The Production Gap
When we demo multi-agent systems to clients, everything works beautifully. Agents coordinate, tasks complete in seconds, and the room is impressed. Then we discuss production deployment — and the real work begins.
The gap between a demo and a production system isn’t about capability. It’s about reliability. In production, your agents will encounter malformed inputs, overloaded APIs, contradictory tool outputs, and edge cases you never anticipated. The question isn’t whether something will go wrong; it’s how your system behaves when it does.
We’ve shipped multi-agent systems for logistics, legal, and financial services clients. In every case, the architecture we deployed looked nothing like the prototype we built in week one. Here’s what changed and why.
Orchestration Patterns
Before you write a single agent, decide on your orchestration model. There are four primary patterns, each suited to different workloads:
- Sequential chains — each agent hands off to the next. Simple, debuggable, slow. Good for linear pipelines with clear dependencies.
- Parallel fans — a controller dispatches tasks to multiple agents simultaneously. Great for independent subtasks; requires aggregation logic at the end.
- Hierarchical networks — a supervisor agent delegates to specialized sub-agents and synthesizes results. Powerful but complex; the supervisor becomes a critical single point of failure.
- Event-driven meshes — agents publish and subscribe to a shared event bus. The most flexible and fault-tolerant, but the hardest to reason about.
Our default starting point: hierarchical with parallel fans inside each branch. This gives you a clear mental model while still achieving meaningful concurrency. Migrate to an event-driven mesh only when you genuinely need it.
Failure Handling & Retries
Every tool call is an opportunity for failure. LLM APIs have rate limits. External services go down. Outputs are occasionally unparseable. Your system needs a coherent strategy for all of it.
- Exponential backoff with jitter on transient failures (rate limits, 5xx errors). Never retry immediately — you’ll compound the problem.
- Fallback agents for non-critical steps. If your summarization agent fails, fall back to a simpler extraction. Partial results are better than pipeline halts.
- Circuit breakers around any downstream dependency that has an SLA. If a service is degraded, stop hammering it — open the circuit and fail fast.
- Timeouts at every level — per tool call, per agent, and per orchestration run. Without them, a single stalled API call can block your entire pipeline indefinitely.
Equally important: define what “failure” means for your use case. Is a hallucinated output a failure? Is a partially completed task? Make these definitions explicit in your system design before you write error-handling code.
Memory & State Management
An agent without memory is just a very complicated function call. Production agents need to maintain context across steps, recover state after failures, and share information between concurrent branches.
We use a three-layer memory model:
- Working memory — the agent’s current context window. Cheap, fast, ephemeral. Use structured formats (JSON, Markdown tables) to keep it dense and parseable.
- Long-term memory — a vector database (we favour pgvector for its operational simplicity). Agents write summaries and key facts here; retrieve relevant context at the start of each new task.
- Episodic memory — immutable logs of what each agent did, in what order, with what inputs and outputs. This is your audit trail, your debugging surface, and the data source for future fine-tuning.
Checkpoint frequently. Write agent state to durable storage before every expensive operation. If the run crashes at step 14 of 20, you want to resume from step 14 — not start over.
Observability
If you can’t see what your agents are doing, you can’t fix what’s broken. Distributed tracing isn’t optional — it’s the foundation of a maintainable multi-agent system.
At a minimum, instrument for:
- End-to-end trace IDs that propagate through every agent, tool call, and sub-process. When a run fails, you need a single identifier to query across all logs.
- Latency per step — broken down by LLM call, tool execution, and inter-agent handoff. This tells you exactly where your SLA is being consumed.
- Token budget tracking per run and per agent. Runaway context growth is one of the most common production issues we see.
- Error rates and retry counts by agent type and tool. A tool that fails 20% of the time needs attention before it fails 80% of the time.
For complex workflows, consider adding human-in-the-loop checkpoints at high-stakes decision nodes. Not every action needs autonomous execution. Knowing when to pause and escalate is a feature, not a limitation.
Key Takeaways
After shipping multi-agent systems across a dozen enterprise deployments, these are the principles we keep returning to:
- Choose the simplest orchestration pattern that solves the problem. Add complexity only when the simpler model breaks.
- Design for failure from day one. Retrofitting error handling into a working pipeline is exponentially harder than building it in.
- Checkpoint agent state before every irreversible or expensive action. Idempotency is your safety net.
- Instrument everything. Logs and traces you don’t collect in production are data you can never get back.
- Make your success criteria explicit before you write a line of code. "The agent completed the task" is not a success criterion. "The agent extracted all invoice line items with <0.5% error rate in under 30 seconds" is.
The systems that run in production for years aren’t necessarily the cleverest ones — they’re the ones built with boring, robust engineering underneath the intelligent surface.