Ansible - MeshOps Coordination Skill
What This Is
Ansible is a distributed coordination layer that lets you operate across multiple OpenClaw gateways as one coordinated mesh.
Four pillars:
- 1. Ring of Trust: invite/join handshake, auth-gate WebSocket tickets, ed25519-signed capability manifests, per-action safety gates, and token lifecycle.
- Mesh Sync: Yjs CRDT replication over Tailscale. Messages, tasks, context, and pulse remain durable across reconnects and restarts.
- Capability Routing: publish/unpublish capability contracts. Each contract references a delegation skill (requester) and an execution skill (executor).
- Lifecycle Ops: lock sweep, retention/pruning, coordinator sweep, and deployment hygiene.
Relationship Modes
- - Friends/Employees (default): other nodes are different agents. Provide context and communicate explicitly.
- Hemispheres (advanced): mirrored instances of the same identity. Shared intent and direct communication.
Default to Friends/Employees unless explicitly told a node is a hemisphere.
Node Topology
- - Backbone: always-on nodes (VPS/servers) that host Yjs WebSocket.
- Edge: intermittent nodes (laptops/desktops) that connect to backbone.
Human Visibility Contract (Required on Pickup)
When taking coordination work, maintain explicit lifecycle updates:
- 1. ACK: confirm receipt and summarize intent.
- IN_PROGRESS: emit progress updates at meaningful checkpoints.
- DONE or BLOCKED: close with evidence, next action, and owner.
Use conversation_id consistently for all related updates.
Ring of Trust - Behavioral Rules
- - Unknown nodes require invite-based admission. Do not bypass.
- High-risk capability publishes require human approval artifacts.
- Respect caller gates (
OPENCLAW_ALLOWED_CALLERS) and high-risk flags. - Never expose tokens in plaintext messages/logs/shared state.
- When signature enforcement is on, only accept manifests signed by trusted publisher keys.
Gateway Compatibility Contract
- - Validate plugin is installed and readable before assuming tool availability.
- Verify tier assumptions (backbone vs edge) before mutating coordination settings.
- Treat gateway runtime as source of truth for active topology and health.
Reliability Model
Source of Truth
Shared Yjs state is authoritative.
Delivery Semantics
- - Durable: messages/tasks persist in shared state.
- Auto-dispatch: best-effort realtime injection into sessions.
- Heartbeat reconcile: periodic rescan recovers missed injections.
- Retry: transient dispatch failures retry with bounded backoff.
- Send receipts: notify configured operators when work is placed on mesh.
Operating Rules
- - Verify pending work with
ansible_status and ansible_read_messages. - If polling mode is used, always reply via
ansible_send_message. - Use
corr:<messageId> for thread continuity. - Listener behavior is optimization; sweep/reconcile is the backstop.
Capability Contracts
- - A capability is a contract, not just a label.
- Contract includes delegation and execution skill references.
- Publishing updates routing eligibility mesh-wide.
- Provenance is verified against trusted publisher keys when configured.
- High-risk contracts require explicit approval artifacts.
- Unpublish removes eligibility immediately.
- Lifecycle evidence must capture install/wire outcomes.
Delegation Protocol
- 1. Requester creates task with objective, context, acceptance criteria, and target policy (
to_agents or capability). - Executor claims task and sends acceptance/ETA signal.
- Executor performs work, emits progress, and completes with structured result.
- Requester reports final outcome to human and/or downstream agents.
Coordinator Behavior
- - Run sweep loops for stale locks, SLA drift, and backlog reconciliation.
- Prefer record-only escalation by default when blast radius is unclear.
- If DEGRADED, prioritize containment, visibility, and deterministic recovery.
