We're excited to announce the public preview of Azure Container Apps dynamic sessions. Azure Container Apps is a serverless platform that enables you to run containerized workloads without managing the underlying infrastructure. Dynamic sessions adds the ability to execute untrusted code in secure, sandboxed environments at scale.
When you build applications that run code or commands from untrusted sources, you must ensure that the code runs in its own isolated environment. Dynamic sessions provide secure, ephemeral sandboxes called "sessions" for running potentially malicious code. Each session runs in its own Hyper-V virtualization boundary — ensuring complete isolation from other sessions and resources.
Dynamic sessions are ideal for running untrusted code in hostile multi-tenant scenarios such as:
- Running code generated by a large language model (LLM).
- Running code or commands submitted by cloud application users.
- Running cloud-based development environments, terminals, and more.
To build a secure and efficient compute environment for these scenarios, you need to possess strong security expertise and invest in building and maintaining a secure infrastructure at high scale. Azure Container Apps dynamic sessions abstracts away the complexity of managing secure sandboxes, allowing you to focus on building your application.
Tested and proven
With dynamic sessions, you now have access to the same battle-tested and highly scalable technology that Microsoft relies on to power unique features and experiences. Every day, millions of sessions are used to securely run untrusted code.
Instant code execution
Azure Container Apps automatically manages pools of resources to ensure there's always a session that's ready to use. It takes just milliseconds to access a session and execute code. Each session maintains state and can be reused for multiple code executions in a single security context. Sessions are ephemeral and are automatically cleaned up after a configurable idle timeout.
Built-in code interpreter
Out of the box, dynamic sessions comes with a built-in Python code interpreter that's preinstalled with many popular libraries. You can execute Python code by calling a simple REST API. The code interpreter also supports uploading and downloading files, allowing you to bring your own Python modules or import data or files to process.
Sessions using the built-in code interpreter are billed on a consumption basis at US$0.03 per session-hour.
LangChain, LlamaIndex, and Semantic Kernel integrations
Recently, AI agents have seen a surge in popularity. A limitation of these agents is that the LLMs they rely on are unable to perform certain tasks involving math and other computations. When given access to dynamic sessions’ code interpreter, an LLM can write Python code to solve complex problems and an agent executes it to produce accurate responses.
However, LLM-generated code occasionally produces unpredictable results, and the code may be harmful when given malicious input. So, it's important to provide each AI agent conversation with its own isolated code interpreter.
You can integrate the code interpreter in dynamic sessions with popular AI agent frameworks in a few lines of code. To learn more, see the tutorial for each framework:
More integrations are on the way. If you have suggestions, please let us know or contribute an integration to that project directly.
Custom container sessions
Do you want to build your own custom code interpreter or have an entirely different scenario to run in dynamic sessions? You can bring your own custom container. We'll have more to share next week at Microsoft Build.
Get started with code interpreter sessions
Use Azure Container Apps dynamic sessions today. Learn more in our documentation.
Join us at PyCon US 2024
If you're at PyCon US 2024, come to our session on May 16 or visit our booth to learn more about dynamic sessions.
More at Microsoft Build 2024
We'll have more next week at Microsoft Build, including custom container sessions and Azure portal experiences. Join us in our session BRK131: Serverless architectures: Effortless Intelligent Apps at extreme scale