How Cloud Architecture Must Evolve When Software Producers Shift from Humans to AI Agents

Core engineering challenges of Vibe Coding platforms

Vibe Coding platforms let a user describe an app in natural language (e.g., “create a Todo list”) and receive a fully functional, database‑backed, authenticated, publicly accessible application within minutes, without writing code or configuring environments. The difficulty lies not in generating code but in orchestrating a reliable, secure, and cost‑effective engineering stack.

1. Continuous Agent runtime

When a user requests a Todo app, the system executes a repeated Agent Loop : assemble context → call LLM → run Bash commands → read/write files → feed back into context. This loop may iterate dozens of times over several minutes. The runtime must execute untrusted code, record the full session, and survive failures (tool crashes, container restarts, or user returning later). Thus a recoverable runtime, isolated sandbox, and persistent session state are three facets of the same problem.

2. Producing a truly usable application

The generated output must include a database, authentication, object storage, API gateway, domain name, and HTTPS – a complete production‑grade backend provisioned transparently to the user.

3. Multi‑tenant isolation

Thousands of users generate independent projects. Each project requires isolated data, compute, storage, and billing. A runaway script must not affect other users, and a suddenly popular app must not degrade the platform.

4. Operating cost control

On‑demand compute : sandbox and app runtimes must cold‑start in seconds and scale to zero when idle.

Storage tiering : hot session data stays in an online DB, while cold build artifacts move to object storage.

Lifecycle management : logs, snapshots, and build outputs automatically expire or archive to prevent linear storage growth.

Serverless billing : charge only for actual usage.

CloudBase Vibe Coding solution

Agent runtime, sandbox, session, and controlled boundaries

CloudBase separates the Agent Loop (LLM orchestration) from the Sandbox (untrusted code execution) and the Session (event logging). Sensitive operations go through an MCP proxy, management APIs, and temporary credentials, preventing the model, execution environment, and platform credentials from mixing.

<strong>Agent Loop × 多租户云沙箱 × 完整的应用后端 × 严格的权限与计费体系</strong>

Backend provisioning via MCP tools

CloudBase wraps databases, cloud functions, storage, and static hosting into MCP tools. An Agent can declaratively create resources with a few structured calls. For example, a Todo app requires only five MCP calls instead of dozens of manual SSH commands.

Performance and cost comparison (VM vs CloudBase)

Completion time : 990 s (VM) vs 260 s (CloudBase) → 3.8× faster.

Tool calls : 79 (VM) vs 36 (CloudBase) → 2.2× fewer.

Agent loop iterations : 189 (VM) vs 89 (CloudBase) → 2.1× fewer.

Token usage : 2,788,291 (VM) vs 1,323,431 (CloudBase) → 52% reduction.

Code changes : 19 files (VM) vs 17 files (CloudBase) → roughly equal.

Public attack surface : SSH 22 + HTTP 80 (VM) vs HTTPS‑only API (CloudBase) → SSH exposure eliminated.

The key driver is “attention allocation”. In the VM path, ~76% of tool calls are spent on SSH, file transfer, and process management; CloudBase reduces this to ~14%, letting the Agent focus on reasoning and code generation.

Multi‑tenant N+1 architecture

CloudBase adopts an “N+1” design: one shared platform environment hosts the Agent Loop, sandbox, and model inference; each user gets an isolated environment containing its own data, compute, storage, and network boundaries. This enables per‑tenant billing and removes the need for custom multi‑tenant logic in the application layer.

OpenVibeCoding – open‑source reference implementation

Project repository: https://github.com/TencentCloudBase/OpenVibeCoding

Deep CloudBase integration: AI can directly operate databases, functions, and storage.

Brain/Hands separation via a Harness architecture for higher task completion.

Multi‑tenant support with per‑user environment isolation, suitable for SaaS deployment.

Production‑grade experience: sandbox preview, HMR hot‑updates, mini‑program toolchain, QR‑code preview.

Case studies

Toast app

Toast (https://tusi.qq.com/) is an AI‑driven app generation platform. CloudBase provides per‑app isolated databases, built‑in authentication (WeChat, phone, email, anonymous), and MCP‑wrapped backend resources, allowing the Agent to create a complete production‑grade app without writing DDL, Nginx configs, or handling certificates.

GenieAI (CodeBuddy)

GenieAI (https://genie.codebuddy.ai/) targets product managers and developers, generating full‑stack web, mini‑program, or AI applications. It uses CloudBase PostgreSQL for relational data, Google login for global authentication, and one‑click HTTPS deployment with white‑label domains, all via MCP tools.

Design principles for an Agent‑friendly cloud

Brain/Hands separation : isolate reasoning (Brain) from execution (Hands) to keep the runtime safe.

Standardized MCP tools and reusable Skills : expose backend capabilities as declarative APIs that an Agent can call with a single JSON request.

One‑tenant‑one‑environment multi‑tenant model : each user gets an isolated environment, enabling per‑tenant billing and eliminating cross‑tenant interference.

Serverless, usage‑based billing : resources scale to zero and are charged only for actual compute, storage, and API usage.

Conclusion

Vibe Coding shifts the challenge from “let AI write code” to “let AI produce usable software”.

Supporting this requires an Agent Runtime, secure sandbox, full backend services, and multi‑tenant isolation.

The design principles are Brain/Hands separation, controlled trust boundaries, per‑tenant environments, usage‑based billing, and MCP‑standardized interfaces.

Tencent CloudBase delivers a complete solution, with OpenVibeCoding as an open‑source reference for teams building Vibe Coding platforms or deploying AI Agents at scale.