The open-source platform
for deploying, securing,
and governing AI agents.

Govern agents your teams already use. Deploy new agents on the same platform. Secure everything with zero-trust identity.

View on GitHub Try the Quickstart

Open-source infrastructure built
on the stack you already run.

Architecture overview →

Kagenti UI · React · FastAPI

Control plane

The unified operational interface across all platform pillars. Import agents and tools, run interactive tests, monitor deployments, and manage platform state from a single web-based interface.

A2A · MCP · Kubernetes

Workload runtime

Agents run as framework-neutral Kubernetes workloads over the A2A protocol. Tools run as MCP servers. LangGraph, CrewAI, and AG2 supported without agent code modifications.

AgentCard · Shipwright · Kubernetes

Lifecycle orchestration

Kubernetes operators manage workload lifecycle and scaling. AgentCard CRDs index deployed agents automatically — no external registry required. Shipwright builds images from source.

MCP Gateway · Istio Ambient · Gateway API

Networking

MCP Gateway routes tool calls and handles protocol translation. Istio Ambient provides service mesh networking and mTLS between all workloads. Gateway API manages ingress and routing.

AuthBridge · SPIRE · Keycloak · Envoy

Security

AuthBridge injects zero-trust workload identity and JWT enforcement at deploy time. SPIRE issues cryptographic workload identities; Keycloak manages OAuth2 token scoping and validation.

Kiali · Phoenix

Observability

Kiali visualizes service mesh traffic flows, mTLS status, and service dependencies. Phoenix traces agent steps, tool calls, and model interactions end-to-end.

Don't see your framework or protocol? Kagenti is built to extend.

Contribute an integration →

Install the platform.
Own the lifecycle.

Ansible-automated. OpenShift, upstream Kubernetes, or Kind. Security and observability are configured from first deployment, not added later.

Quickstart guide →

                  bash
                  cluster install
                

# Clone the repo
git clone https://github.com/kagenti/kagenti.git
cd kagenti

# Configure secrets (edit with your GitHub token, API keys, etc.)
cp deployments/envs/secret_values.yaml.example \
   deployments/envs/.secret_values.yaml

# Install on Kind (dev) or OpenShift (--env ocp)
deployments/ansible/run-install.sh --env dev

# Open the Kagenti dashboard
open http://kagenti-ui.localtest.me:8080

Deploy and manage AI agents with Kagenti

Kagenti dashboard: agent and tool management interface

Connect any tool with a secure MCP gateway.

The GitHub Issue Agent reads and files issues through a Kagenti MCP tool server. Point the agent at the MCP endpoint; the gateway handles routing and protocol. Swap or update the tool without touching agent code.

MCP tool server runs as a separate service; agent connects via a single env var
Gateway handles routing, protocol translation, and token exchange for every tool call
Replace or upgrade tools by updating one URL — no agent rebuild required

View demo on GitHub →

Watch the tutorial

bash wire agent to MCP tool server

# Point the agent at the MCP tool server
kubectl set env deployment/git-issue-agent -n team1 -c agent \
  MCP_URL="http://github-tool-mcp:9090/mcp"

# Verify the MCP tool is reachable
kubectl run test-mcp --image=curlimages/curl -n team1 \
  --restart=Never --rm -it -- \
  curl -s -o /dev/null -w "%{http_code}" \
  http://github-tool-mcp:9090/mcp
# 200

bash agent calls GitHub via MCP

# Send a task to the agent over A2A
curl -s -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -X POST http://git-issue-agent:8080/ \
  -d '{"jsonrpc":"2.0","id":"1","method":"message/send",
    "params":{"message":{"role":"user","messageId":"msg-001",
    "parts":[{"type":"text","text":
    "List open issues in kagenti/kagenti"}]}}}' | jq

Enforce zero-trust identity with AuthBridge.

AuthBridge injects zero-trust identity and auth enforcement into any agent at deploy time. The Weather Service Agent gets a Keycloak identity, JWT validation, and proxy enforcement — without writing a line of auth code.

