Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Design for Retry (Oneshot Budapest)
Search
Aria Stewart
November 21, 2014
Programming
71
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
Design for Retry (Oneshot Budapest)
Aria Stewart
November 21, 2014
More Decks by Aria Stewart
See All by Aria Stewart
Nuts and Bolts of Internationalization
aredridel
0
240
Design for Retry (Nodevember)
aredridel
0
59
Other Decks in Programming
See All in Programming
正しくソフトウェアを作る、前提を疑うための認知の視点 / doubt-premise
minodriven
21
7.1k
[2026年度第1回ORセミナー] 計画最適化ベンチャーと競技プログラミング人材
terryu16
0
280
OSもどきOS
arkw
0
600
Snowflake Summitでの新機能 CoCo / CoWork / snowflake-summit-2026-overall-what-new-coco
tatsuhiro
1
200
Observability in Practice:Grafana 與 Edge Device SRE 的那些事
blueswen
0
180
JavaDoc 再入門
nagise
1
430
エンジニアと一緒にテストコードの設計と実装を改善した話
mototakatsu
0
230
技術記事、 専門家としてのプログラマ、 言語化
mizchi
13
6.6k
気圧・高度・GPSを記録&可視化するアプリ「Koudo」を作った話
hjmkth
1
330
ADKを使って簡単にAIエージェントを作ってみよう
k1mu21
0
280
才能?センス?知らん、 続けたもん勝ちだ。-- 結婚・出産・癌を越えてなお、私がプロダクトを創り続ける理由
16bitidol
1
570
AI駆動開発を妨げる技術的負債の解消アプローチ / ai-refactoring-approach
minodriven
15
7.9k
Featured
See All Featured
Leveraging Curiosity to Care for An Aging Population
cassininazir
1
290
How to Think Like a Performance Engineer
csswizardry
28
2.7k
Raft: Consensus for Rubyists
vanstee
141
7.6k
Site-Speed That Sticks
csswizardry
13
1.2k
The MySQL Ecosystem @ GitHub 2015
samlambert
251
13k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
37
6.5k
Designing for Performance
lara
611
70k
How to Build an AI Search Optimization Roadmap - Criteria and Steps to Take #SEOIRL
aleyda
1
2.1k
Thoughts on Productivity
jonyablonski
76
5.2k
Ten Tips & Tricks for a 🌱 transition
stuffmc
0
150
Building Applications with DynamoDB
mza
96
7.1k
The Director’s Chair: Orchestrating AI for Truly Effective Learning
tmiket
1
200
Transcript
Design for Retry: Microservices, REST, and why Idempotency is the
only way to scale I'm Aria Stewart, that's @aredridel just about everywhere. I'm here thanks to PayPal. I work on the open source Kraken.js framework.
I'm going to talk about errors. It's going to be
okay.
if (err) { alert(err.message); } else { doMyThing(); }
We all know HTTP
2xx OK 3xx Go elsewhere 4xx Tell user what they
did wrong 5xx Bail out and log an error I'd call this Error avoidance
You can't avoid errors
Here's the secret Handle errors instead
4xx Tell the user what they did wrong 5xx Save
that request and do something with it later.
Retry it 5xx are errors the requestor can handle
But you can't just do things twice? We must make
operations idempotent
Idempotency Repeated actions have no effect, give the same result
This means being smart about IDs. Don't recycle! Check if things are already done. They are? Just give the same answer again.
Causes! —database down —bug in a service —Deploy in progress
—power failure —kicked a cable —Network congestion —Capacity exceeded —Microbursts
—Tree fell on the data center —earthquake —tornado —birds, snakes
and aeroplanes —Black Friday —Slashdot effect —Interns —QA tests —DoS attack
You need a queue
Lots of ways to do it Database on each node.
Maybe LevelDB? Log file Queue server
gearman Queues built in There are many alternatives, but gearmand
is very simple. The memcache of job queues.
Three statuses: —OK (Like 200) —FAIL (Like 400) —ERROR (Like
500)
design so ERROR can be retried.
gearmand automatically tries a job ERROR again. And again. And
again.
If it isn't sure it worked? Tries it again.
You cannot know if an error is a failure.
Error handling gets simpler —Exception? ERROR. —Database down? ERROR. —Downstream
service timeout? ERROR. Maybe you retry right away.
How many of you have used a job queue?
You have used a job queue
Let me tell you about one TRILLIONS of messages MILLIONS
of nodes 100% availability (at least partial) for years. 32 years. Resilient to MILLIONS of bad actors. It is attached to the most malicious network.
EMAIL. 250 OK 4xx RETRY 5xx Fail
Responsibility for messages 250 - accept responsibility 4xx - reject
responsibility 5xx - return responsibility
reject responsibility. If there's an error? Fail fast. The requester
can retry.
Fail fast. Queue work you can't reject. Reject everything you
can if there is an error.
You need a smart client. Keeps outstanding requests. Resubmit. Try
a different server! Try a second queue service. Maybe have a fallback plan.
Smart Clients on the device Toto, we're not in AWS
anymore.
Ever lose an email because you've been logged out?
Latency + Mutable state = Distributed system CAP Theorem Applies!
C = Consistency If there's state that one part knows
of that another doesn't? That's inconsistency.
Job queues are controlled inconsistency.
Ever try to write email on the web while not
on the Internet? It's cloud easy!
This is really good for offline-first design! Being offline is
the ultimate retriable error.
Some ideas
Use your queue as a place to measure for system
sizing
Queue things in localStorage
Use third-party storage
Integrate third-party services with this approach.
Use different strategies for available resources vs contended
Thank you! I hope you have lots of ideas queued
up. Save your ideas and unspool them onto Twitter when you get home. Let me know if this changed how you think about designing applications!