What’s the most frustrating thing about managing a VPS?
It’s not configuring environments or deploying applications. It’s being woken up at 3 AM by alert notifications and having to fix things manually. Disk full, process crashed, memory leak, SSL certificate expired — you’ve probably dealt with all of these.
But what if your VPS had an AI operations assistant running on it? One that monitors your server 24/7, automatically diagnoses issues when they arise, executes fixes — and only bothers you when it genuinely can’t handle something. You’d get a full night’s sleep, every night.
This isn’t science fiction. In 2026, the open-source AI Agent ecosystem has made this remarkably accessible. This guide walks you through building an AI Agent-powered VPS intelligence operations system from scratch.
Core Architecture: Observe → Diagnose → Decide → Act
Traditional VPS alerting systems are “notification-only” — detect a problem, fire an alert, wait for a human to act. AI Agent-driven operations upgrade this to a “closed-loop” model:
Server Metrics → AI Agent Analysis → Diagnosis → Remediation Plan → Execute → Verify
↑ |
└─────────────────── Re-diagnose if not fixed ─────────────────┘
In this loop, the AI Agent plays three distinct roles:
- Monitor Analyst: Continuously watches CPU, memory, disk, network metrics and identifies anomalies
- Diagnosis Expert: Analyzes logs and system state, reasons about root causes
- Operations Engineer: Executes fix commands, restarts services, cleans resources, adjusts configurations
AI Agent Framework Selection
Among the mainstream AI Agent frameworks in 2026, these three are particularly well-suited for VPS operations:
| Framework | Key Feature | Best For |
|---|---|---|
| CrewAI | Multi-agent collaboration, role specialization | Complex operations pipelines |
| LangGraph | Directed graph workflows, state persistence | Fine-grained process control |
| MCP (Model Context Protocol) | Standardized tool-calling protocol | Integrating with existing toolchains |
This guide uses the CrewAI + MCP combination — CrewAI handles agent orchestration while MCP standardizes tool-calling interfaces.
Step 1: Install the AI Agent Operations System
Environment Setup
I’ll assume you have Python 3.11+ and Docker installed on your VPS. If not:
# Update system
apt update && apt upgrade -y
# Install Python and pip
apt install -y python3 python3-pip python3-venv
# Install Docker (if your VPS supports it)
curl -fsSL https://get.docker.com | sh
Create the Project
mkdir -p ~/ai-vps-ops && cd ~/ai-vps-ops
python3 -m venv venv
source venv/bin/activate
# Install core dependencies
pip install crewai crewai-tools langchain-openai
pip install psutil requests pyyaml
Configure the LLM Backend
The AI Agent needs an LLM for reasoning and decision-making. You have three options:
Option A: Local Model (Recommended) If you’ve deployed DeepSeek V4 or another open-source model on your VPS:
# Use local Ollama model
export OPENAI_API_BASE=http://localhost:11434/v1
export OPENAI_MODEL_NAME=deepseek-v4:latest
Option B: Cloud API
export OPENAI_API_KEY=sk-your-api-key
export OPENAI_MODEL_NAME=gpt-4o
Step 2: Build the Operations Agent System
Below is a complete CrewAI operations system with three specialized agents:
System Architecture
┌─────────────────────────────────────────┐
│ Monitor Agent │
│ Role: System Monitor │
│ Tools: psutil, Docker stats, disk I/O │
└──────────────┬──────────────────────────┘
│ Reports anomalies
▼
┌─────────────────────────────────────────┐
│ Diagnosis Agent │
│ Role: Fault Diagnosis Expert │
│ Tools: Log analysis, process analysis │
└──────────────┬──────────────────────────┘
│ Outputs diagnosis + fix plan
▼
