add documentation

Author: volatilemolotov

site/content/docs/_index.md

@@ -0,0 +1,8 @@
+---
+title: "Documentation"
+linkTitle: "Documentation"
+weight: 20
+menu:
+  main:
+    weight: 20
+---

site/content/docs/concepts/_index.md

@@ -0,0 +1,60 @@
+---
+title: "Concepts"
+linkTitle: "Concepts"
+weight: 2
+description: >
+  This section of the documentation helps you learn about the components, APIs and abstractions that Agent Sandbox uses to represent your cluster and workloads Core Agent Sandbox Concepts
+---
+
+## Sandbox
+
+The `Sandbox` CRD is designed to solve the problem of managing **isolated, stateful, singleton workloads** in Kubernetes.
+
+While Kubernetes is exceptionally good at running stateless, replicated applications (like web servers managed by a `Deployment`), it lacks a simple, dedicated abstraction for applications that need to be:
+
+  * **Singleton:** only one instance of the application should ever be running.
+  * **Stateful:** the application needs to retain its state (e.g., files on a disk, configuration, user data) across restarts or updates.
+  * **Isolated:** it requires a secure, self-contained environment, often for running user-provided code or interactive sessions.
+
+Common examples include AI agent runtimes, remote development environments (like a VS Code server), or data science tools (like a Jupyter Notebook). Today, users often resort to using a `StatefulSet` with `replicas: 1` as a workaround, but this is a cumbersome approach that doesn't offer specialized features for this use case.
+
+The `Sandbox` resource provides a **first-class API** for these workloads, making their management declarative, simple, and Kubernetes-native.
+
+## Benefits
+
+Using the `Sandbox` CRD provides several key benefits:
+
+1.  **Declarative Simplicity:** instead of manually creating and managing a `StatefulSet`, `PersistentVolumeClaim`, and `Service`, we can define a single `Sandbox` resource. The controller handles the complexity of creating and wiring together the underlying components.
+
+2.  **Stateful by Design:** persistence is a core feature. The `Sandbox` automatically manages a persistent volume, ensuring that any data saved within the environment survives pod restarts, crashes, or node failures.
+
+3.  **Strong Isolation:** by design, it encourages running workloads in an isolated manner, which is critical for security, especially in multi-tenant environments where you might be running untrusted code.
+
+## Simple Example
+
+Here is a basic example of a `Sandbox` manifest that runs a simple container with a persistent home directory.
+{{% snippet file="additional/examples/sandbox-ksa/sandbox.yaml" type="yaml" %}}
+
+
+## Glossary
+
+* **Controller**
+    The cluster-level component that reconciles the state of `Sandbox` resources, managing their underlying `StatefulSets` and `PersistentVolumeClaims`.
+
+* **Custom Resource Definition (CRD)**
+    An extension of the Kubernetes API that introduces the `Sandbox` resource, making it a native object in the cluster.
+
+* **PersistentVolumeClaim (PVC)**
+    A request for storage used by a `Sandbox` to provide a persistent, stateful filesystem for the workload.
+
+* **Sandbox**
+    The unit of deployment in `agent-sandbox`. It represents an isolated, stateful, and singleton workload, often used for development environments or AI agent runtimes.
+
+* **Singleton Workload**
+    An application designed to have only one running instance, which is the core management pattern for the `Sandbox` resource.
+
+* **Stateful Workload**
+    An application that requires its data to be preserved across restarts and hibernations.
+
+* **StatefulSet**
+    The underlying Kubernetes API object used by the controller to manage a `Sandbox`'s pod and ensure it has a stable identity and persistent storage.

site/content/docs/contribution_guidelines/_index.md

@@ -0,0 +1,8 @@
+---
+title: "Contribution Guidelines"
+linkTitle: "Contribution Guidelines"
+weight: 25
+description: >
+  How to contribute to Agent Sandbox
+---
+{{% include-file file="additional/CONTRIBUTING.md" %}}

site/content/docs/contribution_guidelines/testing.md

@@ -0,0 +1,33 @@
+---
+title: "Running and debugging tests"
+linkTitle: "Running tests"
+weight: 25
+description: >
+  Running and debugging tests
+---
+
+## To create a kind cluster
+```shell
+make deploy-kind
+```
+
+## Running unit tests
+To run all unit tests:
+```shell
+make test-unit
+```
+## Running the e2e tests
+To run all e2e tests:
+```shell
+make test-e2e
+```
+## Remove the kind cluster
+```shell
+make delete-kind
+```
+
+### See also
+- [Kubernetes testing guide](https://github.com/kubernetes/community/blob/master/contributors/devel/sig-testing/testing.md)
+- [Integration Testing in Kubernetes](https://github.com/kubernetes/community/blob/master/contributors/devel/sig-testing/integration-tests.md)
+- [End-to-End Testing in Kubernetes](https://github.com/kubernetes/community/blob/master/contributors/devel/sig-testing/e2e-tests.md)
+- [Flaky Tests in Kubernetes](https://github.com/kubernetes/community/blob/master/contributors/devel/sig-testing/flaky-tests.md)