Available Tools
Communication
| Tool | Purpose |
|---|
| INLINECODE7 | Send targeted or broadcast message across mesh |
| INLINECODE8 |
Read unread messages (or full history) |
|
ansible_mark_read | Mark messages as read |
|
ansible_delete_messages | Admin-only emergency purge |
Task Delegation
| Tool | Purpose |
|---|
| INLINECODE11 | Create task for another node/agent set |
| INLINECODE12 |
Claim pending task |
|
ansible_update_task | Update task status/progress |
|
ansible_complete_task | Complete task and notify requester |
|
ansible_find_task | Resolve task by ID/title |
Context and Status
| Tool | Purpose |
|---|
| INLINECODE16 | Mesh health, unread, pending, and topology summary |
| INLINECODE17 |
Update shared context/threads/decisions |
Coordination and Governance
| Tool | Purpose |
|---|
| INLINECODE18 | Read coordinator configuration |
| INLINECODE19 |
Set node coordinator preference |
|
ansible_set_coordination | Switch coordinator (guarded) |
|
ansible_set_retention | Configure closed-task retention/pruning |
|
ansible_get_delegation_policy | Read delegation policy plus ACKs |
|
ansible_set_delegation_policy | Publish/update delegation policy |
|
ansible_ack_delegation_policy | Acknowledge policy version |
|
ansible_lock_sweep_status | Inspect lock sweep health |
Capability Lifecycle
| Tool | Purpose |
|---|
| INLINECODE26 | List published capability contracts |
| INLINECODE27 |
Publish/upgrade capability contract |
|
ansible_capability_unpublish | Remove capability from routing |
|
ansible_capability_lifecycle_evidence | Show install/wire evidence for version |
|
ansible_capability_health_summary | Show success/error/latency summary |
When to Use Ansible
Use Ansible when work crosses gateways, needs durable coordination, or requires auditable delegation contracts.
Session Behavior
- - Start by checking status and pending work.
- Prefer explicit delegation for capability-matched work.
- Keep humans in loop via lifecycle messages.
Message Protocol v1
- - Always include enough context for independent execution.
- Use stable correlation IDs (
corr) and conversation IDs. - Prefer structured payloads over freeform-only messaging.
Setup Playbooks
Follow plugin setup and gateway runbooks for topology bootstrap, auth-gate, and trust settings.
Delegation Management
- - Keep delegation policy current and acknowledged across nodes.
- Treat capability publishes as contract releases.
- Roll back quickly when lifecycle evidence indicates drift or misfire.
Ansible - 网格操作协调技能
这是什么
Ansible 是一个分布式协调层,让您能够像操作一个统一网格一样,在多个 OpenClaw 网关之间进行操作。
四大支柱:
- 1. 信任环:邀请/加入握手、认证网关 WebSocket 票据、ed25519 签名的能力清单、每个操作的安防门控以及令牌生命周期。
- 网格同步:基于 Tailscale 的 Yjs CRDT 复制。消息、任务、上下文和心跳在重连和重启后保持持久化。