┌─────────────────────────────────────────┐
│ Remediation Agent │
│ Role: Automation Engineer │
│ Tools: Shell execution, service mgmt │
└─────────────────────────────────────────┘
Complete Code
Create ai_vps_ops.py:
#!/usr/bin/env python3
"""
AI VPS Operations System
CrewAI + MCP based intelligent monitoring and self-healing
"""
import os
import json
import subprocess
from datetime import datetime
import psutil
from crewai import Agent, Task, Crew, Process
from crewai_tools import tool
# ── Tool: Get System Metrics ──────────────────────────────────
@tool("Get System Metrics")
def get_system_metrics():
"""Get critical server performance metrics: CPU, memory, disk, network"""
cpu_percent = psutil.cpu_percent(interval=1)
memory = psutil.virtual_memory()
disk = psutil.disk_usage('/')
net = psutil.net_io_counters()
metrics = {
"timestamp": datetime.now().isoformat(),
"cpu": {
"percent": cpu_percent,
"cores": psutil.cpu_count(),
"load_avg": psutil.getloadavg()
},
"memory": {
"total_gb": round(memory.total / (1024**3), 2),
"used_gb": round(memory.used / (1024**3), 2),
"percent": memory.percent
},
"disk": {
"total_gb": round(disk.total / (1024**3), 2),
"used_gb": round(disk.used / (1024**3), 2),
"percent": disk.percent
},
"network": {
"bytes_sent_mb": round(net.bytes_sent / (1024**2), 2),
"bytes_recv_mb": round(net.bytes_recv / (1024**2), 2)
}
}
return json.dumps(metrics, indent=2)
# ── Tool: Get Process List ───────────────────────────────────
@tool("Get Top Processes")
def get_top_processes(n: int = 10):
"""Get top N processes by CPU/memory usage"""
processes = []
for proc in psutil.process_iter(['pid', 'name', 'cpu_percent', 'memory_percent']):
try:
processes.append(proc.info)
except (psutil.NoSuchProcess, psutil.AccessDenied):
pass
by_cpu = sorted(processes, key=lambda p: p.get('cpu_percent', 0) or 0, reverse=True)[:n]
by_mem = sorted(processes, key=lambda p: p.get('memory_percent', 0) or 0, reverse=True)[:n]
return json.dumps({
"top_by_cpu": by_cpu,
"top_by_memory": by_mem
}, indent=2)
# ── Tool: Execute Shell Command ──────────────────────────────
@tool("Execute Shell Command")
def run_shell_command(command: str):
"""
Execute a shell command and return output.
Used for remediation operations: restart services, clean disk, free memory, etc.
"""
try:
result = subprocess.run(
command, shell=True,
capture_output=True, text=True,
timeout=30
)
return {
"stdout": result.stdout,
"stderr": result.stderr,
"return_code": result.returncode
}
except subprocess.TimeoutExpired:
return {"error": "Command timed out after 30 seconds"}
except Exception as e:
return {"error": str(e)}
# ── Tool: Check Docker Status ───────────────────────────────
@tool("Check Docker Status")
def check_docker_status():
"""Check Docker container running status"""
try:
result = subprocess.run(
"docker ps -a --format '{{.Names}}|{{.Status}}|{{.Image}}'",
shell=True, capture_output=True, text=True, timeout=10
)
if result.returncode != 0:
return {"error": "Docker not available", "detail": result.stderr}
containers = []
for line in result.stdout.strip().split('\n'):
if not line:
continue
parts = line.split('|')
containers.append({
"name": parts[0],
"status": parts[1],
"image": parts[2]
})
running = [c for c in containers if 'Up' in c['status']]
unhealthy = [c for c in containers if 'unhealthy' in c['status'] or 'restarting' in c['status']]
return json.dumps({
"total": len(containers),
"running": len(running),
"unhealthy": len(unhealthy),
"containers": containers
}, indent=2)
except Exception as e:
return {"error": str(e)}
# ── Tool: Clean System ──────────────────────────────────────
@tool("Clean System")
def clean_system(target: str = "all"):
"""
Clean system resources.
