PandaStack docs

A template is a rootfs image + kernel + snapshot pre-baked at deploy time. Templates are what makes 240 ms cold boots possible — we don't boot Linux from scratch, we just restore from a snapshot taken right after the runtime is ready.

Bundled templates

Template	Runtime	Size	Cold boot
`blank`	bare Ubuntu 24.04	230 MiB	280 ms
`code-interpreter`	Python 3.11 + Jupyter kernel	450 MiB	240 ms
`python-data`	Python 3.11 + pandas, numpy, scikit-learn	920 MiB	260 ms
`node-js`	Node 22 + npm	380 MiB	250 ms
`deno`	Deno 2.0	280 MiB	240 ms
`bun`	Bun 1.2	290 MiB	240 ms
`browser`	Headless Chromium + Playwright	1.2 GiB	320 ms
`rust`	Rust stable + cargo	1.1 GiB	270 ms
`go`	Go 1.24	480 MiB	250 ms
`ruby`	Ruby 3.3 + bundler	350 MiB	250 ms
`java`	JDK 21 + Maven	720 MiB	280 ms

All templates run on the same kernel (vmlinux-5.10.239) with VirtIO drivers compiled in.

Building your own

mkdir my-template
cat > my-template/Dockerfile <<'EOF'
FROM ubuntu:24.04
RUN apt-get update && apt-get install -y python3 python3-pip ffmpeg
RUN pip install yt-dlp openai-whisper
EOF

pandastack templates build my-template ./my-template
# ↑ builds rootfs, boots the VM, runs `damroo-init`, takes snapshot, promotes to template

Behind the scenes:

Builds a Docker image from your Dockerfile.
Exports it to a flat ext4 rootfs.
Boots a Firecracker VM with that rootfs.
Waits for SSH ready, then runs systemctl is-system-running.
Pauses the VM and snapshots it.
Sparsifies the rootfs (fallocate -d), cloning to clone.ext4.
Stores it under /var/lib/damroo/template-snaps/<name>/.

The result: every future sandbox from that template boots in <300 ms.

Template builds in the cloud

Managed PandaStack also lets you push templates to the registry:

pandastack templates push my-template --tag v1
# ↑ uploads snapshot + rootfs to object storage, makes it available to all agents

This is how multi-node clusters share templates without rebuilding on each agent.

Templates

Bundled templates

Building your own

Template builds in the cloud

On this page