Could you please help with agent-registry.json file. Suddenly this file has lost his entries.
The only remaining entry is an unused entry. We have created this entry for testing and have forgotten to remove it. But all useful entries are disappeared. Hopefully we have found a backup and restored this file.
What is possible reason for a such strange behavior? It is possible that for a while zrok(v1.0.4) was unable to connect to zrok-controlle/ziti-controller. It is possible also that the user has transferred .zrok directory to a different pc and had two identical environment running. It is difficult to know what has happened.
How to avoid this happens again. Could we remove write permissions allowing only read access?
We'd need actual details to help with this in any meaningful way.
The agent registry is just a convenience to re-start existing reserved shares and private access instances. Both of those things can easily be re-started manually if something happens to the agent registry. Manually re-starting them in the agent will just recreate the agent registry entries.
Unfortunately the user (76) is unfamiliar with zrok.
The main concern is the fact that the entries have been disappeared.
Can we set read only permission on this file? This way he can simply restart his pc to get everything work again.
You can try it... but that's not how it's designed to work.
This is the first time anyone has reported an issue with the agent registry. It's a very simple facility... it's already designed to restart reserved shares and private accesses when the agent is restarted.
If an entry is lost for some reason, simply just zrok share reserved or zrok access private again, and it will resume restarting those things for you automatically.
I understand. It's unrealistic for some of us who is above 76.
So someone has to drive 300miles to simply restore the file.
You have your own instance, yes? Turn on agent remoting and remotely control his agent.
Yes. I will do this. Thank you.
Let us know if you run into anything setting it up. The docs on that are here:
It's being used successfully in a couple of private zrok environments.
On the share side we have found the following error:
zrok[1987]: {"file":"/__w/zrok/zrok/agent/agent.go:132","func":"github.com/openziti/zrok/agent.(*Agent).ReloadRegistry","level":"error","msg":"error restarting private access '\u0026{share_name localhost:port false 0 0 []}': unable to start access: Post "https://zrok.controller.domain.name:port/api/v1/access": context deadline exceeded","time":"2025-07-12T22:48:52.981Z"}
It is possible that ISP is too slow. Some requests take up to 5-8 secs. Majority is about 1 sec or under.
What is allowed timeout for the requests?
Agent Remoting works like a charm. Thank you. 
1 Like
The timeout for most requests is currently 30 seconds.
There is an issue open to figure out some solution to keep the registry intact in the face of errors. Will be getting to it in a week or two.
1 Like
I have noticed a curious thing: after sending kill to zrok access the corresponding binding has been removed from agent-registry.json
For some reasons linux may want to send kill to a process. In a such situation the corresponding frontend token will be removed.