Daytona

Daytona is open-source infrastructure purpose-built for running AI-generated and untrusted code in isolated, elastic sandboxes. We rate it 82/100 — in 2026 it is the most credible open-source answer to E2B and Modal for teams building production AI agents that need sub-100ms boot times and stateful, persistent execution environments.

What is Daytona?

Daytona is built by Daytona Platforms, Inc., the team led by former JetBrains Spaces engineers, and first hit GitHub in February 2024. Originally pitched as a self-hosted development environment manager — a Codespaces alternative — the company pivoted in early 2025 to focus exclusively on a more lucrative problem: a secure, low-latency runtime for code generated by AI agents.

The product is a managed cloud sandbox service plus a fully open-source stack you can self-host (license: AGPL-3.0, after an earlier Apache 2.0 era). As of May 2026 the official repository sits at 72,400+ stars, the company has raised $31M total (including a $24M Series A in February 2026 led by FirstMark Capital), and crossed $1M ARR in under three months after the agent-runtime pivot.

The core technical bet: pre-warmed Docker-based sandboxes that boot in under 90 milliseconds, expose Python, TypeScript, Ruby and Go SDKs, and persist state across runs. That makes it dramatically more practical than spinning up a fresh container per agent step — which is what most teams were doing in 2024 with raw Docker or Firecracker.

Key Features of Daytona

• Sub-90ms sandbox creation: Pre-warmed sandbox pools mean an agent can spin up a fresh isolated environment in well under a tenth of a second — about 20× faster than cold-starting a Docker container in the same data center.
• Stateful, resumable workspaces: Sandboxes can be stopped, archived, and resumed with installed packages, files, and processes intact. Cold storage is metered separately and is significantly cheaper than keeping a sandbox warm.
• Native SDKs in four languages: First-class Python, TypeScript, Ruby and Go SDKs with consistent APIs for file I/O, command execution, Git operations, port forwarding, and secret management.
• Computer-use and VNC built in: Every sandbox ships with a desktop environment, VNC access, and a Playwright-style screenshot API — the same primitives OpenAI and Anthropic use for browser-using agents.
• Hybrid deployment: Run fully managed on Daytona’s cloud, fully self-hosted under AGPL, or in a hybrid mode where Daytona orchestrates control-plane and your machines execute the workload.
• Snapshot and restore: Capture an entire sandbox — filesystem, environment, running processes — into a reusable image, including resource limits and network rules.

What Users Say About Daytona

Sentiment on Hacker News after the original 2024 open-source announcement was glowing on the developer-environment story (the founders’ original 15-year journey post hit the front page), and the agent-runtime pivot has earned similarly warm reactions from teams shipping production agents. Multiple r/MachineLearning threads in early 2026 cite Daytona’s stateful sandboxes as the reason they switched off raw Firecracker setups: keeping installed Python packages between agent runs cuts cold-start spend dramatically. On Northflank’s and Better Stack’s 2026 sandbox comparisons, Daytona consistently lands in the top three for agent workloads alongside E2B and Modal. Recurring complaints are also concrete: as of May 2026 the managed cloud is still single-region (us-east-1 / iad1), the default 15-minute auto-pause window is judged too long for cheap usage patterns, and Docker-based isolation — while fast — is not as airtight as Firecracker microVMs for genuinely hostile code.

Daytona Pricing

Pricing has two halves. The open-source stack is free forever under AGPL-3.0, including the dashboard, runner, and SDKs. The managed cloud bills per second for compute and memory, with $200 in free credits and 5 GB of free cold storage on signup — no credit card required.

Plan	Price	Key Limits
Self-Hosted	$0 forever (AGPL-3.0)	Unlimited sandboxes, you supply the hardware and operations.
Cloud Free	$0 with $200 credit	5 GB cold storage included, sub-90ms sandbox creation, single us-east-1 region.
Cloud Pay-as-You-Go	Per-second compute + RAM, metered storage	No minimums, stop/resume/archive lifecycle, organisation seats included.
Enterprise	Custom	SOC 2 reports, dedicated support, hybrid and on-prem deployments, custom regions.

Who Should Use Daytona?

Best for: AI engineering teams building production agents that need to execute generated code, run shell commands, or operate a desktop — especially when the agent benefits from a sandbox that remembers state between calls. Solid fit for any team currently piecing together raw Docker, Firecracker, or Kubernetes Jobs to do this themselves.

Not ideal for: teams running genuinely hostile, untrusted multi-tenant workloads where Firecracker microVM isolation is non-negotiable; teams that need a presence outside the United States today; and side projects that just need a one-off Python sandbox — E2B’s simpler pricing or self-hosted microsandbox is cheaper there.

Pros and Cons

Pros:

• Genuine open-source AGPL-3.0 stack — you can run the entire thing without a vendor relationship.
• Sub-90ms sandbox creation is the fastest documented in the category — verified by Northflank’s 2026 benchmark.
• Stateful sandbox lifecycle (start / stop / archive / resume) is genuinely cheaper for bursty agent workloads.
• Computer-use and VNC are first-class — not a bolt-on — which matters as agents move beyond pure code execution.
• SDKs in Python, TypeScript, Ruby and Go — broader than most competitors ship at this stage.

Cons:

• Managed cloud is currently single-region (us-east-1) — latency is a real issue for European or APAC traffic.
• Docker-based isolation, not Firecracker — fast, but not the strongest answer for fully untrusted code.
• Default 15-minute auto-pause keeps sandboxes warm longer than needed unless you tune it.
• AGPL-3.0 license is more restrictive than the original Apache 2.0 release — some companies will need to think about distribution carefully.
• Newer in this market than E2B and Modal — some advanced features (custom hardware, GPU sandboxes) lag a quarter behind competitors.

Alternatives to Daytona

The two most direct competitors are E2B — broader region coverage and simpler pricing, but Docker-based and arguably less feature-rich on the desktop and VNC side — and Modal, which is more of a general-purpose Python serverless platform with a sandbox SDK on top. microsandbox is the open-source, MIT-licensed alternative for teams who want Firecracker microVM isolation without a managed plane. Northflank and Blaxel sit closer to general container orchestration with sandbox features layered on. For pure self-hosted dev environments (Daytona’s original product), Coder and Gitpod remain the established choices.

Verdict: Is Daytona Worth It?

For any team shipping AI agents that execute code in 2026, Daytona deserves to be on the short list. The sub-90ms boot, stateful lifecycle, and four-language SDKs are concrete wins for agent latency and cost, and the AGPL stack means you are not locked in. The 82/100 reflects the very real concerns — single region, Docker not Firecracker, AGPL license — that mean it is not yet the obvious choice in every scenario, but the trajectory since the early-2025 pivot has been steep enough that anyone evaluating this category should benchmark Daytona before committing to a competitor.

Frequently Asked Questions

Is Daytona free?

Yes, in two ways. The full open-source stack is free under AGPL-3.0, and the managed cloud comes with $200 in compute credits and 5 GB of free cold storage on signup, no credit card required.

What platforms does Daytona support?

The Daytona CLI and dashboard run on macOS, Linux and Windows, and the SDKs target Python, TypeScript, Ruby and Go. Sandboxes themselves are Linux containers.

How does Daytona compare to E2B?

Both run AI-generated code in Docker-based sandboxes with similar boot times. Daytona ships an AGPL-licensed open-source stack and stronger desktop / VNC primitives; E2B has wider region coverage today and a simpler usage-based pricing tier. Teams that need genuinely untrusted code execution should evaluate Firecracker-based options like microsandbox alongside both.

Is Daytona open source?

Yes. The runner, dashboard, and SDKs are AGPL-3.0 on GitHub. The earlier 2024 release was Apache 2.0; the project relicensed during the 2025 agent-runtime pivot.

How fast can Daytona create a sandbox?

Daytona’s pre-warmed pools achieve sub-90 millisecond sandbox creation in benchmarks — about 20× faster than spinning up a fresh Docker container in the same data center.