site/content/docs/installation/_index.md

@@ -0,0 +1,137 @@
+---
+title: "Installation"
+linkTitle: "Installation"
+weight: 3
+description: >
+  Installing Agent Sandbox to a Kubernetes Cluster
+---
+This guide provides step-by-step instructions for installing and running the agent-sandbox controller on kind (Kubernetes in Docker) for local development and testing.
+
+## Before You Begin
+
+Ensure you have the following prerequisites installed:
+
+**Required Tools:**
+- [Docker](https://docs.docker.com/get-docker/)
+- [kind](https://kind.sigs.k8s.io/docs/user/quick-start/#installation)
+- [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/)
+
+**Verify installations:**
+```bash
+docker --version
+kind --version
+kubectl version --client
+```
+## Create a Kind cluster
+
+Create a kind cluster with:
+
+```bash
+kind create cluster --name agent-sandbox
+```
+
+## Deploy Agent-Sandbox to kind
+
+### Clone the Repository
+
+```bash
+git clone https://github.com/kubernetes-sigs/agent-sandbox.git
+cd agent-sandbox
+```
+### Deploy to kind
+
+With kubectl install the controller:
+
+```bash
+export VERSION=v0.1.0
+kubectl apply -f https://github.com/kubernetes-sigs/agent-sandbox/releases/download/${VERSION}/manifest.yaml
+kubectl apply -f https://github.com/kubernetes-sigs/agent-sandbox/releases/download/${VERSION}/extensions.yaml
+```
+
+This command will:
+1. Create a kind cluster named `agent-sandbox` (if it doesn't exist)
+2. Build the controller container image
+3. Load the image into the kind cluster
+4. Deploy the controller to the cluster in the `agent-sandbox-system` namespace
+
+### Verify Installation
+
+Check that the controller is running:
+
+```bash
+# Check controller pod status
+kubectl get pods -n agent-sandbox-system
+
+# Verify CRDs are installed
+kubectl get crds | grep agents.x-k8s.io
+
+# Check controller logs
+kubectl logs -n agent-sandbox-system -l control-plane=controller-manager -f
+```
+
+You should see the controller pod in `Running` state.
+
+## Uninstall
+
+Remove agent-sandbox from your cluster:
+
+```bash
+# Delete all sandbox resources
+kubectl delete sandboxes --all
+
+# Remove the controller and namespace
+kubectl delete namespace agent-sandbox-system
+
+# Delete CRDs
+kubectl delete crd sandboxes.agents.x-k8s.io
+```
+
+Delete the kind cluster:
+
+```bash
+kind delete cluster --name agent-sandbox
+```
+
+## Troubleshooting
+
+**Controller pod not starting:**
+- Check logs: `kubectl logs -l app=agent-sandbox-controller`
+- Verify RBAC permissions: `kubectl get clusterroles,clusterrolebindings | grep agent-sandbox`
+- Check if CRDs are properly installed: `kubectl get crds | grep agents`
+- Verify the image is correct: `kubectl get statefulset agent-sandbox-controller -o yaml | grep image:`
+
+**Storage issues:**
+- kind uses local Docker storage - ensure Docker has enough disk space
+- Check Docker disk usage: `docker system df`
+- Clean up unused images: `docker system prune`
+- Verify PVC is bound: `kubectl get pvc`
+
+**Out of memory errors:**
+- kind uses Docker resources - check Docker resource limits in Docker Desktop settings
+- Increase Docker memory allocation (recommend 8GB+ for development)
+- Reduce sandbox resource requests if needed
+
+**Building the Controller Binary:**
+
+To build just the controller binary:
+
+```bash
+make build
+```
+
+Binary will be at `bin/manager`.
+
+**Regenerating CRDs and RBAC:**
+
+After modifying `api/` or `controllers/` directories:
+
+```bash
+make all
+```
+
+## Additional Resources
+
+- [Agent-Sandbox GitHub Repository](https://github.com/kubernetes-sigs/agent-sandbox)
+- [Agent-Sandbox Development Guide](https://github.com/kubernetes-sigs/agent-sandbox/blob/main/docs/development.md)
+- [kind Documentation](https://kind.sigs.k8s.io/)
+- [Kubernetes SIG-Apps](https://github.com/kubernetes/community/tree/master/sig-apps)

site/content/docs/overview/_index.md

@@ -0,0 +1,23 @@
+---
+title: "Overview"
+linkTitle: "Overview"
+weight: 1
+description: >
+  Why Agent Sandbox?
+---
+
+Agent Sandbox represents a critical new layer of AI infrastructure that provides a controlled, isolated execution environment for code execution and computer use used in AI Agents and Reinforcement Learning (RL).
+
+## Why use Agent Sandbox? 
+Agent Sandbox is cloud agnostic, and can be used on top of any implementation of Kubernetes. By acting as a secure, contained "isolated environment", Agent Sandbox ensures that untrusted or dynamically generated code or commands are isolated, preventing potential risks such as compromising production systems, accidentally corrupting data, or accessing unauthorized hosts. This environment is engineered for high-scale, secure deployment, offering strong isolation capabilities, alongside advanced lifecycle features such as suspending, and warm pools to achieve low-latency performance necessary for scalable agent platforms.
+
+
+## Features Overview 
+Agent Sandbox - This core resource provides a declarative KRM API for managing isolated, single-instance execution environments, ensuring each Sandbox is unique and disposable.
+Suspend/Resume - Allows users to pause sandboxes—which deletes the Pod while preserving state via the PVC and Service—and resume them by recreating the Pod.
+WarmPools - The Sandbox Warm Pool Orchestrator utilizes a dedicated CRD to maintain a pool of pre-warmed pods, allowing the Sandbox Controller to claim a ready instance upon creation to mitigate cold start latency.
+Time to Live (TTL) - Automates deletion using configurable duration (.spec.ttl.seconds) and start policies (.spec.ttl.startPolicy) to set a .status.shutdownAt time, after which the sandbox is immediately removed.
+Python API/SDK - Provides a developer-friendly interface to programmatically interact with these CRDs, abstracting away Kubernetes complexities.
+
+
+![alt](diagram.png)