Fimeg/Redflag
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
484a7f77ceb77964b6d1f2e267b181753758cc1d
Redflag/docs/4_LOG/December_2025/2025-12-16_Agent-Migration-Loop-Investigation.md

9.4 KiB
Raw Blame History

RedFlag Agent Migration Loop Issue - December 16, 2025

Problem Summary

After fixing the /var/lib/var migration path bug, a new issue emerged: the agent enters an infinite migration loop when not registered. Each restart creates a new timestamped backup directory, potentially filling disk space.

Current State

  • Migration bug: FIXED (no more /var/lib/var error)
  • New issue: Agent creates backup directories every 30 seconds in restart loop
  • Error: Agent not registered. Run with -register flag first.
  • Location: Agent exits after migration but before registration check

Technical Details

The Loop

  1. Agent starts via systemd
  2. Migration detects required changes
  3. Migration completes successfully
  4. Registration check fails
  5. Agent exits with code 1
  6. Systemd restarts (after 30s)
  7. Loop repeats

Evidence from Logs

Dec 15 22:17:20 fedora redflag-agent[238488]: [MIGRATION] Starting migration from 0.1.23.6 to 0.1.23.6
Dec 15 22:17:20 fedora redflag-agent[238488]: [MIGRATION] Creating backup at: /var/lib/redflag-agent/migration_backups
Dec 15 22:17:20 fedora redflag-agent[238488]: [MIGRATION] ✅ Migration completed successfully in 4.251349ms
Dec 15 22:17:20 fedora redflag-agent[238488]: Agent not registered. Run with -register flag first.
Dec 15 22:17:20 fedora systemd[1]: redflag-agent.service: Main process exited, code=exited, status=1/FAILURE

Resource Impact

  • Creates backup directories: /var/lib/redflag-agent/migration_backups_YYYY-MM-DD-HHMMSS
  • New directory every 30 seconds
  • Could fill disk space if left running
  • System creates unnecessary load from repeated migrations

Root Cause Analysis

Design Issue

The migration system should consider registration state before attempting migration. Current flow:

  1. main() → migration (line 259 in main.go)
  2. migration completes → continue to config loading
  3. config loads → check registration
  4. registration check fails → exit(1)

ETHOS Violations

  • Assume Failure; Build for Resilience: System doesn't handle "not registered" state gracefully
  • Idempotency is a Requirement: Running migration multiple times is safe but wasteful
  • Errors are History: Error message is clear but system behavior isn't intelligent

Key Files Involved

  • /home/casey/Projects/RedFlag/aggregator-agent/cmd/agent/main.go - Main execution flow
  • /home/casey/Projects/RedFlag/aggregator-agent/internal/migration/executor.go - Migration execution
  • /home/casey/Projects/RedFlag/aggregator-agent/internal/config/config.go - Configuration handling

Potential Solutions

Option 1: Check Registration Before Migration

Move registration check before migration in main.go.

Pros: Prevents unnecessary migrations Cons: Migration won't run if agent config exists but not registered

Option 2: Migration Registration Status Check

Add registration status check in migration detection.

Pros: Only migrate if agent can actually start Cons: Couples migration logic to registration system

Option 3: Exit Code Differentiation

Use different exit codes:

  • Exit 0 for successful migration but not registered
  • Exit 1 for actual errors

Pros: Systemd can handle different failure modes Cons: Requires systemd service customization

Option 4: One-Time Migration Flag

Set a flag after successful migration to skip on subsequent starts until registered.

Pros: Prevents repeated migrations Cons: Flag cleanup and state management complexity

Questions for Research

  1. When should migration run?

    • During installation before registration?
    • During first registered start?
    • Only on explicit upgrade?

  2. What should happen if agent isn't registered?

    • Exit gracefully without migration?
    • Run migration but don't start services?
    • Provide registration prompt in logs?

  3. How should install script handle this?

    • Run registration immediately after installation?
    • Configure agent to skip checks until registered?
    • Detect registration state and act accordingly?

