AP
Agentic Playbook
OpenClaw·Intermediate·Last tested: 2026-03·~12 min read

Deployment

This guide covers deploying OpenClaw on your own infrastructure, running it as a system daemon, and planning for growth.

The simplest production deployment is a single server running the OpenClaw Gateway with all agents:

Your Server (Ubuntu / Linux)
├── OpenClaw Gateway (:18789)
│   ├── coordinator agent
│   ├── dev-agent (Docker sandboxed)
│   ├── product-agent
│   └── risk-agent
├── Tailscale / SSH tunnel → remote access
├── Database (read-only replica) → for agent queries
└── systemd service → auto-restart, logging

Installation

Install OpenClaw as a systemd daemon:

openclaw onboard --install-daemon

This sets up:

  • Auto-restart on failure
  • System logging via journald
  • Automatic startup on boot

Starting the Gateway

openclaw gateway --port 18789

Or, if installed as a daemon:

systemctl start openclaw
systemctl status openclaw

Remote Access

If your server is in a local datacenter or behind a firewall, use Tailscale Serve or an SSH tunnel with token auth for remote access.

Tip

Tailscale provides zero-config VPN access with built-in auth. It's the simplest way to securely access your OpenClaw gateway from anywhere.

Health Checks

# Full system health check
openclaw doctor

# Check all channel connections
openclaw channels status --probe

# Verify agent routing
openclaw agents list --bindings

Scaling Considerations

When to Stay on a Single Server

A single server handles most use cases well:

  • Up to 5–10 agents
  • Moderate message volume
  • Team of 10–50 users

When to Consider Scaling

  • Token costs exceeding your budget on the current setup
  • Uptime requirements beyond what a single server provides
  • Need for geographic distribution

Scaling Options

  1. Dedicated VPS — Some cloud providers offer one-click OpenClaw deploys for straightforward scaling
  2. Load-balanced gateways — Multiple gateway instances behind a load balancer (advanced)
  3. Separate gateways per team — If teams are fully independent, separate installations may be simpler

Hardware Recommendations

Dedicated machine required. OpenClaw has full filesystem access and can execute arbitrary commands. Never install it on a machine with sensitive data or active personal use.

  • Mac Mini (M4, 16GB, 256GB) — Quiet, low-power, reliable. Good for home/office setups.
  • VPS — DigitalOcean, Railway, Render, or Google Cloud. Best for teams that need uptime without managing hardware.
  • Old laptop — Fine for experimentation. Keep it plugged in and connected to the network.

For physical hardware without a monitor: enable Screen Sharing and Remote Login in macOS System Settings, then SSH in from your main machine.

Cost Considerations

Token costs depend on model choices, heartbeat frequency, and message volume.

  • 1–2 agents on Sonnet — ~$100–200/month via API
  • 5–10 agents (mixed Opus + Sonnet) — ~$500–1000/month via API
  • Subscription-based — Using an existing Claude or ChatGPT subscription is cheapest (~$20/month) but check the provider's terms of service for automated usage

Cost levers:

  • Model-per-agent — Use Opus only for agents that need complex reasoning (coordinator, risk). Use Sonnet for everything else.
  • Sub-agents on cheaper models — The coordinator does synthesis; sub-agents do data gathering on Sonnet.
  • Heartbeat frequency — Fewer checks means fewer tokens. Most agents don't need checks more frequent than every 30 minutes.
  • lightContext flag — Set lightContext: true on heartbeat tasks that don't need full conversation history.

Troubleshooting

Agent not responding:

  1. openclaw doctor — Check gateway health
  2. openclaw channels status --probe — Verify channel connections
  3. openclaw agents list --bindings — Confirm the agent is bound to the right channel

Agent forgetting tasks:

  • Check that the session memory hook is enabled
  • Ask the agent to inspect its own crons and HEARTBEAT.md
  • Review MEMORY.md for unexpected or missing entries

Agent executing wrong actions:

  • Review TOOLS.md for incorrect tool references
  • Check SOUL.md boundaries — they may need to be more explicit
  • Run openclaw security audit to check for permission gaps

Broken scheduling:

  • Ask the agent to inspect and list its cron definitions
  • Verify HEARTBEAT.md has the correct format and intervals
  • Check that the heartbeat interval in openclaw.json is set (default: 30 minutes)

Recovery from severe breakage: OpenClaw workspaces are just markdown files and JSON configs. You can debug them manually or use Claude Code to diagnose issues by pasting the workspace contents.

Phased Rollout

Start Small

Start with one agent, add incrementally. Coordination complexity is the primary challenge in multi-agent deployments.

Phase 1: Foundation (Weeks 1–2)

  1. Install OpenClaw on your server
  2. Set up a single coordinator agent
  3. Connect to one messaging platform
  4. Write SOUL.md, AGENTS.md, USER.md
  5. Build a simple periodic workflow with HEARTBEAT.md
  6. Validate memory, sessions, and heartbeat behavior

Phase 2: Second Agent (Weeks 3–4)

  1. Add a specialist agent (e.g., engineering)
  2. Create its workspace with role-specific persona files
  3. Bind to the appropriate channel
  4. Enable Docker sandbox for code-executing agents
  5. Test workflows specific to that role

Phase 3: Full Team (Weeks 5–6)

  1. Add remaining specialist agents
  2. Create their workspaces and channel bindings
  3. Build custom skills (SQL runner, documentation writer, etc.)
  4. Test cross-agent data sharing via files

Phase 4: Orchestration (Weeks 7–8)

  1. Enable sessions_spawn for the coordinator agent
  2. Build sub-agent workflows (weekly brief, analysis, monitoring)
  3. Set up cron jobs for automated reports
  4. Add additional agents if the team is ready

Phase 5: Ongoing Optimization

  1. Monitor token costs per agent
  2. Tune HEARTBEAT.md intervals
  3. Iterate on workspace files based on real usage
  4. Expand skills from the ClawHub registry as needed