State Machine
The agent uses a two-state reconciliation model:IDLE State
- Polls the control plane every 10 seconds for expected state.
- Compares expected state against actual state.
- Transitions to
PROCESSINGwhen drift is detected.
PROCESSING State
- Uses a snapshot of expected state without re-polling.
- Applies one change at a time:
- Stop orphan containers with no deployment ID.
- Start containers in
createdorexitedstate. - Deploy missing containers.
- Redeploy containers with the wrong image.
- Update DNS records.
- Update Traefik routes on proxy nodes.
- Update WireGuard peers.
- Times out after 5 minutes.
- Always reports status before returning to
IDLE.
Drift Detection
Drift detection is deterministic and uses hashes:- Containers: missing, orphaned, wrong state, or image mismatch.
- DNS: hash of sorted records.
- Traefik: hash of sorted routes on proxy nodes.
- WireGuard: hash of sorted peers.
Build System
Agents can build container images directly from GitHub sources:- Poll for pending builds.
- Claim the build to prevent duplicate work.
- Clone the repository using a GitHub App installation token.
- Run Railpack to generate a build plan, or use the existing Dockerfile.
- Build the image with BuildKit.
- Push the image to the registry.
- Update build status.
Work Queue
Agents also process queue items for operations that cannot be modeled purely as expected state:| Type | Description |
|---|---|
restart | Restart a specific container |
stop | Stop a specific container |
force_cleanup | Force remove containers for a service |
cleanup_volumes | Remove volume directories for a service |
deploy | Handled through expected-state reconciliation |