AI Agent

DevOps Agent - Reference Patterns

DevOps reference patterns agent for containerization (Docker), orchestration (Kubernetes), CI/CD (GitHub Actions, Jenkins), IaC (Terraform, CloudFormation), multi-cloud (AWS, GCP, Azure) infra, monitoring, secrets, and deployments.

Docker

Kubernetes

Install

Run in your terminal

npx claudepluginhub nguyenthienthanh/aura-frog --plugin aura-frog

Details

Tool AccessAll tools

RequirementsPower tools

Agent Content

Similar Agents

build-error-resolver

6 tools

Resolves TypeScript type errors, build failures, dependency issues, and config problems with minimal diffs only—no refactoring or architecture changes. Use proactively on build errors for quick fixes.

ecc

147.8k

chief-of-staff

6 tools

Triages messages across email, Slack, LINE, Messenger, and calendar into 4 tiers, generates tone-matched draft replies, cross-references events, and tracks follow-through. Delegate for multi-channel inbox workflows.

ecc

147.8k

architect

3 tools

Software architecture specialist for system design, scalability, and technical decision-making. Delegate proactively for planning new features, refactoring large systems, or architectural decisions. Restricted to read/search tools.

ecc

147.8k

Stats

Parent Repo Stars14

Parent Repo Forks2

Last CommitMar 24, 2026

Actions

View Source View Plugin View on GitHub View README

DevOps Agent - Reference Patterns

Source: agents/devops.md Load: On-demand when deep DevOps expertise needed

Core Competencies (Detailed)

1. Containerization

Docker: Dockerfile optimization, multi-stage builds, layer caching
Image Security: Scanning (Trivy), minimal base images (Alpine, Distroless)
Best Practices: .dockerignore, health checks, non-root users
Registries: Docker Hub, ECR, GCR, ACR

2. Container Orchestration

Kubernetes: Deployments, Services, Ingress, ConfigMaps, Secrets
Manifests: YAML generation, Helm charts, Kustomize
Security: RBAC, Pod Security Policies, Network Policies
Monitoring: Prometheus, Grafana, Kubernetes Dashboard

3. CI/CD Pipelines

GitHub Actions: Workflows, matrix builds, caching, secrets
GitLab CI: .gitlab-ci.yml, runners, artifacts
Azure Pipelines: azure-pipelines.yml, agents
Jenkins: Jenkinsfile, declarative pipelines
CircleCI: config.yml, orbs

Pipeline Stages:

Build -> Test -> Security Scan -> Deploy
Automated testing (unit, integration, E2E)
Code quality checks (linting, coverage)
Dependency vulnerability scanning
Container image building and pushing
Deployment to staging/production

4. Infrastructure as Code (IaC)

Terraform: AWS, GCP, Azure providers, modules, state management
AWS CloudFormation: Templates, stacks, change sets
Pulumi: TypeScript/Python infrastructure definitions
Ansible: Playbooks, roles, inventory management

5. Cloud Platforms

AWS:

Compute: EC2, ECS, EKS, Lambda, Fargate
Storage: S3, EBS, EFS
Database: RDS, DynamoDB, Aurora
Networking: VPC, ALB, Route53, CloudFront
Security: IAM, Secrets Manager, KMS, WAF
Monitoring: CloudWatch, X-Ray

GCP:

Compute: Compute Engine, GKE, Cloud Run, Cloud Functions
Storage: Cloud Storage, Persistent Disk
Database: Cloud SQL, Firestore, BigQuery
Networking: VPC, Load Balancer, Cloud CDN
Security: IAM, Secret Manager, Cloud Armor

Azure:

Compute: VM, AKS, Container Instances, Functions
Storage: Blob Storage, Disk Storage
Database: Azure SQL, Cosmos DB
Networking: Virtual Network, Application Gateway
Security: Azure AD, Key Vault

6. Secrets Management

HashiCorp Vault: Dynamic secrets, encryption as a service
AWS Secrets Manager: Automatic rotation
Azure Key Vault: Certificates, keys, secrets
GCP Secret Manager: Version management
Environment Variables: .env files, CI/CD secrets

7. Monitoring & Logging

Monitoring: Prometheus, Grafana, Datadog, New Relic
Logging: ELK Stack (Elasticsearch, Logstash, Kibana), Loki
APM: Application Performance Monitoring
Alerting: PagerDuty, Opsgenie, Slack notifications
Tracing: Jaeger, Zipkin, AWS X-Ray

8. Deployment Strategies

Blue-Green Deployment: Zero-downtime deployments
Canary Deployment: Gradual rollout to percentage of users
Rolling Deployment: Sequential instance updates
A/B Testing: Feature flag-based deployment
Rollback: Quick revert on failures

Tech Stack Examples

Docker

# Multi-stage build example
FROM node:20-alpine AS builder
WORKDIR /app
COPY package*.json ./
RUN npm ci --only=production
COPY . .
RUN npm run build

FROM node:20-alpine
WORKDIR /app
COPY --from=builder /app/dist ./dist
COPY --from=builder /app/node_modules ./node_modules
USER node
EXPOSE 3000
HEALTHCHECK --interval=30s CMD node healthcheck.js
CMD ["node", "dist/server.js"]

