Generalizing the discussion, do we want a general-purpose circuit breaker pattern[1]? This is to avoid a chain reaction when there is a backend failure.
There's several implementations out there, including Spring and Netflix's Hystrix. [1] http://en.wikipedia.org/wiki/Circuit_breaker_design_pattern On 12/21/12 11:20 AM, "Alex Huang" <[email protected]> wrote: >> >> Which brings me to another question: what is the response: is it a HTTP >> error code or a normal response that has to be parsed? >> The reaction of most users to an error from the cloud is to re-try -- >> thereby making the problem worse. >> > >A proper error code is the right way to do it. It only makes the problem >worse if it causes the system to behave poorly so we have to design this >feature such that processing it doesn't cause considerable >performance/scale problem in the system. One possibility is a backoff >algorithm (saw some discussion about it but wasn't sure if it was for >this), where we hold off the response if it continues to send requests, >in effect choking the client. > >--Alex
