Overview

Relevant source files

• .githooks/prepare-commit-msg
• CONTRIBUTING.md
• README.md
• contrib/README.md
• contrib/cncf/security-self-assessment.md
• contrib/cncf/technical-review.md
• go/internal/a2a/a2a_registrar.go
• go/internal/controller/reconciler/reconciler.go
• go/internal/controller/translator/agent/utils.go
• go/pkg/app/app.go

This page provides a high-level introduction to the kagent system, its architectural components, and core concepts. It serves as an entry point for understanding how kagent enables Kubernetes-native AI agent deployment and management.

For detailed architectural information, see System Architecture. For installation procedures, see Installation and Deployment. For custom resource specifications, see Custom Resources Reference.

What is kagent

kagent is a Kubernetes-native framework for building, deploying, and managing AI agents. It extends Kubernetes with custom resources that represent agents, model configurations, and tool servers, enabling declarative infrastructure-as-code practices for AI workloads. The framework orchestrates agent lifecycle through a Go-based controller, executes agent logic using a Python runtime engine built on Google's ADK (Agent Development Kit), and provides management interfaces via both a web UI and CLI.

Key capabilities:

• Declarative agent definitions using Kubernetes CRDs
• Multi-LLM provider support (OpenAI, Anthropic, Azure OpenAI, Google Vertex AI, Ollama)
• Extensible tool system via Model Context Protocol (MCP)
• Agent-to-agent communication using A2A protocol
• Built-in observability with OpenTelemetry integration

Sources: README.md33-98 go/pkg/app/app.go1-502

Core Components

kagent consists of four primary components that work together to provide the complete agent management lifecycle:

Component Diagram

Sources: go/pkg/app/app.go76-502 go/internal/controller/reconciler/reconciler.go44-77 go/internal/a2a/a2a_registrar.go26-61

Controller

The controller is a Kubernetes operator written in Go that manages the lifecycle of kagent custom resources. It implements the reconciliation pattern to ensure the desired state (defined in CRDs) matches the actual state in the cluster.

Key code entities:

• Entry point: app.Start() in go/pkg/app/app.go203-502
• Agent reconciliation: controller.AgentController in go/internal/controller/
• Translation layer: agent_translator.AdkApiTranslator in go/internal/controller/translator/agent/
• Core reconciler: reconciler.KagentReconciler interface in go/internal/controller/reconciler/reconciler.go44-51

Responsibilities:

• Watch Agent, ModelConfig, and RemoteMCPServer CRDs
• Translate agent specifications into Kubernetes resources (Deployments, Services, Secrets)
• Register A2A handlers for agent-to-agent communication
• Expose HTTP API for agent invocation and management
• Maintain database state for sessions and agent metadata

Default bind addresses:

• HTTP API: :8083 (configurable via --http-server-address)
• Metrics: :8443 or :8080 (configurable via --metrics-bind-address)
• Health probes: :8082 (configurable via --health-probe-bind-address)

Sources: go/pkg/app/app.go95-167 go/internal/controller/reconciler/reconciler.go44-77

Engine

The engine is a Python-based runtime that executes agent logic using Google's ADK (Agent Development Kit). Each agent runs in its own pod with the engine as the main process.

Key characteristics:

• Built on top of ADK framework
• Handles LLM interactions, tool invocations, and conversation loops
• Manages session state and task processing
• Exposes A2A protocol endpoints for agent invocation

The engine translates AgentConfig objects (stored in the database by the controller) into executable Agent instances that can process tasks and maintain conversation history.

Sources: README.md93-98 go/internal/controller/translator/agent/

UI

The UI is a Next.js-based web dashboard that provides visual management of agents, models, and tools. It communicates with the controller's HTTP API.

Key features:

• Agent creation and editing (declarative and BYO types)
• Real-time chat interface with streaming support
• MCP server and tool management
• Model configuration interface
• Session history and task monitoring

Default address: :8080 (exposed as kagent-ui service)

Sources: README.md96 contrib/cncf/technical-review.md66-71

CLI

The kagent CLI provides command-line access to agent management, deployment, and invocation capabilities. It interacts with both the Kubernetes API (for CRD management) and the controller's HTTP API (for operations).

Common commands:

• kagent agent deploy - Deploy agents to cluster
• kagent agent invoke - Invoke an agent with a message
• kagent mcp - Manage MCP servers

Sources: README.md98 contrib/cncf/technical-review.md72-77

Custom Resources

kagent extends Kubernetes with several custom resource definitions (CRDs) that represent core concepts in the system:

Resource	API Group	Version	Purpose
Agent	kagent.dev	v1alpha2	Defines an AI agent with tools, model configuration, and deployment specification
ModelConfig	kagent.dev	v1alpha2	Configures LLM provider credentials and parameters
RemoteMCPServer	kagent.dev	v1alpha2	Registers external MCP tool servers
MCPServer	kmcp	v1alpha1	Defines in-cluster MCP servers (via KMCP dependency)
Memory	kagent.dev	v1alpha1	Configures vector storage for agent memory

Agent Types:

The Agent CRD supports two primary types:

1. Declarative (type: Declarative): Framework-managed agents where kagent handles the runtime. Specify system message, tools, and model configuration.
2. BYO (type: BYO): Bring-your-own container agents where users provide a custom container image implementing the A2A protocol.

