OpenClaw with OpenShell

Confirm your environment

Verify the OS, GPU, Docker, and Python are available before installing anything.

head -n 2 /etc/os-release
nvidia-smi
docker info --format '{{.ServerVersion}}'
python3 --version

Ensure NVIDIA Sync is configured with a custom port: use "OpenClaw" as the Name and "18789" as the port.

Expected output should show Ubuntu 24.04 (DGX OS), a detected GPU, a Docker server version, and Python 3.12+.

Docker Configuration

First, verify that the local user has Docker permissions using the following command.

docker ps

If you get a permission denied error (permission denied while trying to connect to the docker API at unix:///var/run/docker.sock), add your user to the system's Docker group. This will enable you to run Docker commands without requiring sudo. The command to do so is as follows:

sudo usermod -aG docker $USER
newgrp docker

Note that you should reboot the Spark after adding the user to the group for this to take persistent effect across all terminal sessions.

Now that we have verified the user's Docker permission, we must configure Docker so that it can use the NVIDIA Container Runtime.

sudo nvidia-ctk runtime configure --runtime=docker
sudo systemctl restart docker

# Run a sample workload to verify the setup
docker run --rm --runtime=nvidia --gpus all ubuntu nvidia-smi

Install the OpenShell CLI

Create a virtual environment and install the openshell CLI.

cd ~
uv venv openshell-env && source openshell-env/bin/activate
uv pip install openshell 
openshell --help

If you don't have uv installed yet:

curl -LsSf https://astral.sh/uv/install.sh | sh
export PATH="$HOME/.local/bin:$PATH"

Expected output should show the openshell command tree with subcommands like gateway, sandbox, provider, and inference.

Deploy the OpenShell gateway on DGX Spark

The gateway is the control plane that manages sandboxes. Since you are running directly on the Spark, it deploys locally inside Docker.

openshell gateway start
openshell status

openshell status should report the gateway as healthy. The first run may take a minute while Docker pulls the required images.

Install Ollama and pull a model

Install Ollama (if not already present) and download a model for local inference.

curl -fsSL https://ollama.com/install.sh | sh
ollama --version

DGX Spark's 128GB memory can run large models:

Verify Ollama is running (it auto-starts as a service after installation). If not, start it manually:

ollama serve &

Next, run a model from Ollama (adjust the model name to match your choice from the Ollama model library). The ollama run command will pull the model automatically if it is not already present. Running the model here ensures it is loaded and ready when you use it with OpenClaw, reducing the chance of timeouts later. Example for GPT-OSS 120b:

ollama run gpt-oss:120b

Verify the model is available:

ollama list

Create an inference provider

We are going to create an OpenShell provider that points to your local Ollama server. This lets OpenShell route inference requests to your Spark-hosted model. To create a provider for the cluster, please replace {Machine_IP} with the IP Address of your DGX Spark.

openshell provider create \
    --name local-ollama \
    --type openai \
    --credential OPENAI_API_KEY=not-needed \
    --config OPENAI_BASE_URL=http://{Machine_IP}:11434/v1

Configure inference routing

Point the inference.local endpoint (available inside every sandbox) at your Ollama model:

openshell inference set \
    --provider local-ollama \
    --model gpt-oss:120b

Verify the configuration:

openshell inference get

Expected output should show provider: local-ollama and model: gpt-oss:120b (or whichever model you chose).

Deploy OpenShell Sandbox

Create a sandbox using the pre-built OpenClaw community sandbox. This pulls the OpenClaw Dockerfile, the default policy, and startup scripts from the OpenShell Community catalog:

openshell sandbox create \
  --keep \
  --forward 18789 \
  --name dgx-demo \
  --from openclaw \
  -- openclaw-start

The --keep flag keeps the sandbox running after the initial process exits, so you can reconnect later. This is the default behavior. To terminate the sandbox when the initial process exits, use the --no-keep flag instead.

The CLI will:

1. Resolve openclaw against the community catalog
2. Pull and build the container image
3. Apply the bundled sandbox policy
4. Launch OpenClaw inside the sandbox

In order to verify the default policy enabled for your sandbox, please run the following command:

openshell sandbox get <sandbox_name>

Configure OpenClaw within OpenShell Sandbox

The sandbox container will spin up and you will be guided through the OpenClaw installation process. Work through the prompts as follows.

Use the arrow keys and Enter key to interact with the installation.

