Core Code
Core Code Modern Dev Handbook
DISTRIBUTED-SYSTEMS-ENGINEERING Contents
Distributed Systems Fundamentals
What Makes a System Distributed? Latency vs Throughput (Why You Can’t Optimize Both Blindly) The Partial Failure Model (The Real Enemy) The Fallacies of Distributed Computing (Production Examples) Time Is Hard: Clocks, Drift, and Ordering Network Partitions: Detection and Reality Checks CAP Theorem in Practice (What You Actually Choose) PACELC: Latency Tradeoffs Beyond CAP Backpressure vs Queueing (Where Systems Die Quietly) Failure Modes Map: Real Incidents You Will See
Data Consistency Models
Strong Consistency (Costs, When It’s Worth It) Eventual Consistency (What It Guarantees, What It Doesn’t) Causal Consistency (The Practical Middle Ground) Read-Your-Writes and Session Guarantees Monotonic Reads / Writes (User-Visible Correctness) Quorums 101: R/W, N, and What “Majority” Really Means Linearizability vs Serializability vs Strict Serializability Stale Reads: Detection, Measurement, and Guardrails Split-Brain Consistency Failures (How They Start) Designing Consistency SLOs (Correctness as an SLO)
Consensus & Coordination
Why Consensus Is Hard (FLP Intuition, No Math Pain) Raft Overview (Roles, Terms, Safety) Leader Election Patterns (And Their Failure Modes) Quorum Math (Write Safety vs Availability) Log Replication Internals (Commit Index, Match Index) Paxos Simplified (So You Can Read Docs Without Crying) Distributed Locks (Why They’re Dangerous) Zookeeper Patterns (Leader, Config, Locks) etcd Usage Patterns (Kubernetes-Style Coordination) Fencing Tokens (The Only Lock That Survives Partitions)
Replication & Data Distribution
Replication Strategies (Leader, Multi-Leader, Leaderless) Sync vs Async Replication (Latency vs Data Loss) Replication Lag: Causes, Metrics, and Mitigations Anti-Entropy (Merkle Trees, Read Repair, Hinted Handoff) Gossip Protocols (Membership, Failure Detection) Sharding Strategies (Range, Hash, Directory) Consistent Hashing (Why It’s Not Just a Ring Diagram) Rebalancing Clusters Safely (Avoid Melting Prod) Hot Partitions (Detection + Fixes) Multi-Region Data: Patterns and Tradeoffs
Messaging & Event Systems
Messaging Models (Queue vs Log vs PubSub) Delivery Semantics: At-Most-Once Delivery Semantics: At-Least-Once Exactly-Once (Where the Myth Breaks) Idempotency in Event Processing (Design Patterns) Kafka Internals (Partitions, ISR, Replication) Consumer Groups (Rebalances, Sticky Assignors) Ordering Guarantees (What You Can Actually Promise) Dead Letter Queues (Policy, Replay, Poison Pills) Event-Driven Architecture Tradeoffs (Coupling vs Debuggability)
Reliability Patterns in Distributed Systems
Retries & Exponential Backoff (Avoiding Retry Storms) Timeouts & Deadlines (Budgeting Latency) Circuit Breakers (State Machines That Save You) Bulkheads (Stop One Fire From Burning the Ship) Load Shedding (Fail Small, Not Catastrophically) Backpressure in Practice (Push vs Pull, Bounded Queues) Graceful Degradation (Feature Flags and Partial Responses) Hedged Requests (Trading Cost for Tail Latency) Chaos Engineering Basics (What to Test First) Failure Injection Testing (Safe Experiments in Prod-Like Envs)
Distributed Transactions & Sagas
Two-Phase Commit (Why It Blocks) Three-Phase Commit (Why You Still Rarely Use It) Sagas (Orchestration vs Choreography) Saga Orchestration (Central Coordinator Done Right) Saga Choreography (Emergent Workflows, Emergent Pain) Compensating Transactions (Designing Undo) Outbox Pattern (The Dual-Write Fix) Dual-Write Problem (How It Actually Fails) Idempotent Consumers (Dedup, Keys, and Storage) Transactional Messaging (What Guarantees You Can Buy)
Observability in Distributed Systems
Distributed Tracing Fundamentals (Spans, Context, Baggage) Correlation IDs (Request IDs That Survive Microservices) Trace Propagation (W3C Trace Context in Practice) Metrics in Clusters (Aggregation, Cardinality, Cost) High Cardinality Problems (How Monitoring Dies) Structured Logging at Scale (Schemas, Sampling, PII) Monitoring Quorum Health (Consensus Systems SLOs) Alert Fatigue Prevention (Signal > Noise) The Golden Signals (And What Changes in Distributed Systems) Postmortems (Blameless, Actionable, Measurable)
Performance & Scaling Strategies
Horizontal Scaling Patterns (Stateless, Stateful, Sticky) Vertical vs Horizontal Tradeoffs (Cost and Failure Domains) Autoscaling in Practice (When It Helps, When It Hurts) Tail Latency (Why p99 Runs Your Life) p99 vs Averages (SLO Math for Humans) The Thundering Herd (Cache, Locks, and Stampedes) Cache Consistency Tradeoffs (Invalidation Strategies) Distributed Rate Limiting (Token Buckets Across Nodes) Load Balancing Algorithms (RR, LC, EWMA, Hashing) Capacity Planning (Queues, Headroom, Failure Budget)
Production Incident Playbooks
Diagnosing a Network Partition (Fast Triage Checklist) Debugging Split-Brain (Symptoms, Proof, Recovery) Quorum Loss Recovery (Safe Steps, Common Traps) Runaway Retry Storm (How to Stop the Bleeding) Cascading Failure Analysis (Finding the First Domino) Replication Lag Debugging (Root Causes + Fixes) Kafka Consumer Lag Playbook (Rebalance, Throughput, Backlog) Multi-Region Outage Handling (Failover Without Data Lies) Consistency Bug Hunting (Proving “It Can’t Happen” Happened) Production Readiness Checklist (Distributed Systems Edition)

