Core Code
Core Code Modern Dev Handbook
DISTRIBUTED-SYSTEMS-ENGINEERING Contents
Distributed Systems Fundamentals
What Makes a System Distributed? Latency vs Throughput (Why You Can’t Optimize Both Blindly) The Partial Failure Model (The Real Enemy) The Fallacies of Distributed Computing (Production Examples) Time Is Hard: Clocks, Drift, and Ordering Network Partitions: Detection and Reality Checks CAP Theorem in Practice (What You Actually Choose) PACELC: Latency Tradeoffs Beyond CAP Backpressure vs Queueing (Where Systems Die Quietly) Failure Modes Map: Real Incidents You Will See
Data Consistency Models
Strong Consistency (Costs, When It’s Worth It) Eventual Consistency (What It Guarantees, What It Doesn’t) Causal Consistency (The Practical Middle Ground) Read-Your-Writes and Session Guarantees Monotonic Reads / Writes (User-Visible Correctness) Quorums 101: R/W, N, and What “Majority” Really Means Linearizability vs Serializability vs Strict Serializability Stale Reads: Detection, Measurement, and Guardrails Split-Brain Consistency Failures (How They Start) Designing Consistency SLOs (Correctness as an SLO)
Consensus & Coordination
Why Consensus Is Hard (FLP Intuition, No Math Pain) Raft Overview (Roles, Terms, Safety) Leader Election Patterns (And Their Failure Modes) Quorum Math (Write Safety vs Availability) Log Replication Internals (Commit Index, Match Index) Paxos Simplified (So You Can Read Docs Without Crying) Distributed Locks (Why They’re Dangerous) Zookeeper Patterns (Leader, Config, Locks) etcd Usage Patterns (Kubernetes-Style Coordination) Fencing Tokens (The Only Lock That Survives Partitions)
Replication & Data Distribution
Replication Strategies (Leader, Multi-Leader, Leaderless) Sync vs Async Replication (Latency vs Data Loss) Replication Lag: Causes, Metrics, and Mitigations Anti-Entropy (Merkle Trees, Read Repair, Hinted Handoff) Gossip Protocols (Membership, Failure Detection) Sharding Strategies (Range, Hash, Directory) Consistent Hashing (Why It’s Not Just a Ring Diagram) Rebalancing Clusters Safely (Avoid Melting Prod) Hot Partitions (Detection + Fixes) Multi-Region Data: Patterns and Tradeoffs
Messaging & Event Systems
Messaging Models (Queue vs Log vs PubSub) Delivery Semantics: At-Most-Once Delivery Semantics: At-Least-Once Exactly-Once (Where the Myth Breaks) Idempotency in Event Processing (Design Patterns) Kafka Internals (Partitions, ISR, Replication) Consumer Groups (Rebalances, Sticky Assignors) Ordering Guarantees (What You Can Actually Promise) Dead Letter Queues (Policy, Replay, Poison Pills) Event-Driven Architecture Tradeoffs (Coupling vs Debuggability)
Reliability Patterns in Distributed Systems
Retries & Exponential Backoff (Avoiding Retry Storms) Timeouts & Deadlines (Budgeting Latency) Circuit Breakers (State Machines That Save You) Bulkheads (Stop One Fire From Burning the Ship) Load Shedding (Fail Small, Not Catastrophically) Backpressure in Practice (Push vs Pull, Bounded Queues) Graceful Degradation (Feature Flags and Partial Responses) Hedged Requests (Trading Cost for Tail Latency) Chaos Engineering Basics (What to Test First) Failure Injection Testing (Safe Experiments in Prod-Like Envs)
Distributed Transactions & Sagas
Two-Phase Commit (Why It Blocks) Three-Phase Commit (Why You Still Rarely Use It) Sagas (Orchestration vs Choreography) Saga Orchestration (Central Coordinator Done Right) Saga Choreography (Emergent Workflows, Emergent Pain) Compensating Transactions (Designing Undo) Outbox Pattern (The Dual-Write Fix) Dual-Write Problem (How It Actually Fails) Idempotent Consumers (Dedup, Keys, and Storage) Transactional Messaging (What Guarantees You Can Buy)
Observability in Distributed Systems
Distributed Tracing Fundamentals (Spans, Context, Baggage) Correlation IDs (Request IDs That Survive Microservices) Trace Propagation (W3C Trace Context in Practice) Metrics in Clusters (Aggregation, Cardinality, Cost) High Cardinality Problems (How Monitoring Dies) Structured Logging at Scale (Schemas, Sampling, PII) Monitoring Quorum Health (Consensus Systems SLOs) Alert Fatigue Prevention (Signal > Noise) The Golden Signals (And What Changes in Distributed Systems) Postmortems (Blameless, Actionable, Measurable)
Performance & Scaling Strategies
Horizontal Scaling Patterns (Stateless, Stateful, Sticky) Vertical vs Horizontal Tradeoffs (Cost and Failure Domains) Autoscaling in Practice (When It Helps, When It Hurts) Tail Latency (Why p99 Runs Your Life) p99 vs Averages (SLO Math for Humans) The Thundering Herd (Cache, Locks, and Stampedes) Cache Consistency Tradeoffs (Invalidation Strategies) Distributed Rate Limiting (Token Buckets Across Nodes) Load Balancing Algorithms (RR, LC, EWMA, Hashing) Capacity Planning (Queues, Headroom, Failure Budget)
Production Incident Playbooks
Diagnosing a Network Partition (Fast Triage Checklist) Debugging Split-Brain (Symptoms, Proof, Recovery) Quorum Loss Recovery (Safe Steps, Common Traps) Runaway Retry Storm (How to Stop the Bleeding) Cascading Failure Analysis (Finding the First Domino) Replication Lag Debugging (Root Causes + Fixes) Kafka Consumer Lag Playbook (Rebalance, Throughput, Backlog) Multi-Region Outage Handling (Failover Without Data Lies) Consistency Bug Hunting (Proving “It Can’t Happen” Happened) Production Readiness Checklist (Distributed Systems Edition)