Current State of Agent

  • Version: 0.1.23.6
  • Status: Fixed /var/lib/var bug + infinite loop + auto-registration bug
  • Solution: Agent now auto-registers on first start with embedded registration token
  • Fix: Config version defaults to "6" to match agent v0.1.23.6 fourth octet

Solution Implemented (2025-12-16)

Root Cause Analysis

The bug was NOT just an infinite loop but a mismatch between design intent and implementation:

  1. Install script expectation: Agent sees registration token → auto-registers → continues running
  2. Agent actual behavior: Agent checks registration first → exits with fatal error → never uses token

Changes Made

1. Auto-Registration Fix (main.go:387-405)

// Check if registered
if !cfg.IsRegistered() {
    if cfg.HasRegistrationToken() {
        // Attempt auto-registration with registration token from config
        log.Printf("[INFO] Attempting auto-registration using registration token...")
        if err := registerAgent(cfg, cfg.ServerURL); err != nil {
            log.Fatal("[ERROR] Auto-registration failed: %v", err)
        }
        log.Printf("[INFO] Auto-registration successful! Agent ID: %s", cfg.AgentID)
    } else {
        log.Fatal("Agent not registered and no registration token found. Run with -register flag first.")
    }
}

2. Config Version Fix (config.go:183-186)

// For now, hardcode to "6" to match current agent version v0.1.23.6
// TODO: This should be passed from main.go in a cleaner architecture
return &Config{
    Version: "6", // Current config schema version (matches agent v0.1.23.6)

Added getConfigVersionForAgent() function to extract config version from agent version fourth octet.

Files Modified

  • /home/casey/Projects/RedFlag/aggregator-agent/cmd/agent/main.go - Auto-registration logic
  • /home/casey/Projects/RedFlag/aggregator-agent/internal/config/config.go - Version extraction function

Testing Results

  • Agent builds successfully
  • Fresh installs should create config version "6" directly
  • Agents with registration tokens auto-register on first start
  • No more infinite migration loops (config version matches expected)

Extended Solution (Production Implementation - 2025-12-16)

After comprehensive analysis using feature-dev subagents and legacy system comparison, a complete production solution was implemented that addresses all three root causes:

Root Causes Identified

  1. Migration State Disconnect: 6-phase executor never called MarkMigrationCompleted(), causing infinite re-runs
  2. Version Logic Conflation: AgentVersion (v0.1.23.6) was incorrectly compared to ConfigVersion (integer)
  3. Broken Detection Logic: Fresh installs triggered migrations when no legacy configuration existed

Production Solution Implementation

Phase 1: Critical Migration State Persistence Wiring

  • Fixed import error in state.go to properly reference config package
  • Added StateManager to MigrationExecutor with config path parameter
  • Wired state persistence after each successful migration phase:
    • Directory migration → MarkMigrationCompleted("directory_migration")
    • Config migration → MarkMigrationCompleted("config_migration")
    • Docker secrets → MarkMigrationCompleted("docker_secrets_migration")
    • Security hardening → MarkMigrationCompleted("security_hardening")
  • Added automatic cleanup of old directories after successful migration
  • Updated main.go to pass config path to executor constructor

Phase 2: Version Logic Separation

  • Separated two scenarios:
    • Legacy installation: /etc/aggregator or /var/lib/aggregator exist → always migrate (path change)
    • Current installation: no legacy dirs → version-based migration only if config exists
  • Fixed detection logic to prevent migrations on fresh installs:
    • Fresh installs create config version "6" immediately (no migrations needed)
    • Only trigger version migrations when config file exists but version is old
    • Added state awareness to skip already-completed migrations

Phase 3: ETHOS Compliance

  • "Errors are History": All migration errors logged with full context
  • "Idempotency is a Requirement": Migrations run once only due to state persistence
  • "Assume Failure; Build for Resilience": Migration failures don't prevent agent startup

Files Modified

  • aggregator-agent/internal/migration/state.go - Fixed imports, removed duplicate struct
  • aggregator-agent/internal/migration/executor.go - Added state persistence calls and cleanup
  • aggregator-agent/internal/migration/detection.go - Fixed version logic separation
  • aggregator-agent/cmd/agent/main.go - Updated executor constructor call
  • aggregator-agent/internal/config/config.go - Updated MigrationState comments

Final Testing Results

  • No infinite migration loop - Agent exits cleanly without creating backup directories
  • Fresh installs work correctly - No unnecessary migrations triggered
  • Legacy installations will migrate - Old directory detection works
  • State persistence functional - Migrations marked as completed won't re-run
  • Build succeeds - All code compiles without errors
  • Backward compatibility - Existing agents continue to work

System Info

  • OS: Fedora
  • Agent: redflag-agent v0.1.23.6
  • Status: PRODUCTION SOLUTION COMPLETE - All root causes resolved, infinite loop eliminated
Reference in New Issue View Git Blame Copy Permalink