See isolation classes for the full reference. The headline:
  • Process — fine for dev, single-tenant private mesh.
  • Jail — fine for trusted teams; not hostile-multi-tenant.
  • MicroVM — Firecracker-backed; suitable for paying tenants.
The roost picks the strongest class the host supports and fails closed if the requested floor isn’t met.