How to Manage 20,000 Workloads with an IT Operations Agent
Real IT landscapes are wild gardens: three logging stacks from two acquisitions, Argo CD next to Flux, strict segmentation everywhere. AI agent demos assume the opposite. Hyground 2.0 closes that gap with one IT operations agent across your entire landscape: 20,000+ workloads, 40+ clusters, and hundreds of connections into observability stacks, databases, cloud accounts, and ticket systems, all in one conversation. A thin outpost per environment keeps credentials local, access stays read-only by default, and no data leaves your infrastructure. Plus: why we built a multi-agent system first, and why we tore it out.
July 7, 2026

The expectation: an AI agent that helps operate everything.
The reality on day one: the agent has access to nothing, and everything it would need to touch is prohibited.
IT systems are not cleanrooms, designed and built in a single effort. They are wild gardens, grown over years and decades: three logging stacks from two acquisitions, Argo CD in one platform team and Flux in another, a Splunk that predates Kubernetes and outlives every migration plan. Every system that survives long enough to matter looks like this.
Agent demos assume the opposite: a transparent, submissive infrastructure where every system is reachable, every credential is available, and nothing is segmented. Most products resolve that tension by asking you to change. Ship your telemetry into a vendor's cloud, roll their collection agent into every cluster, and accept an assistant that only sees what its own platform has already ingested.
Hyground 2.0 is the biggest release we have shipped, and it goes the other way: one agent across your entire landscape, in one conversation, without your landscape having to change. We built it for what our customers actually run: 20,000+ workloads, 40+ clusters, hundreds of connections into observability stacks, databases, cloud accounts, and ticket systems.
You ask "why is checkout slow in prod-eu?" and one agent investigates everything at once: metrics from that cluster's Prometheus, logs from OpenSearch, the state of the deployment itself, the database behind it. The findings arrive correlated, in one answer, instead of you carrying partial results between tools.
The detour we took first
Our first multi-cluster architecture was the textbook multi-agent system: a central orchestrator connected to a subagent in each cluster. The orchestrator never saw the tools directly. It only knew which agent had access to what, forwarded the question, and relayed the answer back. Every cluster also carried a full Hyground stack: its own auth integration, its own database, its own UI, its own upgrade cycle.
It worked. It didn't scale. Every hop between agents paraphrases, every paraphrase drops facts, and every step pays a full LLM round trip. Users asked precise questions and got back summaries of summaries. We patched symptoms for several releases before accepting that the loss comes with the architecture itself. Multi-agent systems are still the hyped answer for scaling AI; we say this as a team that ran one in production.
That detour deserves its own article.
One agent. One session.
Hyground 2.0 is the much simpler system, and it has exactly two components. A manager, deployed once, holds the brain: the agent, the UI, and everything that discovers and routes across your environments. Each environment you connect runs an outpost: a thin gateway (50 millicores of CPU, 70 MB of memory) plus the adapters that environment exposes. Forty clusters means one brain and forty small outposts, not forty installations.
Ask about a deployment in prod-eu, and the agent's command travels a short, dumb path: the manager attaches credentials and forwards it to that environment's outpost, the outpost hands it to the local adapter, and the result streams back into the same conversation. No second agent re-interprets the request along the way, so nothing gets summarized, delayed, or lost in between.
This is what makes 2.0 feel different in daily use: answers come back faster because no step waits on a second model, token spend drops because nothing is processed twice, and each additional environment costs you a small outpost instead of a full installation.
Grown networks are the reason the relay looks the way it does: the manager dials exactly one authenticated HTTPS route per environment, with no VPN or service mesh in between, and nothing in your environments ever connects back to the manager.

A map of everything
One agent with access to everything still has to find things. In a stack of tens of thousands of workloads, "where does currency-service live?" cannot mean "ask every cluster, every time."
So the agent gets a map. Hyground continuously scans clusters, namespaces, workloads, cloud resources, databases, and search indexes into a topology graph that refreshes every few minutes. Investigations start with one indexed lookup instead of a fan-out to every connected system: ask about currency-service and the agent knows which of your clusters it runs in, which team's GitOps pipeline deploys it, and that the rollout currently has fewer ready replicas than it wants, before it runs a single command.
A workload's name in the map is its real address, k8s://prod-eu/…/payments/currency-service, the same name the agent uses to run a command against it, so it follows references across systems without translation. The agent also adds what it learns to the map: quirks, ownership notes, and systems no scanner can see. A new topology view lets you browse the same map yourself.
Enforcement lives at the spokes
Credentials never leave their environment. Each environment's kubeconfig and cloud credentials stay on its outpost; the manager never holds them. In regulated landscapes that is a compliance requirement, and the architecture satisfies it by construction. What those credentials grant is read-only by default: a get/list/watch service account in Kubernetes, and cloud adapters that verify at startup that the identity you handed them cannot write, and refuse to start otherwise.
Adapters also validate commands in code before anything executes: the Flux adapter accepts exactly nine read verbs, and the Splunk adapter screens every segment of an SPL pipeline. An outpost cannot route to another environment; it doesn't know other environments exist. Everything the agent does lands in one audit trail, with session and user attribution, in your own database.
And nothing phones home. Hyground deploys with one Helm chart into your cluster, stores everything in your own PostgreSQL, validates its license offline, and mirrors into air-gapped registries. You choose where the model runs: your own Azure OpenAI or Bedrock tenant, a provider API, or a self-hosted endpoint. We never receive, store, or proxy your operational data.
Built to fit
Thirty documented integrations connect to what you already run: Prometheus and Splunk, Elasticsearch and Loki, Argo CD and Flux, all three hyperscalers, PostgreSQL and MongoDB, Jira and ServiceNow. Each needs an endpoint URL and a scoped, read-only credential of the system you already operate. The only thing Hyground installs in a connected environment is its own small outpost; the systems it reads stay untouched. Enable the adapters an environment should expose, and they advertise themselves to the agent automatically.
The agent meets you where you already work, too: the web UI, Slack, Microsoft Teams, email, or your coding agent over MCP. You scope a question by typing @ to mention specific environments, alerts can open an investigation on their own, and scheduled sessions run the nightly health sweeps nobody wants to do by hand.
Your platform teams keep their tools, your auditors get one trail, and your credentials keep their boundaries. Hyground inherits your compliance posture — not the other way around.

Author
Bastian de Groot
CTO
Has spent over a decade building infrastructure where milliseconds matter, most recently across cloud-native, automation, and AI-driven operations. Before that, he ran high-frequency trading systems at Bloomberg. Off the clock, he automates factories in Factorio and plays complex board games.
Keep exploring
Product
Architecture
A signal arrives, agents investigate in a sandboxed workspace, and the result lands in the tools your team already runs. Every step happens inside your own infrastructure, on the model you choose.
Hyground
Book a demo
See Hyground in action. Tailored for enterprises that demand sovereignty and compliance.
Whitepapers
The Compliance-First SRE Agent
AI-powered IT operations with full data sovereignty and zero external exposure.