Aegis Orchestrator

Welcome to AEGIS

AEGIS is an open-source orchestrator for running autonomous AI agents in isolated, policy-enforced runtimes.

Welcome to AEGIS

AEGIS is a self-hosted orchestrator that manages the full lifecycle of autonomous AI agents — from manifest deployment through iterative execution, workflow coordination, multi-agent swarms, and secure tool access.

Agents are defined as declarative YAML manifests, executed inside isolated containers (Docker or Podman), and interact with external tools exclusively through the AEGIS orchestrator proxy. Firecracker micro-VM isolation is planned for a later phase. The orchestrator enforces security policies, manages credentials, routes tool calls, and handles storage — agents themselves are stateless compute processes.

Core Capabilities

CapabilityDescription
Declarative agent manifestsDefine agents as Kubernetes-style YAML with apiVersion, kind, metadata, and spec. Deploy, update, pause, and delete agents via CLI or gRPC API.
100monkeys iterative executionAgents run in a supervised loop: generate output → validate → inject feedback → retry. Up to 10 iterations per execution. Validation is gradient-scored (0.0–1.0), not binary pass/fail.
Workflow FSMsCompose multiple agents into durable finite state machines backed by Temporal.io. States can be agent executions, system commands, or human approval gates.
Multi-agent swarmsA parent agent can spawn child executions, pass messages between agents, and coordinate on shared resources using TTL-backed locks.
SEAL tool routingAll MCP tool calls are proxied through the orchestrator with Ed25519-signed envelopes. Agents never hold credentials — the orchestrator resolves secrets and enforces Cedar-based policy rules per call.
Storage volumesAgents mount ephemeral or persistent volumes over a user-space NFSv3 server. The orchestrator intercepts every POSIX operation for authorization, path validation, and audit logging.
BYOLLMAgent manifests reference model aliases. Node config maps aliases to providers (OpenAI, Anthropic, Ollama). Swap models without redeploying agents.
gRPC + HTTP APIsFull aegis.runtime.v1 gRPC service with bidirectional streaming for execution events. HTTP endpoints for agent bootstrap communication.

Where to Start

I want to deploy and run my first agentGetting Started — install the binary, start the stack, run a demo agent.

I want to understand how agents workAgents — manifest format, lifecycle, runtime selection. → The Execution Loop — how the 100monkeys loop and inner tool interception work.

I want to build a multi-agent workflowWorkflows — FSM manifests, Blackboard context, state types. → Building Workflows — step-by-step guide with the Forge reference workflow.

I want to understand security and tool accessSecurity Model — the two-layer security model. → SEAL: Signed Envelope Attestation Layer — attestation flow, signed envelopes, policy enforcement.

I'm deploying AEGIS to productionInfrastructure Overview — dependencies, topology, hardware requirements. → Podman Deployment — platform deployment with Podman pods, profiles, and Makefile automation. → Deployment Profiles — minimal, development, and full deployment profiles. → Node Configuration Reference — annotated aegis-config.yaml.

I need the API or CLI referenceCLI Reference — all aegis subcommands and flags. → gRPC API Referenceaegis.runtime.v1 service methods. → Agent Manifest Reference — every manifest field.

Architecture at a Glance

┌─────────────────────────────────────────────────────────┐
│                    AEGIS Orchestrator                   │
│                                                         │
│  ┌──────────────┐  ┌──────────────┐  ┌──────────────┐  │
│  │ Agent        │  │ Execution    │  │ Workflow     │  │
│  │ Lifecycle    │  │ Supervisor   │  │ Engine       │  │
│  └──────────────┘  └──────────────┘  └──────────────┘  │
│                                                         │
│  ┌──────────────┐  ┌──────────────┐  ┌──────────────┐  │
│  │ SEAL / Tool  │  │ Storage      │  │ Swarm        │  │
│  │ Router       │  │ Gateway      │  │ Coordinator  │  │
│  └──────────────┘  └──────────────┘  └──────────────┘  │
│                                                         │
│  ┌──────────────┐  ┌──────────────┐  ┌──────────────┐  │
│  │ Secrets      │  │ IAM /        │  │ Event Bus    │  │
│  │ (OpenBao)    │  │ Keycloak     │  │ (broadcast)  │  │
│  └──────────────┘  └──────────────┘  └──────────────┘  │
└─────────────────────────────────────────────────────────┘
          │                                │
          │ NFS mount                      │ gRPC / HTTP
          ▼                                ▼
┌──────────────────┐           ┌────────────────────────┐
│  Agent Container │           │  CLI / Zaru Client /   │
│  (Docker or      │           │  SDK Client            │
│   Podman)        │           └────────────────────────┘
└──────────────────┘


┌──────────────────┐    ┌──────────────┐    ┌──────────────┐
│   PostgreSQL     │    │  SeaweedFS   │    │  Temporal    │
│   (state)        │    │  (volumes)   │    │  (workflows) │
└──────────────────┘    └──────────────┘    └──────────────┘

Licensing

AEGIS is licensed under AGPL-3.0. The AGPL-3.0 copyleft requirement applies to modified versions, including those run as network services. See LICENSE in the repository for the full text.

Getting Started

Install AEGIS, start the local stack, and run your first agent execution.

On this page

Welcome to AEGISCore CapabilitiesWhere to StartArchitecture at a GlanceLicensing