64)
- **OS**: Debian 12 (bookworm)

[done] 3785 ms

[cleanup] destroying sandbox ...

@FAUST-BENCHOU FAUST-BENCHOU requested a review from tinklone as a code owner July 2, 2026 06:58
@FAUST-BENCHOU

Copy link
Copy Markdown
Author

/cc @fslongjin @chenhengqi ptal when u are free :)

Comment thread examples/langgraph-integration/demo_common.py
Comment thread examples/langgraph-integration/llm_utils.py
Comment thread examples/langgraph-integration/env_utils.py
@cubesandboxbot

cubesandboxbot Bot commented Jul 2, 2026

Copy link
Copy Markdown

Review: PR #710 — LangGraph + CubeSandbox Example

Overall this is a well-structured example with clean module separation, proper cleanup (finally + sandbox.kill()), correct SSL isolation via certifi + trust_env=False, and thorough documentation. A few issues worth addressing:

Bugs & Runtime Issues

  • demo_common.py:82messages[-1] on an empty list raises IndexError. The if messages guard is truthy for []. Use an explicit len() check.
  • env_utils.py:32-35 — If CUBE_SSL_CERT_FILE is set but the file doesn't exist, the code silently does nothing. The TLS handshake then fails with a cryptic error. Print a warning when the path is missing.

Correctness

  • llm_utils.py:17-18 — Splitting on : without validation silently corrupts model names with colons (e.g., ft:gpt-4o:org:2024-01-012024-01-01). Document the expected format or validate it.
  • llm_utils.py:21httpx.Client is created but never closed. For a one-shot demo script this is harmless, but it's a connection-pool leak if reused. Consider wrapping with a context manager.

Design

  • demo_common.py:32,59 — Both run_sandbox_check() and run_agent_demo() accept an unused sandbox parameter. Either remove it or add a # keep ref for GC comment and make the intent clear.
  • e2b_demo.py:21apply_cube_envd_patches() is called at import time, which makes the module impossible to import for testing without triggering real SDK mutations. Guarding behind if __name__ == "__main__" would improve testability.

Security

  • .env.example defaults to http:// for E2B_API_URL. An attacker on the same network segment can intercept the API key and sandbox traffic. Recommend defaulting to HTTPS and documenting the TLS setup.
  • env_utils.py:31SSL_CERT_FILE is set from user-controlled input with only an os.path.isfile() guard. Consider validating the file is a parseable PEM certificate before trusting it.

Documentation

  • Both READMEs' "CubeSandbox adaptations" table lists workdir and CUBE_SSL_CERT_FILE as patches in cube_patches.py, but they're actually in demo_common.py and env_utils.py respectively. Move those rows out of the patch table or add file annotations.

Positive Highlights

  • Clean separation of concerns across 5 modules
  • Idempotent patching with _PATCHED guard
  • Proper finally-based sandbox cleanup
  • Correct SSL isolation between sandbox and LLM traffic
  • Well-documented version pinning in requirements.txt

@FAUST-BENCHOU

Copy link
Copy Markdown
Author

@kinwin-ustc Could u please help to take a review? I have tested on my OpenCloudOS 9.4

@fslongjin

Copy link
Copy Markdown
Member

Refs #645

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants