Run isolated workloads on your own infrastructure. Without platform sprawl.
Mentat gives your team a private platform for Firecracker microVMs, Linux namespace sandboxes, Docker containers, and static binaries. This page is served from a sandbox — Linux namespace isolation with cgroups v2, no Docker daemon, 2MB overhead.
Docker containers share the host kernel. One exploit compromises everything. Firecracker microVMs give each service a dedicated kernel — isolated by hardware, not by software boundaries that can be bypassed.
Dedicated kernel
Each microVM boots its own Linux kernel. No shared attack surface between services.
Namespace sandboxes
Linux PID + mount + UTS + IPC isolation with cgroups v2 limits. No Docker daemon. 15KB init binary.
No shell, no tools
The VM contains a single binary. No package manager, no shell, no lateral movement.
Mars Mode
Self-healing on restart. Orphan processes, stale TAPs, ghost endpoints — cleaned automatically.
Hull Runtime
Our own container runtime. ~3 MB. No daemon. No root required.
Hull is a daemonless Linux container runtime written in Zig. A single static-musl binary orchestrates namespaces, cgroups v2, seccomp-bpf, Landlock, pivot_root, and an optional veth bridge — all without a background daemon or a containerd-shim process tree. It runs Titan ESB (Elixir/Phoenix/BEAM) in production today at www.titan-bus.com.
Binary size
~3 MB
static-musl, x86_64 + aarch64
Security layers
7
ns + cgroups + seccomp + landlock + pivot
Daemons
0
no dockerd, no containerd, no shim
Full Linux isolation stack
NEWPID + NEWNET + NEWNS + NEWUTS + NEWIPC + NEWUSER. Mount namespace unshared inside the child so pivot_root can't mutate the host. cgroups v2 for CPU/memory/pids limits.
Rootless mode
Pass --rootless and Hull runs the NEWUSER dance even as root: parent forks a userns_setup child, writes /proc/<pid>/{setgroups,gid_map,uid_map}, and the workload sees itself as uid 0 inside a brand-new user namespace. Defense in depth, zero sudo.
Bridge networking
Manifest network: bridge creates a veth pair per container, attaches one end to hull0 (10.88.0.0/24), allocates an IP from a lease dir, and wires the container side via nsenter. nftables + iptables FORWARD rules for masquerade and inter-VLAN accept, all idempotent across runs.
seccomp-bpf allowlists
Curated syscall profiles per workload: default, beam (Elixir/Erlang), dotnet (.NET AOT), node (Node.js). KILL_PROCESS on violation. Installed right before execve so even the workload's first syscall is filtered.
Landlock LSM
Filesystem allowlist using ABI v1 syscalls direct. Graceful fallback on kernels < 5.13. Default policy: rootfs read+exec, /tmp /dev /var read+write — tight enough to stop exfiltration, loose enough to run real binaries.
hull inspect
One command shows a container's live cgroup numbers, all 7 namespace inums (via readlink /proc/<pid>/ns/*), and the first 12 mount points from /proc/<pid>/mountinfo. No daemon to query — state lives in ~/.hull/state/<name>.json.
Private serverless
The serverless runtime model, without the public cloud.
AWS Lambda, Fargate, Cloudflare Workers, and Fly.io all use Firecracker microVMs for workload isolation. Mentat brings that execution model to private infrastructure, where you keep networking, data locality, and operational control.
Namespace sandboxesLinux isolation without Docker daemon
Mars ModeSelf-healing on restart — zero manual ops
Fixed IP clusteringRaft clusters inside microVMs
Live dashboardReal-time data — this page is live
Deploy experience
One YAML. One command. No SSH.
mt up reads a single recipe and converges the cluster — synthesises the container manifest, registers the service, generates the ingress block, obtains the TLS cert, builds the source, repacks the rootfs, and bounces. Idempotent. Same command creates a new service and updates an existing one.
