· 6 min read ·

From Autocomplete to On-Call: What Rakuten's 50% MTTR Drop Actually Means

Source: openai

The metric that matters most in this story is not lines of code generated or pull requests merged. It is MTTR: mean time to repair, the average clock time between when a production incident is detected and when service is restored. OpenAI’s case study on Rakuten reports a 50% reduction in that number after deploying Codex, their cloud-based coding agent. That result deserves careful attention, because MTTR is one of the hardest DevOps metrics to move, and the reason why is architectural.

What MTTR Actually Measures

The DORA framework tracks four key metrics for software delivery performance: deployment frequency, lead time for changes, change failure rate, and MTTR. Of the four, MTTR is most directly tied to what happens when things go wrong at 2am. Elite-performing teams, as defined by the 2024 DORA State of DevOps Report, restore service in under one hour. High performers take between one hour and one day. The majority of organizations still land somewhere in between, and moving from one tier to the next is genuinely difficult.

Identifying where time actually goes during an incident reveals why. Some time elapses before anyone is paged, because monitoring must detect and alert on the issue. Then a human must acknowledge the page, context-switch out of whatever they were doing, and orient themselves to the problem. Then comes investigation: reading logs, tracing calls, searching code. Then diagnosis: forming a hypothesis about root cause. Then implementation: writing a fix. Then testing, review, deployment, verification. The total is the MTTR.

For most teams, the code-writing step is among the faster parts of that chain. Investigation and diagnosis are where the time goes, and both are expensive precisely because they require human attention. A paged engineer at 2am who was not the one who last touched the failing service can spend 30 to 60 minutes just orienting themselves before writing a single line.

The Architecture of the Current Codex

The product OpenAI calls Codex in 2025 is architecturally nothing like the model of the same name from 2021. The original Codex was a code-completion model, the one that powered GitHub Copilot’s early autocomplete: given a function signature, predict the body. Useful, but fundamentally reactive and synchronous. The developer remained in the loop at every keystroke.

The current Codex is an asynchronous cloud agent. It is powered by codex-1, a fine-tuned variant of o3 optimized for software engineering tasks. Each task runs in an ephemeral, isolated container: a full Linux environment pre-populated with a snapshot of the user’s repository. Inside that container, the agent can read and write files, run shell commands, execute test suites, install packages, and make git commits. It reasons through its approach, then acts, then reads the output of those actions and iterates. When it finishes, it produces a pull request for human review.

Two architectural properties matter most here. First, the agent operates without a human in the loop during execution. You describe the task, and it works through it, potentially for minutes, returning a complete result rather than asking you to approve each step. Second, it can run many tasks concurrently. A single engineer can dispatch dozens of independent tasks simultaneously, each running in its own container in parallel. This is qualitatively different from a coding assistant where the bottleneck remains the developer’s serial attention.

How This Maps Onto the MTTR Problem

The reason a 50% MTTR reduction is plausible, and the reason it is a reliability story rather than a productivity story, is that Codex attacks the human-latency portions of the incident timeline.

When an alert fires, Codex can be triggered immediately, with no paging delay and no context-switching overhead. It starts reading logs, searching the codebase for relevant code paths, and examining recent commits within seconds of alert receipt. Investigation for a human involves dead ends: following a hypothesis, ruling it out, reformulating. The agent does this too, but without fatigue, and it can parallelize across hypotheses and subsystems simultaneously.

Diagnosis is expensive for humans partly because holding an unfamiliar codebase in working memory is hard, especially at 2am in a service you did not write. For a code agent with access to the full repository, this constraint applies differently. The output is a fix candidate, framed as a pull request, ready for a human reviewer. The on-call engineer who picks it up reviews a proposed solution rather than diagnosing from scratch; that is a substantially faster cognitive task.

The 50% improvement comes from compressing the alert-to-investigation-to-hypothesis portion of the MTTR chain, where most clock time accumulates, rather than from speed improvements in the implementation step itself. That is the mechanism.

Rakuten as an Enterprise Test Case

Rakuten is not a small target for this kind of deployment. As one of Japan’s largest technology conglomerates, with services spanning e-commerce, fintech, mobile infrastructure through Rakuten Mobile, and streaming, their engineering organization operates across a large and complex codebase with significant reliability requirements. Demonstrating a MTTR reduction in that environment is a stronger signal than the same result at a smaller company with a simpler stack.

Beyond incident response, the case study describes automated CI/CD review and full-stack feature delivery timelines compressed from months to weeks. The CI/CD automation pattern is worth noting separately: agents that review pull requests, update test suites as code changes, maintain configuration files, and flag issues before they reach production. Each of these tasks is individually small, but they constitute a significant fraction of the maintenance load on a large engineering team, and they are the kind of work that queues up and spreads across weeks of calendar time when engineers are saturated.

The Human-in-the-Loop Pattern

None of this works by removing engineers from the process. Codex’s output is a pull request, and merging it still requires human review and approval. This is the right design choice for enterprise deployment.

A code agent that autonomously deploys to production without human review carries significant risk, not from malice but from plausible-looking code that is subtly wrong, particularly at the boundaries of the agent’s context or in situations that differ from what it was trained on. A human reviewer catches these cases. The value is not to remove the human; it is to make the human’s review the bottleneck rather than the investigation and coding phases.

This also maps cleanly onto existing engineering workflows. The output is a standard PR that goes through normal code review. Teams do not need to build new approval workflows or change their deployment pipelines. The agent plugs into existing process, which matters a great deal for adoption at enterprise scale.

What 50% MTTR Means at the Tier Level

To make the DORA framing concrete: if Rakuten’s baseline MTTR was around eight hours, a 50% reduction brings it to four hours, movement from the high-performer tier toward elite. At a baseline of two hours, a 50% cut produces one hour, the boundary of elite performance.

The practical significance extends beyond the metric itself. Teams in the elite MTTR tier have more predictable on-call load, lower engineer burnout from incident response, and more capacity for planned feature work. They also tend to have higher deployment frequency and lower change failure rates, because incident-handling capacity creates space to iterate more aggressively. These are the kinds of compounding effects that the DORA research has tracked since 2014.

A caveat on the numbers is warranted: this is a vendor case study, and the 50% figure reflects Rakuten’s internal measurement on the workflows where Codex was deployed, not necessarily company-wide across all incident types. Self-reported metrics from case studies are useful directional data, not rigorous controlled experiments. That said, MTTR is an auditable KPI with a clear definition, which makes this a more credible claim than vaguer assertions about developer happiness or velocity.

The Shift That Matters

Models have been generating code since at least 2021. The shift that matters is that agents can now work through complete, multi-step engineering tasks autonomously, produce verifiable outputs, and integrate with normal engineering workflows without requiring teams to build custom infrastructure around them.

Systems like Devin from Cognition, GitHub Copilot Workspace, and Amazon Q Developer are all converging on the same architectural pattern: webhook or event trigger, agent spins up in isolated environment with repository access, agent completes task, outputs a diff, human reviews and approves. The differences are in the underlying model quality, the depth of tool access, the CI/CD integrations, and the quality of the final diff.

What Rakuten’s result illustrates is that this pattern, deployed at scale in a real enterprise environment, can move a metric that has historically been hard to move, for the right reason. MTTR does not measure how fast you type. It measures how fast your system, including its human components, can recover from failure. Codex inserted itself at the points where human latency dominated that system, and the number moved accordingly.

Was this interesting?