thaloco/pyro-mcp
1
Fork 0
Code Pull requests Releases Packages Activity Actions
No description
12 commits 1 branch 1 tag 12 GiB
Find a file
Thales Maciel 227983a877 Document Git LFS runtime bundle workflow
2026-03-07 17:14:52 -03:00
examples Bundle firecracker runtime and switch ollama demo to live logs 2026-03-05 20:20:36 -03:00
runtime_sources Document Git LFS runtime bundle workflow 2026-03-07 17:14:52 -03:00
src/pyro_mcp Finalize guest boot and exec runtime updates 2026-03-07 17:09:21 -03:00
tests Finalize guest boot and exec runtime updates 2026-03-07 17:09:21 -03:00
.gitattributes Bootstrap pyro_mcp v0.0.1 with MCP static tool and Ollama demo 2026-03-05 15:41:57 -03:00
.gitignore Bootstrap pyro_mcp v0.0.1 with MCP static tool and Ollama demo 2026-03-05 15:41:57 -03:00
.pre-commit-config.yaml Bootstrap pyro_mcp v0.0.1 with MCP static tool and Ollama demo 2026-03-05 15:41:57 -03:00
.python-version Bootstrap pyro_mcp v0.0.1 with MCP static tool and Ollama demo 2026-03-05 15:41:57 -03:00
AGENTS.md Document Git LFS runtime bundle workflow 2026-03-07 17:14:52 -03:00
Makefile Unify public UX around pyro CLI and Pyro facade 2026-03-07 16:28:28 -03:00
pyproject.toml Unify public UX around pyro CLI and Pyro facade 2026-03-07 16:28:28 -03:00
README.md Document Git LFS runtime bundle workflow 2026-03-07 17:14:52 -03:00
uv.lock Bundle firecracker runtime and switch ollama demo to live logs 2026-03-05 20:20:36 -03:00

README.md

pyro-mcp

pyro-mcp is a Firecracker-backed sandbox for coding agents.

It exposes the same runtime in two public forms:

  • a pyro CLI
  • a Python SDK via from pyro_mcp import Pyro

It also ships an MCP server so LLM clients can use the same VM runtime through tools.

Public UX

Primary install/run path:

uvx --from pyro-mcp pyro mcp serve

Installed package path:

pyro mcp serve

The public user-facing interface is pyro and Pyro. Makefile targets are contributor conveniences for this repository and are not the primary product UX.

Repository Storage

This repository uses Git LFS for the packaged runtime images under src/pyro_mcp/runtime_bundle/.

Fresh contributor setup:

git lfs install
git clone <repo>
cd pyro
git lfs pull
make setup

The large files tracked through LFS are:

  • src/pyro_mcp/runtime_bundle/**/rootfs.ext4
  • src/pyro_mcp/runtime_bundle/**/vmlinux

If you are working from an older clone created before the LFS migration, reclone or realign your branch to the rewritten history before doing more work.

Capabilities

  • Firecracker microVM execution with bundled runtime artifacts
  • standard profiles:
    • debian-base
    • debian-git
    • debian-build
  • high-level one-shot execution via vm_run / Pyro.run_in_vm(...)
  • low-level lifecycle control when needed:
    • vm_create
    • vm_start
    • vm_exec
    • vm_stop
    • vm_delete
    • vm_status
    • vm_network_info
    • vm_reap_expired
  • outbound guest networking with explicit opt-in

Requirements

  • Linux host
  • /dev/kvm
  • Python 3.12+
  • host privilege for TAP/NAT setup when using guest networking

The current implementation uses sudo -n for ip, nft, and iptables when networked runs are requested.

CLI

Start the MCP server:

pyro mcp serve

Run one command in an ephemeral VM:

pyro run --profile debian-git --vcpu-count 1 --mem-mib 1024 -- git --version

Run with outbound internet enabled:

pyro run --profile debian-git --vcpu-count 1 --mem-mib 1024 --network -- \
  "git clone --depth 1 https://github.com/octocat/Hello-World.git hello-world && git -C hello-world rev-parse --is-inside-work-tree"

Show runtime and host diagnostics:

pyro doctor

Run the deterministic demo:

pyro demo
pyro demo --network

Run the Ollama demo:

ollama serve
ollama pull llama:3.2-3b
pyro demo ollama

Verbose Ollama logs:

pyro demo ollama -v

Python SDK

from pyro_mcp import Pyro

pyro = Pyro()
result = pyro.run_in_vm(
    profile="debian-git",
    command="git --version",
    vcpu_count=1,
    mem_mib=1024,
    timeout_seconds=30,
    network=False,
)
print(result["stdout"])

Lower-level lifecycle control remains available:

from pyro_mcp import Pyro

pyro = Pyro()
created = pyro.create_vm(
    profile="debian-git",
    vcpu_count=1,
    mem_mib=1024,
    ttl_seconds=600,
    network=True,
)
vm_id = created["vm_id"]
pyro.start_vm(vm_id)
result = pyro.exec_vm(vm_id, command="git --version", timeout_seconds=30)
print(result["stdout"])

MCP Tools

Primary agent-facing tool:

  • vm_run(profile, command, vcpu_count, mem_mib, timeout_seconds=30, ttl_seconds=600, network=false)

Advanced lifecycle tools:

  • vm_list_profiles()
  • vm_create(profile, vcpu_count, mem_mib, ttl_seconds=600, network=false)
  • vm_start(vm_id)
  • vm_exec(vm_id, command, timeout_seconds=30)
  • vm_stop(vm_id)
  • vm_delete(vm_id)
  • vm_status(vm_id)
  • vm_network_info(vm_id)
  • vm_reap_expired()

Runtime

The package ships a bundled Linux x86_64 runtime payload with:

  • Firecracker
  • Jailer
  • guest kernel
  • guest agent
  • profile rootfs images

No system Firecracker installation is required.

Runtime diagnostics:

pyro doctor

The doctor report includes:

  • runtime integrity
  • component versions
  • capability flags
  • KVM availability
  • host networking prerequisites

Contributor Workflow

For work inside this repository:

make help
make setup
make check

Runtime build and validation helpers remain available through make, including:

  • make runtime-bundle
  • make runtime-materialize
  • make runtime-boot-check
  • make runtime-network-check

Space cleanup after runtime work:

rm -rf build
git lfs prune

Recreating .venv/ is also a straightforward way to reclaim local disk if needed.