• If you understand and agree, use the arrow key of your keyboard to select 'Yes' and press the Enter key.
• Quickstart vs Manual: select Quickstart and press the Enter key.
• Model/auth Provider: Select Custom Provider, the second-to-last option.
• API Base URL: update to https://inference.local/v1
• How do you want to provide this API key?: Paste API key for now.
• API key: please enter "ollama".
• Endpoint compatibility: select OpenAI-compatible and press Enter.
• Model ID: gpt-oss:120b
  • This may take 1-2 minutes as the Ollama model is spun up in the background.
• Endpoint ID: leave the default value.
• Alias: gpt-oss:120b (this is optional).
• Channel: Select Skip for now.
• Skills: Select No for now.
• Enable hooks: Select No for now and press Enter.

It might take 1-2 minutes to get through the final stages. Afterwards, you should see a URL with a token you can use to connect to the gateway.

The expected output will be similar, but the token will be unique.

OpenClaw gateway starting in background.
  Logs: /tmp/gateway.log
  UI:   http://127.0.0.1:18789/?token=9b4c9a9c9f6905131327ce55b6d044bd53e0ec423dd6189e

If you are using the Spark as the primary device, right-click on the URL in the UI section and select Open Link.

Accessing the dashboard from the host or a remote system: The dashboard URL (e.g. http://127.0.0.1:18789/?token=...) is inside the sandbox, so the host does not forward port 18789 by default. To reach it from your host or another machine, use SSH local port forwarding. From a machine that can reach the OpenShell gateway, run (replace gateway URL, sandbox-id, token, and gateway-name with values from your environment):

ssh -o ProxyCommand='/usr/local/bin/openshell ssh-proxy --gateway https://127.0.0.1:8080/connect/ssh --sandbox-id <sandbox-id> --token <token> --gateway-name openshell' -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=ERROR -N -L 18789:127.0.0.1:18789 sandbox

Then open http://127.0.0.1:18789/?token=<your-token> in your local browser.

Otherwise, if you are using NVIDIA Sync, right-click on the URL listed in the UI and select Copy Link. Next, connect to your Spark and select the OpenClaw entry. When your web browser opens the tab for OpenClaw, paste the URL in the navigation bar and press the Enter key.

From this page, you can now Chat with your OpenClaw agent within the protected confines of the runtime OpenShell provides.

Conduct Inference within Sandbox

Connecting to the Sandbox (Terminal)

Now that OpenClaw has been configured within the OpenShell protected runtime, you can connect directly into the sandbox environment via:

openshell sandbox connect dgx-demo

Once loaded into the sandbox terminal, you can test connectivity to the Ollama model with this command:

curl https://inference.local/v1/responses \
          -H "Content-Type: application/json" \
          -d '{
        "instructions": "You are a helpful assistant.",
        "input": "Hello!"
      }'

Verify sandbox isolation

Open a second terminal and check the sandbox status and live logs:

source ~/openshell-env/bin/activate
openshell term

The terminal dashboard shows:

• Sandbox status — name, phase, image, providers, and port forwards
• Live log stream — outbound connections, policy decisions (allow, deny, inspect_for_inference), and inference interceptions

Verify that the OpenClaw agent can reach inference.local for model requests and that unauthorized outbound traffic is denied.

Reconnect to the sandbox

If you exit the sandbox session, reconnect at any time:

openshell sandbox connect

To transfer files in or out (replace <sandbox-name> with your sandbox name from the creation output or from openshell sandbox list):

openshell sandbox upload <sandbox-name> ./local-file /sandbox/destination
openshell sandbox download <sandbox-name> /sandbox/file ./local-destination

Cleanup

Stop and remove the sandbox:

openshell sandbox delete <sandbox-name>

Stop the gateway (preserves state for later):

openshell gateway stop

openshell gateway destroy

To also remove the Ollama model:

ollama rm gpt-oss:120b

Next steps

• Add more providers: Attach GitHub tokens, GitLab tokens, or cloud API keys as providers with openshell provider create. When creating the sandbox, pass the provider name(s) with --provider <name> (e.g. --provider my-github) to inject those credentials into the sandbox securely.
• Try other community sandboxes: Run openshell sandbox create --from base or --from sdg for other pre-built environments.
• Connect VS Code: Use openshell sandbox ssh-config <sandbox-name> and append the output to ~/.ssh/config to connect VS Code Remote-SSH directly into the sandbox.
• Monitor and audit: Use openshell logs <sandbox-name> --tail or openshell term to continuously monitor agent activity and policy decisions.