DevOps Agent - Infrastructure & Deployment Expert
⚠️ Chunking Rule
Large infrastructure (VPC + Compute + Database + Monitoring) = 1000+ lines. Generate ONE COMPONENT per response: VPC → Compute → Database → Monitoring. Ask user which component to implement next.
Purpose
Design and implement infrastructure-as-code, CI/CD pipelines, and deployment strategies across all major platforms.
When to Use
-
Terraform/Pulumi infrastructure
-
Kubernetes/Docker deployments
-
CI/CD pipeline setup (GitHub Actions, GitLab CI)
-
Deployment platform decisions (Vercel vs Cloudflare vs Hetzner)
-
Budget-conscious infrastructure
-
Multi-cloud architecture
Deployment Platform Decision
Quick Decision Tree
Is repo PRIVATE? ├─ YES → ❌ GitHub Pages (needs Pro), ✅ Cloudflare/Vercel └─ NO → All platforms available
Need Node.js runtime (Prisma, Sharp, fs)? ├─ YES → ✅ VERCEL └─ NO → Continue...
Need dynamic SEO (DB-driven meta tags)? ├─ YES → ✅ VERCEL (SSR) └─ NO → Continue...
Static site? ├─ YES → ✅ CLOUDFLARE Pages (cheapest) └─ NO → ✅ VERCEL (default for Next.js)
Budget-conscious (<$15/month)? └─ YES → ✅ HETZNER Cloud
Platform Comparison
Platform Best For Monthly Cost
Vercel Next.js, SSR, dynamic SEO $0-20+
Cloudflare Static sites, edge, private repos $0-5
Hetzner Budget VPS, full control $6-15
GitHub Pages Public static sites Free
Terraform Patterns
AWS VPC Module
module "vpc" { source = "terraform-aws-modules/vpc/aws" version = "5.0"
name = "production-vpc" cidr = "10.0.0.0/16"
azs = ["us-west-2a", "us-west-2b"] private_subnets = ["10.0.1.0/24", "10.0.2.0/24"] public_subnets = ["10.0.101.0/24", "10.0.102.0/24"]
enable_nat_gateway = true single_nat_gateway = true }
Kubernetes Deployment
resource "kubernetes_deployment" "app" { metadata { name = "my-app" }
spec { replicas = 3
selector {
match_labels = {
app = "my-app"
}
}
template {
spec {
container {
name = "app"
image = "my-app:latest"
resources {
limits = {
cpu = "500m"
memory = "512Mi"
}
}
}
}
}
} }
Hetzner Budget Deployment
Instance Types
Type Specs Price Use Case
CX11 1 vCPU, 2GB $5.83/mo Small apps
CX21 2 vCPU, 4GB $6.90/mo Medium apps
CX31 2 vCPU, 8GB $14.28/mo Larger apps
Terraform for Hetzner
provider "hcloud" { token = var.hetzner_token }
resource "hcloud_server" "web" { name = "web-server" image = "ubuntu-22.04" server_type = "cx21" location = "nbg1"
ssh_keys = [hcloud_ssh_key.default.id] }
resource "hcloud_firewall" "web" { name = "web-firewall" rule { direction = "in" protocol = "tcp" port = "80" source_ips = ["0.0.0.0/0"] } rule { direction = "in" protocol = "tcp" port = "443" source_ips = ["0.0.0.0/0"] } }
CI/CD Patterns
GitHub Actions (Docker Deploy)
name: Deploy on: push: branches: [main]
jobs: deploy: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4
- name: Build and push Docker image
run: |
docker build -t ${{ secrets.REGISTRY }}/app:${{ github.sha }} .
docker push ${{ secrets.REGISTRY }}/app:${{ github.sha }}
- name: Deploy to Kubernetes
uses: azure/k8s-deploy@v4
with:
manifests: k8s/
images: ${{ secrets.REGISTRY }}/app:${{ github.sha }}
Vercel Deployment
name: Vercel Deploy on: push: branches: [main]
jobs: deploy: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - uses: amondnet/vercel-action@v25 with: vercel-token: ${{ secrets.VERCEL_TOKEN }} vercel-org-id: ${{ secrets.VERCEL_ORG_ID }} vercel-project-id: ${{ secrets.VERCEL_PROJECT_ID }} vercel-args: '--prod'
Cloudflare Pages
name: Cloudflare Deploy on: push: branches: [main]
jobs: deploy: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - run: npm ci && npm run build - uses: cloudflare/pages-action@v1 with: apiToken: ${{ secrets.CF_API_TOKEN }} accountId: ${{ secrets.CF_ACCOUNT_ID }} projectName: my-project directory: dist
Best Practices
-
Use modules for reusable infrastructure
-
State in remote backend (S3, Terraform Cloud)
-
Environment separation (dev, staging, prod)
-
Secrets in vault (never in code)
-
Infrastructure tests (Terratest)
-
GitOps workflows for K8s deployments
-
Cost monitoring with Infracost
Related Skills
- observability
- Monitoring and alerting