Sources: go/api/v1alpha2/ go/internal/controller/reconciler/reconciler.go79-96 contrib/cncf/technical-review.md286-294

System Runtime Flow

The following diagram shows how a user request flows through the system, from CRD creation to agent execution:

Sources: go/internal/controller/reconciler/reconciler.go79-500 go/internal/a2a/a2a_registrar.go67-152 go/internal/controller/translator/agent/

Technology Stack

Layer	Technologies	Purpose
Controller	Go 1.23+, controller-runtime, Kubernetes client-go	Kubernetes operator implementation
Engine	Python 3.12+, Google ADK, MCP client libraries	Agent runtime execution
UI	Next.js 14, React, TypeScript, Tailwind CSS	Web dashboard
CLI	Go, Cobra framework	Command-line interface
Database	SQLite (dev), PostgreSQL (prod)	Session and agent state persistence
Protocols	A2A (agent-to-agent), MCP (tool integration), HTTP/SSE	Communication standards
Observability	OpenTelemetry, Prometheus metrics	Distributed tracing and monitoring
Build	Docker Buildx, Make, Helm	Multi-arch container builds and deployment

Sources: go/pkg/app/app.go19-74 README.md72-98 contrib/cncf/security-self-assessment.md51

Database Schema

The controller maintains a database (via database.Client) that stores runtime state independent of Kubernetes:

Table	Key Fields	Purpose
agents	id (identifier), type, config (JSON)	Agent configurations for runtime loading
tool_servers	name, group_kind, description	Registered MCP server metadata
tools	id, server_name, server_group_kind, description	Discovered tools from MCP servers
sessions	Session tracking for multi-turn conversations
tasks	Task execution records

Key operations:

• dbClient.StoreAgent() in go/internal/controller/reconciler/reconciler.go634
• dbClient.StoreToolServer() in go/internal/controller/reconciler/reconciler.go646
• dbClient.RefreshToolsForServer() in go/internal/controller/reconciler/reconciler.go660

Database type is configurable:

• Development: SQLite at ./kagent.db (default)
• Production: PostgreSQL via --postgres-database-url flag

Sources: go/pkg/app/app.go120-124 go/pkg/app/app.go338-357 go/internal/controller/reconciler/reconciler.go622-665

Configuration Management

kagent configuration follows a hierarchical precedence:

1. Command-line flags - Highest precedence (see Config.SetFlags() in go/pkg/app/app.go127-166)
2. Environment variables - Override flags, converted from flag names (e.g., METRICS_BIND_ADDRESS)
3. Helm chart values - For Kubernetes deployments
4. Default values - Built into the code

Critical configuration:

• --default-model-config-name and --default-model-config-namespace: References the default ModelConfig resource
• --http-server-address: Controller HTTP API bind address (default :8083)
• --a2a-base-url: Base URL advertised to A2A clients (default http://127.0.0.1:8083)
• --database-type: sqlite or postgres (default sqlite)
• --image-registry, --image-tag: Container image configuration for agent pods

Sources: go/pkg/app/app.go95-184 go/pkg/app/app.go210-220

Key Integrations

LLM Providers

kagent integrates with multiple LLM providers through the ModelConfig CRD. The controller validates credentials and manages API key secrets:

• OpenAI (default)
• Azure OpenAI
• Anthropic
• Google Vertex AI
• Ollama (self-hosted)
• Custom models via AI gateways

Provider configuration includes:

• API endpoint URLs
• Model identifiers (e.g., gpt-4.1-mini, claude-3-5-sonnet)
• API key secret references
• TLS configuration for secure connections

Sources: README.md72 go/internal/controller/reconciler/reconciler.go215-267

MCP (Model Context Protocol)

MCP provides the extensible tool system. The controller:

1. Discovers tools from MCP servers via client.ListTools() in go/internal/controller/reconciler/reconciler.go681-704
2. Stores tool metadata in database via dbClient.RefreshToolsForServer() in go/internal/controller/reconciler/reconciler.go660
3. Makes tools available to agents through RemoteMCPServer and MCPServer CRDs

Transport protocols supported:

• HTTP/SSE (Server-Sent Events) for remote servers
• stdio for in-cluster MCP servers

Sources: go/internal/controller/reconciler/reconciler.go641-679 README.md73

A2A (Agent-to-Agent) Protocol

The A2A protocol enables agents to invoke other agents as tools. The A2ARegistrar component:

1. Watches Agent CRDs via cache informer in go/internal/a2a/a2a_registrar.go70-73
2. Creates A2AClient instances for each agent in go/internal/a2a/a2a_registrar.go127-141
3. Registers HTTP handlers in A2AHttpMux for request routing

Agent cards (server.AgentCard) advertise capabilities:

• Streaming support
• Available skills
• Input/output modes

Sources: go/internal/a2a/a2a_registrar.go26-152 go/internal/controller/translator/agent/utils.go14-35

Deployment Architecture

Each agent gets its own Kubernetes resources:

Per-agent resources created by controller:

• Deployment: Runs agent pods with Python ADK engine
• Service: ClusterIP service exposing port 8080 for A2A protocol
• ServiceAccount: With configurable RBAC permissions
• Secret: Contains resolved model configuration and credentials (if needed)

Resource naming convention:

• Deployment name: {agent.name} in namespace {agent.namespace}
• Service name: {agent.name}.{agent.namespace}
• A2A endpoint: http://{agent.name}.{agent.namespace}:8080

Default resource limits (configurable):

• CPU: 100m request, 1000m limit
• Memory: 256Mi request, 1Gi limit

Sources: go/internal/controller/translator/agent/ contrib/cncf/technical-review.md242-262

Next Steps

• For detailed architectural information including data flows and component interactions, see System Architecture
• To get kagent running, see Getting Started
• For installation instructions (Helm, CLI, local development), see Installation and Deployment
• For controller implementation details, see Controller Component
• For Python runtime details, see Python Agent Runtime
• For CRD specifications, see Custom Resources Reference