- Posted on
- • Artificial Intelligence
AI Agents for DevOps Teams
- Author
-
-
- User
- linuxbash
- Posts by this author
- Posts by this author
-
AI Agents for DevOps Teams: A Bash-First Playbook
Ever been paged at 2:14 a.m. for a cascading failure and watched precious minutes disappear while triaging logs and guessing at root cause? AI agents can compress that time-to-clarity from minutes to seconds. With a little glue (read: Bash), you can add AI-driven triage, change-risk assessment, and runbook generation to your DevOps toolkit—without replatforming your stack.
This article explains why this matters, then gives you three practical, copy-paste-able Bash tools that hook into OpenAI-compatible APIs (OpenAI, Azure OpenAI, or your company’s internal endpoint) to reduce toil and accelerate incident response.
Why AI Agents for DevOps Are Real (and Useful)
They optimize the “thinking” steps, not just the “doing.” LLMs excel at summarization, pattern-matching, and hypothesis generation—perfect for triaging noisy signals.
They respect your current tools. You don’t need a new platform. Bash +
curl+jqcan orchestrate powerful AI calls right from your CI/CD, servers, or laptops.They reduce context-switching. Pack log analysis, change-risk estimation, and runbook drafting into fast, composable scripts you can automate and audit.
Below are three agents you can implement today.
Prerequisites
These scripts use standard Linux utilities and an OpenAI-compatible API.
Tools required:
curl,jq,git(for the change-risk script), andjournalctl(systemd-based logs).An API key for an OpenAI-compatible endpoint.
- Example: OpenAI – set
OPENAI_API_KEY, and optionally overrideOPENAI_BASE_URLif you use a different provider.
- Example: OpenAI – set
Installation instructions (choose your package manager):
- Debian/Ubuntu (apt):
sudo apt update
sudo apt install -y curl jq git
- Fedora/RHEL/CentOS (dnf):
sudo dnf install -y curl jq git
- openSUSE Leap/Tumbleweed (zypper):
sudo zypper install -y curl jq git
Environment variables to set (adapt for your provider/model):
export OPENAI_API_KEY="sk-REPLACE_ME"
export OPENAI_BASE_URL="https://api.openai.com/v1" # or your internal compatible endpoint
export OPENAI_MODEL="gpt-4o-mini" # or your chosen model
Agent 1: AI Log Triage (journalctl/syslog)
Goal: Turn noisy logs into a concise situation report (what likely broke, why it broke, and what to try next), in under 10 seconds.
Create ai-triage.sh:
#!/usr/bin/env bash
set -euo pipefail
: "${OPENAI_API_KEY:?Set OPENAI_API_KEY}"
MODEL="${OPENAI_MODEL:-gpt-4o-mini}"
BASE="${OPENAI_BASE_URL:-https://api.openai.com/v1}"
# Collect recent noisy signals (adjust to taste)
LOGS="$(journalctl -p warning -S -2h -o short-iso 2>/dev/null \
| sed 's/\x1b\[[0-9;]*m//g' \
| tail -n 2000 \
| head -c 120000)"
if [ -z "$LOGS" ]; then
echo "No recent warning+ logs found in the last 2h via journalctl." >&2
exit 1
fi
# Build request body safely with jq
REQ=$(jq -n \
--arg model "$MODEL" \
--arg logs "$LOGS" \
'{
model: $model,
temperature: 0.2,
messages: [
{
role: "system",
content: "You are a senior SRE. Triangulate probable root cause from logs, list 2–3 hypotheses, and propose next investigative commands. Be concise."
},
{
role: "user",
content: ("Triage the following Linux logs (last 2h, warning+). Provide:\n- Probable cause\n- 2–3 hypotheses\n- Next commands to run\n\nLogs:\n```\n" + $logs + "\n```")
}
]
}')
RESP=$(curl -sS "$BASE/chat/completions" \
-H "Authorization: Bearer $OPENAI_API_KEY" \
-H "Content-Type: application/json" \
-d "$REQ")
echo "$RESP" | jq -r '.choices[0].message.content // "No content returned."'
Usage:
bash ai-triage.sh
What you get: A terse triage summary plus commands to run next (e.g., test DNS, check disk I/O saturation, restart a flapping unit). Drop this into cron or your alert handler to reduce time-to-first-action.
Agent 2: AI Change-Risk Assessor (Git diffs)
Goal: Before merging, quickly assess whether a change is risky, what could break, and which tests/rollbacks to have ready. This complements, not replaces, code review and automated tests.
Create ai-risk.sh:
#!/usr/bin/env bash
set -euo pipefail
: "${OPENAI_API_KEY:?Set OPENAI_API_KEY}"
MODEL="${OPENAI_MODEL:-gpt-4o-mini}"
BASE="${OPENAI_BASE_URL:-https://api.openai.com/v1}"
# Default: compare staged changes; override with args, e.g., "HEAD~1..HEAD"
RANGE="${1:-HEAD}"
# If RANGE is a commit-ish, show its diff; otherwise assume a range
if git rev-parse --verify -q "$RANGE" >/dev/null 2>&1; then
DIFF="$(git show --no-color "$RANGE" | head -c 120000)"
else
DIFF="$(git diff --no-color "$RANGE" | head -c 120000)"
fi
if [ -z "$DIFF" ]; then
echo "No diff content found for: $RANGE" >&2
exit 1
fi
PROMPT='You are a DevOps reviewer. Classify deployment risk and return strict JSON:
{
"risk_level": "low|medium|high",
"reasons": ["..."],
"blast_radius": ["services or components potentially affected"],
"pre_deploy_checks": ["shell commands or tests to run before deploy"],
"post_deploy_monitors": ["metrics/logs to watch after release"],
"rollback_plan": ["steps to revert safely"]
}
Base your assessment solely on the following unified diff.'
