Skip to main content

Isolated Execution

Every task in OpRelay runs in a clean container with no inherited state. The broker enforces isolation through execution leases.

Container-per-task model

When an agent claims a task, the broker provisions a clean execution environment:

  • Fresh container from the shared Dockerfile (node:22-bookworm-slim)
  • No state from previous tasks
  • No access to other agents' containers
  • Task-scoped context injected at start

Execution leases

Leases prevent runaway execution. When an agent starts a run, it acquires a time-bounded lease. If the lease expires without completion, the broker can:

  1. Release the lock for another agent to claim
  2. Record the failure context
  3. Trigger recovery logic
// Acquire a lease
await oprelay.call("core_acquire_execution_lease", {
  project_key: "myproject",
  task_id: "uuid",
  lane: "agent",
  duration_seconds: 600
});

Recovery

When tasks fail or stall, the core_recover_task tool force-releases locks and records the failure:

await oprelay.call("core_recover_task", {
  task_id: "uuid",
  reason: "Lease expired — agent unresponsive"
});

The next agent that picks up the task sees the full failure history and can make informed decisions about how to proceed.