Persistence, pause & resume
State is a product decision. A sandbox can be disposable, long-running, paused, cold-stored, or backed by volumes. See Lifecycle states for the full state model. For stateful agent and service workspaces, see Persistent workspaces.
What can persist
Section titled “What can persist”| State | Mechanism | Notes |
|---|---|---|
| Files inside a running VM | VM runtime disk | Lost when the VM is destroyed unless captured or copied out. |
| Host-mounted files | Mount or copy workflow | Host exposure depends on mount mode and path selection. |
| Managed local volume | mvmctl volume | Encrypted at rest when locked. |
| Machine state | pause/resume or snapshot save/restore | May contain memory, files, processes, and credentials present in the guest. |
Pause and resume
Section titled “Pause and resume”mvmctl pause agent-sandboxmvmctl resume agent-sandboxThe exact backend mechanics differ. See Snapshots for Firecracker sealed snapshots and Vz machine-state files.
Cold mode
Section titled “Cold mode”Cold mode is the product posture where a sandbox is snapshotted, compute is released, and the sandbox can later be restored. See Cold mode.
Cleanup
Section titled “Cleanup”mvmctl down agent-sandboxmvmctl sandbox gcmvmctl cleanupStopping compute does not automatically erase every artifact. Check volumes, snapshots, receipts, logs, and caches when the workflow needs stronger cleanup.
Security notes
Section titled “Security notes”- Treat snapshots as sensitive state.
- Avoid preserving browser sessions or agent workspaces unless required.
- Lock managed volumes after use.
- Prefer explicit destroy/cleanup steps in tutorials and automation.