I'm working on a website where users can run small snippets of Python and C# code, and I need to measure how long the code takes to execute. I've found out that Netlify and Vercel won't run Docker or custom runtimes, so I'm looking for a backend solution that can manage isolated containers effectively. I'm not sure about the best architectural setup, though. Should I:
1. Host the frontend and backend separately (front end on Netlify or Vercel and backend on services like Render or AWS)?
2. Host both the frontend and backend together on a platform like Render, treating them as two different services?
3. Or is there a completely different approach that I haven't considered?
The backend needs to handle the following requirements:
- Run Docker containers
- Safely sandbox user code
- Enforce execution time limits
- Return standard output (stdout), error output (stderr), and the run time
I feel like I'm missing something important here, so if anyone has experience in creating online code runners, judging systems, or safe execution environments, I would really appreciate your insights!
4 Answers
You might want to weigh how each setup will manage peak loads, especially if you're planning to scale up. A centralized setup might simplify things and keep your infrastructure cleaner,
Another angle to consider is how much trust you need in the runtime measurement. If it's just important for the user running the code, you might explore using Pyodide, as it can run Python directly in the browser without needing a complicated backend. However, if users need to trust the measurements (like for a leaderboard), you’ll want a more secure option like using VMs or containers. Also, tools like bubblewrap can help ensure that the user code runs safely without any potential access to your system.
To safely run user-submitted Python and C# code, you should focus on isolation and security. Here’s a straightforward approach:
1. **Backend Setup**: Hosting both the frontend and backend on a single platform that supports Docker (like AWS or Render) makes networking easier and reduces latency. With Render, you can conveniently create one service for your frontend and another for backend code execution.
2. **Sandbox User Code**: Use Firecracker microVMs for executing the user code. They offer quick VM startup times and strong isolation, making them ideal for running potentially risky code snippets. This setup helps enforce limits on resources and execution time, so nothing overconsumes your system.
3. **Output Monitoring**: Make sure to capture stdout and stderr from the executed codes by redirecting these outputs in your Docker containers. Use timers to kill processes if they run too long.
4. **File Management**: If users need to save files between runs, pick a solution that supports persistent storage while keeping security intact.
5. **Scaling**: If you expect many users to run code at the same time, think about using A2A protocols to manage execution across different environments smoothly.
6. **Integration Options**: Platforms like Cognitora.dev provide APIs and SDKs for easy integration with your frontend and backend setup, which could simplify your development process.
This architecture will keep your code execution environment secure and manageable! Good luck!
Just a heads-up! There's been chatter about Cognitora.dev engaging in some shady practices, so make sure you do your research before using them!
Nice answer! Not to sidestep the topic, but I noticed you mentioned a specific brand—feels a bit promotional!