a2a-setup
by ccccl8
Install and configure the Claw Crony A2A Gateway plugin for cross-server agent communication. Use when: (1) setting up A2A between two or more OpenClaw instances, (2) user says 'configure A2A', 'set up A2A gateway', 'connect two OpenClaw servers', 'agent-to-agent communication', (3) adding a new A2A peer to an existing setup. Covers: plugin installation, Agent Card configuration, security tokens, peer registration, network setup (Tailscale/LAN), TOOLS.md template for agent awareness, and end-to-end verification.
安装
claude skill add --url https://github.com/openclaw/skills文档
A2A Gateway Setup
Configure the Claw Crony A2A Gateway plugin for cross-server agent-to-agent communication using the A2A v0.3.0 protocol.
Prerequisites
- OpenClaw ≥ 2026.3.0 installed and running on each server
- Network connectivity between servers (Tailscale recommended, LAN or public IP also work)
- Node.js ≥ 22
Step 1: Install the Plugin
mkdir -p <WORKSPACE>/plugins
cd <WORKSPACE>/plugins
git clone https://github.com/ccccl8/claw-crony.git claw-crony
cd claw-crony
npm install --production
Replace <WORKSPACE> with the agent workspace path. Find it with:
openclaw config get agents.defaults.workspace
Step 2: Register Plugin in OpenClaw
Get current allowed plugins first to avoid overwriting:
openclaw config get plugins.allow
Then add claw-crony to the existing array (do NOT drop existing plugin ids):
# Example only — include your existing plugins too
openclaw config set plugins.allow '["<existing...>", "claw-crony"]'
openclaw config set plugins.load.paths '["<ABSOLUTE_PATH>/plugins/claw-crony"]'
openclaw config set plugins.entries.claw-crony.enabled true
Critical: Use the absolute path in plugins.load.paths. Relative paths will fail.
Step 3: Configure Agent Card
openclaw config set plugins.entries.claw-crony.config.agentCard.name '<AGENT_NAME>'
openclaw config set plugins.entries.claw-crony.config.agentCard.description '<DESCRIPTION>'
openclaw config set plugins.entries.claw-crony.config.agentCard.url 'http://<REACHABLE_IP>:18800/a2a/jsonrpc'
openclaw config set plugins.entries.claw-crony.config.agentCard.skills '[{"id":"chat","name":"chat","description":"Bridge chat/messages to OpenClaw agents"}]'
URL field rules
| Field | Points to | Example |
|---|---|---|
agentCard.url | JSON-RPC endpoint (default) | http://100.x.x.x:18800/a2a/jsonrpc |
peers[].agentCardUrl | Agent Card discovery (preferred) | http://100.x.x.x:18800/.well-known/agent-card.json |
Do NOT confuse these two. agentCard.url tells peers where to send messages. agentCardUrl tells you where to discover the peer.
Note: this plugin also serves the legacy alias /.well-known/agent.json, but the official SDK default is /.well-known/agent-card.json.
Step 4: Configure Server
openclaw config set plugins.entries.claw-crony.config.server.host '0.0.0.0'
openclaw config set plugins.entries.claw-crony.config.server.port 18800
Step 5: Configure Security
TOKEN=$(openssl rand -hex 24)
echo "Save this token: $TOKEN"
openclaw config set plugins.entries.claw-crony.config.security.inboundAuth 'bearer'
openclaw config set plugins.entries.claw-crony.config.security.token "$TOKEN"
Share this token with peers who need to send you messages.
Step 6: Configure Routing
openclaw config set plugins.entries.claw-crony.config.routing.defaultAgentId 'main'
Step 7: Add Peers
openclaw config set plugins.entries.claw-crony.config.peers '[
{
"name": "<PEER_NAME>",
"agentCardUrl": "http://<PEER_IP>:18800/.well-known/agent-card.json",
"auth": {
"type": "bearer",
"token": "<PEER_INBOUND_TOKEN>"
}
}
]'
For multiple peers, include all in one JSON array.
Step 8: Restart and Verify
openclaw gateway restart
# Verify Agent Card
curl -s http://localhost:18800/.well-known/agent-card.json | python3 -m json.tool
# Verify peer connectivity
curl -s http://<PEER_IP>:18800/.well-known/agent-card.json | python3 -m json.tool
Step 9: Configure TOOLS.md
This step is critical. Without it, the agent won't know how to use A2A.
Read references/tools-md-template.md and append the A2A section to the agent's TOOLS.md, replacing placeholders with actual peer info.
For outbound messaging, use the SDK script (scripts/a2a-send.mjs).
To use the SDK script, ensure @a2a-js/sdk is installed in the plugin directory:
cd <WORKSPACE>/plugins/claw-crony && npm ls @a2a-js/sdk
Step 10: End-to-End Test
node <WORKSPACE>/plugins/claw-crony/skill/scripts/a2a-send.mjs \
--peer-url http://<PEER_IP>:18800 \
--token <PEER_TOKEN> \
--message "Hello, what is your name?"
The script uses @a2a-js/sdk ClientFactory to auto-discover the Agent Card, handle authentication, and print the peer agent's response.
Async task mode (recommended for long-running prompts)
For prompts that may take longer than a typical request timeout (e.g., multi-round discussions, long summaries), use non-blocking mode + polling:
node <WORKSPACE>/plugins/claw-crony/skill/scripts/a2a-send.mjs \
--peer-url http://<PEER_IP>:18800 \
--token <PEER_TOKEN> \
--non-blocking \
--wait \
--timeout-ms 600000 \
--poll-ms 1000 \
--message "Discuss A2A advantages in 3 rounds and provide final conclusion"
This sends configuration.blocking=false and then polls tasks/get until the task reaches a terminal state.