- 能力路由:发布/取消发布能力合约。每个合约引用一个委托技能(请求方)和一个执行技能(执行方)。
- 生命周期操作:锁清理、保留/修剪、协调器清理以及部署卫生。
关系模式
- - 朋友/员工(默认):其他节点是不同的代理。提供上下文并明确沟通。
- 半球(高级):同一身份的镜像实例。共享意图并直接沟通。
除非明确告知某个节点是半球,否则默认为朋友/员工模式。
节点拓扑
- - 骨干节点:始终在线的节点(VPS/服务器),托管 Yjs WebSocket。
- 边缘节点:间歇性连接的节点(笔记本电脑/台式机),连接到骨干节点。
人工可见性合约(接手时必需)
承担协调工作时,保持明确的生命周期更新:
- 1. 确认:确认收到并总结意图。
- 进行中:在关键检查点发出进度更新。
- 完成或阻塞:附带证据、下一步行动和负责人关闭。
对所有相关更新一致使用 conversation_id。
信任环 - 行为规则
- - 未知节点需要基于邀请的准入。不得绕过。
- 高风险能力发布需要人工批准工件。
- 尊重调用者门控(OPENCLAWALLOWEDCALLERS)和高风险标志。
- 切勿在明文消息/日志/共享状态中暴露令牌。
- 当签名强制开启时,仅接受由受信任发布者密钥签名的清单。
网关兼容性合约
- - 在假设工具可用前,验证插件已安装且可读取。
- 在修改协调设置前,验证层级假设(骨干节点 vs 边缘节点)。
- 将网关运行时视为活跃拓扑和健康状态的唯一真实来源。
可靠性模型
唯一真实来源
共享的 Yjs 状态具有权威性。
投递语义
- - 持久化:消息/任务持久保存在共享状态中。
- 自动分发:尽力而为的实时注入到会话中。
- 心跳协调:定期重新扫描恢复遗漏的注入。
- 重试:瞬时分发失败以有限退避重试。
- 发送回执:当工作被放置到网格上时通知配置的操作员。
操作规则
- - 使用 ansiblestatus 和 ansiblereadmessages 验证待处理工作。
- 如果使用轮询模式,始终通过 ansiblesend_message 回复。
- 使用 corr: 保持线程连续性。
- 监听器行为是优化手段;扫描/协调是兜底机制。
能力合约
- - 能力是一个合约,而不仅仅是一个标签。
- 合约包含委托和执行技能引用。
- 发布会更新整个网格的路由资格。
- 配置时,来源将根据受信任的发布者密钥进行验证。
- 高风险合约需要明确的批准工件。
- 取消发布立即移除路由资格。
- 生命周期证据必须捕获安装/连接结果。
委托协议
- 1. 请求方创建任务,包含目标、上下文、验收标准和目标策略(to_agents 或能力)。
- 执行方认领任务并发送接受/预计完成时间信号。
- 执行方执行工作,发出进度更新,并以结构化结果完成。
- 请求方向人工和/或下游代理报告最终结果。
协调器行为
- - 运行清理循环处理过期锁、SLA 漂移和积压协调。
- 当影响范围不明确时,默认优先选择仅记录上报。
- 如果处于降级状态,优先考虑遏制、可见性和确定性恢复。
可用工具
通信
| 工具 | 用途 |
|---|
| ansiblesendmessage | 跨网格发送定向或广播消息 |
| ansiblereadmessages |
读取未读消息(或完整历史) |
| ansible
markread | 将消息标记为已读 |
| ansible
deletemessages | 仅管理员可用的紧急清理 |
任务委托
| 工具 | 用途 |
|---|
| ansibledelegatetask | 为另一个节点/代理组创建任务 |
| ansibleclaimtask |
认领待处理任务 |
| ansible
updatetask | 更新任务状态/进度 |
| ansible
completetask | 完成任务并通知请求方 |
| ansible
findtask | 按 ID/标题解析任务 |
上下文和状态
| 工具 | 用途 |
|---|
| ansiblestatus | 网格健康、未读、待处理和拓扑摘要 |
| ansibleupdate_context |
更新共享上下文/线程/决策 |
协调和治理
| 工具 | 用途 |
|---|
| ansiblegetcoordination | 读取协调器配置 |
| ansiblesetcoordination_preference |
设置节点协调器偏好 |
| ansible
setcoordination | 切换协调器(受保护) |
| ansible
setretention | 配置已关闭任务的保留/修剪 |
| ansible
getdelegation_policy | 读取委托策略及确认 |
| ansible
setdelegation_policy | 发布/更新委托策略 |
| ansible
ackdelegation_policy | 确认策略版本 |
| ansible
locksweep_status | 检查锁清理健康状态 |
能力生命周期
| 工具 | 用途 |
|---|
| ansiblelistcapabilities | 列出已发布的能力合约 |
| ansiblecapabilitypublish |
发布/升级能力合约 |
| ansible
capabilityunpublish | 从路由中移除能力 |
| ansible
capabilitylifecycle_evidence | 显示版本的安装/连接证据 |
| ansible
capabilityhealth_summary | 显示成功/错误/延迟摘要 |
何时使用 Ansible
当工作跨越网关、需要持久化协调或需要可审计的委托合约时,使用 Ansible。
会话行为
- - 开始时检查状态和待处理工作。
- 对于能力匹配的工作,优先使用显式委托。
- 通过生命周期消息让人工保持知情。
消息协议 v1
- - 始终包含足够的上下文以支持独立执行。
- 使用稳定的关联 ID(corr)和会话 ID。
- 优先使用结构化负载而非纯自由格式消息。
设置手册
按照插件设置和网关运行手册进行拓扑引导、认证网关和信任设置。
委托管理
- - 保持委托策略最新并在各节点间得到确认。
- 将能力发布视为合约发布。
- 当生命周期证据表明存在漂移或误触发时,快速回滚。
