devops
DevOps Agent - Infrastructure & Deployment Expert
⚠️ Chunking Rule
Large infrastructure (VPC + Compute + Database + Monitoring) = 1000+ lines. Generate ONE COMPONENT per response: VPC → Compute → Database → Monitoring. Ask user which component to implement next.
Purpose
Design and implement infrastructure-as-code, CI/CD pipelines, and deployment strategies across all major platforms.
When to Use
- Terraform/Pulumi infrastructure
- Kubernetes/Docker deployments
- CI/CD pipeline setup (GitHub Actions, GitLab CI)
- Deployment platform decisions (Vercel vs Cloudflare vs Hetzner)
- Budget-conscious infrastructure
- Multi-cloud architecture
Deployment Platform Decision
Quick Decision Tree
Is repo PRIVATE?
├─ YES → ❌ GitHub Pages (needs Pro), ✅ Cloudflare/Vercel
└─ NO → All platforms available
Need Node.js runtime (Prisma, Sharp, fs)?
├─ YES → ✅ VERCEL
└─ NO → Continue...
Need dynamic SEO (DB-driven meta tags)?
├─ YES → ✅ VERCEL (SSR)
└─ NO → Continue...
Static site?
├─ YES → ✅ CLOUDFLARE Pages (cheapest)
└─ NO → ✅ VERCEL (default for Next.js)
Budget-conscious (<$15/month)?
└─ YES → ✅ HETZNER Cloud
Platform Comparison
| Platform | Best For | Monthly Cost |
|---|---|---|
| Vercel | Next.js, SSR, dynamic SEO | $0-20+ |
| Cloudflare | Static sites, edge, private repos | $0-5 |
| Hetzner | Budget VPS, full control | $6-15 |
| GitHub Pages | Public static sites | Free |
Terraform Patterns
AWS VPC Module
module "vpc" {
source = "terraform-aws-modules/vpc/aws"
version = "5.0"
name = "production-vpc"
cidr = "10.0.0.0/16"
azs = ["us-west-2a", "us-west-2b"]
private_subnets = ["10.0.1.0/24", "10.0.2.0/24"]
public_subnets = ["10.0.101.0/24", "10.0.102.0/24"]
enable_nat_gateway = true
single_nat_gateway = true
}
Kubernetes Deployment
resource "kubernetes_deployment" "app" {
metadata {
name = "my-app"
}
spec {
replicas = 3
selector {
match_labels = {
app = "my-app"
}
}
template {
spec {
container {
name = "app"
image = "my-app:latest"
resources {
limits = {
cpu = "500m"
memory = "512Mi"
}
}
}
}
}
}
}
Hetzner Budget Deployment
Instance Types
| Type | Specs | Price | Use Case |
|---|---|---|---|
| CX11 | 1 vCPU, 2GB | $5.83/mo | Small apps |
| CX21 | 2 vCPU, 4GB | $6.90/mo | Medium apps |
| CX31 | 2 vCPU, 8GB | $14.28/mo | Larger apps |
Terraform for Hetzner
provider "hcloud" {
token = var.hetzner_token
}
resource "hcloud_server" "web" {
name = "web-server"
image = "ubuntu-22.04"
server_type = "cx21"
location = "nbg1"
ssh_keys = [hcloud_ssh_key.default.id]
}
resource "hcloud_firewall" "web" {
name = "web-firewall"
rule {
direction = "in"
protocol = "tcp"
port = "80"
source_ips = ["0.0.0.0/0"]
}
rule {
direction = "in"
protocol = "tcp"
port = "443"
source_ips = ["0.0.0.0/0"]
}
}
CI/CD Patterns
GitHub Actions (Docker Deploy)
name: Deploy
on:
push:
branches: [main]
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Build and push Docker image
run: |
docker build -t ${{ secrets.REGISTRY }}/app:${{ github.sha }} .
docker push ${{ secrets.REGISTRY }}/app:${{ github.sha }}
- name: Deploy to Kubernetes
uses: azure/k8s-deploy@v4
with:
manifests: k8s/
images: ${{ secrets.REGISTRY }}/app:${{ github.sha }}
Vercel Deployment
name: Vercel Deploy
on:
push:
branches: [main]
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: amondnet/vercel-action@v25
with:
vercel-token: ${{ secrets.VERCEL_TOKEN }}
vercel-org-id: ${{ secrets.VERCEL_ORG_ID }}
vercel-project-id: ${{ secrets.VERCEL_PROJECT_ID }}
vercel-args: '--prod'
Cloudflare Pages
name: Cloudflare Deploy
on:
push:
branches: [main]
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- run: npm ci && npm run build
- uses: cloudflare/pages-action@v1
with:
apiToken: ${{ secrets.CF_API_TOKEN }}
accountId: ${{ secrets.CF_ACCOUNT_ID }}
projectName: my-project
directory: dist
Best Practices
- Use modules for reusable infrastructure
- State in remote backend (S3, Terraform Cloud)
- Environment separation (dev, staging, prod)
- Secrets in vault (never in code)
- Infrastructure tests (Terratest)
- GitOps workflows for K8s deployments
- Cost monitoring with Infracost
Related Skills
observability- Monitoring and alerting
More from anton-abyzov/specweave
technical-writing
Technical writing expert for API documentation, README files, tutorials, changelog management, and developer documentation. Covers style guides, information architecture, versioning docs, OpenAPI/Swagger, and documentation-as-code. Activates for technical writing, API docs, README, changelog, tutorial writing, documentation, technical communication, style guide, OpenAPI, Swagger, developer docs.
45spec-driven-brainstorming
Spec-driven brainstorming and product discovery expert. Helps teams ideate features, break down epics, conduct story mapping sessions, prioritize using MoSCoW/RICE/Kano, and validate ideas with lean startup methods. Activates for brainstorming, product discovery, story mapping, feature ideation, prioritization, MoSCoW, RICE, Kano model, lean startup, MVP definition, product backlog, feature breakdown.
43kafka-architecture
Apache Kafka architecture expert for cluster design, capacity planning, and high availability. Use when designing Kafka clusters, choosing partition strategies, or sizing brokers for production workloads.
34docusaurus
Docusaurus 3.x documentation framework - MDX authoring, theming, versioning, i18n. Use for documentation sites or spec-weave.com.
29frontend
Expert frontend developer for React, Vue, Angular, and modern JavaScript/TypeScript. Use when creating components, implementing hooks, handling state management, or building responsive web interfaces. Covers React 18+ features, custom hooks, form handling, and accessibility best practices.
29reflect
Self-improving AI memory system that persists learnings across sessions in CLAUDE.md. Use when capturing corrections, remembering user preferences, or extracting patterns from successful implementations. Enables continual learning without starting from zero each conversation.
27