The Stack
+-----------------------------------------------------------------------------+
| CLIENTS |
| * Claude Desktop + MCP Servers * GitLab Duo * AgentStudio IDE |
| * Screens 5 (VNC remote access) |
+-----------------------------------------------------------------------------+
| NETWORK LAYER |
| Internet -> Spectrum Modem -> Ethernet |
| +---> Deco X60 Mesh WiFi (general network) |
| +---> GL-BE3600 Router (BlueflyMesh: 192.168.8.0/24) |
| +---> Tailscale (100.116.110.123) - Subnet router |
+-----------------------------------------------------------------------------+
| INFRASTRUCTURE |
| * OrbStack (Kubernetes/Docker) * DDEV (Drupal) * K8s/K9s |
+-----------------------------------------------------------------------------+
| AGENT ROUTER (Port 3006) - LLM Gateway |
| Routes to: Ollama (11434) -> OpenAI -> Anthropic -> Gemini |
| Strategies: auto-route | cost | performance | quality |
+-----------------------------------------------------------------------------+
| AGENT MESH (Port 3003 REST, 50051 gRPC) - Backend Coordination |
| * Agent Registry -> Discovery -> Health Monitoring |
| * Load Balancing: round-robin | least-loaded | priority | capability |
| * Circuit Breaker + Rate Limiter |
+-----------------------------------------------------------------------------+
| AGENT SERVICES (Ports 3000-3015) |
| * Agent Brain (3000) - Vector DB * Agent Chat (3001) - Chat interface |
| * Agent Docker (3002) - Containers * Agent Mesh (3003) - Coordination |
| * Agent Ops (3004) - Operations * Agent Protocol (3005) - OSSA |
| * Agent Router (3006) - LLM routing * Agent Studio (3007) - IDE |
| * Agent Tracer (3008) - Tracing * Agentic Flows (3009) - Workflows |
| * Compliance Engine (3010) * Doc Engine (3011) |
| * Foundation Bridge (3012) * RFP Automation (3013) |
| * Studio UI (3014) * Workflow Engine (3015) |
+-----------------------------------------------------------------------------+
| OBSERVABILITY |
| Phoenix (6006) * Prometheus (9090) * Jaeger (16686) * Grafana (3009) |
+-----------------------------------------------------------------------------+
| DATA SERVICES |
| PostgreSQL (5432) * Qdrant (6333) * Redis (6379) * MinIO (9000/9001) |
+-----------------------------------------------------------------------------+
Your Network (Tailscale)
Physical Network Topology
Internet
|
Spectrum Modem
+---> Ethernet -> Deco X60 Mesh WiFi System
| +---> WiFi devices (general network)
|
+---> Ethernet -> GL-BE3600 Router (BlueflyMesh Network)
+---> Subnet: 192.168.8.0/24
+---> Tailscale IP: 100.116.110.123
+---> Devices on BlueflyMesh network
Tailscale Network Devices
| Machine | IP | Role | Network |
|---|
| Mac M4 (bluefly work) | 100.108.129.7 | Main dev, MCP servers, exit node | Tailscale |
| Mac M3 (gitlab work) | 100.108.180.36 | GitLab development | Tailscale |
| gl-be3600 (router) | 100.116.110.123 | Subnet router (BlueflyMesh) | Tailscale + 192.168.8.1 |
| default-agent-router | 100.119.168.4 | k8s agent router | Tailscale |
| tailscale-operator | 100.95.171.114 | k8s operator | Tailscale |
| iphone | 100.67.125.25 | iOS device | Tailscale |
Tailnet: tailcf98b3.ts.net | MagicDNS: Enabled | Funnel: Available
Network Infrastructure Details
- Spectrum Modem - Primary internet connection
- Deco X60 Mesh WiFi - https://www.tp-link.com/us/deco-mesh-wifi/product-family/deco-x60/
- Connected via Ethernet from modem
- Provides general WiFi network for home/office devices
- GL-BE3600 Router - https://www.gl-inet.com/products/gl-be3600/
- Connected via Ethernet from modem
- BlueflyMesh Network - Dedicated development network
- Local IP: 192.168.8.1
- Tailscale IP: 100.116.110.123
- Subnet routing: 192.168.8.0/24
- Device ID: xa1b1d2
- MAC: 94:83:C4:C1:B1:D2
Key Domains (Cloudflare)
| Domain | Purpose | Backend |
|---|
| blueflyagents.com | Main platform | agent-mesh |
| mesh.bluefly.internal | Duo gateway | agent-mesh:3005 |
| api.blueflyagents.com | LLM routing | agent-router:3001 |
| brain.bluefly.internal | Vector DB | agent-brain:3003 |
| docs.blueflyagents.com | Documentation | technical-docs |
| openstandardagents.org | OSSA spec | openstandardagents.org |
Hybrid Architecture: Cloudflare + Tailscale
Location-independent development - work from anywhere with consistent URLs.
