DEV Community

Cover image for How I Built an Autonomous SRE (and made it into the OpenAI Cookbook!)
AWS Community Builders profile image Zaynul Abedin Miah
Zaynul Abedin Miah for AWS Community Builders

Posted on

How I Built an Autonomous SRE (and made it into the OpenAI Cookbook!)

#aws #devops #kubernetes #openai

Taming GPT-4o for Production EKS

Let’s be brutally honest for a second: the idea of letting an LLM blindly run kubectl apply on your production AWS EKS cluster is terrifying.

It is the stuff of late-night DevOps nightmares. One rogue hallucination, an accidental namespace change, or a sudden ClusterRoleBinding injection, and your entire infrastructure could be compromised.

As an AWS Community Builder and AWS Student Builder Group Leader managing developer ecosystems in the Global South, I see developers rushing to integrate GenAI into their pipelines every day. But zero-shot LLM generation for live infrastructure isn't just risky it's mathematically unsafe.

I call this the "Infrastructure Hallucination" problem.

To solve this, I built Kube-AutoFix: an autonomous Kubernetes debugging agent that acts as a Staff-Level SRE. It doesn’t just guess; it deploys, monitors, debugs, and mathematically validates its fixes. The architecture proved so resilient that it successfully passed a grueling security review by the OpenAI Codex bot and was officially merged into the OpenAI Cookbook.

Here is exactly how I built it, and the guardrails you need to start building safe agentic workflows.

The 'Infrastructure Hallucination' Problem

When standard LLMs attempt Infrastructure as Code (IaC), they fail gracefully, which is the most dangerous kind of failure.

They will confidently generate YAML that looks perfect but contains fatal flaws:

  • Syntax Hallucinations: Adding random markdown fences (yaml) inside the execution pipeline.
  • Scope Creep: Deciding your deployment needs a new ServiceAccount with elevated privileges just because it saw a similar pattern in its training data.
  • Destructive State Changes: Modifying core invariants like the Namespace or overriding Replica counts during a hotfix.

You cannot pipe probabilistic text generation directly into a deterministic system like AWS EKS without a strict translation layer.

Enter Kube-AutoFix & Structured Outputs

To bridge this gap, I designed a closed-loop Agentic Workflow: Deploy ➡️ Monitor ➡️ Debug ➡️ Fix.

The Tech Stack:

  • Python 3.11 (The glue)
  • Kubernetes Python Client (For raw cluster interaction)
  • AWS EKS (Amazon Elastic Kubernetes Service for testing)
  • OpenAI SDK (GPT-4o) (The reasoning engine)
  • Pydantic (The ultimate gatekeeper)

The secret sauce here is OpenAI’s Structured Outputs. By wrapping our expected YAML fix in a Pydantic schema, we force GPT-4o to adhere to a strict JSON schema at the API level. It stops acting like a creative writer and starts acting like a deterministic function.

But even Structured Outputs aren't enough for a production cluster. We need guardrails.

Building the Ultimate Guardrails (Surviving the OpenAI Code Review)

Getting a PR merged into the official OpenAI Cookbook is no walk in the park. The automated Staff-Level CI/CD review by the OpenAI Codex bot is unforgiving when it comes to system security.

To pass the review, I had to architect three massive guardrails into Kube-AutoFix:

1. Mathematical YAML Validation

LLMs love to wrap code in markdown (yaml). If you pass that to kubectl, it crashes. Kube-AutoFix intercepts the LLM's response, strips any hallucinated markdown formatting using regex, and strictly parses the string through yaml.safe_load_all(). If it isn't mathematically valid YAML, it never touches the cluster.

2. Deny-by-Default Architecture

Kube-AutoFix operates on a strict "Zero Trust" model. Before applying a fix, the agent parses the kind of Kubernetes resource the LLM is trying to deploy. If the LLM tries to sneak in a Role, ClusterRoleBinding, or DaemonSet when it was only authorized to fix a Deployment, the agent immediately rejects the payload.

3. Strict Structural Invariants

This was the final boss of the security review. How do you ensure the LLM fixes a crashing pod without altering the architecture? You lock the state. Kube-AutoFix extracts the original Namespace, Replica count, Deployment Name, and Container Ports from the failing cluster state and forces them onto the LLM's generated YAML. Even if GPT-4o hallucinates a scale-up to 50 replicas, Kube-AutoFix overrides it back to the original count before execution.

☁️ Why This Matters for AWS Builders

As an AWS Community Builder, I look at this pattern and see the future of cloud engineering.

The concepts driving Kube-AutoFix aren't limited to EKS and Kubernetes. This exact closed-loop, deterministic agentic pattern can (and should) be applied across the AWS ecosystem:

  • Amazon Bedrock: Wrapping your custom Foundation Models in Pydantic to generate safe, deployable AWS CloudFormation templates.
  • AWS CDK: Using agents to debug failing CDK synthesizer states and propose structurally validated TypeScript fixes.
  • Automated Incident Response: Hooking an agentic workflow into Amazon CloudWatch alarms to autonomously remediate CPU throttling without human intervention.

We are moving away from "AI that writes code" to "AI that safely operates infrastructure."

Conclusion

Seeing Kube-AutoFix PR reviewed into the OpenAI Cookbook was a massive milestone. It proves that with the right guardrails, we can trust AI with the keys to our infrastructure without losing sleep.

If you are a DevOps fanatic, or just curious about Agentic AI, I'd love for you to dig into the code!

🔗 Check out the source code here: Kube-AutoFix on GitHub

Let’s discuss in the comments: How are you currently integrating AI into your CI/CD or infrastructure pipelines? Are you using agents, or sticking strictly to code-generation assistants? Let me know! 👇

Top comments (0)