Creating a Multi‑User Container‑Based AI Agent System with ReAct and Docker

Overview

The article describes how to build a multi‑user AI agent framework called Manus that runs code and browser automation inside isolated Docker containers for safety and scalability. The workflow consists of four steps: (1) creating a Python code‑execution tool, (2) creating a browser‑automation tool, (3) assembling prompts and a ReAct agent, and (4) testing the system and planning future improvements.

01 Build Tool: Python Code Executor (Docker)

A utility function execute_code_docker launches a temporary Docker container, runs arbitrary code, and returns the result as a JSON string. The function accepts the code, the language ("python", "bash" or "sh"), a user_id to isolate users, and an optional task_id for task continuity.

def execute_code_docker(code: str, language: str, user_id: str, task_id: str) -> str:
    """Execute code inside a Docker container.
    Args:
        code: Code to run.
        language: "python", "bash" or "sh".
        user_id: Identifier for the user (isolates containers).
        task_id: Existing task ID or None to create a new one.
    Returns:
        JSON string containing stdout, stderr and execution metadata.
    """
    # ... implementation omitted ...
    return json.dumps(result_data)

The function is wrapped as a LangChain FunctionTool so the agent can invoke it.

def create_code_executor_docker_tool():
    """Create a Docker code‑executor tool for the agent."""
    return FunctionTool.from_defaults(
        name="docker_code_executor",
        description="Execute Python or Shell code inside a Docker container. Provide user_id and optional task_id.",
        fn=execute_code_docker,
    )

02 Build Tool: Browser Automation (Docker)

The browser‑automation tool runs a Web Agent inside a container. The agent is instantiated with a configured Browser instance and then executes a task description.

# Initialise the browser inside the container
browser = Browser(config=browser_config)
# Create the agent with the required components
agent = Agent(
    task=task,
    llm=llm,
    use_vision=use_vision,
    max_failures=max_failures,
    max_actions_per_step=max_actions,
    browser=browser,
)
result = await agent.run()

A helper function builds a shell command that runs the agent script inside the container.

def execute_browser_task(task_description: str, user_id: str = "default", task_id: Optional[str] = None) -> str:
    """Run a browser task in a Docker container and return the JSON result.
    Args:
        task_description: Text describing the browser work.
        user_id: Identifier for the user.
        task_id: Existing task ID or None.
    Returns:
        JSON string with execution outcome.
    """
    shell_code = f'python /app/agent_browser.py -t "{task_description}"'
    result = container.execute(shell_code, "bash")
    # ... further processing ...
    return result

This function is also wrapped as a LangChain tool.

03 Assemble Prompts and ReAct Agent

Two auxiliary tools are introduced:

CodeGenerator : a dedicated tool (or separate agent) that generates code, allowing the main reasoning LLM to focus on orchestration.

WebpageCrawler : a simple crawler used for testing and data collection.

Prompt engineering combines a generic code‑generation prompt with the task description and optional context, forcing the LLM to return only code.

prompt = f"""
{CODE_GENERATION_PROMPT}
Task description: {task_description}
Additional context: {additional_context}

Please return only the code without explanations.
"""

The ReAct agent is created with all tools, a maximum of 20 iterations, and verbose output.

_agents[user_id] = ReActAgent.from_tools(
    max_iterations=20,
    tools=[
        tool_code_generator,
        tool_code_executor_docker,
        tool_browser_docker,
        tool_webpage_crawler,
    ],
    llm=llm,
    verbose=True,
    context=REACT_AGENT_CONTEXT,
)

04 Testing and Future Improvements

In production the agent can be exposed via Flask or FastAPI; the article demonstrates a simple client simulation that supplies a user ID , a task description , and an optional input file . Example tasks include querying YouTube trends, demonstrating the Tower of Hanoi algorithm, extracting PDF invoice data, generating synthetic sales data, and visualising analysis results.

Key limitations observed:

Unpredictable behaviour of LLM‑driven agents, especially for long‑range planning.

Inconsistent code generation leading to execution failures.

Insufficient task‑planning capability; the agent often starts acting without a full execution plan.

Toolset is limited to code execution and browsing.

Need for asynchronous task handling, human‑in‑the‑loop pauses, and performance optimisation for concurrent users.

Proposed improvements:

Introduce a preliminary planning phase (e.g., generate a full task plan before the ReAct loop).

Solidify common task patterns via specialised prompts, retrieval‑augmented generation (RAG) or fine‑tuning.

Adopt workflow orchestration for enterprise scenarios to increase predictability.

Add long‑term memory to retain user preferences across sessions.

Expand the toolbox with domain‑specific agents (e.g., data‑extraction, image‑processing).

Implement asynchronous execution, task queuing and notification mechanisms.

Source code and full implementation are available at https://github.com/pingcy/agent-manus.