Reliability & Resilience Patterns

Reliability & Resilience Patterns

Every distributed system fails. The only question is how it fails: gracefully or catastrophically.

The Core Resilience Toolkit

• Timeouts: never wait forever
• Retries (with backoff): recover from transient failures
• Circuit breakers: stop hammering a broken dependency
• Bulkheads: isolate failures to one component
• Idempotency: safe to retry without side effects

Decision Pattern: “Fail Fast vs Fail Soft”

Ask: Is it better to return an error quickly or degrade gracefully?

Examples:

• Checkout: fail fast if payment fails
• Recommendations: fail soft and return empty results

Error Budgets

Reliability is a tradeoff. SRE teams use error budgets to decide how much instability is acceptable before slowing feature work.

If your SLO is 99.9%, you get ~43 minutes of error per month. Spend it wisely.

🧠 Knowledge Check

Q: Why are retries dangerous without backoff and jitter?

<details> <summary>💡 Reveal Answer</summary>

Without backoff, many services retry simultaneously, creating a thundering herd that overwhelms the dependency. Jitter spreads retries over time, giving the system a chance to recover.

</details>

✍️ Recall Cards

• Front: A circuit breaker prevents ______ failures. <details><summary>Back</summary>Cascading</details>
• Front: Idempotency makes retries ______. <details><summary>Back</summary>Safe</details>
• Front: Error budgets tie reliability to ______ tradeoffs. <details><summary>Back</summary>Feature velocity</details>

🔨 Try It Yourself (Hands‑On)

Audit one critical dependency:

1. List a downstream service your app calls
2. Define a timeout
3. Define a retry policy (max attempts + backoff)
4. Decide the fallback behavior if it fails

Write this as a short “resilience contract.”

🤔 What Would You Do?

<details> <summary>Best approach</summary> </details>