Server-side timeout configuration (OpenClaw dispatch)
If you still see Request accepted (no agent dispatch available), the underlying OpenClaw agent run may be timing out. Increase:
plugins.entries.claw-crony.config.timeouts.agentResponseTimeoutMs(default: 300000)
Optional: Route to a specific OpenClaw agentId (OpenClaw extension)
By default, the peer will route inbound A2A messages to routing.defaultAgentId.
To route a single request to a specific agentId (e.g., coder) on the peer, pass --agent-id:
node <WORKSPACE>/plugins/claw-crony/skill/scripts/a2a-send.mjs \
--peer-url http://<PEER_IP>:18800 \
--token <PEER_TOKEN> \
--agent-id coder \
--message "Run tests and summarize failures"
Note: this uses a non-standard message.agentId field understood by the Claw Crony A2A Gateway plugin. It is most reliable over JSON-RPC/REST. gRPC transport may drop unknown Message fields.
Network: Tailscale Setup (if needed)
When servers are on different networks, use Tailscale:
curl -fsSL https://tailscale.com/install.sh | sh
sudo tailscale up
# Authenticate via the printed URL (use same account on all servers)
tailscale ip -4 # Get the 100.x.x.x IP
Use Tailscale IPs in all A2A configuration. Verify with:
ping <OTHER_SERVER_TAILSCALE_IP>
Mutual Peering Checklist
For two-way communication, repeat Steps 1-9 on BOTH servers:
- Server A: plugin installed, Agent Card configured, token generated
- Server B: plugin installed, Agent Card configured, token generated
- Server A: has Server B in peers (with B's token)
- Server B: has Server A in peers (with A's token)
- Server A: TOOLS.md updated with Server B peer info
- Server B: TOOLS.md updated with Server A peer info
- Both:
openclaw gateway restartdone - Both: Agent Cards accessible (
curl /.well-known/agent-card.json) - Test: A → B message/send works
- Test: B → A message/send works
Troubleshooting
| Symptom | Cause | Fix |
|---|---|---|
| "no agent dispatch available" | (1) No AI provider configured, or (2) OpenClaw agent dispatch timed out | Check openclaw config get auth.profiles; for long prompts use async mode (--non-blocking --wait) or increase config.timeouts.agentResponseTimeoutMs |
| "plugin not found: claw-crony" | Load path missing or wrong | Verify plugins.load.paths uses absolute path |
| Agent Card 404 | Plugin not loaded | Check plugins.allow includes claw-crony |
| Port 18800 connection refused | Gateway not restarted | Run openclaw gateway restart |
| Peer auth fails | Token mismatch | Verify peer config token matches target's security.token |
| Agent doesn't know about A2A | TOOLS.md not configured | Add A2A section from the template (Step 9) |
相关 Skills
可观测性设计
by alirezarezvani
面向生产系统规划可落地的可观测性体系,串起指标、日志、链路追踪与 SLI/SLO、错误预算、告警和仪表盘设计,适合搭建监控平台与优化故障响应。
✎ 把监控、日志、链路追踪串起来,帮助团队从设计阶段构建可观测性,排障更快、系统演进更稳。
资深开发运维
by alirezarezvani
覆盖 CI/CD 流水线生成、Terraform 基建脚手架和自动化部署,适合在 AWS、GCP、Azure 上搭建云原生发布流程,管理 Docker/Kubernetes 基础设施并持续优化交付。
✎ 把CI/CD、基础设施即代码、容器与监控串成一条交付链,尤其适合AWS/GCP/Azure多云团队高效落地。
环境密钥管理
by alirezarezvani
统一梳理dev/staging/prod的.env和密钥流程,自动生成.env.example、校验必填变量、扫描Git历史泄漏,并联动Vault、AWS SSM、1Password、Doppler完成轮换。
✎ 统一管理环境变量、密钥与配置,减少泄露和部署混乱,安全治理与团队协作一起做好,DevOps 场景很省心。
相关 MCP 服务
kubefwd
编辑精选by txn2
kubefwd 是让 AI 帮你批量转发 Kubernetes 服务到本地的开发神器。
✎ 微服务开发者最头疼的本地调试问题,它一键搞定——自动分配 IP 避免端口冲突,还能用自然语言查询状态。但依赖 AI 工作流,纯命令行爱好者可能觉得不够直接。
Cloudflare
编辑精选by Cloudflare
Cloudflare MCP Server 是让你用自然语言管理 Workers、KV 和 R2 等云资源的工具。
✎ 这个工具解决了开发者频繁切换控制台和文档的痛点,特别适合那些在 Cloudflare 上部署无服务器应用、需要快速调试或管理配置的团队。不过,由于它依赖多个子服务器,初次设置可能有点繁琐,建议先从 Workers Bindings 这类核心功能入手。
Terraform
编辑精选by hashicorp
Terraform MCP Server 是让 AI 助手直接操作 Terraform Registry 和 HCP Terraform 的桥梁。
✎ 如果你经常在 Terraform 里翻文档找模块配置,这个服务器能省不少时间——直接问 Claude 就能生成准确的代码片段。最适合管理多云基础设施的团队,但注意它目前只适合本地使用,别在生产环境里暴露 HTTP 端点。