BOOT FAILED
===========
Error during startup: {error, {failed_to_initialize_feature_flags_registry, {disabled_required_feature_flag, restart_streams}}}SD Elements 2025.4
Table of Contents
| As of September 2025, Security Compass will maintain the three most recent versions of SD Elements as explained in the SDE Version Support Policy. Customers on older versions should plan to upgrade to a supported version using Upgrade Notes for all versions between the current and target version. |
What’s new?
-
Service annotations can be configured for specific or all services, for example using
global.service.annotations -
New images have been added for Postgres and its dependencies. No action is required during the upgrade.
-
Major RabbitMQ version upgrade from 3.13 to 4.1
Known Issues
Enable RabbitMQ Feature Flags
All stable RabbitMQ feature flags must be enabled in order to upgrade to RabbitMQ version 4.1. For more details see: link: RabbitMQ Feature Flags
SDE instances that were initially installed on version 2024.3 or earlier with RabbitMQ version 3.12 or earlier, may not have all the required feature flags enabled in order to upgrade. For externally managed RabbitMQ, the following may not apply.
|
If the required featured flags are not enabled prior to the upgrade, this may result in an error similar to the following on the sde-broker-0 pod.
Prior to upgrading, run the following command to check the disabled feature flags.
The examples below use the default names and namespace sde, replace sde with your namespace.
|
$ kubectl exec -n sde sde-broker-0 -c rabbitmq -- rabbitmqctl list_feature_flags | grep disabled
detailed_queues_endpoint disabled
khepri_db disabled
message_containers disabled
message_containers_deaths_v2 disabled
quorum_queue_non_voters disabled
restart_streams disabled
stream_filtering disabled
stream_sac_coordinator_unblock_group disabled
stream_update_config_command disabledIf the required feature flags are disabled, run the following command to enable the required flags.
$ kubectl exec -n sde sde-broker-0 -c rabbitmq -- rabbitmqctl enable_feature_flag all
Enabling all feature flags ...
The feature flag khepri_db may still be disabled, it is not required to upgrade.
|
If the above error is encountered and the sde-broker-0 pod is in a CrashLoopBackOff state, the RabbitMQ image tag can be temporarily changed in order to allow the pod to run. Update the custom values file with the following values, run the helm upgrade, and then run the commands listed above.
| Ensure that the following image repository and tag is reverted after enabling the required feature flags. |
rabbitmq:
image:
repository: sde-docker-prod/bitnami/rabbitmq
tag: 3.13.7-debian-12-r2Steps
Follow the general upgrade notes here.