REQ=$(jq -n \
--arg model "$MODEL" \
--arg diff "$DIFF" \
--arg prompt "$PROMPT" \
'{
model: $model,
temperature: 0.1,
response_format: { type: "json_object" },
messages: [
{role: "system", content: $prompt},
{role: "user", content: ("Diff:\n```\n" + $diff + "\n```")}
]
}')
RESP=$(curl -sS "$BASE/chat/completions" \
-H "Authorization: Bearer $OPENAI_API_KEY" \
-H "Content-Type: application/json" \
-d "$REQ")
echo "$RESP" | jq -r '.choices[0].message.content' | jq .
Usage examples:
# Assess staged changes
bash ai-risk.sh
# Assess a specific commit
bash ai-risk.sh HEAD
# Assess a range
bash ai-risk.sh origin/main..HEAD
Pro tip: Gate merges on “risk_level != high” or auto-attach the JSON to PRs for reviewers.
Agent 3: AI Runbook Generator (from alerts)
Goal: When an alert fires, produce a focused, executable runbook with verification and rollback steps. Saves time during incidents and helps train new team members.
Create ai-runbook.sh:
#!/usr/bin/env bash
set -euo pipefail
: "${OPENAI_API_KEY:?Set OPENAI_API_KEY}"
MODEL="${OPENAI_MODEL:-gpt-4o-mini}"
BASE="${OPENAI_BASE_URL:-https://api.openai.com/v1}"
ALERT_TITLE="${1:-Generic Alert}"
ALERT_SUMMARY="${2:-No summary provided.}"
# Optional: pipe logs/metrics narrative in via stdin
STDIN_DATA="$(cat - || true | head -c 120000)"
PROMPT="You write incident runbooks for Linux/DevOps teams. Output GitHub-Flavored Markdown with:
- Context (1–2 sentences)
- Preconditions (bulleted)
- Step-by-step Resolution (numbered, with Bash commands in fenced code blocks)
- Verification (what to check to confirm success)
- Rollback (how to safely revert)
- Time/Impact estimates (rough)
Be terse and operationally precise. Prefer safe, observable steps."
USER="Alert: $ALERT_TITLE
Summary: $ALERT_SUMMARY
Additional signals/logs:
$STDIN_DATA
"
REQ=$(jq -n \
--arg model "$MODEL" \
--arg sys "$PROMPT" \
--arg user "$USER" \
'{
model: $model,
temperature: 0.2,
messages: [
{role: "system", content: $sys},
{role: "user", content: $user}
]
}')
RESP=$(curl -sS "$BASE/chat/completions" \
-H "Authorization: Bearer $OPENAI_API_KEY" \
-H "Content-Type: application/json" \
-d "$REQ")
echo "$RESP" | jq -r '.choices[0].message.content // "No content returned."'
Usage:
# Minimal
bash ai-runbook.sh "High 5xx in API Gateway" "Spike in 5xx since 12:10 UTC"
# With additional logs piped in
journalctl -u nginx -S -30m | bash ai-runbook.sh "Nginx 5xx Surge" "Elevated error rates in region A"
Store outputs with timestamps in a runbooks/ directory and commit them for audit and learning.
Real-World Integration Ideas
CI/CD: Run ai-risk.sh on PRs and post JSON to the PR description or a check summary.
On-call: When an alert triggers, call ai-triage.sh first; if risky, auto-generate a runbook draft via ai-runbook.sh and attach it to the incident ticket.
Postmortems: Feed the final logs and diffs into ai-runbook.sh to create a draft remediation document, then edit collaboratively.
Hardening and Ops Considerations
Data minimization: Truncate/redact secrets before sending to APIs. Consider an internal, compliant LLM endpoint for sensitive logs.
Guardrails: Never let agents auto-execute changes in production without human approval. Start read-only; move to suggest-only; then add supervised automations.
Observability: Log all prompts/responses. Keep the JSON from ai-risk.sh with your build artifacts for traceability.
Rate limits and cost: Batch calls, cap input sizes, and cache summaries if repeatedly analyzing similar logs.
Conclusion and Next Step (CTA)
AI agents won’t replace your runbooks or experience—but they will shrink the time from signal to insight. Start small:
Install the prerequisites.
Drop these three scripts into your repo.
Wire them into your CI and on-call workflows.
Iterate with your team’s feedback.
Want to go deeper? Next, add:
Source-aware context (grep docs/configs and include relevant snippets).
Environment-aware prompts (pass service names, regions, SLOs).
Safe autorem mediation (generate commands + require a human to approve).
If this was useful, try these scripts on your next incident or PR and share what you learn. Your future 2 a.m. self will thank you.