Release It! Patterns | Bot Army SRE

15

Stability Patterns

12

Anti-Patterns

2007

First Edition

5s

Timeout Default

Key Stability Patterns

Pattern	Purpose
Circuit Breaker	Stop cascading failures
Bulkhead	Isolate failures to partitions
Timeout	Prevent indefinite waits
Retry	Handle transient failures
Fallback	Graceful degradation
Shed Load	Reject excess traffic
Handshaking	Verify capacity before work

Circuit Breaker States

State	Behavior
Closed	Normal operation, count failures
Open	Fast fail, don't call downstream
Half-Open	Test with limited traffic

Thresholds: 5 failures, 30s timeout, 1 test request

Bulkhead Strategies

Thread pool isolation: Separate pools per dependency
Semaphore isolation: Limit concurrent requests
Process isolation: Separate containers/pods
Network isolation: Separate subnets

More Stability Patterns

Pattern	Use Case
Steady State	Self-cleaning logs/data
Test Harness	Simulate bad behaviors
Decoupling	Async via queues
Fail Fast	Check prereqs early

Stability Anti-Patterns

Anti-Pattern	Risk
Integration Points	Every call is a risk
Chain Reactions	One failure cascades
Cascading Failures	Avalanche effect
Users	Unpredictable traffic
Blocked Threads	Thread pool exhaustion
Unbounded Queues	Memory exhaustion

More Anti-Patterns

Anti-Pattern	Risk
Self-Denial	Marketing DDos
Unbalanced Capacity	Bottleneck fails first
Slow Responses	Worse than no response
SLA Inversion	Depend on weaker SLA

Timeout Guidelines

Type	Recommendation
Connect	1-3 seconds
Read	5-30 seconds
Total	Max acceptable latency

Always set timeouts! Never use language defaults.

Key Quote

Every integration point will eventually fail in some way.

- Michael Nygard, Release It!

Expect Failure

Design for failure; plan for success.