Safe Execution Model
Overview
OpsWorker is designed around a fundamental principle: AI investigates, humans decide. The platform never modifies your cluster state — it recommends actions for engineers to review and execute.
Read-Only Investigation
During investigations, the Kubernetes Agent performs only read operations:
| Allowed Operations | Blocked Operations |
|---|---|
kubectl get | kubectl apply |
kubectl describe | kubectl delete |
kubectl logs | kubectl patch |
kubectl top (metrics) | kubectl exec |
| List events | kubectl scale |
| Check endpoints | kubectl rollout |
The agent cannot create, update, delete, or execute commands in containers.
Recommendations, Not Actions
Every investigation produces recommendations — specific steps with kubectl commands. These are:
- Displayed in Slack and the portal for human review
- Never auto-executed on your cluster
- Copy-paste ready for engineers who decide to apply them
- Contextualized with the reasoning behind each recommendation
Why This Model
- Safety: No risk of AI-initiated changes in production
- Compliance: Humans maintain full control of cluster modifications
- Trust: Engineers can verify recommendations before acting
- Audit trail: Every investigation and its recommendations are logged
Human-in-the-Loop
The workflow ensures human oversight at the action stage:
flowchart LR
A[Alert] --> B[AI Investigation]
B --> C[Recommendations generated]
C --> D[Engineer reviews]
D --> E{Approve?}
E -->|Yes| F[Engineer executes commands]
E -->|No| G[Engineer takes alternative action]
OpsWorker handles the investigation (the time-consuming, repetitive part). Humans handle the decision-making and execution (the part that requires judgment and accountability).
Next Steps
- Command Generation — How commands are created
- Agent Scope — Detailed read-only access model