Saga Orchestration (Central Coordinator Done Right)

Orchestration-based Sagas use a central coordinator to manage distributed transaction workflows. This lesson explains workflow engines, state persistence, compensation handling, timeout recovery, and production reliability patterns.
On this page

Saga Pattern (Orchestration): Centralized Control of Distributed Workflows

In orchestration-based Sagas, a central orchestrator service coordinates the entire workflow. Instead of services reacting to events autonomously, the orchestrator explicitly commands each step and decides what to do next based on responses.

This model provides clarity, traceability, and deterministic control at the cost of introducing a coordination component.

Core Idea

The orchestrator:

  • Maintains saga state.
  • Sends commands to participating services.
  • Receives success or failure responses.
  • Triggers compensating actions when necessary.

The business workflow becomes explicit in a single place.

Example: Order Processing Workflow

Steps:

  1. Create order.
  2. Reserve inventory.
  3. Charge payment.
  4. Schedule shipment.

Orchestrator logic:

start_saga(order_id)

call create_order()
if success:
    call reserve_inventory()
    if success:
        call charge_payment()
        if success:
            call schedule_shipment()
            mark_saga_completed()
        else:
            call release_inventory()
            call cancel_order()
            mark_saga_failed()
    else:
        call cancel_order()
        mark_saga_failed()

The entire control flow is centralized.

Saga State Persistence

Orchestrator must persist state durably:

  • Saga ID
  • Current step
  • Completed steps
  • Compensation progress
  • Timeout deadlines

If the orchestrator crashes, it must recover and resume the workflow.

Production Scenario: Orchestrator Crash Mid-Workflow

Symptom

Orders remain stuck in intermediate state after orchestrator restart.

Root Cause

Saga state not persisted atomically. After crash, orchestrator could not determine last completed step.

Diagnosis

  • Inconsistent saga state entries.
  • Missing compensation markers.
  • No idempotency protection on commands.

Resolution

  • Persist state transitions before sending commands.
  • Use idempotency keys for each step invocation.
  • Replay incomplete sagas on startup.

Timeout Handling

Each step must define a timeout.

  • If service does not respond within defined time, trigger compensation.
  • Timeout must be tracked in saga state store.

Timeout logic prevents indefinite workflow blocking.

Idempotency Requirements

All commands must be idempotent.

  • Duplicate execution should not corrupt state.
  • Compensating actions must be safe to retry.

Orchestrator retries are common under transient failures.

Observability and Tracing

Orchestration simplifies observability:

  • Single saga ID tracks entire workflow.
  • Central state store enables querying incomplete workflows.
  • Metrics per step duration and failure rate.

This is easier than distributed choreography tracing.

Scalability Considerations

The orchestrator itself must be scalable and resilient:

  • Stateless execution layer.
  • Durable external state store.
  • Horizontal scaling across multiple instances.
  • Leader election if needed for coordination tasks.

The orchestrator should not become a single point of failure.

Interaction with Messaging Systems

Commands may be sent via:

  • Synchronous RPC
  • Message broker
  • Workflow engine queue

Asynchronous messaging improves decoupling and resilience.

Common Anti-Patterns

  • In-memory saga state only.
  • No replay mechanism on restart.
  • No monitoring of stuck workflows.
  • Compensation logic not tested.
  • Orchestrator tightly coupled to service internals.

Failure Injection Test

# Orchestrated saga validation
1) Start multi-step workflow
2) Crash orchestrator after step N
3) Restart orchestrator
4) Confirm workflow resumes correctly
5) Inject failure at step M
6) Verify compensations execute in correct order

Operational Checklist

  • Is saga state persisted durably?
  • Are step commands idempotent?
  • Are compensations tested under retry?
  • Are timeouts enforced and observable?
  • Can incomplete sagas be queried and inspected?

Key Takeaways

  • Orchestration centralizes saga control logic.
  • State persistence is critical for reliability.
  • Timeout and compensation logic must be explicit.
  • Idempotency is mandatory for safety.
  • Observability is simpler than choreography but operational discipline is required.

Orchestration-based Sagas provide strong operational clarity and deterministic workflow control. When implemented carefully, they offer a production-safe alternative to distributed atomic commits without sacrificing availability.

Saga Choreography (Emergent Workflows, Emergent Pain) →