How It Works
PUBLIC INTERNET
GitLab Duo mesh.bluefly.internal Cloudflare
cloudflared tunnel
(routes to wherever you are)
TAILSCALE PRIVATE MESH (tailcf98b3.ts.net)
YOUR LOCATION (home, hotel, vacation, anywhere)
GL-BE3600 Travel Router (100.116.110.123)
Creates: BlueflyMesh 192.168.8.0/24 anywhere
Mac M4 Mac M3 Both travel with you
(mesh) (data)
vast.ai GPU (always online, any location)
Ollama/vLLM, agent-brain, GPU-heavy agents
Why This Works
| Layer | Technology | Purpose |
|---|
| Public URLs | Cloudflare DNS + Tunnel | Stable endpoints (mesh.bluefly.internal) |
| Private Mesh | Tailscale | Encrypted connectivity between all devices |
| Local Network | GL-BE3600 | Consistent 192.168.8.x subnet anywhere |
| GPU Compute | vast.ai | LLM inference (location-independent) |
Compute Distribution
| Node | Tailscale IP | Services | Location |
|---|
| Mac M4 | 100.108.129.7 | agent-mesh, cloudflared | Travels with you |
| Mac M3 | 100.108.180.36 | PostgreSQL, Redis | Travels with you |
| GL-BE3600 | 100.116.110.123 | Subnet router | Travels with you |
| vast.ai | (dynamic) | Ollama, GPU agents | Cloud (always on) |
Daily Workflow
Option 1: Docker Compose (Local)
# 1. Start local services
cd $LLM_ROOT/kagent-demo/demo && docker-compose up -d
# 2. Check agent health
curl http://localhost:3008/health # Agent Tracer
curl http://localhost:3006/health # Agent Router
curl http://localhost:3003/health # Agent Mesh
# 3. Use Claude Desktop with MCP
# - claude-agent-framework MCP: /agent:list, /agent:execute
# - agent-mesh MCP: mesh discovery, routing
# - filesystem, memory, sequential-thinking MCPs
# 4. Route LLM requests through gateway
curl -X POST http://localhost:3006/api/v1/chat/completions \
-H "Content-Type: application/json" \
-d '{"model":"auto-route","messages":[{"role":"user","content":"Hello"}]}'
cd $LLM_ROOT/demo_llm-platform
ddev start
ddev platform status
open https://llm-platform.ddev.site
Option 3: OrbStack Kubernetes
# Deploy to OrbStack
kubectl apply -f deployment/orbstack/
# Check status
kubectl get pods -n development
kubectl get pods -n databases
# Access services
open http://192.168.139.2:4000 # Agent Router
open http://192.168.139.2:6006 # Phoenix
open http://ossa.orb.local # OSSA Platform
Option 4: LLMCLI Infrastructure
# Start core services (databases, cache, search)
llmcli infra core
# Start AI services (Gateway, TDDAI, Ollama)
llmcli infra ai
# Start full platform
llmcli infra all
# Check status
llmcli infra status
16 Canonical OSSA Agents
| # | Agent | Trigger | Purpose |
|---|
| 1 | task-dispatcher | Default | Routes tasks to specialists |
| 2 | merge-request-reviewer | MR created | Code review + approval |
| 3 | pipeline-remediation | Pipeline fails | Analyze + fix CI |
| 4 | release-coordinator | Tag/release | Orchestrate releases |
| 5 | issue-lifecycle-manager | Issue events | Triage + management |
| 6 | manifest-validator | OSSA files | Validate manifests |
| 7 | code-quality-reviewer | MR review | Static analysis |
| 8 | drupal-standards-enforcer | PHP changes | PHPCS/PHPStan |
| 9 | module-generator | Scaffold request | Create modules |
| 10 | recipe-publisher | Publish request | Package + publish |