Kubernetes

# Deployment + Service example
apiVersion: apps/v1
kind: Deployment
metadata:
  name: api-server
spec:
  replicas: 3
  selector:
    matchLabels:
      app: api-server
  template:
    metadata:
      labels:
        app: api-server
    spec:
      containers:
      - name: api
        image: myregistry/api:v1.0.0
        ports:
        - containerPort: 3000
        env:
        - name: DATABASE_URL
          valueFrom:
            secretKeyRef:
              name: db-secrets
              key: url
        resources:
          requests:
            memory: "256Mi"
            cpu: "250m"
          limits:
            memory: "512Mi"
            cpu: "500m"
        livenessProbe:
          httpGet:
            path: /health
            port: 3000
          initialDelaySeconds: 30
          periodSeconds: 10
---
apiVersion: v1
kind: Service
metadata:
  name: api-service
spec:
  selector:
    app: api-server
  ports:
  - protocol: TCP
    port: 80
    targetPort: 3000
  type: LoadBalancer

GitHub Actions

name: CI/CD Pipeline

on:
  push:
    branches: [main]
  pull_request:
    branches: [main]

jobs:
  test:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - uses: actions/setup-node@v3
        with:
          node-version: '20'
          cache: 'npm'
      - run: npm ci
      - run: npm run lint
      - run: npm test
      - run: npm run build

  security:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - run: npm audit
      - uses: aquasecurity/trivy-action@master
        with:
          scan-type: 'fs'
          severity: 'CRITICAL,HIGH'

  deploy:
    needs: [test, security]
    runs-on: ubuntu-latest
    if: github.ref == 'refs/heads/main'
    steps:
      - uses: actions/checkout@v3
      - uses: docker/build-push-action@v4
        with:
          push: true
          tags: myregistry/api:${{ github.sha }}
      - uses: azure/k8s-deploy@v4
        with:
          manifests: k8s/deployment.yaml
          images: myregistry/api:${{ github.sha }}

Terraform (AWS)

# VPC + EC2 example
provider "aws" {
  region = "us-east-1"
}

resource "aws_vpc" "main" {
  cidr_block = "10.0.0.0/16"
  enable_dns_hostnames = true
  tags = {
    Name = "main-vpc"
  }
}

resource "aws_subnet" "public" {
  vpc_id = aws_vpc.main.id
  cidr_block = "10.0.1.0/24"
  availability_zone = "us-east-1a"
  map_public_ip_on_launch = true
}

resource "aws_security_group" "web" {
  name = "web-sg"
  vpc_id = aws_vpc.main.id

  ingress {
    from_port = 80
    to_port = 80
    protocol = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  egress {
    from_port = 0
    to_port = 0
    protocol = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }
}

resource "aws_instance" "web" {
  ami = "ami-0c55b159cbfafe1f0"
  instance_type = "t3.micro"
  subnet_id = aws_subnet.public.id
  vpc_security_group_ids = [aws_security_group.web.id]

  user_data = <<-EOF
              #!/bin/bash
              apt-get update
              apt-get install -y docker.io
              systemctl start docker
              EOF

  tags = {
    Name = "web-server"
  }
}

Best Practices

Dockerfile

Use multi-stage builds (reduce image size)
Use specific version tags (not latest)
Run as non-root user
Use .dockerignore (exclude node_modules, .git)
Minimize layers (combine RUN commands)
Use health checks
Scan for vulnerabilities (Trivy)

Kubernetes

Set resource requests and limits
Use liveness/readiness probes
Store secrets in Secrets, not ConfigMaps
Use RBAC for access control
Implement network policies
Use namespaces for isolation
Enable horizontal pod autoscaling (HPA)

CI/CD

Run tests before deployment
Security scanning in pipeline
Automated rollback on failure
Use caching to speed up builds
Separate staging and production
Tag images with git commit SHA
Store secrets in CI/CD platform (not code)

Infrastructure as Code

Version control infrastructure code
Use modules for reusability
Implement state locking (Terraform)
Use workspaces for environments
Plan before apply
Document infrastructure changes

Typical Workflows

1. Containerize Application

Command: docker:create

Steps:

Analyze project (Node.js, Python, PHP, Go)
Generate optimized Dockerfile
Create .dockerignore
Add health check endpoint
Build and test image locally

Deliverables:

Dockerfile (multi-stage, optimized)
.dockerignore
docker-compose.yml (for local dev)
Build instructions

2. Create CI/CD Pipeline

Command: cicd:create

Steps:

Detect platform (GitHub Actions, GitLab CI, etc.)
Generate pipeline configuration
Include stages: lint, test, build, deploy
Add security scanning
Configure secrets

Deliverables:

Pipeline configuration file
Setup instructions
Secret configuration guide

3. Deploy to Kubernetes

Command: k8s:create

Steps:

Generate Deployment manifest
Create Service definition
Add Ingress (if needed)
Create ConfigMap/Secrets
Add resource limits

Deliverables:

Kubernetes manifests
Deployment guide
Kubectl commands

4. Setup Deployment

Command: deploy:setup

Steps:

Choose platform (AWS, GCP, Azure, Vercel, etc.)
Generate infrastructure code (Terraform, CloudFormation)
Create deployment scripts
Configure environment variables
Setup monitoring

Deliverables:

Infrastructure code
Deployment scripts
Environment configuration
Monitoring setup

Deliverables by Phase

Phase 1 (Understand + Design):

Deployment architecture diagram
Infrastructure requirements
Cloud provider selection

Phase 4 (Refactor + Review):

Dockerfile
CI/CD pipeline
Kubernetes manifests
Infrastructure code

Phase 5 (Finalize):

Deployment guide
Monitoring setup
Rollback procedures
Production checklist