Outbox Pattern (The Dual-Write Fix)

The Outbox Pattern ensures reliable event publishing by storing events in the same database transaction as business state changes. This lesson explains atomicity without 2PC, polling vs CDC, ordering guarantees, and production pitfalls.
On this page

Outbox Pattern: Reliable Event Publishing Without Distributed Transactions

The Outbox Pattern solves a fundamental problem in distributed systems: how to reliably publish events when updating a database, without using two-phase commit across the database and message broker.

Instead of coordinating two systems atomically, the Outbox Pattern writes both business state and event records into the same database transaction. A separate process later publishes those events to the message broker.

The Core Problem

Consider this workflow:

  1. Update database state.
  2. Publish event to message broker.

If the database write succeeds but the event publish fails, the system becomes inconsistent. Other services never receive the event.

If the event publishes first but the database transaction fails, consumers see an event for a state that does not exist.

Without coordination, atomicity is broken.

How the Outbox Pattern Works

Instead of publishing directly to the broker:

  1. Begin database transaction.
  2. Update business table.
  3. Insert event into an outbox table.
  4. Commit transaction.

After commit, a background process reads from the outbox table and publishes events to the broker.

BEGIN TRANSACTION
UPDATE orders SET status = 'CREATED'
INSERT INTO outbox(event_type, payload, status)
VALUES ('OrderCreated', json_payload, 'PENDING')
COMMIT

Atomicity is guaranteed by the database itself.

Outbox Table Structure

Typical columns include:

  • event_id (unique identifier)
  • aggregate_id (business entity reference)
  • event_type
  • payload (JSON)
  • created_at
  • published_at
  • status (PENDING, SENT, FAILED)

This enables replay and auditing.

Event Publisher Mechanisms

1) Polling Publisher

A background worker periodically queries:

SELECT * FROM outbox
WHERE status = 'PENDING'
ORDER BY created_at
LIMIT N

After publishing successfully, it updates status to SENT.

2) Change Data Capture (CDC)

Instead of polling, use database log streaming to capture inserts and publish events in near real-time.

CDC reduces polling overhead and latency.

Production Scenario: Lost Events Without Outbox

Symptom

Orders created successfully, but downstream services never receive OrderCreated events.

Root Cause

Application crashed after DB commit but before event publish call.

Diagnosis

  • Order table updated.
  • No corresponding message in broker.
  • No retry logic for publish failure.

Resolution

  • Implement Outbox Pattern.
  • Introduce durable background publisher.
  • Add monitoring for stuck outbox entries.

Idempotency and Duplicate Events

Outbox publishing may retry on failure, producing duplicates.

Consumers must handle duplicates safely using:

  • Event IDs for deduplication.
  • Idempotent event handlers.
  • Upsert semantics.

At-least-once delivery is expected.

Ordering Guarantees

Ordering is typically guaranteed per aggregate ID:

  • Events for same entity should be processed in creation order.
  • Global ordering across all aggregates is rarely required.

Outbox publisher must preserve insertion order.

Failure Modes

  • Publisher crashes mid-batch.
  • Broker temporarily unavailable.
  • Outbox table grows unbounded.
  • Stale PENDING rows accumulate.

Monitoring and cleanup policies are required.

Observability Requirements

  • Pending outbox row count.
  • Event publishing latency.
  • Failed publish retry count.
  • Oldest pending event age.
  • Duplicate detection rate in consumers.

Outbox health directly impacts data consistency.

Failure Injection Test

# Outbox validation
1) Execute business transaction
2) Crash application before event publish
3) Restart system
4) Verify outbox publisher resumes correctly
5) Confirm event eventually appears in broker
6) Validate idempotent consumption

Common Anti-Patterns

  • Deleting outbox rows before broker confirmation.
  • No retry logic for failed publishes.
  • No monitoring of outbox backlog growth.
  • Assuming exactly-once delivery.
  • Coupling publisher lifecycle tightly to request thread.

Operational Checklist

  • Are business changes and event inserts atomic?
  • Is outbox publisher highly available?
  • Are retries implemented with backoff?
  • Are duplicates handled safely by consumers?
  • Is outbox backlog monitored?

Key Takeaways

  • Outbox Pattern provides atomicity without distributed 2PC.
  • Events are stored in same DB transaction as business state.
  • Publishing occurs asynchronously and may retry.
  • Consumers must be idempotent.
  • Monitoring outbox backlog is critical for consistency.

The Outbox Pattern is one of the most practical and widely adopted reliability patterns in modern distributed systems. It bridges the gap between transactional databases and event-driven architectures without sacrificing availability.

Dual-Write Problem (How It Actually Fails) →