| 11 | cluster-operator | K8s events | Cluster operations |
| 12 | kagent-catalog-sync | Catalog update | Sync kagent.dev |
| 13 | mcp-server-builder | MCP request | Build MCP servers |
| 14 | vulnerability-scanner | Security scan | CVE detection |
| 15 | cost-intelligence-monitor | Usage events | Token optimization |
| 16 | documentation-aggregator | Wiki update | Sync documentation |
GitLab Duo Integration
@bluefly-platform <request>
GitLab Duo triggers CI job
CI calls https://mesh.bluefly.internal/v1/duo/route
agent-mesh routes to appropriate OSSA agent
Agent executes and responds in GitLab
AI Catalog ID: gid://gitlab/Ai::Catalog::Item/2028
OSSA Manifest Structure
apiVersion: ossa/v0.4.9
kind: Agent
metadata:
name: my-agent
namespace: blueflyio
spec:
taxonomy:
role: worker | governor | critic | observer
llm:
provider: anthropic | openai | ollama
model: claude-3-5-sonnet | gpt-4 | qwen2.5-coder
capabilities:
- code-generation
- testing
- review
tools:
- read_file
- write_file
- search
extensions:
kagent: # Kubernetes deployment
buildkit: # Build orchestration
drupal: # Drupal integration
Key Files
| File | Purpose |
|---|
~/.claude/claude_desktop_config.json | MCP server config |
~/.tokens/gitlab | GitLab token |
$LLM_ROOT/WIKIs/technical-docs.wiki/ | Wiki clone |
$LLM_ROOT/common_npm/ | All NPM packages |
$LLM_ROOT/all_drupal_custom/ | All Drupal modules |
$LLM_ROOT/agent-buildkit/ | BuildKit CLI |
$LLM_ROOT/openstandardagents/ | OSSA specification |
$LLM_ROOT/demo_llm-platform/ | Drupal platform |
Hardware & Infrastructure
Development Machines
- Mac M4 - Bluefly work computer (Tailscale: 100.108.129.7)
- Primary development workstation
- MCP servers, Claude Desktop
- Exit node capability
- Mac M3 - GitLab work computer (Tailscale: 100.108.180.36)
- GitLab development and operations
- Secondary workstation
Network Infrastructure
- Spectrum Modem - Primary internet connection
- Deco X60 Mesh WiFi - https://www.tp-link.com/us/deco-mesh-wifi/product-family/deco-x60/
- Connected via Ethernet from Spectrum modem
- Provides general WiFi network for home/office devices
- GL-BE3600 Router - https://www.gl-inet.com/products/gl-be3600/
- Connected via Ethernet from Spectrum modem
- BlueflyMesh Network - Dedicated development network
- Local IP: 192.168.8.1
- Tailscale IP: 100.116.110.123
- Subnet routing: 192.168.8.0/24 (advertised to Tailscale)
- Device ID: xa1b1d2
- MAC: 94:83:C4:C1:B1:D2
- Hostname: gl-be3600
- OrbStack - Local Kubernetes & Docker runtime
- K8s/K9s - Kubernetes cluster management
- DDEV - Drupal development environment
- Screens 5 - VNC remote desktop access
CLI Quick Reference
# BuildKit
buildkit golden test # Run all quality checks
buildkit golden deploy --env dev
buildkit agents list # List 16 canonical agents
buildkit swarm spawn --tasks tasks.json
buildkit deploy service-accounts # Create K8s ServiceAccounts
# GitLab Duo
@bluefly-platform fix this pipeline # Triggers pipeline-remediation
@bluefly-platform review this MR # Triggers merge-request-reviewer
@bluefly-platform help with k8s # Triggers cluster-operator
# GitLab CLI
glab issue create --title "..."