Auto-bootstrapSeeds image from preset on first run
IdempotentSame command for create and update
mt up
Bring a service up or update it. Reads an UpFile, syncs the manifest, registers the spec, builds, deploys.
mt deploy
Update content of an existing service from a DeployFile. Skips the registration step. Same build → push → extract → bounce flow as mt up.
mt run
Submit a raw MentatFile with one or more ServiceSpecs. The low-level entry point for non-Hull drivers (Firecracker, Sandbox, Docker, Exec).
Runtime model
One control plane. Five runtime drivers.
Mentat routes each workload to the execution model that fits it best. Rust services run in Firecracker microVMs. Web apps run in Linux namespace sandboxes. Existing containers stay in Docker. Internal agents run as bare binaries. And BEAM / .NET / Node services run in Hull — our own ~3 MB daemonless container runtime.
Operations
Operate it like a real platform.
Mentat keeps service discovery, health checks, auto-scaling, and ingress updates in one place. Sandbox bases for Node.js, Python, and Java mean you deploy your code — not your infrastructure.
Auto-Scaling (ScaleWatcher)
Reads CPU and memory from cgroups v2 every 10s. When thresholds are exceeded, replicas spawn automatically. Scale down when load drops. Like K8s HPA but without metrics-server.
Caddy Dynamic Upstream
Load balancer updates instantly via Caddy Admin API — no reload, no downtime. New replicas receive traffic within milliseconds of spawning.
Auto-Restart + Health Checks
Health monitor probes every 10s. After 3 failures, the agent stops the old workload and starts a fresh one. Works for Firecracker, Docker, and Sandbox.
Sandbox Bases
Pre-built rootfs for Node.js 22, Python 3.12, Java 21, and static sites. overlayfs merges base + your code — zero manual setup. Deploy a Next.js SSR app in one YAML.
mt ps
One command to see every workload with live cgroups v2 metrics: RAM, CPU, PIDs, endpoints, and health status. Color-coded by driver.
Mars Mode
Self-healing on restart. Orphan processes, stale TAPs, ghost endpoints, Docker containers — all recovered automatically. Zero manual intervention.
mt registry — live
$ mt registry
connecting to cluster...
High availability
Multi-node Raft. Automatic failover.
The control plane replicates state via Raft consensus. If the leader dies, a follower takes over in under 3 seconds. Writes to any node are forwarded to the leader automatically.
Comparison
Kubernetes is excellent. Until it is too much platform.
Kubernetes
Control plane RAM~2,000 MB
Config formatYAML (50+ files)
Container boot300-800ms
Unikernel supportExperimental
Static binary supportRequires container
Monthly cloud cost~$800-1,200
Rollout time30-120s
Mentat
Control plane RAM~64 MB
Config formatYAML (1 file)
Container boot<10ms
Unikernel supportNative (Firecracker)
Static binary supportNative (exec driver)
Monthly cloud cost~$260 (1 VM)
Rollout time<1s
Desktop App
Your cluster. Native on your Mac.
Mentat Dashboard is a native Tauri app — no Electron, no Chrome. Real-time service monitoring, resource visualization, and deploy management from your desktop.
Live Service Monitor
All services, drivers, replicas, and deploy strategies at a glance. Auto-refreshes every 5 seconds.
Resource Visualization
RAM, CPU, and disk usage per service with progress bars. See exactly how much headroom you have.
Node Overview
KVM status, datacenter, attributes, and available resources for every node in your cluster.
Native Performance
Built with Tauri + Rust backend. ~15MB app, instant startup, uses your system webview — not a bundled browser.
Mentat Dashboard — live
Services
0
Nodes
0
RAM
0 MB
ServiceDriverEndpointsStatus
Loading...
0 endpoints healthy — auto-refresh 10s
Prefer the terminal?
mt lens gives you the same live dashboard as a TUI — ratatui + crossterm, runs anywhere with SSH access.
$ mt lens --server host:4646
Get started
Ship faster without giving up your infrastructure.
Start with the docs and CLI, then deploy Firecracker workloads, containers, and platform services under one control plane.