SPIFFE identity and Keycloak registration provisioned at deploy
Inbound requests validated at the Envoy proxy — invalid tokens never reach agent code
AuthBridge adds 3 sidecars; the agent container is unmodified

View demo on GitHub →

bash deploy + verify

# Provision the agent's Keycloak identity
python demos/webhook/setup_keycloak.py \
  --namespace team1 \
  --service-account weather-service

# 3 AuthBridge sidecars + agent = 4/4 containers
kubectl get pods -n team1
# weather-service-xxx   4/4   Running
# weather-tool-xxx      1/1   Running

# Proxy enforces auth — agent code never sees this request
curl http://weather-service:8080/
# {"error": "Unauthorized"}  ← 401, no token
curl -H "Authorization: Bearer $TOKEN" \
     http://weather-service:8080/
# {"forecast": ...}  ← 200, token valid

Deploy and manage agents through the Kagenti dashboard.

The Slack Research Agent and its Slack MCP tool are imported and managed through the Kagenti UI. The platform provisions workloads, wires tool connections, and configures auth — no manifest authoring required.

Import agent and tool through the dashboard; platform handles deployment
Keycloak access policies configured with a single setup script
Monitor running deployments and logs with standard kubectl

View demo on GitHub →

bash configure auth + verify

# After importing agent and tool via the UI,
# configure Keycloak access policies
cd kagenti/auth/auth_demo
python set_up_slack_demo.py

# Verify agent and tool are running
kubectl get pods -n <namespace>
# slack-researcher-xxx   1/1   Running
# slack-tool-xxx         1/1   Running

# Tail agent logs
kubectl logs -f deployment/slack-researcher -n <namespace>

Roadmap & Community

View project board →

Become a contributor

We're building in public and want to hear from platform engineers, security teams, and AI infrastructure builders.

Start a thread on GitHub Discussions, find us on Slack, join the mailing list, or email the core team.

Contributors

What's next

The next phase of Kagenti is built around persistent, long-running agents — agents that maintain context across sessions and operate autonomously over time, like OpenClaw.

Getting there means building the right foundations. We're working on the core pieces: memory, sandboxing, an Agent Development Kit, and improved developer experience.

Become a contributor →

Open-source infrastructure you can audit, fork, and trust.

110 stars · 59 forks · 30 contributors · Apache 2.0 View on GitHub

From the Blog

All posts →

When Claude Tried to Steal the HR Docs: A Kagenti Red-Team Story

Mcfoster · 7 min read · May 1, 2026

Developer Guide: Building a Cloud-Native Agent for Kagenti

Peter Zhao · 12 min read · Dec 16, 2025

Enterprise-ready.
No vendor required.

No feature gating, no proprietary runtime dependencies, no vendor control over your production infrastructure.

Enterprise deployment, lifecycle management, and operational support for organizations that need it.

Request a Demo

Upcoming Events

Red Hat Summit 2026

Look for Kagenti at Red Hat Summit in Atlanta.

May 11–14, 2026

Event details →

KubeCon North America 2026

Find us at KubeCon + CloudNativeCon NA this fall.

November 9–12, 2026

Event details →

Past Events

KubeCon NA 2025

Build a Bot Workshop: Enabling Trusted Agents with SPIRE + MCP.

Watch recording →

KubeCon NA 2025 · Co-located

Who Let the Agents Out: Securing AI Workflows the Right Way.

Watch recording →

The open-source platform for deploying, securing, and governing AI agents.

Open-source infrastructure builton the stack you already run.

Install the platform. Own the lifecycle.

Demo examples

Connect any tool with a secure MCP gateway.

Enforce zero-trust identity with AuthBridge.

Deploy and manage agents through the Kagenti dashboard.

Roadmap & Community

Become a contributor

Contributors

What's next

From the Blog

Enterprise-ready.No vendor required.

Upcoming Events

Red Hat Summit 2026

KubeCon North America 2026

Past Events

KubeCon NA 2025

KubeCon NA 2025 · Co-located

The open-source platform
for deploying, securing,
and governing AI agents.

Open-source infrastructure built
on the stack you already run.

Install the platform.
Own the lifecycle.

Enterprise-ready.
No vendor required.