A Kubernetes-native AI Agent orchestration and autonomous management platform that executes Agents as isolated Pods. It provides 7 core CRDs for multi-Agent workflow orchestration, policy gating, persistent memory, and local model inference, enabling Agent fleets to autonomously manage the cluster itself.
Core Positioning#
Sympozium is a Kubernetes-native AI Agent management platform that defines Agents and their behavioral boundaries through Custom Resource Definitions (CRDs). It focuses on Agent scheduling, isolation, persistent memory, and multi-Agent workflow orchestration within K8s.
Agent Orchestration & Lifecycle#
- Agent as Pod: Each Agent execution is instantiated as a temporary Kubernetes Job with independent security context, resource limits, and automatic cleanup
- Ensembles: Helm Chart-like Agent team packaging mechanism with preset system prompts, skills, schedules, and memory
- Agent Workflows: Supports delegation, sequential pipelines, and supervision between Agents with interactive Canvas visualization
- Scheduled Execution:
SympoziumScheduleCRD enables cron-driven periodic Agent runs
Security & Isolation#
- Skill Sidecars: Each Skill runs in an isolated sidecar container with auto-injected least-privilege RBAC and automatic garbage collection
- SympoziumPolicy: Admission Webhook-based tool-level gating with Permissive, Default, and Restrictive policy presets
- Agent Sandbox: Kernel-level isolation via kubernetes-sigs/agent-sandbox (gVisor/Kata) with warm pool support
Memory & Model Inference#
- Persistent Memory: SQLite + FTS5 full-text search on PersistentVolume, surviving across Pod lifecycles; Pack-level workflow memory sharing with per-persona access control
- Local Model Inference:
ModelCRD declares GGUF models; controller auto-downloads weights, deploys llama-server, exposes API-key-free OpenAI-compatible endpoint - Node Inference Discovery: DaemonSet probes for Ollama/vLLM/llama-cpp on nodes, auto-labels and supports nodeSelector binding
Interfaces & Ecosystem#
- Multi-Channel Integration: Native support for Telegram, Slack, Discord, WhatsApp as independent Deployments driven by NATS JetStream
- Web Endpoint: Exposes Agents as OpenAI-compatible API (
/v1/chat/completions) and MCP endpoints in serving mode - MCP Server Integration:
MCPServerCRD manages external tool providers with auto-discovery and allow/deny filtering - Multi AI Providers: OpenAI, Anthropic, Azure, Ollama, LM Studio, Unsloth, AWS Bedrock, or any OpenAI-compatible endpoint
- Observability: Built-in OpenTelemetry for traces and metrics export
Architecture#
Control plane is primarily Go-based: Controller Manager (6 reconcilers), HTTP + WebSocket API Server, Admission Webhook. Data layer uses etcd (CRD state) and PostgreSQL (sessions & history). NATS JetStream (StatefulSet) serves as the persistent event bus decoupling control plane from channels.
Agent Pod structure: optional PreRun Init Containers → Agent Container (LLM-agnostic) → IPC Bridge Sidecar (fsnotify → NATS, language-agnostic zero-dependency IPC) → Memory Sidecar (SQLite + PVC) → Skill Sidecars → MCP Bridge Sidecar → optional Sandbox → optional PostRun Job.
Delegation workflow: Parent Agent writes to /ipc/spawn/ → IPC Bridge publishes to NATS → SpawnRouter creates child AgentRun → child completes, result returns via NATS → parent unblocks and reads result.
Core Resource Model (7 CRDs)#
| CRD | Analogy | Purpose |
|---|---|---|
| Agent | Namespace/Tenant | User-level gateway: LLM config, skill binding, channel connection, memory settings |
| AgentRun | Job | Single Agent execution, temporary Pod, auto-cleanup |
| SympoziumPolicy | NetworkPolicy | Tool/feature admission gating |
| SkillPack | ConfigMap | Portable Skill package with optional sidecar images and RBAC |
| SympoziumSchedule | CronJob | Cron-driven periodic Agent runs |
| Ensemble | Helm Chart/Operator Bundle | Pre-configured Agent team package |
| Model | Deployment + Service | In-cluster GGUF model inference |
Use Cases#
- SRE On-Call Automation: Cluster health monitoring, incident triage, auto-rollback
- Security Auditing: Periodic scanning for privilege escalation, hardcoded secrets, missing NetworkPolicies
- DevOps Operations: Scaling, namespace creation, node draining, resource optimization
- Customer Service Fleets: Multi-tenant customer service across Telegram/Slack/Discord/WhatsApp
- Code Review: Issue triage, PR review, CI/CD integration
- Dev Team Collaboration: 7-Agent dev team (Tech Lead, Backend/Frontend Dev, QA, Code Reviewer, DevOps, Docs Writer) collaborating in a single repo
Installation#
Prerequisites: Kubernetes cluster, cert-manager
# CLI install (macOS/Linux)
brew tap sympozium-ai/sympozium
brew install sympozium
# or
curl -fsSL https://deploy.sympozium.ai/install.sh | sh
# Quick deploy
sympozium install # Deploy CRDs, controllers, built-in Ensembles
sympozium # Launch TUI
sympozium serve # Launch Web dashboard
Helm installation is also available, requiring CRDs to be installed before the control plane.
Background & Current Status#
Created by the makers of k8sgpt and llmfit. Current version v0.10.17 with 205 releases and 762 commits. Actively developing with v1alpha1 APIs subject to change. Primary languages: Go (54%), TypeScript (30%), Shell (14.6%). No public production deployment cases found; vector search upgrade status unconfirmed.