skyflo
Self-Hosted AI Agent for Kubernetes & DevOps. Approval-Gated. Deterministic Control Loop.
Self-Hosted AI Agent for Kubernetes & CI/CD
Docs · Architecture · Discord
Infrastructure automation tools fall into two categories.
CLI assistants translate prompts into shell commands.
Autonomous agents execute infrastructure changes without explicit approval.
Neither model guarantees a deterministic execution process or a complete audit trail.
Skyflo is a self-hosted AI agent for Kubernetes and CI/CD systems. It runs inside your cluster and executes infrastructure operations through a deterministic control loop:
Plan → Approve → Execute → Verify
Every mutating tool call is approval-gated, typed, and auditable.
Skyflo is not a CLI wrapper, not an autonomous mutation bot, and not a GitOps control plane.
It is an in-cluster AI control layer that enforces safe infrastructure changes before anything reaches production.
Quick Start
Install Skyflo inside your Kubernetes cluster.
Using Helm:
helm repo add skyflo https://charts.skyflo.ai
helm repo update skyflo
Create a values.yaml file:
engine:
secrets:
llmModel: "gemini/gemini-2.5-pro"
geminiApiKey: "AI-..."
See helm show values skyflo/skyflo for the full list of configurable values.
helm install skyflo skyflo/skyflo -n skyflo --create-namespace -f values.yaml
Using curl:
Get started quickly with the interactive installer.
curl -fsSL https://skyflo.ai/install.sh | bash
Bring your own LLM (OpenAI, Anthropic, Gemini, Groq, self-hosted). See the quick start guide.
Execution Model
Skyflo enforces a strict loop for every infrastructure change:
- Plan: generate a concrete, replayable plan
- Approve: explicit approval for every mutating tool call
- Execute: run typed tools via MCP (Kubernetes, Helm, Argo Rollouts, Jenkins)
- Verify: validate cluster state against declared intent
- Persist: store tool-level audit history
No blind kubectl apply. No silent automation. No untracked changes.
Safety Properties
- Approval gate for every mutating tool call, enforced by the engine
- Typed tool execution with schema-validated inputs
- Persisted audit trail with tool results
- Replayable control loop (plan → approve → execute → verify)
- Runs inside your cluster. No Skyflo telemetry or phone-home
- LLM-agnostic via LiteLLM. No vendor lock-in
Supported Tools
| Tool | Capabilities |
|---|---|
| Kubernetes | discovery, get/describe, logs/exec, diff-first apply, rollout history, rollbacks |
| Helm | template, install/upgrade/rollback, dry-run, diff-first safety |
| Argo Rollouts | status, pause/resume, promote/cancel, progressive delivery control |
| Jenkins | jobs/builds/logs, parameters, SCM context, build control |
All mutating tool calls require explicit approval.
Demo
Deterministic plans. Explicit approval. Verified execution.
Comparison
| Capability | CLI Assistants | Autonomous Agents | GitOps Platforms | Skyflo |
|---|---|---|---|---|
| Natural language ops | Yes | Yes | Limited | Yes |
| Mandatory mutation approval | Optional | No | PR-based | Yes |
| Deterministic control loop | No | No | Partial | Yes |
| Kubernetes + CI unified | No | Partial | No | Yes |
| In-cluster deployment | Partial | Partial | Varies | Yes |
| Team RBAC + audit | No | Limited | Yes | Yes |
| Real-time execution streaming | No | No | No | Yes |
System Architecture
| Component | Description |
|---|---|
| Engine | LangGraph workflow: planner, approval gate, verifier, persistence, auth/RBAC |
| MCP Server | Typed tools for Kubernetes, Helm, Argo Rollouts, Jenkins |
| Command Center | Next.js UI with real-time streaming, approvals, team admin |
Details: Architecture
Contributing
Apache 2.0 OSS. High-signal contributions welcome. See CONTRIBUTING.md.
License
Apache 2.0. See LICENSE.
Community
Yorumlar (0)
Yorum birakmak icin giris yap.
Yorum birakSonuc bulunamadi