Circuit breaker
A circuit breaker is a pattern that monitors calls to a downstream service and 'trips' (stops calling) when failures exceed a threshold, returning a fallback or error immediately. After a cool-down, it cautiously retries to detect recovery. The pattern prevents a slow or failing dependency from cascading into thread-pool exhaustion or timeouts everywhere upstream.
The canonical implementation has three states: closed (normal — all calls go through), open (tripped — all calls fast-fail), and half-open (recovery probing — a single call is allowed; success closes the breaker, failure re-opens it). Tuning the failure threshold + cool-down is service-specific; too sensitive trips on transient blips, too loose lets cascading failures through. Libraries like Resilience4j (JVM), Polly (.NET), and Hystrix (legacy) implement the pattern.
Long-form posts that explore circuit breaker in depth — when to use it, common failure modes, how AI helps.
Related terms
- Idempotency
An operation is idempotent if calling it multiple times has the same effect as calling it once.
- MTTR
Mean Time To Recovery is the average elapsed time between an incident's detection and its resolution.
- Chaos engineering
Chaos engineering is the practice of deliberately injecting failures into production (or production-like) systems to validate they recover gracefully.