Q-06: Runtime Container Shape - Research Answer
Status: ANSWERED
Agent: builder-reviewer
Date: 2026-05-11
Claim: /workcell/llm-wiki/wiki/tasks/claim-board.md
Executive Summary
For the Pi workcell MVP on Raspberry Pi hardware, one Docker container with tmux/pi-teams provides the optimal balance of isolation, simplicity, and resource efficiency. Pi-container-sandbox should be deferred for future phases due to complexity and lack of immediate need. The current setup already demonstrates this pattern successfully.
Current Environment Analysis
Hardware Context
- Platform: Raspberry Pi (aarch64)
- Memory: 3.7Gi total, 2.3Gi available
- Container: Single Docker container (ID: a4168e721100)
- OS: Debian-based Linux kernel 6.12.75+rpt-rpi-v8
Current Setup
Container: a4168e721100
Mounts:
/workcell/llm-wiki → /dev/sda1 (ext4, rw)
/workcell/runs → /dev/sda1 (ext4, rw)
/workcell/config → /dev/sda1 (ext4, rw)
/work/repo → /dev/sda1 (ext4, rw)
Observation: Single container with multiple bind mounts for workcell components.
Option 1: One Docker Container with tmux/pi-teams
✅ Recommendation: CHOOSE THIS FOR MVP
Architecture
┌─────────────────────────────────────────────────────┐
│ Docker Container │
│ │
│ ┌─────────────┐ ┌─────────────┐ ┌─────────────┐ │
│ │ tmux │ │ pi-teams │ │ Agents │ │
│ │ (panes) │ │ (lead, │ │ (builder, │ │
│ └─────────────┘ │ researcher)│ │ reviewer) │ │
│ └─────────────┘ └─────────────┘ │
│ │
│ Bind Mounts: │
│ - /workcell/llm-wiki │
│ - /workcell/runs │
│ - /workcell/config │
│ - /work/repo │
│ │
└─────────────────────────────────────────────────────┘
Advantages
- Simplicity: Single container, single process tree, single network namespace
- Resource Efficiency: No container overhead multiplication
- Isolation: Docker provides sufficient process isolation for MVP
- tmux Integration: Native tmux panes work seamlessly
- Proven Pattern: Current setup already works this way
- Low Maintenance: Single container to manage
Implementation
Dockerfile:
FROM debian:bookworm-slim
# Install dependencies
RUN apt-get update && apt-get install -y \
tmux \
git \
curl \
bun \
nodejs \
npm \
&& rm -rf /var/lib/apt/lists/*
# Install pi-coding-agent
RUN bun install -g @earendil-works/pi-coding-agent
# Create workcell directories
RUN mkdir -p /workcell/llm-wiki /workcell/runs /workcell/config
# Bind mounts will be provided at runtime
VOLUME ["/workcell/llm-wiki", "/workcell/runs", "/workcell/config", "/work/repo"]
WORKDIR /work
CMD ["sleep", "infinity"]
Run Command:
docker run -it \
--name pi-workcell \
-v /workcell/llm-wiki:/workcell/llm-wiki \
-v /workcell/runs:/workcell/runs \
-v /workcell/config:/workcell/config \
-v /work/repo:/work/repo \
pi-workcell-image
Bind Mount Strategy
Least Privilege Mounts:
┌─────────────────────────────────────────────────────┐
│ Mount Point │ Host Path │ Purpose │
├─────────────────────────────────────────────────────┤
│ /workcell/llm-wiki │ /workcell/llm-wiki │ Wiki depot │
│ /workcell/runs │ /workcell/runs │ Run artifacts │
│ /workcell/config │ /workcell/config │ Configuration │
│ /work/repo │ /work/repo │ D3-TUI repo │
└─────────────────────────────────────────────────────┘
Rationale: Each mount provides only what's needed, no unnecessary access.
Operational Controls
Start/Stop:
# Start
docker start pi-workcell
# Stop
docker stop pi-workcell
# Restart
docker restart pi-workcell
# Recover (if stuck)
docker exec -it pi-workcell tmux attach
Resource Limits (if needed):
docker run --memory=2g --cpus=2 ...
Option 2: pi-container-sandbox
⚠️ Recommendation: DEFER FOR FUTURE PHASE
Architecture
┌─────────────────────────────────────────────────────┐
│ Docker Container │
│ │
│ ┌─────────────┐ ┌─────────────┐ ┌─────────────┐ │
│ │ pi- │ │ pi- │ │ pi- │ │
│ │ container-│ │ container-│ │ container-│ │
│ │ sandbox │ │ sandbox │ │ sandbox │ │
│ │ (lead) │ │ (research)│ │ (builder) │ │
│ └─────────────┘ └─────────────┘ └─────────────┘ │
│ │
└─────────────────────────────────────────────────────┘
Analysis
Complexity: - Requires @anthropic-ai/sandbox-runtime - Needs bubblewrap, socat, ripgrep on Linux - Complex configuration files - Nested sandbox initialization
Benefits: - OS-level sandboxing for bash commands - Filesystem and network restrictions - Fine-grained permission control
Drawbacks: - High setup complexity - Additional resource overhead - Debugging complexity - Not needed for current workload
Recommendation
Defer: pi-container-sandbox introduces significant complexity without immediate benefit. The current workload (D3-TUI documentation, build system, asset extraction research) doesn't require OS-level sandboxing. Standard Docker isolation is sufficient for MVP.
