Sandbox Performance

Optimize sandbox performance and understand performance characteristics

Performance Overview

Sandboxing adds overhead, but Vectra Guard is optimized for performance. With intelligent caching, most commands run 10x faster on subsequent executions.

Key Performance Features

  • Intelligent caching (10x speedup for repeated commands)
  • Lightweight container runtime
  • Parallel execution support
  • Resource pooling and reuse
  • Minimal overhead for cached commands

Performance Metrics

Typical performance characteristics for sandboxed commands:

Cold Start

2.5s

First execution (no cache)

Cached

0.25s

Subsequent executions

Speedup

10x

With caching enabled

Real-World Example

Running npm test 50 times during development:

Without cache:

125s

2.5s × 50 runs

With cache:

14.75s

2.5s + (0.25s × 49)

Time saved: 110.25s (88% faster)

Optimization Tips

1. Enable Caching

Always enable caching for maximum performance. It provides 10x speedup with minimal configuration.

sandbox:
  enable_cache: true
  cache_strategy: smart

2. Use Auto Mode

Auto mode runs low-risk commands on host (instant) and only sandboxes risky ones. Best balance of security and performance.

sandbox:
  mode: auto  # Low-risk = host, medium/high-risk = sandbox

3. Optimize Resource Limits

Set appropriate resource limits. Too restrictive limits can slow down commands, too generous wastes resources.

sandbox:
  resources:
    cpu: 2        # Match your development machine
    memory: 2GB   # Enough for most commands
    disk: 10GB    # Sufficient for dependencies

4. Use Trust Store

Trust frequently-used safe commands to run on host instantly, bypassing sandbox overhead.

# Trust a command
vg trust add "npm test" --note "Safe test command"

# Now runs instantly on host
vg exec -- npm test

5. Keep Containers Warm

Vectra Guard keeps containers warm for faster startup. Don't manually stop containers unless necessary.

Performance Comparison

Command TypeHostSandbox (Cold)Sandbox (Cached)
npm install5.2s7.8s0.3s
npm test1.2s2.5s0.25s
python -m pytest0.8s2.3s0.22s
cargo build12.5s15.2s0.4s

Note: Times are approximate and vary based on system resources, network speed, and command complexity. Cached times assume identical command inputs.

Monitoring Performance

Track and monitor sandbox performance to identify bottlenecks and optimization opportunities.

Performance Monitoring Commands
# View performance metrics
vg perf stats --path .

# Output:
# Total commands: 1,234
# Average execution time: 0.45s
# Cache hit rate: 87.3%
# Sandbox overhead: 0.15s
# Slowest commands:
#   - npm install: 7.8s (cold), 0.3s (cached)
#   - cargo build: 15.2s (cold), 0.4s (cached)

# Profile a specific command
vg perf profile -- "npm test"

# Monitor real-time performance
vg perf monitor --watch

Best Practices

1. Always Enable Caching

Caching provides the biggest performance improvement with minimal cost. Always enable it unless you have a specific reason not to.

2. Use Auto Mode for Development

Auto mode provides the best balance. Low-risk commands run instantly on host, risky ones are protected in sandbox.

3. Trust Safe Commands

Use the trust store for frequently-used safe commands to eliminate sandbox overhead entirely.

4. Monitor and Optimize

Regularly check performance metrics and optimize slow commands. Use profiling to identify bottlenecks.

5. Balance Security and Performance

Don't sacrifice security for performance. Use auto mode and trust store to get both security and speed.