How I built sandboxes that boot in 28ms using Firecracker snapshots

A deep-dive into building a sandbox orchestrator that gives AI agents their own isolated machines. Firecracker microVMs, snapshot restore, and why 28ms matters. tags: go, opensource, ai, devops I've been building AI agents that generate and execute code. The agents write Python scripts, run data analysis, generate charts, process files. Standard stuff in 2026. The problem I kept hitting: where does that code actually run? I tried Docker. It works, but containers share the host kernel. When the runc CVEs dropped in 2024-2025 (CVE-2024-21626, then three more in 2025), I started thinking harder about what "isolation" actually means when an AI is writing arbitrary code on my machine. I tried E2B. Great product, but my data was leaving my machine. For an internal tool processing company data, that was a non-starter. So I built ForgeVM . A single Go binary that orchestrates isolated sandboxes. This article is about the hardest part: getting Firecracker microVMs to boot in 28ms. What Firecrac