target options:
- "docker": clean unused Docker resources
- "apt": clean APT cache
- "logs": clean old log files
- "all": clean everything
"""
results = {}
if target in ("docker", "all"):
r = subprocess.run(
"docker system prune -af --volumes 2>&1 | tail -5",
shell=True, capture_output=True, text=True, timeout=60
)
results["docker"] = r.stdout.strip()
if target in ("apt", "all"):
r = subprocess.run(
"apt clean && apt autoremove -y 2>&1 | tail -3",
shell=True, capture_output=True, text=True, timeout=120
)
results["apt"] = r.stdout.strip()
if target in ("logs", "all"):
r = subprocess.run(
"find /var/log -name '*.log.*' -mtime +7 -delete 2>&1; "
"journalctl --vacuum-time=3d 2>&1 | tail -3",
shell=True, capture_output=True, text=True, timeout=60
)
results["logs"] = r.stdout.strip()
return json.dumps(results, indent=2)
# ── Create Agents ────────────────────────────────────────────
monitor_agent = Agent(
role="System Monitor",
goal="Continuously monitor VPS system metrics and identify anomalies",
backstory=(
"You are the VPS's 24/7 monitoring expert. You collect CPU, memory, disk, "
"network, and Docker container metrics, flagging anything outside normal ranges. "
"Your reports feed into the diagnosis expert for root cause analysis."
),
tools=[get_system_metrics, get_top_processes, check_docker_status],
verbose=True,
allow_delegation=False,
)
diagnosis_agent = Agent(
role="Fault Diagnosis Expert",
goal="Analyze monitoring data, identify root causes, and create remediation plans",
backstory=(
"You are a senior system diagnosis expert. You excel at finding the true cause "
"of issues from system metrics and logs. Your reports must include: what the "
"problem is, its severity, root cause analysis, and recommended fix steps."
),
tools=[get_system_metrics, get_top_processes],
verbose=True,
allow_delegation=False,
)
remediation_agent = Agent(
role="Automation Engineer",
goal="Execute remediation operations, restore system health, and verify fixes",
backstory=(
"You are an efficient automation engineer. You execute the fix plans from the "
"diagnosis expert — restarting services, cleaning disk, freeing memory, "
"restarting containers. After each operation, you verify the result and try "
"alternatives if something fails."
),
tools=[run_shell_command, clean_system],
verbose=True,
allow_delegation=False,
)
# ── Create Tasks ──────────────────────────────────────────────
monitor_task = Task(
description="""Perform a complete system health check:
1. CPU usage, load average
2. Memory usage
3. Disk usage
4. Network I/O
5. Docker container status
6. Top 10 processes by CPU and memory
Return a detailed metrics report with all anomalies flagged (CPU > 80%, memory > 85%, etc.).""",
expected_output="A JSON-formatted system metrics report with all values and anomaly flags",
agent=monitor_agent,
)
diagnosis_task = Task(
description="""Analyze anomalous metrics from the monitoring report:
1. Perform root cause analysis for each anomaly
2. Assess severity (critical/warning/info)
3. Create step-by-step remediation plan
4. If Docker containers are unhealthy, analyze why
Output a diagnosis report with the remediation plan.""",
expected_output="Diagnosis report with root cause analysis, severity assessment, and step-by-step fix plan",
agent=diagnosis_agent,
)
remediation_task = Task(
description="""Execute the remediation plan from the diagnosis report:
1. Execute fix commands step by step
2. Verify results after each step
3. If successful, log the operation
4. If failed, try alternative approaches
5. After all fixes, re-run health check to verify
Output a complete remediation report.""",
expected_output="Remediation execution report with all operations performed, results, and final system state",
agent=remediation_agent,
)
# ── Create Crew ───────────────────────────────────────────────
ops_crew = Crew(
agents=[monitor_agent, diagnosis_agent, remediation_agent],
tasks=[monitor_task, diagnosis_task, remediation_task],
process=Process.sequential,
verbose=True,
)
# ── Main ──────────────────────────────────────────────────────
if __name__ == "__main__":
print("=" * 60)
print("🤖 AI VPS Operations System Starting")
print(f"📅 {datetime.now().isoformat()}")
print("=" * 60)
result = ops_crew.kickoff()
print("\n" + "=" * 60)
print("✅ Operations Task Complete")
print("=" * 60)
print(result)
Run the System
cd ~/ai-vps-ops
source venv/bin/activate
python ai_vps_ops.py
On the first run, the AI Agent will execute the complete monitor → diagnose → remediate pipeline. Depending on your VPS’s actual state, it may automatically resolve several common issues.