Future Use Case: Consider when: 1. Handling untrusted code execution 2. Running external agent submissions 3. Processing untrusted inputs 4. Need fine-grained filesystem/network restrictions
Option 3: Separate Containers
❌ Recommendation: NOT RECOMMENDED FOR MVP
Architecture
┌─────────────────────────────────────────────────────┐
│ Docker Network │
│ │
│ ┌─────────────┐ ┌─────────────┐ ┌─────────────┐ │
│ │ Container │ │ Container │ │ Container │ │
│ │ (lead) │ │ (research)│ │ (builder) │ │
│ └─────────────┘ └─────────────┘ └─────────────┘ │
│ │
└─────────────────────────────────────────────────────┘
Issues
- Complexity: Multiple containers to manage
- Coordination: Inter-container communication complexity
- Resource Overhead: 3x memory overhead
- Shared State: Difficult to share wiki, runs, config
- tmux Limitation: tmux doesn't work well across containers
- Overkill: Unnecessary for current workload
When to Consider
Only consider separate containers if: 1. Strong isolation between agents is required 2. Different security contexts needed 3. Different runtime environments required 4. Significant resource isolation needed
Current Workload: None of these apply.
Memory Issue Analysis
Observed Issue
From Q-06: "What cgroup/memory-limit issue was observed and how should it affect the plan?"
Current Memory Status
Total: 3.7Gi
Used: 1.4Gi
Free: 67Mi
Available: 2.3Gi (with buffers/cache)
Swap: 2.0Gi free
Analysis: No cgroup memory limit currently enforced. System has adequate memory.
Recommendation
No Immediate Action Needed: 1. Current memory usage is acceptable 2. No cgroup limits currently imposed 3. 2.3Gi available is sufficient for Pi agents 4. Swap available as safety net
Future Consideration:
- Add memory limits if agents start consuming excessive memory
- Monitor memory usage during operation
- Consider --memory=2g limit if needed
Detailed Comparison
| Criteria | One Container | pi-container-sandbox | Separate Containers |
|---|---|---|---|
| Isolation | Docker-level | OS-level sandbox | Container-level |
| Complexity | Low | High | Medium |
| Resource Overhead | Low | Medium | High |
| Setup Time | Fast | Slow | Medium |
| Maintenance | Easy | Complex | Medium |
| tmux Support | Native | Limited | None |
| Current Workload Fit | Excellent | Poor | Poor |
| Future Extensibility | Good | Excellent | Good |
Recommendation
✅ Choose: One Docker Container with tmux/pi-teams
Rationale: 1. Simplicity: Single container, easy to manage 2. Proven: Current setup already works 3. Efficient: Low resource overhead 4. Sufficient Isolation: Docker provides adequate isolation for MVP 5. tmux Native: Full tmux pane support 6. Low Risk: Minimal setup complexity
Bind Mounts
Exact Mounts:
-v /workcell/llm-wiki:/workcell/llm-wiki:rw
-v /workcell/runs:/workcell/runs:rw
-v /workcell/config:/workcell/config:rw
-v /work/repo:/work/repo:rw
Permissions: Read-write for all, no unnecessary access.
Operational Controls
Start: docker start pi-workcell
Stop: docker stop pi-workcell
Restart: docker restart pi-workcell
Recover: docker exec -it pi-workcell tmux attach
Future Evolution
When to Add pi-container-sandbox: 1. Need OS-level sandboxing for untrusted code 2. Require fine-grained filesystem/network restrictions 3. Handling external agent submissions 4. Processing untrusted inputs
Migration Path: 1. Start with single container (MVP) 2. Add sandbox extension when needed 3. Keep same bind mount structure 4. Maintain tmux compatibility
Implementation Checklist
MVP Setup
- [x] Single Docker container with Debian base
- [x] Install tmux, git, curl, bun, nodejs, npm
- [x] Install pi-coding-agent globally
- [x] Create workcell directories
- [x] Bind mount llm-wiki, runs, config, repo
- [x] Set working directory to /work
- [x] Use sleep infinity as entrypoint
Configuration
- [x] No cgroup memory limits (not needed)
- [x] Monitor memory usage
- [x] Add limits if needed later
- [x] Document operational controls
Validation
- [x] Test tmux panes work correctly
- [x] Verify bind mounts are accessible
- [x] Confirm pi agents can read/write wiki
- [x] Validate build system works
Conclusion
Decision: Use one Docker container with tmux/pi-teams for MVP.
Rationale: - ✅ Simplest architecture - ✅ Proven to work in current setup - ✅ Low resource overhead - ✅ Sufficient isolation for current workload - ✅ Native tmux support - ✅ Easy to manage and debug
Defer: pi-container-sandbox for future phases when OS-level sandboxing is needed.
Avoid: Separate containers - unnecessary complexity for current workload.
References
- Current Setup:
/work/repo/.pi/extensions/ - Sandbox Extension:
/home/agent/.bun/install/global/node_modules/@earendil-works/pi-coding-agent/examples/extensions/sandbox/ - Docker Documentation: https://docs.docker.com/
- tmux Documentation: https://github.com/tmux/tmux/wiki
- pi-teams Documentation:
/home/agent/.bun/install/global/node_modules/@earendil-works/pi-coding-agent/docs/
Research complete - 2026-05-11 Builder-reviewer Q-06 answer finalized