glab mr create --title "..." --source-branch feature/x
glab mr merge --yes
# Cloudflare Tunnel (production)
cloudflared tunnel run bluefly-mesh # Start tunnel to mesh.bluefly.internal
# Tailscale (development/fallback)
tailscale funnel 3005 # Expose agent-mesh duo gateway
tailscale funnel 3001 # Expose agent-router
tailscale status
tailscale ping 100.116.110.123 # Test router connectivity
Port Reference (Local)
Core Orchestrators
| Port | Service | Purpose |
|---|
| 8080 | OSSA Framework | Standards compliance |
| 8081 | Agent BuildKit | Build orchestration |
| 4000 | LLM Gateway | Unified AI API (LiteLLM) |
Agent Services (3000-3099)
| Port | Service | Purpose |
|---|
| 3000 | Agent Brain | Vector DB (Qdrant) |
| 3001 | Agent Chat | Chat interface |
| 3002 | Agent Docker | Container management |
| 3003 | Agent Mesh | Service coordination (REST) |
| 3004 | Agent Ops | Operations & monitoring |
| 3005 | Agent Protocol | OSSA protocol |
| 3006 | Agent Router | LLM routing |
| 3007 | Agent Studio | Development IDE |
| 3008 | Agent Tracer | Distributed tracing |
| 3009 | Agentic Flows | Workflow orchestration |
| 3010 | Compliance Engine | Compliance validation |
| 3011 | Doc Engine | Documentation generation |
| 3012 | Foundation Bridge | Foundation model integration |
| 3013 | RFP Automation | RFP processing |
| 3014 | Studio UI | Studio frontend |
| 3015 | Workflow Engine | Workflow execution |
Observability
| Port | Service | Purpose |
|---|
| 3009 | Grafana | Metrics visualization |
| 6006 | Phoenix | LLM observability |
| 9090 | Prometheus | Metrics collection |
| 16686 | Jaeger | Distributed tracing UI |
Data Services
| Port | Service | Purpose |
|---|
| 5432 | PostgreSQL | Primary database |
| 6333 | Qdrant | Vector database |
| 6379 | Redis | Cache & pub/sub |
| 9000 | MinIO | Object storage API |
| 9001 | MinIO Console | Object storage UI |
AI Services
| Port | Service | Purpose |
|---|
| 11434 | Ollama | Local LLM inference |
| 5000 | Agent Studio Model | ML model |
| 5002 | Gov RFP Model | RFP processing model |
| 50051 | Agent Mesh | gRPC API |
Development
| Port | Service | Purpose |
|---|
| 8888 | Demo Dashboard | Development UI |
Current Deployment Status (2026-01-03)
| Service | Endpoint | Status |
|---|
| agent-mesh | mesh.bluefly.internal | Running via Cloudflare tunnel |
| GitLab Duo Agent | @bluefly-platform | Registered (Item ID 2028) |
| vast.ai | API integration | Pending API key setup |
Active Services:
mesh.bluefly.internal routes to agent-mesh on port 3005 via cloudflared tunnel- GitLab Duo Agent
bluefly-platform registered and receiving requests
- Cloudflare tunnel operational for public HTTPS access
Pending:
- vast.ai API key configuration for GPU instance management
- Auto-scaling GPU instances based on demand
The Golden Rule
Everything is an agent. Everything is declarative. Everything flows through the mesh.
Issue -> Agent assigns -> MR created -> Agent reviews ->
Pipeline validates -> Merge train -> Release -> Deployed
Full docs: https://gitlab.com/blueflyio/agent-platform/technical-docs/-/wikis/home