Step 3: Schedule Automated Operations
Running a script manually isn’t true “intelligent operations.” Let’s set it up as a scheduled task for hands-free operation.
Set Up Cron
# Edit crontab
crontab -e
Add these rules:
# Run AI operations check every hour
0 * * * * cd /root/ai-vps-ops && /root/ai-vps-ops/venv/bin/python ai_vps_ops.py --quiet >> /var/log/ai-vps-ops.log 2>&1
# Deep clean at 3 AM daily
0 3 * * * cd /root/ai-vps-ops && /root/ai-vps-ops/venv/bin/python ai_vps_ops.py --deep-clean >> /var/log/ai-vps-ops-deep.log 2>&1
Configure Notification Channels
When the AI Agent encounters issues it can’t auto-resolve, it should notify you. Three common approaches:
Option 1: Telegram Bot
@tool("Send Notification")
def send_notification(message: str):
"""Send alert notification via Telegram Bot"""
bot_token = os.environ.get("TELEGRAM_BOT_TOKEN")
chat_id = os.environ.get("TELEGRAM_CHAT_ID")
if not bot_token or not chat_id:
return "Notification not configured"
url = f"https://api.telegram.org/bot{bot_token}/sendMessage"
data = {"chat_id": chat_id, "text": message, "parse_mode": "Markdown"}
requests.post(url, json=data)
return "Notification sent"
Option 2: Email
# Install msmtp
apt install -y msmtp msmtp-mta
# Configure ~/.msmtprc
cat > ~/.msmtprc << 'EOF'
defaults
auth on
tls on
tls_trust_file /etc/ssl/certs/ca-certificates.crt
account default
host smtp.gmail.com
port 587
from your-email@gmail.com
user your-email@gmail.com
password your-app-password
EOF
chmod 600 ~/.msmtprc
Option 3: Webhook (if you already have a monitoring system)
@tool("Send Webhook")
def send_webhook(payload: dict):
"""Send webhook to external system"""
webhook_url = os.environ.get("WEBHOOK_URL")
if not webhook_url:
return "Webhook not configured"
requests.post(webhook_url, json=payload)
return "Webhook sent"
Step 4: Expanding AI Agent Capabilities
Once the basic ops system is running, you can extend the AI Agent with more capabilities:
1. SSL Certificate Management
The AI Agent can periodically check SSL certificate expiry and auto-renew before expiration:
@tool("Check SSL Certificate")
def check_ssl_certificate(domain: str):
"""Check SSL certificate expiry"""
import ssl, socket
ctx = ssl.create_default_context()
with ctx.wrap_socket(socket.socket(), server_hostname=domain) as s:
s.connect((domain, 443))
cert = s.getpeercert()
expiry = cert['notAfter']
days_left = (datetime.strptime(expiry, '%b %d %H:%M:%S %Y %Z') - datetime.now()).days
return f"{domain} certificate expires in {days_left} days"
2. Log Anomaly Detection
The AI Agent can analyze system logs for security threats:
@tool("Analyze Auth Logs")
def analyze_auth_logs():
"""Analyze authentication logs for unusual login attempts"""
import re
result = subprocess.run(
"grep 'Failed password' /var/log/auth.log | tail -100",
shell=True, capture_output=True, text=True, timeout=10
)
failed_attempts = len(result.stdout.strip().split('\n'))
if failed_attempts > 50:
return f"⚠️ Detected {failed_attempts} failed login attempts — possible brute force attack"
return f"{failed_attempts} failed login attempts, within normal range"
3. Cost Optimization Suggestions
The AI Agent can analyze resource usage trends and suggest optimizations:
@tool("Resource Trend Analysis")
def resource_trend_analysis():
"""Analyze resource usage trends and suggest optimizations"""
# Collect average CPU usage over the past 24 hours
# If consistently below 20%, suggest downgrading to save cost
# If consistently above 80%, suggest upgrading to avoid performance issues
...
