Core Code
Core Code Modern Dev Handbook
SYSTEM-DESIGN Contents
Constraints & Core Metrics
What Is System Design (Production-First) Functional vs Non-Functional Requirements Constraints, Assumptions, and Design Inputs Latency vs Throughput Tail Latency (p95/p99) and Why It Dominates UX SLI, SLO, SLA: The Reliability Contract Capacity Estimation Basics Bottlenecks and Queues (Little's Law Intuition)
Scaling & Traffic Management
Vertical vs Horizontal Scaling Load Balancing Fundamentals Caching Strategies Overview Cache Invalidation and Consistency Rate Limiting at Scale Backpressure: Preventing Overload Timeouts and Retries (Safe Defaults) Graceful Degradation and Traffic Shedding
Data & Consistency
Database Scaling Basics Replication: Read Replicas and Failover Consistency Models (Strong vs Eventual) Sharding Basics Partitioning and Hotspot Avoidance Idempotency and Deduplication Eventual Consistency and UX Schema Evolution and Backward Compatibility
Reliability Patterns
Timeouts: Bounding Damage Retry Strategies (Jitter, Caps, Budgets) Circuit Breaker Bulkhead Pattern Fallbacks and Graceful Degradation Load Shedding and Admission Control Backups and Restore Strategy Disaster Recovery (RPO/RTO)
Observability & Control
Golden Signals: Latency, Traffic, Errors, Saturation Metrics: SLIs and SLO Targets Logging at Scale (Structure and Cost) Correlation IDs and Context Propagation Distributed Tracing Overview Alerting and Runbooks Capacity Planning and Saturation Postmortems and Continuous Improvement
Case Studies
Case Study: URL Shortener Case Study: File Upload and Serving Case Study: Notification System Case Study: Chat System Overview Case Study: Rate Limiter Service Case Study: Social Feed (Fan-out Trade-offs) Case Study: Search Autocomplete Case Study: Analytics Ingestion Pipeline
Distributed Systems Foundations
CAP Theorem Consensus Basics Leader Election Distributed Locking Clock Skew Split Brain Quorum Reads and Writes Eventual vs Strong Consistency (Practical)
Service Communication Patterns
Synchronous vs Asynchronous Request-Response Pattern Message Queues Pub/Sub Pattern Event-Driven Architecture Saga Pattern CQRS Overview Outbox Pattern API Gateway Pattern Backend For Frontend (BFF)
Data at Scale Advanced
Index Design Deep Dive Query Planning Multi-Region Databases Read-After-Write Guarantees Global Databases Data Locality Large Table Strategies Background Jobs Design
Multi-Region Architecture
Multi-Region Basics Active-Active Active-Passive Geo DNS Cross-Region Replication Global Latency Optimization Regional Failover
Cost-Aware System Design
Cost vs Performance Storage Cost Trade-offs Cache Cost Analysis Overprovisioning vs Risk Cloud Pricing Mental Model Right-Sizing Instances
Security Architecture
Zero Trust Service-to-Service Auth Secrets Management Encryption at Rest Encryption in Transit DDoS Protection Multi-Tenant Data Isolation
System Design Interview
Design Twitter Design YouTube Design Uber Design Payment System Design E-commerce Platform Design Distributed Cache

Functional vs Non-Functional Requirements

Functional requirements describe what the system does; non-functional requirements define how well it must do it (SLOs, security, cost).
On this page

Why Requirements Decide Architecture

Most architecture mistakes happen before the first diagram: teams build a system optimized for assumptions they never wrote down. Production-first design starts by separating what the system must do (functional requirements) from the qualities it must meet under load and failure (non-functional requirements).

Functional Requirements

Functional requirements describe user-visible capabilities and workflows. They answer: “What does this system do?” They are often expressed as endpoints, screens, business actions, and core entities.

  • Create and authenticate users
  • Upload files and download them later
  • Search content and paginate results
  • Send notifications for specific events

Non-Functional Requirements

Non-functional requirements define how well the system must perform and what constraints it must satisfy. They answer: “How reliable, fast, safe, and cheap must this be?” These requirements dominate production outcomes.

  • Reliability: uptime targets, error budgets, graceful degradation
  • Performance: latency targets (p95/p99), throughput, tail behavior
  • Scalability: peak load, growth rate, traffic spikes
  • Consistency: strong vs eventual correctness per workflow
  • Security: auth, data protection, auditability, abuse resistance
  • Cost: compute, storage, egress, operational overhead
  • Operability: monitoring, incident response, deploy/rollback

Non-Functional Requirements Are Often Hidden

Teams frequently write a feature list but ignore constraints like p99 latency, provider outages, or abuse traffic. Then the system “works” in staging but fails in production. If you do not specify non-functional requirements, you are implicitly accepting the default: unknown reliability and unpredictable cost.

From Requirements to Concrete Decisions

Requirements should drive specific engineering choices, not generic best practices. The same feature can demand different architectures depending on constraints.

  • If you need p99 < 200ms, you will likely need caching, strict timeouts, and queue control.
  • If you need 99.9% availability, you need redundancy, fast failover, and safe degradation paths.
  • If you need strong correctness for payments, you need transactions and idempotency.
  • If you expect traffic spikes, you need rate limiting, backpressure, and load shedding.

A Practical Requirements Sheet

Write requirements in a form that forces clarity. Avoid vague goals like “fast” or “scalable.” Use measurable targets and realistic scenarios.

Functional
- Users can create accounts and log in
- Users can upload files and share a link
- Admins can delete content

Non-functional
- Availability: 99.9% monthly
- Latency: p95 < 200ms for read APIs, p95 < 500ms for writes
- Peak load: 2,000 RPS sustained, 10,000 RPS bursts for 60s
- Data growth: 50GB/month uploads, retain 1 year
- Consistency: uploads must not duplicate; deletes must be immediate for the owner
- Security: protect against brute force, abuse, and token leakage
- Ops: on-call can debug using requestId; rollback within 10 minutes

Common Mistakes

  • Defining only functional requirements and hoping the system scales later
  • Setting SLOs without understanding dependency budgets
  • Ignoring failure modes (timeouts, retries, partial outages)
  • Choosing microservices without operational requirements that justify them

Production-First Takeaway

Functional requirements define what you build. Non-functional requirements define whether it survives production. Treat non-functional requirements as first-class inputs: they determine your architecture, your cost, and your incident rate.

Constraints, Assumptions, and Design Inputs →