daniel/agent-claw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial research: OpenClaw on AgentCore architecture

Browse Source 
- Architecture comparison (OpenClaw daemon vs AgentCore serverless)
- Component compatibility analysis
- Fargate analysis
- AgentCore rebuild plan (Telegram, zero always-on compute)
- Memory strategy: AgentCore Memory + factbase as structured KB
- Serverless relay patterns per channel
- All open questions resolved
- OpenClaw feature delta March→May 2026
- Build phases and cost estimates
This commit is contained in:
daniel
2026-05-04 08:28:52 -05:00
parent 4afa16a9cd
commit 0369a74ac1
13 changed files with 1876 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

129
open-questions-resolved.md Normal file
View File

@@ -0,0 +1,129 @@
# Open Questions — Final Research Findings
*Updated 2026-05-04 after research pass*
---
## Q1: Direct Code Deployment vs Container — ✅ RESOLVED
**CodeZip is the default and recommended path. No Docker needed.**
The AgentCore CLI scaffolds CodeZip by default:
```bash
agentcore create --name MyAgent --framework Strands --model-provider Bedrock --build CodeZip
agentcore deploy # AWS CodeBuild packages it; no local Docker required
```
Container mode is opt-in (`--build Container`). Q4 (ARM64 Dockerfile) is moot for initial build.
---
## Q2: Secrets in the Container — ✅ RESOLVED (with known limitation)
AgentCore Runtime env vars are **plaintext only** today. GitHub issue #396 (filed ~April 2026) requests ECS-style `valueFrom` Secrets Manager references — not yet implemented.
**Recommended pattern: IAM role + SDK fetch at startup**
```python
import boto3, os
def load_secrets():
sm = boto3.client('secretsmanager')
secret = sm.get_secret_value(SecretId='openclaw/agent/keys')
os.environ['BRAVE_API_KEY'] = secret['SecretString']
# etc.
# Call once at module load → cached for the 6-8hr warm session
load_secrets()
```
The container's IAM execution role grants Secrets Manager access. Runs once per session start — negligible cost. Don't pass secrets through the invocation payload.
---
## Q3: AgentCore Memory Pricing — ✅ RESOLVED (low risk for personal scale)
**Pricing structure confirmed:**
- Long-term retrieval: billed **per retrieve request**
- Built-in strategy model costs (extraction + consolidation): **included in Memory pricing** (confirmed by AWS re:Post)
- Storage: per GB
Exact per-event and per-GB rates not yet clearly published (still preview pricing). At personal assistant scale (~100 turns/day), cost will be pennies. Validate after first test deployment.
---
## Q4: ARM64 Container Build — ✅ RESOLVED (moot, but documented)
Superseded by CodeZip (Q1). If container mode ever needed:
```dockerfile
FROM --platform=linux/arm64 ghcr.io/astral-sh/uv:python3.11-bookworm-slim
WORKDIR /app
COPY pyproject.toml uv.lock ./
RUN uv sync --frozen --no-cache
COPY agent.py ./
EXPOSE 8080
CMD ["uv", "run", "uvicorn", "agent:app", "--host", "0.0.0.0", "--port", "8080"]
```
Build: `docker buildx build --platform linux/arm64 -t <ecr-uri>:latest --push .`
⚠️ Hard requirement: ARM64 only. x86 image → `ValidationException: Architecture incompatible` on CreateAgentRuntime.
---
## Q5: Region + Model — ✅ RESOLVED
**Region: us-east-1** (broadest service availability, aligns with existing AWS work)
**Models (Bedrock cross-region inference, `us.` prefix):**
| Use | Model ID | Notes |
|---|---|---|
| Main agent | `us.anthropic.claude-3-7-sonnet-20250219-v1:0` | Primary workhorse |
| Heartbeats | `us.anthropic.claude-3-5-haiku-20241022-v1:0` | Fast, cheap |
| Experiment | `us.anthropic.claude-sonnet-4-*` | Sonnet 4 now on Bedrock (1M ctx preview) |
Strands defaults to Bedrock + Sonnet when AWS creds are present. No extra config needed for basic setup.
---
## Q6: Self-Managed Memory Strategy — ⚠️ NOT SUPPORTED YET
**Finding:** AgentCore CLI issue #677 (March 26, 2026): *"AgentCore memory does not currently support self-managed strategies."* Docs describe it; CLI doesn't implement it.
**Impact:** The "bring your own Lambda extraction pipeline" pattern is blocked via CLI.
**What still works:**
- ✅ Built-in strategies: SUMMARIZATION, USER_PREFERENCE, SEMANTIC — fully supported, automatic
- ✅ Strands `AgentCoreMemorySessionManager` — auto-stores turns, handles extraction
-`BatchCreateMemoryRecords` API directly — works for explicit writes, bypasses CLI
**Recommended mitigation:**
- Use built-in strategies for automatic extraction (covers ~90% of MEMORY.md value)
- Add `write_memory_record` as an agent tool that calls `BatchCreateMemoryRecords` directly
- This gives explicit "remember this" control without the self-managed strategy pipeline
```python
@tool
def write_memory_record(content: str, namespace: str = "/curated/daniel/") -> str:
"""Explicitly write an important fact or lesson to long-term memory."""
memory_client.batch_create_memory_records(
memoryId=MEMORY_ID,
memoryRecords=[{"content": {"text": content}, "namespace": namespace}]
)
return f"Written to memory: {content[:50]}..."
```
---
## Summary
| # | Question | Status | Decision |
|---|---|---|---|
| 1 | Direct code deploy vs container | ✅ | Use CodeZip — no Docker |
| 2 | Secrets in container | ✅ | IAM role + SDK fetch at startup |
| 3 | Memory pricing | ✅ | Unknown exact rates, low risk at personal scale |
| 4 | ARM64 Dockerfile | ✅ | Moot (CodeZip), documented for reference |
| 5 | Region + model | ✅ | us-east-1, Claude Sonnet (cross-region) |
| 6 | Self-managed memory trigger | ✅ | Use built-in + BatchCreateMemoryRecords as tool |
**All open questions resolved. Ready for Phase 0 spike.**