4. Backup Status Verification
@tool("Check Backup Status")
def check_backup_status():
"""Check recent backup status and integrity"""
# Verify backup file existence and size
# Confirm backup timing is within expected range
# Trigger backup if anomalies found
...
Real-World Scenario: A Complete AI Self-Healing Cycle
Let’s walk through a real scenario. Your VPS is running several Docker containers. One day, a container develops a memory leak and gets OOM-killed:
Step 1: Monitor Agent Detects Issue
[Monitor Agent]
⚠️ Anomaly Detected:
- Memory usage: 92% (threshold: 85%)
- Docker container nginx-proxy status: "restarting"
- Suspicious process: nginx (memory: 1.2GB)
Step 2: Diagnosis Agent Root Cause Analysis
[Diagnosis Agent]
🔍 Root Cause Analysis:
- Primary cause: nginx-proxy container memory leak, triggered OOM Killer
- Impact scope: Single container service down, others unaffected
- Severity: Medium (single container failure)
- Recommended plan:
1. Restart nginx-proxy container
2. Set memory limit in docker-compose.yml
3. Monitor memory usage trend after restart
Step 3: Remediation Agent Executes Fix
[Remediation Agent]
🛠️ Executing Fix:
1. ✅ Restarted container: docker restart nginx-proxy
2. ✅ Set memory limit: docker update --memory 512M nginx-proxy
3. ✅ Verified: container status "Up 30s", health check passed
4. ✅ Final system state: memory dropped to 65%, all services operational
From anomaly detection to automatic resolution: under 2 minutes. And you? Having a peaceful night’s sleep.
Security Considerations
An AI Agent with shell execution capabilities is powerful — and carries significant responsibility. Please observe these precautions:
- Principle of Least Privilege: Don’t run the Agent as root. Create a dedicated ops user with only necessary sudo permissions
- Command Whitelist: Add command validation to
run_shell_command:
SAFE_COMMANDS = [
"systemctl", "docker", "journalctl", "df", "free",
"ps", "top", "kill", "rm", "apt", "find", "du"
]
def validate_command(command: str) -> bool:
cmd_base = command.strip().split()[0]
return cmd_base in SAFE_COMMANDS
- Sandbox Execution: Consider running the Agent inside a Docker container with restricted filesystem access
- Human-in-the-Loop: For high-risk operations (data deletion, production service restarts), require manual approval
- Audit Logging: Every command executed by the Agent should be logged for post-incident review
Conclusion
AI Agent-driven intelligent operations isn’t a future concept — it’s here now. With open-source frameworks like CrewAI, LangGraph, and MCP, you can build a 24/7 automated operations system on your own VPS.
The value proposition is clear:
- Reduce alert fatigue: Common issues auto-resolve; only the hard ones reach you
- Minimize downtime: From human-response times (minutes to hours) to AI-response times (seconds to minutes)
- Lower operational costs: One VPS monthly fee buys you a 24/7 “AI operations engineer”
As a next step, you could even have the AI Agent manage itself — using Hermes Agent as part of the system it’s maintaining. That’s about as close to “the final form of operations” as we can get.
Want more VPS intelligence operations guides? Leave a comment below — I’ll dive deeper into the topics you care about most.
